As usual, Erik has great insight. I'm sure that there are some
drawbacks to be considered that he hasn't mentioned, but he makes a
very persuasive case.
I should point out that I personally regard cookie paranoia as
media-driven ignorance, and so while it's my job to be sympathetic to
the concerns of everyone, I find it hard to step into the shoes of
those who are anti-cookie, as I find their objections to be mostly
incoherent and ill-informed. :-)
Cookies provide a great mechanism for increasing anonymity *and*
accountability, two issues that are often in tension against each
other.
Erik Moeller wrote:
We should set permanent cookies on every pageview
except saves, require
cookies for saving pages, assign random account names (anon2349bx29s) to
anonymous editors, and use cookies to block most users.
We should do away with IP numbers in page histories, recent changes etc.
completely.
We should retain the ability to block by IP in emergencies.
This would address several current problems and have several advantages.
1) Having users' IP numbers published all over the place is a quite
serious privacy violation. It would be trivial to scan recent changes for
hosts with open ports and security vulnerabilities. Furthermore, it
reveals geographic information about anonymous editors which they may want
to keep private (such information can be very specific, depending on the
ISP).
2) Banning anonymous users by IP affects anyone who also uses the same IP.
In case of proxies, this may be thousands of individuals. If the first
message we send a new user - because they share a vandal IP - is "You are
banned from editing for serious vandalism", that user is unlikely to
become a regular contributor. Even regulars are frequently pissed off
because they accidentally get blocked.
3) Banning users by IP is also ineffective, as for most users, it is
trivial to get a new dynamic IP address.
4) For repeat vandals, we can set a very high or unlimited expiry without
fear of blocking someone else.
5) Requiring cookies even for anons allows them to change their user
preferences even without creating an account.
6) We can more easily attribute edits to users and easily change anon
edits over to real accounts when people decide to create an account. This
may also address some copyright issues.
Now, regarding some possible criticisms:
1) "They will just delete the cookie and edit away." Yes, some users will
do that. For these users, we should retain the ability to block by IP
(without revealing that IP address to sysops). However, doing so requires
an understanding of how the blocking mechanism works, which most users
don't have. They will have to know how to *remove* cookies, not just
disable them. The user will have to keep deleting the cookie every time it
is re-blocked. And sysops don't have to be hesitant about blocking them,
because no other users can be affected by it. So we can in fact make this
a single-click operation, making it costly for the average user, and cheap
for us.
2) "I have cookies disabled for privacy reasons!" Then you can't be
editing Wikipedia non-anonymously. We already require cookies for signed
in users. Most modern browsers allow enabling cookies on a case-by-case
basis. If a user tries to edit a page without having cookies enabled, we
will let them know that they need to enable them. If you are concerned
about privacy, you should be more concerned about having IP addresses
publicized everywhere, even stored permanently in the page history.
3) "This won't help us to deal with the most egregious vandals." Maybe,
maybe not. A vandal using a script would have to do the same thing as a
malicious user -- get a fresh cookie from a regular pageview, use that
cookie to submit an edit, then discard the cookie. This isn't hard to do,
but I doubt the average kiddie will be able to figure it out. On the other
hand, we can build more extreme anti-vandalism measures on top of this,
like disabling edits by any completely new contributor (= not setting any
new cookies) for a few hours.
All in all, I think this would greatly reduce the time spent on fighting
vandalism, and allow us to focus on more important matters, like creating
an encyclopedia.
Regards,
Erik
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)Wikipedia.org
http://mail.wikipedia.org/mailman/listinfo/wikitech-l