On 21 August 2013 00:08, Marc A. Pelletier marc@uberbox.org wrote:
On 08/20/2013 11:05 PM, Risker wrote:
Perhaps then you might want to re-familiarize yourself with the WMF's policy on political advocacy
I'm sorry Risker, but you've got this backwards. Making a long-overdue /minimal/ fix to our login process is not political advocacy. Compromising the security and privacy of our editors for the sake of a government's censorship policies, *is*.
The mandatory use of HTTPS outside of a limited number of countries where we know the editors will be blocked is not what I am talking about. I was responding to Erik's political manifesto about censorship. I have no problems with the core concept here.
The very idea that editors with checkuser or oversight might even be *able* to login in cleartext over an Internet we *know* is monitored by entities that are demonstrably hostile to privacy is worrying enough on its own without introducing additional flaws in the process.
I don't even agree that an exception should be made to allow cleartext logins from regions which are even *more* hostile to privacy than the United States; and I would have advocated that no account with bits should be allowed to do so regardless of location.
Well, you're not alone there. But that is an entirely different discussion. You want to take up security of accounts with "bits", Chris Stiepp is thataway.
Nevertheless, engineering has been bending over backwards to accommodate as many editors with crippled Internet access as is possible; inventing bogeymen and quoting misapplied bits of policy around ("promotional use"? Really?) is an extraordinary show of bad faith.
Again, I was not referring to the core concept here. Read Erik's last paragraph again: it is a political manifesto, and something I would not have expected from the #2 of Wikimedia Foundation leadership in the middle of a technical discussion. I don't entirely disagree with him, but it's not in line with the mission and vision of the Foundation itself, which is unsupportive of using technical means to prevent good-faith contributions.
Risker