[WikiEN-l] Jayjg: Abusing CheckUser for political ends?

[Kat Walsh]

On 6/15/07, Slim Virgin <slimvirgin at gmail.com> wrote:
> On 6/15/07, Kat Walsh <kat at mindspillage.org> wrote:
> > On 6/15/07, Slim Virgin <slimvirgin at gmail.com> wrote:

> > > Trojan admin accounts can do a lot of damage. They can view and copy
> > > deleted material; unblock abusive users; unprotect pages that would be
> > > better left protected; cause endless arguments on AN/I by questioning
> > > other admins; log and hand out conversations on the admins' channel,
> > > and doubtless other things I haven't thought of.
> >
> > I still don't see why someone using an anonymizing proxy, who has
> > maintained a consistent identity, does not resemble another user, and
> > otherwise does not ping anyone's trouble radar, is more of a risk here
> > than any other admin for whom we do not know any personal details.
>
> We have some details for most admins, if only the IP address if it's
> needed. That allows checkusers to look for sockpuppetry, and it allows
> the Foundation to respond to a request from a court for the admin's
> details in case of libel, for example. It's minimal accountability,
> and to take even that away would mean that someone who was permabanned
> could easily be up and running several admin accounts a few months
> later, and could cause a lot of trouble, with almost no way of getting
> caught. Look at Wikitruth, for example, and the reposting of possibly
> libelous or distressing material. Look at the trouble caused by people
> posting IRC logs from the admins channel.

Someone permabanned *can* be up and running several admin accounts a
few months later. It's just that most of the people we permaban are
unable to handle the social aspects for long enough to become admins,
rather than the technical measures we employ, that stops them from
doing so most of the time.

Being able to produce even minimal details in case of wanting to find
out an editor's identity depends on several things, and is not
consistent. I don't think the accountability argument flies here; we
just don't know who any of our admins are who do not choose to tell.
And an editor posting logged-out from an open proxy we don't know
about can just as well post something libelous as an admin can (and
something that looks plausible might stay for longer than we like to
think about) -- but the admin has a strong disincentive to do so, as
it would ruin the reputation of the identity they'd chosen, which
takes a significant amount of effort to build up.

I suspect most of the cases of admins abusing what little technical
power they have are people not editing from proxies, just people who
are casually anonymous (that is, not taking any particular privacy
measures beyond not revealing their real name and personal details),
and whose damage is small enough compared to the amount of energy it
would take to stop them that no one does so.

(I could be the one feeding data to Wikitruth and sending out text of
deleted revisions, for all anyone knows. I hope that I have
established enough of a reputation that others trust I am not the one
doing it! I'm not, but all you truly have to go on is my say-so.)

> I think the important point is that it's a violation of policy to edit
> with open proxies, so it's a bit rich for an editor to ask to become
> an admin, who'll be able to block others for policy violations, while
> violating it themselves every single time they edit. If they want to
> change the policy, they should try to do that openly before standing.

I just can't get too upset about it. Here, as in general, I'd rather
look at the intent of the policy and the effects of breaking it. No
one would even know that the user was violating this policy if someone
hadn't gone to the trouble to bring it up. What's the intent of the
policy? To prevent people from causing trouble unchecked. (If we cared
so much about being able to find out the identity of editors -- or
admins -- we'd have some sort of proactive measures in place to that
effect, but we don't.) There's no indication that CW is doing that or
is even suspected of it; if the account smelled funny I suspect it
would have been blocked long ago. (I don't know what all the
checkusers have to say about it, though.)

It would have been better to bring up the proxy usage openly, sure; I
also think it would have been better to bring up the knowledge of it
privately first.

(And since I hate it when mailing lists turn into a back and forth
between two people that leave others with a flurry of posts to read if
they want to participate, I'm stepping back from the thread at least
until after I wake up again.)

-Kat
-- 
Wikimedia needs you: http://wikimediafoundation.org/wiki/Fundraising
* *  * *  * *  * *  * *  * *  * *  * *  * *  * *  * *  * *  * *  * *
http://en.wikipedia.org/wiki/User:Mindspillage | (G)AIM:Mindspillage
mindspillage or mind|wandering on irc.freenode.net | email for phone