[Foundation-l] Wikipedia tracks user behaviour via third party companies
Neil Harris
usenet at tonal.clara.co.uk
Thu Jun 4 14:03:59 UTC 2009
John at Darkstar wrote:
> The interesting thing is "who has interest in which users identity".
> Lets make an example, some organization sets up a site with a honeypot
> and logs all visitors. Then they correlates that with RC-logs from
> Wikipedia and then checks out who adds external links back to
> themselves. They do not need direct access to Wikipedia logs or the raw
> traffic.
>
> There is only one valid reason as I see it to avoid certain stat
> engines, and that is to block advertising companies from getting
> information about the readers. The writers does not have any real
> anonymity at all.
>
> John
>
Indeed they could. But even so, they would still have great difficulty
in getting more than a small fraction of Wikipedia's readers to both
visit the honeypot and make an edit that links to it, and the vast
majority of unaffected users will still avoid being bitten by this
attack. And even then, they will still only have obtained a mapping
between the user's current IP and their Wikipedia account, and will
still have to correlate this back to a personal identity, which is often
harder than it might seem to be in theory.
The world is a dangerous place, but just because privacy and security
can never be absolute is not a reason to make good faith efforts to
preserve it as much of both as reasonably possible within the limits of
time and resources available.
Just because a door can be knocked down with a sledgehammer (or a wall
demolished with a pneumatic hammer) is not a reason not to have a lock
on it, or a door there in the first place.
-- Neil
More information about the foundation-l
mailing list