Rob Church wrote:
On 04/02/07, StefanB steffe62@yahoo.com wrote:
On Swedish Wiktionarys common.js, http://sv.wiktionary.org/wiki/MediaWiki:Common.js , is a script that takes the visitors IP-addresses and transforms it into a non-revertable number, and then sends it to an external private server that belongs to one if the administrators on Wiktionary. The script is used for statistics on visited articles.
To me it seems like this kind of script is a violation of the privacy policy, since it is possible to get the IP-numbers of all visitors, even though it is not done in this case.
'Is a violation since is possible but is not done' ?? I don't see where the violation is. Wikimedia servers *do* log the ip addresses of editors, and when we arrage how, will treat visitors data too.
I should also mention that a discussion was held before this script was activated and that no one objected to it.
If there were no objections, i don't have any objection either. You may want to comment on http://sv.wiktionary.org/wiki/Wiktionary:Integritetspolicy that visitors ips are logged.
Are these kind of scripts allowed?
As far as the community is happy with it...
On the other hand, I would agree with Brion about keeping it "within the family", or under Wikimedia-affiliated control. Your community should probably jump on it quickly, since it sets a wobbly precedent.
This is a matter of faith. If this admin is trustable, he won't do any harm with that 'power' the data could give him. If not, he could misuse it even if he were using the toolserver. Using a WMF [Germany] Server shows it nicer, just as signed ActiveX. But the risk is the same.[1]
Probably a grey area, since if it really is an irreversible hash (at least, as far as we know the hash function to be so, and we all know how crap some hashes have proven to be), then it's not supposedly possible to arbitrarily obtain IP addresses.
Reversing the hash for a IP number would be quite easy. But it is not neccesary to get the IP. Why transform it into a 'non-revertable number'? This only make a false sense of security.[2] The user is sending the hash to the external server. Thus, the external server is connecting with the visitor, and *can get their IP*.
I suggest moving http://internetvision.se/dan/projekt/wikt/stats/sv-wikt.js to a wiki page. It is simple javascript and doesn't need to be on the external server. Having it on the wiki will have to changes: internetvision.se will receive less queries (only for the real counts), and visitors won't ask it unless it is visiting a countable page (almost all anyway).
1-Note that if it weren 't a private server of the admin, other people could get this data apart of him. 2-As an example, everybody on this thread were taking the 'non-revertable IP' as granted.