[Foundation-l] Wikipedia tracks user behaviour via third party companies
John at Darkstar
vacuum at jeb.no
Thu Jun 4 10:48:04 UTC 2009
Forgot a link to an article which describes very well privacy on
Wikipedia! ;)
http://en.wikipedia.org/wiki/The_Emperor%27s_New_Clothes
John at Darkstar skrev:
> We need tools to track user behavior inside Wikipedia. As it is now we
> know nearly nothing at all about user behavior and nearly all people
> saying anything about users at Wikipedia makes gross estimates and wild
> guesses.
>
> User privacy on Wikipedia is is close to a public hoax, pages are
> transfered unencrypted and with user names in clear text. Anyone with
> access to a public hub is able to intercept and identify users, in
> addition to _all_ websites that are referenced during an edit on
> Wikipedia through correlation of logs.
>
> Compared to this the whole previous discussion about the Iranian steward
> is somewhat strange, if not completely ridiculous.
>
> Get real, the whole system and access to it is completely open!
>
> John
>
> Neil Harris skrev:
>> Tim 'avatar' Bartel wrote:
>>> Hi,
>>>
>>> recently the report of the KnowPrivacy [1] study - a research project
>>> by the School of Information from University of California in Berkeley
>>> - hit the German media [2].
>>>
>>> It came to the conclusion that "All of the top 50 websites contained
>>> at least one web bug at some point in a one month time period." [3]
>>> which includes wikipedia.org.
>>>
>>> This is very troubleing and irritating for some of our (German) users
>>> who are very sensitive to data privacy topics. So I established
>>> contact to Brian W. Carver (University of California) who connected me
>>> to David Cancel, the maintainer of Ghostery, which was used to
>>> identify the web bugs. David wrote me today:
>>>
>>>
>>>> The following web bug trackers were reported to us, on the following subdomains:
>>>> Google Analytics - vls.wikipedia.org
>>>> Doubleclick - hu.wikipedia.org
>>>> Both were seen in yesterday's data so they're recent. We don't receive any page level information so that's as much detail as we have. Hope that helps.
>>>>
>>> I wasn't able to track down the Doubleclick web bug on the hungarian
>>> Wikipedia, but Google Analytics web bug is integrated in every page of
>>> the West Flemish Wikipedia via JavaScript [4].
>>>
>>> Our privacy policy [5] states "The Wikimedia Foundation may keep raw
>>> logs of such transactions [IP and other technical information], but
>>> these will not be published or used to track legitimate users." and
>>> "As a general principle, the access to, and retention of, personally
>>> identifiable data in all projects should be minimal and should be used
>>> only internally to serve the well-being of the projects."
>>>
>>> I think we should stop the current use of Google Analytics ASAP.
>>>
>>> Bye, Tim.
>>>
>>>
>> Surely this is something which should be possible to block at the
>> MediaWiki level, by suppressing the generation of any HTML that loads
>> any indirect resources (scripts, iframes, images, etc.) whatsoever other
>> than from a clearly defined whitelist of Wikimedia-Foundation-controlled
>> domains?
>>
>> Doing this should completely stop site admins from adding web bugs.
>>
>> -- Neil
>>
>>
>> _______________________________________________
>> foundation-l mailing list
>> foundation-l at lists.wikimedia.org
>> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
>>
>
> _______________________________________________
> foundation-l mailing list
> foundation-l at lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
>
More information about the foundation-l
mailing list