On 10/19/05, Angela beesley@gmail.com wrote:
On 10/19/05, Anthony DiPierro wikispam@inbox.org wrote:
Can someone clarify whether the software records your IP address every
time
you access a page, or only when you edit? If it's the former, does
anyone
have any ideas how to block this information without constantly logging
in
and out? I don't mind Wikimedia tracking what I edit, but I don't want you
tracking
what I read.
[[Special:CheckUser]] only shows what you've been editing. The server logs will show what your IP has been reading, but isn't logged (afaik) by user name.
So in theory a developer could match up the IP with the username and then look through the server logs, but that'd require a very intentional breach of ethics. Also, according to the link below, even these logs are only kept for 2 weeks.
If all of this is true, I think y'all have done a pretty good job of keeping this information private. I first became particularly concerned about this when Jimbo mentioned considering selling log data to researchers (implying to some extent that they were kept for longer than 2 weeks), and also I thought someone presented a sample log line which included username information.
I just looked back (gmail search is awesome), and here was the log line that was provided by Jerome Jamnicky: " 1124167686.523 210 12.34.56.78 http://12.34.56.78/ TCP_MISS/200 2962 GET http://en.wikipedia.org/wiki/Special:Search?search=Potato&go=Go - PARENT_HIT/207.142.131.200 text/html [Host: en.wikipedia.org\r\nUser-Agent : Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6\r\nAccept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q= 0.8,image/png,*/*;q=0.5\r\nAccept-Language: en-us,en;q=0.5\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 300\r\nConnection: keep-alive\r\nReferer: http://en.wikipedia.org/wiki/Esoterica%5Cr%5Cn]http://en.wikipedia.org/wiki/Esoterica%5Cr%5Cn%5D [HTTP/1.0 200 OK\r\nDate: Tue, 16 Aug 2005 04:48:06 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/4.3.11\r\nContent-language: en\r\nVary: Accept-Encoding,Cookie\r\nExpires: -1\r\nCache-Control: private, must-revalidate, max-age=0\r\nContent-Encoding: gzip\r\nConnection: close\r\nContent-Type: text/html; charset=utf-8\r\n\r]"
Now that I look at it again, it doesn't seem to have username information (not sure what 1124167686.523 is though, maybe a timestamp). Are these log files still thrown away after 2 weeks?
(For those following at home, the thread was entitled "Research access to logs", in September 2005 on the wikipedia-l mailing list.)
Angela.
And from Puddl Duk, "see http://wikimediafoundation.org/wiki/Privacy_policy#Private_logging"http://wikimediafoundation.org/wiki/Privacy_policy#Private_logging
Yes, I was going on my apparently bad memory of that previous thread and the contradiction of it with the privacy policy which was last updated in May. I also noticed recently that cookies were kept containing my username even after I log out.
The line from the log file given in that thread and the one in the privacy policy *are* different, too. Presumably one is the apache log and the other is the cache log.