Even in this day and age, there are plenty of people with stable IPs
With hashing, a given IP would always give the same hash. So this uniqueness property would remain for people with stable IPs.
On Fri, Jul 11, 2014 at 10:55 AM, Risker risker.wp@gmail.com wrote:
This is one of those perennial proposals that never quite seems to take off; I can remember having some version of this discussion back in 2008, and I know that some of our earliest edits show a partially obscured IP address, not the whole thing. It might require Brion or Tim or someone else of that length of experience to explain the original thinking.
Some of the "pros" of keeping the IP address as the "username" for unregistered users:
- Even in this day and age, there are plenty of people with stable IPs;
they choose to edit as unregistered users for philosophical reasons, and their IP's edit history is essentially their own editing history
- Especially on smaller projects (but also big ones), range blocks are
usually calculated and applied by administrators, not checkusers/stewards.
Some of the "cons" of publishing the IP address as the username:
- Privacy - IPv6 addresses in particular are including more and more
very specific information that could be used to link RealLife Name with the edits. (My own ISP now gives enough information in many cases to narrow geolocation down to a one-block radius - a big change from 2 years ago when geolocation was about an 800 mile radius.)
- Privacy - more and more jurisdictions consider a person's IP address
to be "private" information. Our page histories could be considered one gigantic privacy violation.
- Increasingly dynamic IP addresses, often rotating within very large
ranges that no longer link with any certainty to geolocation
- Freaked out new users who didn't really get that their IP address was
going to be very publicly displayed.
I'm pretty sure there are a whole pile more pros and cons that we can pull out of the archives from various mailing lists, and I know that there have periodically been discussions amongst developers and the rest of the engineering team to try to come up with a "better way" - but like many other interesting, good and even potentially necessary ideas, it's never made it to the top of the priority heap.
Putting on my checkuser hat for just a minute...it's essential information for having any chance at all of identifying multiple accounts or pattern editing; however, the tables used by checkusers are non-public so Checkusers continuing to have access to IP data should not be an issue.
Risker/Anne
On 11 July 2014 10:25, Tyler Romeo tylerromeo@gmail.com wrote:
I agree that it’s a double standard, but looking at the bright side, it becomes a big encouragement to anonymous users to register and log in.
The
Account Creation Experience Team (or whoever the hell is in charge of
that)
can correct me, but I would imagine that we would see a big drop in registered accounts if IPs were hashed.
Also, it’d be really annoying to have hashes as usernames, so we’d have
to
think of an alternative scheme that makes things more readable.
Tyler Romeo 0x405D34A7C86B42DF
From: Gilles Dubuc gilles@wikimedia.org Reply: Wikimedia developers wikitech-l@lists.wikimedia.org> Date: July 11, 2014 at 9:34:18 To: Wikimedia developers wikitech-l@lists.wikimedia.org> Subject: [Wikitech-l] Anonymous editors & IP addresses
This interesting bot showed up on hackernews today: https://news.ycombinator.com/item?id=8018284
While in this instance the access to anonymous' editors IP addresses is definitely useful in terms of identifying edits with probable conflict of interest, it makes me wonder what the history is behind the fact that anonymous editors are identified by their IP addresses on WMF-hosted
wikis.
IP addresses are closely guarded for registered users, why wouldn't anonymous users be identified by a hash of their IP address in order to protect their privacy as well? The exact same functionality of being able to see all edits by a given anonymous IP would still exist, the IP itself just wouldn't be publicly available, protected with the same access
rights
as registered users'.
The "use case" that makes me think of that is someone living in a totalitarian regime making a sensitive edit and forgetting that they're logged out. Or just being unaware that being anonymous on the wiki
doesn't
mean that their local authorities can figure out who they are based on IP address and time. Understanding that they're somewhat protected when
logged
in and not when logged out requires a certain level of technical understanding. The easy way out of this argument is to state that these users should be using Tor or something similar. But I still wonder why we have this double standard of protecting registered users' privacy in regards to IP addresses and not applying the same for anonymous users,
when
simple hashing would do the job. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l