[WikiEN-l] Re: new CheckUser proposal up

Anthere anthere9 at yahoo.com
Thu Oct 13 17:25:37 UTC 2005 

David Gerard wrote:

> We need more people with access to CheckUser, because I don't scale,
> and we're under a nasty vandalbot attack. Proposal at:
> 
>   http://en.wikipedia.org/wiki/Wikipedia:Quick_and_dirty_Checkuser_policy_proposal
> 
> Discussion at
> 
>   http://en.wikipedia.org/wiki/Wikipedia_talk:Quick_and_dirty_Checkuser_policy_proposal
> 

Hi,

Note that it would be nice that a global decision is made rather than a 
local one. If the global decision is made that on projects where there 
is an arbcom, only arbcom members should have access to the tool, then 
only arbcom members will have access to the tool.

if we agree that others can have also access to the tool, then agreeing 
  on local editors to have access to the tool will be fine.


> Also, it's really slow, and I've had it time out for five hour
> stretches before when the DB's been under heavy load. So if anyone
> with a good grasp of the MediaWiki data structures wants to rewrite it
> to be faster/less load, please do!

yup :-)

> My comments at the above:
> 
> As the guy who uses it now on en: (mostly so Tim Starling can get on
> with development and sysadmin matters), a few notes:
> 
>     * _You have to pick people you can trust, and then trust them all
> the way._ Various people are going to ask to have this logged seven
> ways to Sunday to protect against possible abuses - but adding red
> tape is just going to be a massive PITA and not actually affect
> whether the CheckUser checker can be trusted to act with confidence.
> Basically, we have to pick people we trust not to use the power for
> evil. Like we do admins and bureaucrats, but more so.
>     * Access by all bureaucrats is good IMO. They're highly trusted
> people. If people aren't sure about this one, we can reconfirm all
> current bureaucrats one by one.

I doubt very much that the global policy will be to grant all 
bureaucrats access to check user tool. I will personnaly oppose it very 
very very strongly.



>     * Remember that a small number of the developers (those who have
> access to the database) already have this power and use it. They
> control the horizontal, they control the vertical, they see all and
> know all — because they have to have complete control in order to
> administer a top-50 website. But they respect the privacy policy,
> because that's what you do as a sysadmin. The proposal is to extend
> access to just one power, so as to avoid a bottleneck of too few
> people for the job.

Currently, this is not done any more by developers.
This is done by a few people, who got access sometimes within the 
current rules, and sometimes against the current rules, plus stewards.
The policy to give access is under discussion on meta.
I am not very happy with the current proposal which seems unfinished to me.
Some people support informing editors that they are ip-checked for 
exemple, but I fear this is very unpractical.

Currently, the check user log is private (only visible to those with 
check user access). Imho, this is just not a good idea. I think it 
should be public somewhere.


As for solving bottlenecks, I tend to agree with you when I see the 
amazing number of ip-check you handle per week. I am not entirely sure 
it is really required to do so by the way :-)
But fixing a bottleneck by giving such an access to all bureaucrats is a 
bit too huge of a step. Bureaucrat status is given quite liberally on 
some projects, so it is to my opinion, just out of question.

>     * It helps if the person understands various network foo. If not I
> am most happy to help and show how to interpret stuff. It's an art,
> not a science.

True, but it is easy enough to write a help page for check user editors.

>     * I really need to write up a Help: page for CheckUser checkers.
>     * taw on pl: has CheckUser for pl:, I think — worth asking for ideas?

Taw is an example of a person who had check user access through a system 
I have no idea. Access is currently given out of the current rules. I do 
not find that so good. I do not doubt he is trusted by his community, 
but I have no proof of this. As a steward, so giving such access, I 
wonder how I can justify saying NO to a request when I have no idea why 
some editors were told YES and got the access.

It is a bit disturbing :-(


> - d.
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> WikiEN-l mailing list
> WikiEN-l at Wikipedia.org
> To unsubscribe from this mailing list, visit:
> http://mail.wikipedia.org/mailman/listinfo/wikien-l

More information about the WikiEN-l mailing list