[Foundation-l] Note regarding status of privacy policy (suggestion)
private musings
thepmaccount at gmail.com
Sun Aug 10 07:29:51 UTC 2008
...I think we probably could work out way towards agreeing to disagree on
this one - but I also suspect there's some common ground hiding there
somewhere!
Yes - full openness surrounding the length of time IP data is stored for may
increase 'gamability' in some areas - it may also cause other unspoken, or
un-thought of problems.
The benefits to doing so are in my view a bit fuzzier and related to big
picture community health issues and an abstract concept of what's 'right' -
perhaps it'll suffice to say for now that I currently believe it would be a
net gain to be open, honest, and clear about this sort of stuff.
best,
Peter
PM.
On Sun, Aug 10, 2008 at 5:07 PM, Gerard Meijssen
<gerard.meijssen at gmail.com>wrote:
> Hoi,
> Security through obscurity is when the way the security is implemented is
> undocumented, it is not peer reviewed. If anything this does not apply to
> the WMF, the MediaWiki software and the policies as implemented by our
> communities. When precise details like how long are results from check user
> activity retained are public knowledge, the only persons who benefit from
> this knowledge are the persons who aim to game the system. When they
> consider that this information stays available, it will hinder their
> ability
> to make mischief.
> Thanks,
> GerardM
>
> On Sun, Aug 10, 2008 at 8:56 AM, private musings <thepmaccount at gmail.com
> >wrote:
>
> > It's interesting that you mention 15 days, Jon - as I think the trend has
> > been in the other direction - towards retaining information for a longer
> > period - perhaps to better combat vandal accounts?
> >
> > It was at one point communicated to me that IP data was retained for
> approx
> > one month - recently it has been confirmed to me that IP data is now
> stored
> > for at least three months - I'm not really sure quite what I think the
> time
> > period should be, but I would prefer it to be disclosed openly - I don't
> > really find arguments supporting security through obscurity wholly
> > compelling.
> >
> > Also - I'd like to confirm that general discussion of checkuser form and
> > function appropriate to this mailing list? - I'm not sure of the norms
> > around here, and it seems a bit... well... heated, and I don't want to
> poke
> > anyone into further rudeness.
> >
> > best,
> >
> > Peter,
> > PM.
> > _______________________________________________
> > foundation-l mailing list
> > foundation-l at lists.wikimedia.org
> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
> >
> _______________________________________________
> foundation-l mailing list
> foundation-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
>
More information about the foundation-l
mailing list