Wikipedia talk:Wikipedia Signpost/Single/2020-11-01

Comments

The following is an automatically-generated compilation of all talk pages for the Signpost issue dated 2020-11-01. For general Signpost discussion, see Wikipedia talk:Signpost.

Book review: Review of Wikipedia @ 20 (1,958 bytes · 💬)

  • Pfft. Is there really much benefit to hindsight, in this particular case?

Both show, with benefit of hindsight, that people and the press didn't understand what Wikipedia was and how it could develop.

I mean, that's should hardly come as a surprise to anyone. Most of the press (and plenty of the public) still don't seem to get it today, so there's no way in hell they got it 20 years ago. -- FeRDNYC (talk) 21:58, 1 November 2020 (UTC)
  • I hope this came through in the essay, but it's been a surprise to those of us who have been contributors since close to the beginning too! I honestly don't think anyone involved really predicted or understood what Wikipedia could be and has become, from breaking news to now a linked data ecosystem. It's been a wild ride! Smallbones, thanks for the review; it was a pleasure to write with such a knowledgeable group. -- phoebe / (talk to me) 14:27, 27 November 2020 (UTC)
  • I read a bunch of the Wikipedia@20 chapters and, on the whole, was impressed. It painted a very clear picture of how Wikipedia has changed and what its strengths and weaknesses have been. Ganesha811 (talk) 21:30, 2 November 2020 (UTC)
  • Still waiting for the people who complain about "Westernized publications and knowledge-sharing practices" to offer us an alternative inclusion and reliable sourcing policy that doesn't let the encyclopedia get flooded with garbage. There still is plenty of reliable source material about undercovered areas that we have yet to incorporate, it just requires more effort find it. -Indy beetle (talk) 19:28, 4 November 2020 (UTC)

In the News

  • What is the lasting significance of the Trump event? Very little, I would guess. I don't think it will impact the election. (t · c) buidhe 21:45, 1 November 2020 (UTC)
    • I suppose it depends on how you define "significance". If it's entirely subjective among a group of 8 people in the middle of the night in the US, you may be right. If it means that experts judge that it affected the election, you'd probably be wrong. If you mean "will it be in his obituary", you're most definitely wrong. Or in the history books in 20 years, or in 50 years, or in the year end news summaries. Smallbones(smalltalk) 22:46, 1 November 2020 (UTC)
  • Quoting @Masem::

    WP's not a newspaper, and ITNs not a news ticker, and people coming to WP's front page and ITN expecting to see a snapshot of world headlines are very much in the wrong place.

    Why don't we have a data based approach instead of claims like this? The foundation has a huge budget compared to previously, I am sure there must be a study somewhere that asked users why they would they open up the Wikipedia front-page. And I don't think it is so outrageous to think that a chunk of them read the ITN section. Who cares if you call it a news ticker or not, it has existed for a long time, it should be possible to establish whether it has readership or not. --Ysangkok (talk) 21:55, 1 November 2020 (UTC)
@Ysangkok: I took the argument being made is less about user behaviors, and more a question of editorial/publishing intent. So it doesn't really matter how many people show up at the front page looking for news — the front page isn't attempting to be, or intended to be, a news service. So regardless how few or many of those people there may be, they're all in the wrong place.
IOW, I'm sure there are plenty of people who show up at the front page thinking Wikipedia is an internet search engine. I'm sure there are plenty of people who show up at Commons thinking it's a site to farm for images they can appropriate without attribution, then misuse in their private designs. All of those people, too — however many of them there are — are also in the wrong place. Knowing there's a lot of them wouldn't make it any more desirable to cater to them or reorient the site(s) in question around their desires or expectations. -- FeRDNYC (talk) 22:23, 1 November 2020 (UTC)
I suppose it means - how did those folks decide that "In the news" would intend to be news-free? As I understand it IYN goes back to 911. Did those people intend that ITN should ignore 911? Smallbones(smalltalk) 22:51, 1 November 2020 (UTC)
If you wanted to participate in the discussion, you were welcome to do so Smallbones, but I sense from the tone of this article that you feel the decision not to post Trump's COVID diagnosis at ITN was a wrong one. I disagree. The conclusion not to post the story was entirely within our usual conventions, and can easily be justified on several measures - (1) we don't generally post COVID stories, instead delegating that ongoing saga to the special box at the top of ITN; in particular, Trump is not the first world leader to contract the disease and we have been consistent in not posting any of them. (2) there is a convention to avoid stories about candidates in elections within a short time window before said election, to avoid accusations of bias. I'm not sure what your point about 9/11 is - obviously that would have been posted, but then again 9/11 is hardly comparable to the US president getting a disease and recovering from it within a few days. Cheers  — Amakuru (talk) 22:57, 1 November 2020 (UTC)
You may have received that tone from my part of the story. The two of us worked on it and likely mine's a little more sharp. ☆ Bri (talk) 00:20, 2 November 2020 (UTC)
Yes well of course I respect your opinion, and that of Smallbones. We are a broad church here. But for the reasons I've outlined, and which Masem has also mentioned below, this is hardly an open-and-shut case of "news-less ITN". The bottom line is that the community, in the form of those editors who participated in the discussion, decided that the Trump COVID story did not fit the standards usually applied to ITN so it wasn't posted. It is hardly the first headline-grabbing story to do so, nor is it the most contentious in our history. Cheers  — Amakuru (talk) 10:54, 2 November 2020 (UTC)
It should also kept in mind that we still are running the COVID banner (an unusual thing in the first place) which is meant to group COVID-related stories while this remains a major concern across the globe. Also, not noted in the Signpost story is that ITN did not post earlier stories about Boris Johnson or another major world leader (I forget who atm) getting COVID, and to post Trump getting it would have been a massive systematic bias problem as well. It is why when there is a US news story, we do have to take care to make sure if it is something that is being bumped because it is US media covering it as big as it is, or if it is an actual viable ITN entry that we normally would post. --Masem (t) 01:39, 2 November 2020 (UTC)
I would imagine Bolsonaro to be the other – hard to tell how many times the man has had coronavirus given his science denial on the subject but it's at least once. I think the decisions to not include stories for any of these three men were all correct. Why do I care that the leader of a country was medically incapacitated for somewhere between a day and a couple of weeks? Happens all the time with routine illnesses and normal medical procedures. — Bilorv (talk) 12:35, 2 November 2020 (UTC)
Yeah ,that was the other. And to be clear, both Johnson and Bolsonaro were nominated for ITN and neither were supported for posting for ITN for pretty much the reason; we were ready to post if they were incapacitated and there was a permanent change of office head due to that (which would have been a standard ITN posting). --Masem (t) 16:55, 2 November 2020 (UTC)

((od)) I'd definitely suggest that anybody who is against a news-free ITN go there the next time they see some actual news that's not up there and express their views. There's no rhyme or reason needed - it's your subjective opinion that counts. So just tell them what you think. Smallbones(smalltalk) 00:01, 2 November 2020 (UTC)

  • I use ITN to get my cut of what's happened in the world that I have somehow missed on social media (or which doesn't make it to social media). Just saying. That's one reader who is apparently in the wrong place. (Get off your high horse.) --Izno (talk) 07:33, 2 November 2020 (UTC)

Bylaws proposal

  • The WMF had indicated that they specifically wanted the bylaws confirmed before expanding the discussion into defining exactly what "Community-sourced" would mean. ...WTF!? They want the new wording approved before they open up discussion of what the new wording means!? Are they trying to erode confidence in their efforts and squander community goodwill? Because that's how you erode confidence in your efforts and squander community goodwill! -- FeRDNYC (talk) 22:12, 1 November 2020 (UTC)
    • You make the mistake of assuming the WMF has any community goodwill. Wikipedia & the other projects often thrive in spite of, not because, of the Foundation's decisions. -- llywrch (talk) 19:13, 3 November 2020 (UTC)
      • @Llywrch: I guess so, because a statement like that is some next-level supervillain type stuff. Do they even hear themselves!?!? (What am I saying? Of course they do. Everything they say sounds great, and they look sexy saying it! Obviously. But, us haters gonna hate, rite?)
      Wikipedia & the other projects often thrive in spite of, not because.... Indeed. Fortunately I have some experience with that sort of thing, having attended a school that's evolved with that concept encoded right in its very DNA.
      (Although we didn't have it nearly as bad as the current students do. Today's long-reigning High Exalted Ruler — speaking of supervillains — was just a brand new hire when I attended school. Under her current regime, today's students suffer indignities the likes of which were inconceivable 25 years ago. But it's nice that I at least have Wikipedia to remind me what it was like.) -- FeRDNYC (talk) 00:43, 7 November 2020 (UTC)
  • Always my favourite part of the Signpost. Thank you, Adam, Eddie, and Gog, for compiling the lists and the summaries. It's always fascinating to see what people have been working on. HJ Mitchell | Penny for your thoughts? 09:49, 5 November 2020 (UTC)
@HJ Mitchell: It's always been fun. Used to edit this years and years ago. Guess I'm back now. Adam Cuerden (talk)Has about 7.7% of all FPs 04:41, 8 November 2020 (UTC)
  • +1 czar 22:24, 22 November 2020 (UTC)
Bluerasberry, yes, I'm hoping someone might use this to update that page. -Reagle (talk) 21:30, 3 November 2020 (UTC)
@Reagle: I have begun to use this to update Russian page: ru:Предсказание конца Википедии#20-летняя история «смертей Википедии». Hope to extrapolate this to English page (or someone help me) --ssr (talk) 13:52, 11 April 2022 (UTC)
@Reagle:  Done --ssr (talk) 07:49, 19 April 2022 (UTC)
  • People simply don't know how Wikipedia works. Some because they project what they want to see, some because knowing might put them out of a job. But a serious study would help, because then what is good could be encouraged & what is bad discouraged. YMMV. -- llywrch (talk) 21:20, 3 November 2020 (UTC)
  • People don't know how anything works. I spent 40 years as a telephone worker, and only we insiders know anything about that network. Bicycles, armies, comets, bones, databases, plastics, outsiders know very little about these things. So, here in WP we are the insiders, and marvel at the ignorance of the outsiders who judge us by hunches and irrelevant feelings. Might as well get used to it. Jim.henderson (talk) 02:40, 4 November 2020 (UTC)
  • An idea that recently occurred to me was of having a "blackout" where, rather than protesting any internet censorship laws like we have in the past, we show people a page "We've found that most of our readers don't really understand what Wikipedia is. Here are a few of the biggest misconceptions." that explains that: anyone can edit; every article should have reliable sources backing up every claim, but we are a work in progress and most of our articles are inadequate in some way; how to follow inline citations; we are not an aggregate of all knowledge but knowledge captured in sources that we view as reliable and significant etc. Let them see the articles again if they create an account. An RfC on such a proposal would be shot down 99 to 1 but I believe it would be immediately very helpful for readers' media literacy, for our editor recruitment problems and much better than the misleading "your donations pay for our servers" rubbish that the WMF smear over our hard work from time to time. — Bilorv (talk) 15:33, 6 November 2020 (UTC)
  • People mostly don't know how anything works. If what they know is, a thing is run by cranky people who shut down because they don't get enough attention, they will trust less rather than learn more. As it happens, I'll spend this afternoon with a cultish biker gang and hope to steer conversation (when we have enough breath after pedaling) toward my favorite topic. Probably fail to recruit anyone into our cult, but they're a smart and pleasant bunch. Jim.henderson (talk) 11:11, 7 November 2020 (UTC)
  • What about Google's choice of Wikipedia articles as the first result when almost anything is Googled? My guess is that this is responsible for many of Wikipedia's page views and much of its general notoriety. A mention of this as partly responsible for Wikipedia's longevity would be appropriate. Article count as a measure of "growth" is highly misleading; many articles are permastubs or are merged with other articles as WP contributions on their topic grow. RobDuch (talk·contribs) 02:05, 12 November 2020 (UTC)
    • @RobDuch: Yes, article count is a misleading indicator of "growth" or quality, but I'm guessing that over the last 10 years it is an underestimate of growth. Yes, about half(!) of our articles are stubs, but I think that percentage is going down slightly, as the quality of new articles increases each year, and most old articles increase in quality, if slowly, every year. Anybody interested in increasing the average quality of our articles should feel free to take early stubs that have gone nowhere to AfD, or more easily, merge them into related articles. But average article quality is increasing. Smallbones(smalltalk) 02:55, 12 November 2020 (UTC)

In the media: Murder, politics, religion, health and books (3,096 bytes · 💬)

It is ironic, then, that their last edit was to Transition Integrity ProjectBri (talk) 01:54, 2 November 2020 (UTC)
  • The Esquire article says this of Maher: "She says the aggressive approach she’s taken towards those editors she sees as destructive has occasionally “blown up in my face”, not least her decision last year to ban an editor she saw as “prolific, but not productive… somebody who was driving other editors away through their behaviour”." Since when did the WMF Executive Director take personal actions to ban someone? -Indy beetle (talk) 17:14, 2 November 2020 (UTC)
    • Apparently the WMF does take action if it receives direct complaints. The decision in question involves, I belive, Fram; here's some comments from towards the end of that controversy: Wikipedia:Community response to the Wikimedia Foundation's ban of Fram. -- John Broughton (♫♫) 21:00, 2 November 2020 (UTC)
      • Oh yes I did suspect it was Fram, but I thought that was the purview of Trust and Safety, not the ‘’personal decision’’ of the executive director. -Indy beetle (talk) 22:31, 2 November 2020 (UTC)
        • According to the T&S flowchart, the final step for a WMF ban is approval by the ED. I assume that's what's being referenced, not that the ED can personally decide to ban someone independent of the process. --Yair rand (talk) 23:15, 2 November 2020 (UTC)
    • I didn't know her article had been nominated for deletion. By a banned editor, no less. Bri.public (talk) 23:55, 2 November 2020 (UTC)
    • Sigh. It appears Katherine Maher belongs to the school of thought that holds "Wikipedia is an amazingly successful creation; however, it has some flaws which can be fixed by changing everything that made it amazingly successful." -- llywrch (talk) 18:40, 3 November 2020 (UTC)

Interview: Joseph Reagle and Jackie Koerner (0 bytes · 💬)

Wikipedia talk:Wikipedia Signpost/2020-11-01/Interview

  • I understand that when legal says you have to do something you have to do it, but this could lead to issues down the road. I have a Wikipedia account, but often edit as an IP. For many of the small corrections I make and removing of vandalism I do, I do it as an IP. For many edits, the extra step of logging in would be enough to push me away from making the edit. I don't like to be logged into all my accounts all the time, and spending time logging in to fix a small error or mark a link as dead is just not worth it when I have other things to do. 2601:14A:C300:61D:52A0:6B4F:F7BF:CC4F (talk) 20:16, 1 November 2020 (UTC)
This seems to be a misunderstanding - the Portuguese Wikipedia community's decision to disallow IP editing is separate from the legally mandated introduction of IP masking on all projects. That said, the latter might well motivate other communities to follow ptwiki's lead, given the masking's significant impact on the existing privacy-accountability tradeoff. Regards, HaeB (talk) 20:24, 1 November 2020 (UTC)
Yeah, the masking being mandated by legal is more like what you see on credit card receipts (and presumably for analogous reasons) — instead of your card number it will show something like **** **** **** 1234. When masking goes into effect, IP edits will show up for most of us as something similar to 192.168.123.*** Nothing changes for the IP users, only for the rest of us.
The interesting question is going to be what happens with IP "User" pages, since they'll presumably no longer be able to be individualized (without effectively giving away the IP editor's full IP). I guess all the edits from a given masking prefix might end up being aggregated together, which is especially unfortunate. -- FeRDNYC (talk) 21:50, 1 November 2020 (UTC)
The implementation remains to be designed in conjunction with the communities, however at present the idea is to have a unique identifier in place of the IP address, which would be associated with the IP address. Alternatively a browser cookie could be used to associate the identifier with the editor (when they use the same browser on the same computer), or both IP address and cookie information can be used. Using both would avoid aggregating different editors who got assigned the same dynamic IP at different times, or multiple editors behind a common gateway, though the individual association would be broken if editors switched browsers or erased their cookies. Thus individual talk pages can still exist with masked identities. isaacl (talk) 22:10, 1 November 2020 (UTC)
@Isaacl: Yeah, I realized that as I was in the middle of reading one of the later articles. Took me a bit, but I got there. So, yeah, maybe it's not all that bad.
In fact, the cookie-based identification is an interesting idea. If that's something that would follow a not-logged-in "IP" user around even across multiple device IPs, then it could actually be a considerable benefit to anti-vandalism efforts and sockpuppet investigations. At least, against miscreants sloppy enough that they forget to clear their cookies when switching IPs. (Which, if experience has taught me anything, would end up being most of them. At least over the long run.) -- FeRDNYC (talk) 22:51, 1 November 2020 (UTC)
  • I'd certainly be in favour of banning IP editing. Nigej (talk) 21:46, 1 November 2020 (UTC)
  • Yes, on balance I think you may have a point Nigej, and personally I applaud the pt.wiki for taking this step. I'm not necessarily saying it's right for en.wiki yet, maybe it is and maybe it isn't. But at pt.wiki, given that it was explicitly mooted to solve a demonstrated problem affecting the quality and accuracy of their project, it's right that they should act. I can obviously see the benefit of it having been allowed historically, making it immediately obvious to potential new editors that this really is the encyclopedia that anyone can edit. The drawbacks of IP editing are there though - (1) people hopping around different IPs, which is quite legitimate since many ISPs do that by default, but making it hard for us to spot editing patterns; (2) the fact that editors may unwittingly have their edits publicly linked to their IP addresses, allowing the whole world to pinpoint their institution and geographical locale; (3) ease of vandlism, as seen at pt.wiki. As far as I can recall (and maybe someone will correct me on this if I'm wrong), being the encyclopedia that anyone can edit is not actually one of our most important principles, and Jimbo has said in the past that if at some point the project would be better served by having a more restrictive model, then there's nothing to say that wouldn't happen - and indeed, the Wikipedia:Five pillars do not specifically mention allowing anyone to edit. The idea mentioned at that phabricator report, that the change to ban IP editing is "compromising on our values", doesn't ring true. Everyone is still free to sign up for an account and start editing straightaway anyway.  — Amakuru (talk) 23:20, 1 November 2020 (UTC)
    • I notice that (2) is solved instead by the WMF's unpopular but confirmed IP masking approach. I oppose prohibition of unregistered editing on en.wiki, but I can see the point on smaller language editions and believe that pt.wiki made the right decision for them. — Bilorv (talk) 07:45, 2 November 2020 (UTC)
  • It would be interesting to compare metrics from ptwiki post–IP ban with a similar Wikipedia that retained unregistered editors (maybe itwiki?) – Teratix 23:45, 1 November 2020 (UTC)
  • - I have mentioned the simplest response to the problem of IP vandals that also preserves the dearly idealized "everyone can edit". Limit IPs to one edit per day. On second edit suggest they login or create an account. No more competitions to see how many ha-ha edits to numerous pages one can do before WP:AIV reacts. It would limit the quantity of vandal edits tremendously. If you really want to contribute to WP, a contribution history is not a defect, and a login is not a problem.
- IP masking is disabling, as patterns of abuse by IP hopping vandals would become impossible to prove/research. I could try to convince the dubious here, but instead...
- I would wish everyone treasuring IP editing and apologizing for IP vandals would dedicate their first half hour of Wikipedia time daily to tracking IP edits. Give it a month. That's only 15 hours of your time, rather than someone else's time. Prove that vandals are not a timesink for others, by soaking up your time and goodwill. Your values will change to embrace pragmatism much more. Shenme (talk) 03:05, 2 November 2020 (UTC)
  • Banning IPs is something I'd support on en.wp. Maybe it should be given a month-long trial to see what happens. Lugnuts Fire Walk with Me 09:05, 2 November 2020 (UTC)
  • The major reasons not to ban IPs are: wiki principles, the considerable long-term effect on recruitment, and the loss of good IP edits on their own from those who won't create an account. The last one of these should be measurable already; has anyone gathered stats? --Yair rand (talk) 09:09, 2 November 2020 (UTC)
    • I'd argue that the bigger problem here is retention not recruitment. Many prominent and experienced editors have left in recent times. And if masked IP editing takes hold this could considerable increase. Jules (Mrjulesd) 13:05, 2 November 2020 (UTC)
  • The Foundation can ban IP edits or not, but I support us banning masked edits. No matter how much the Foundation tries to minimize the harm, masked edits will cause more a lot more disruption and headaches than IP edits. I'm a techie and I have a pretty good handle on the possible implementations. The least disruptive method (a permanent Crypto-PAn encoding of IPs) would be a significant hindrance, while being vulnerable to cracking the privacy protection. And any more effective masking methods increasingly obliterate our ability to deal with problems. Alsee (talk) 11:37, 2 November 2020 (UTC)
  • SUPER obvious that proposed Mediawiki logo has too many pedals. And it's just a matter of time bbefore it's "simplied". Jason Quinn (talk) 13:18, 2 November 2020 (UTC)
  • Yes. Must have fewer petals. Not so far as to look like a daisy, but yes. Jim.henderson (talk) 02:30, 3 November 2020 (UTC)
  • Yup. 12 or 16 petals would be enough. 45.251.33.20 (talk) 06:43, 3 November 2020 (UTC)
  • I am against an IP ban (though I do have an account which is locked by Wikibreak Enforcer till June 2021) for obvious reasons. But, I would be okay with certain restrictions. For starters:
  1. IPs' first few edits in 3 days (let's say 5 edits) will be subject to review by a stricter version of Cluebot or by human reviewers
  2. IPs that have a history of vandalism will be subject to stricter restrictions before being blocked
I am also against IP masking (because I really don't understand how it helps Wikipedia). It can hinder anti-vandalism efforts. For example, assume that someone uses their Wi-Fi to vandalise and gets blocked. Then they switch to 4G and again get blocked or just unplug and plug in their Wi-Fi. It can actually make it easier for vandals to vandalise.
PS - if I understand correctly, Trump hates Section 230 and wants to destroy it, which can result in making Wikipedia accountable for what its editors write. But Biden has said that he will modify the law only to hold websites accountable for hate speech. Will Biden's actions affect Wikipedia in any way assuming he does what he says? 45.251.33.20 (talk) 06:09, 3 November 2020 (UTC) Last rephrased at 06:43, 3 November 2020 (UTC)
  • I am against an IP ban on the English version. We have much more sophisticated spam filters, more manpower, and different editing patterns than the Portuguese Wikipedia. The Portuguese version just doesn't have as much manpower, weaker abuse filters with fewer experts to create and manage them, and many more bored kids doing mobile vandalism. On the English version, there is definitely a far greater proportion of IPs that makes positive contributions. — Sagotreespirit (talk) 18:52, 3 November 2020 (UTC)
  • I'm a fairly frequent contributor on the Portuguese Wikipedia (or as we lovingly call it in Portuguese, "A Wikipédia Lusófona"). I had actually voted against IP banning out of principle and believed that this could have been solved by improving edit filters. But afterwards, I saw the immense positive changes that happened. There were still just about as many regular positive contributions, while childish vandalism was greatly reduced. Before the IP ban, the number of registered users always hovered at just under 6,000, but now it's over 9,000 and growing.
On the Portuguese Wikipedia, the majority of IP edits are mobile edits from Brazil. There was a lot of sneaky vandalism that was difficult to track down, like changing birth dates and adding subtle but patent nonsense. Things appeared to get a lot worse this year when millions of Brazilian youths were locked down with nothing to do except vandalize Wikipedia on their phones. User:Yanguas, the Portuguese Wikipedia's most active admin, was furiously reverting IP after IP, but the admins couldn't catch every single vandal.
This discussion has been a huge deal on the Portuguese Wikipedia for several weeks, so I was a bit surprised that this wasn't discussed more on the English Wikipedia or on Meta. And I was the first (and as of now, still the only) English Wikipedia editor to update the Portuguese Wikipedia article about this major change to ptwiki.
So overall, I am pleased with the results that the community IP ban had achieved, and I would strongly advise against outside communities reverting this community decision. — Sagotreespirit (talk) 18:47, 3 November 2020 (UTC)
  • There was also a minor backlash right after the IP ban, when someone created a Wikipedia essay called "A Wikipédia não é uma tirania da maioria" (Wikipedia is not a tyranny of the majority). That got sent to the Portuguese version of AfD (called PE), which you can see here. Nearly everyone voted delete. If anyone is interested, I have a copy of it and can archive it here with an English translation, but just for historical interest of course. — Sagotreespirit (talk) 18:59, 3 November 2020 (UTC)
  • Correction: The essay was created by Quintinense in 2014. Invites were sent to everyone who had voted at the IP ban referendum. — Sagotreespirit (talk) 19:27, 3 November 2020 (UTC)
  • Question: Which other wikis hosted by the WMF currently ban IP edits? — Sagotreespirit (talk) 19:16, 3 November 2020 (UTC)
    • @Sagotreespirit: wikitech: and wmf:. No content wikis other than ptwiki ban IP edits. --Yair rand (talk) 19:27, 3 November 2020 (UTC)
      • @Yair rand: Thanks. I don't see the need for most other wikis to implement IP bans, maybe except for the Spanish Wikipedia. IP vandalism problems on eswiki resemble the ptwiki problems, but eswiki appears to have more manpower. — Sagotreespirit (talk) 19:31, 3 November 2020 (UTC)
  • I find this article very sad. I respect, as we must, competent legal advice but I cannot respect laws that force IP Masking. A prominent banner that appears when when you attempt to make an IP edit that says, "Warning! Your IP address will be publicly visible. To hide your IP address you must log in." should be enough. But alas some legal systems award damages to clumsy oafs who scald themselves on coffee that they know to be boiling hot. So just as all of us have to endure lukewarm coffee, we now have to allow vandals anonymity. We now have two choices. Either we ban IP edits (and is there any excuse for them?) or we have to accept that imbeciles can vandalise our pages with impunity. OrewaTel (talk) 00:03, 4 November 2020 (UTC)
There have been several cases including one in Australia. I have been offered a lukewarm coffee here in New Zealand with the reason being, "We aren't allowed to serve it hot for legal reasons." Absolutely crazy since NZ has a no blame compensation scheme. (If you are hurt in NZ you claim compensation from ACC, a Government Agency. We don't have ambulance chasing lawyers here.) OrewaTel (talk) 22:02, 4 November 2020 (UTC)
This is getting off the subject. Please ignore the example of people too stupid to to be able to handle a coffee cup. My point remains that making IP addresses anonymous is an open invitation to vandals. OrewaTel (talk) 06:33, 5 November 2020 (UTC)
  • @Bri: if that comment is addressed at me then I think you've misunderstood (or rather, I've miscommunicated) the nature of the video, which doesn't make fun of the victim of the incident. — Bilorv (talk) 20:11, 5 November 2020 (UTC)
  • Beyond this latest issue, it seems like there should be a working group or something re: reducing the bad impact of IP editors--not just direct vandalism, POV warring, etc., but also the time and effort wasted to monitor and correct these issues. Does anyone know if there is a central page for this? --Hobbes Goodyear (talk) 17:47, 5 November 2020 (UTC)
One of the village pump boards would be a good starting point. Possibly Wikipedia:Village pump (proposals). ☆ Bri (talk) 18:17, 5 November 2020 (UTC)

News from the WMF: Meet the 2020 Wikimedian of the Year (2,010 bytes · 💬)

Thank you Ganesha811! – sandioosesTextMe 19:50, 5 November 2020 (UTC)
  • Congrats, Sandister! I don't really like the editing though, the transition between her reactions and the photos are too rough and bland. GeraldWL 15:08, 3 November 2020 (UTC)
Thank you Gerald! – sandioosesTextMe 19:50, 5 November 2020 (UTC)
  • Congratulations @Sandiooses:! Hope to see more participants from Ghana and other African countries on Wikipedia. — Sagotreespirit (talk) 19:18, 3 November 2020 (UTC)
Thank you Sagotreespirit! I hope so too. – sandioosesTextMe 19:50, 5 November 2020 (UTC)

How might this work with the current problem of IP leaking the identity of logged in users who are blocked to other users on the same IP? All the best: Rich Farmbrough 19:58, 1 November 2020 (UTC).

I'm not sure this in itself would change anything at all. We'll jave to look into it. Thank you for raising the question. /Johan (WMF) (talk) 22:22, 1 November 2020 (UTC)

So where is the substantial improvement in anti-abuse tools you promised when you announced this unwanted project? Oh wait, you haven't deployed anything. MER-C 20:00, 1 November 2020 (UTC)

The most recently tool is the new version of the checkuser tool Special:Investigate, which was deployed to the last remaining wikis – including English Wikipedia – in October, although it still requires significant fixes.
But to be clear: we're also far from implementing masking, and there's more time for tool development before that happens. This update is because the Wikimedia Foundation Legal department clarified that the status quo couldn't remain, which we had previously considered a potential outcome, and we wanted to the let the communities know that as soon as possible. /Johan (WMF) (talk) 22:22, 1 November 2020 (UTC)
That is about 2% of the work you need to do to mitigate this when complete. Try harder. MER-C 13:43, 2 November 2020 (UTC)

I normally support WMF decisions, but a lack of transparency on why this must take place, and insisting "not if, but how" it will take place, is reminiscent of the so heavily opposed renaming efforts, also forced upon the community as something that must happen in some form or another. ɱ (talk) 20:13, 1 November 2020 (UTC)

@: I can assure you that there is at least one very good and concrete reason why WMF Legal is insisting that we mask IP addresses and this reason also prevents the WMF from discussing it publicly. I know that sounds like an Orwellian ultimatum, but that's the unfortunate reality of the legal situation. This is not analogous to the renaming effort, as it is a legal requirement, not something the WMF actually wants to do. Ryan Kaldari (WMF) (talk) 17:27, 4 November 2020 (UTC)
Ryan Kaldari (WMF), that is hard to believe when no one will answer the simple question "What law is it that requires that?". Legal codes are already publicly available, so it's not like you'd be revealing confidential information just by saying "1 USC Section 42 requires that." I'm not aware of any laws that make it illegal to display an IP address, but of course the lawyers may know something we don't. Why all the secrecy? They may be prohibited by professional ethics from talking about the advice they give, but the people who receive the advice are not similarly restricted. Seraphimblade Talk to me 23:43, 6 November 2020 (UTC)
I trust legal's advice on this and thus support that it is required. Doc James (talk · contribs · email) 20:15, 7 November 2020 (UTC)

"we publicly publish IPs [...] of people"

The longer I work on the project, the stranger I personally find it that we publicly publish IPs [...] of people who are trying to help make the wiki better. - this framing, which seems to have been the main motivation for initiating the entire effort before the sudden recent discovery of the legal requirements, is questionable to say the least. It casts these "people" as helpless victims whose IP address is forcibly exposed by the decision of others. But "IP editors" are not an immutable protected group. They are just contributors like everyone else, who have made a different choice after hitting the edit button - namely to have their contribution attributed to their IP address rather than an (easily created) account.

Now, I agree that an editor's IP address can be very sensitive (I have long advocated this view myself, e.g. as a main author of the German Wikipedia's checkuser guidelines, which are more restrictive than those of many other projects out of such concerns). But the reality is that many editors rationally decide that this is not the case for them personally.

Also unacknowledged in the rhetoric about this project is that contributing under IP can often even be the more privacy-preserving choice: The information that can be derived from a dynamic IP is frequently much less revealing than what can be concluded from a logged-in user's aggregate edits (I compiled a few examples in this Wikimania talk a good while ago).

Regards, HaeB (talk) 20:16, 1 November 2020 (UTC)

  • I think we should be careful not to shoot the messenger (WMF tech staff). Legal department is clearly driving this and it's probably not useful as non-legal experts to try to change their minds. In fact I see some opportunities here, especially in terms of a tool that lets non-checkusers compare two users seeing if they are editing from nearby IPs or IP ranges) without revealing privileged information, what I called an "oracle" some time back when contemplating ways to combat systematic and/or long-term abuse. ☆ Bri (talk) 20:32, 1 November 2020 (UTC)
As stated above, I'm not talking about that legal message (which seems to be that WMF is not allowed to give editors these two choices even if they wanted to), but about a quite distinct rationale which was a focus when the project was initiated by the Product department last year.
And I totally agree about the potential value of the planned improvements to the checkuser tool or the various efforts to provide automated sockpuppet detection. But these are entirely separate - they wouldn't be tied to the masking effort and could in fact have been implemented years ago.
The bottom line remains that there is an inescapable tradeoff between information integrity and (perceived) privacy benefits here. Of course, now that it turns out that the existing practice is illegal, we need to fix it. But especially at this time where fighting misinformation is on many people's minds (including the Foundation's), we should not pretend that it won't have a negative impact on that work.
Regards, HaeB (talk) 20:57, 1 November 2020 (UTC)
HaeB: You're probably aware of this, but just to be clear so people reading this don't get the wrong impression about why this is happening: whereas I personally believe there are also privacy benefits, and that this has often been lost in the conversation, and not only costs and problems that we have to solve, at the end of the day, my opinion is immaterial. We're preparing to move forward on this (not now, not this month, not next month: when we've had time to prepare and develop tools) because Wikimedia Foundation Legal department recently clarified that the status quo remaining is not an option, and not because of any other argument I could make. /Johan (WMF) (talk) 22:22, 1 November 2020 (UTC)
Yes, Johan, I think Bri and myself had already mentioned this about three times above. It is not disputed that we need to change the status quo now that we have learned that it has been illegal or at least too legally risky since 2002, or perhaps only since some more recent legal developments.
Still, in your op-ed you chose to advance that "immaterial" separate non-legal argument (that we are wronging "people who are trying to help make the wiki better" by offering them the option have their edits attributed to their IP address instead of an account). So it remains worthwhile explaining how you arrived at that view.
It is appreciated that this change is not being implemented in a rush, and that a serious effort has been made (e.g. in Claudia's report) to understand how editors currently use this IP information to deal with abuse. But unless I overlooked something in the documentation on Meta, no comparable research has been conducted about the perspectives of the objects of your concern, namely the editors who choose the IP attribution option for their edits. There is an assumption (also spelled out explicitly on the main Meta-wiki page) that they are usually not intellectually capable to really understand the anon edit warning displayed after one clicks "edit", and are therefore unable make an informed decision about this. But a serious assessment of the privacy vs. information integrity tradeoffs would involve estimating how often this is really the case, and for what reasons. This could also have pointed to alternative solutions, like making that warning more easy to understand or perhaps even more legally pertinent. As mentioned above, editing without logging into an account can actually often (although of course not always) be the more privacy-preserving choice. And anecdotally, many IP editors appear to be experienced regulars rather than naive newbies.
Regards, HaeB (talk) 23:51, 1 November 2020 (UTC)
I did, and that might have been too personal, but I should live up to it nevertheless.
(For those skimming and not having read the entire conversation above: The argument below is not why the Foundation is moving forward with this, which is based entirely on legal requirements. This is personal notes on a topic I mentioned as reasons to start a conversation, rather than making a decision.)
For context, I was almost exclusively an IP editor for my first four years of Wikimedia editing; after a little while I had an account with very few edits to its name, but it took me years to get into the habit of logging in; I'm not here to disparage our intellectual capabilities. There are people who continue being IP editors fully or at least partially aware of what this means. I would rather say that we and almost every other website has effectively taught users that whenever you post something, there's information being thrown at you need to disregard. Banner blindness is a real thing. Then, even if you read it, you need to understand what an IP address is, which many don't. Then, you need to understand the implications of this, which even fewer do. How can this be used against you? Not doing this is not having the intellectual capability: it's about not having to spend significant time and effort understanding the technical background just so you can make a small fix to a text online. It's the sensible choice, just like the decision to not read through the end-user license agreement is just a sane way of living one's life.
With that said, yes, this is largely based on assumptions (informed partly by having spent a lot of time talking to people who described making one or ten edits), and if I wanted to make an anonymous edit for some reason, broadcasting my IP would sure be efficient than using my normal non-WMF account. I also think it's a weakness that IP users are not really part of the conversations around this.
Legal did look into consider making the warning more clear, or unavoidable, as part of the their investigation, but that this was rejected as an avenue forward. /Johan (WMF) (talk) 02:52, 5 November 2020 (UTC)

 Question: "[F]or legal reasons – which they can’t explain in detail due to legal privilege, the legal professional rules that control what lawyers can say about their work – this is something we have to do @Johan (WMF): I understand that there may be reasons to keep things private, but this is a very peculiar assertion. If this is a case of legal privilege, who are the parties? Surely the WMF is the client? Mo Billings (talk) 23:58, 1 November 2020 (UTC)

I think the answer to your question is in the first paragraph of Wikipedia:Wikipedia_Signpost/2020-11-01/News and notes#Mandatory IP masking. Yes, as best I can tell, WMF's counsel has told WMF this is required. ☆ Bri (talk) 00:25, 2 November 2020 (UTC)
meta:IP_Editing:_Privacy_Enhancement_and_Abuse_Mitigation#Statement_from_the_Wikimedia_Foundation_Legal_department explains a *tiny bit* more about what Legal is thinking. The reason for the secrecy is likely that Legal's advice to the WMF on this matter would be considered work product. Having your legal department publish a brief saying "we think we might be in violation of/could be sued under Law X in Country Y" is generally considered a Bad Idea. While I'd definitely like to hear more about Legal's concerns so that we as a community can better design and evaluate mitigations, that's unfortunately how the courts work. --AntiCompositeNumber (talk) 00:34, 2 November 2020 (UTC)
@Johan (WMF) and Mo Billings: - yes, stating they couldn't explain because of legal privilege was a bit odd. It can be waived by whoever the client is (in this case the WMF itself). If they (that is, Legal) can't release it because the WMF (as an organisation) refuses to waive it that is an important clarification. That (in)action could be warranted, but the specific reason should be given. Nosebagbear (talk) 00:39, 2 November 2020 (UTC)
Thanks, AntiCompositeNumber, that link was quite helpful. Still, I would be more comfortable with this if it wasn't phrased in such terms. If the WMF is the client then putting this in terms of "legal privilege" seems like a fig leaf to hide the fact that the WMF doesn't want to talk about the reasons for this change. I would rather be told that this is being done to reduce future legal exposure (without knowing the details) than be asked to go on trust. The re-branding project and the proposed board changes have recently weakened my level of trust in the WMF. Mo Billings (talk) 03:55, 2 November 2020 (UTC)
@Johan (WMF): I would appreciate a clarification form you or WMF legal on the privilege question. Thanks. Mo Billings (talk) 17:33, 4 November 2020 (UTC)
Mo Billings, I've pointed Legal to this – I'm not the right person to handle the legal questions, I'm afraid, coming to this from the product side. /Johan (WMF) (talk) 17:51, 4 November 2020 (UTC)
What's to stop a hash of the IP being used, at a minimum? Adam Cuerden (talk)Has about 7.6% of all FPs 02:54, 2 November 2020 (UTC)
A hash would not be good enough to track an IP vandal hopping within

 Question: I also am not reassured that a magical tool will be sufficient to track long-term abuse. Will that 'wand' allow us to distinguish the following known pattern of disparate IP usage? 'Griefer451' has access to computers at home, at work and sometimes at the library. They have a 'fairly' distinct style allied with a grievous resentment towards WP, resulting in both numerous defacements at intervals together with an impression that this 'editor' is somehow familiar even though a number of IPs are used at dissimilar periods of day and also migrating over weeks. How are we ever to shut down this vandal? If we can't notice that the IPs related by vandalism are clustered? That even when (home) IPs change they are actually from the same pool? This is not theoretical, but actual long-term patterns.

Further, how are we to ever notice school kiddy vandalism? Will there be a magic flag added to the tokenized identity that says this is a middle school educational pool so we can apply the dunce cap?

The legal team say they have determined an unassailable legal stance for WP? Have they determined whether it is workable? I would challenge the WMF thusly. Have every member of the legal team spend one or two hours a day following IP edits around WP, fixing the obvious vandalisms and reverting the graffitos, for at least a month. Oh, and track back in time _all_ the edits those IPs have left lying around for months. First, the lawyers will *love* the billables. Second, WMF will gain a new respect for the amount of time that IP inadvertencies soaks up, while rueing the cost of reality-based research. I feel that legal opinions are not information sufficient to proceed, but must be reconciled with our day-to-day realities. Moreover, I feel, anyone not having spent hours and hours fixing IP vandalism is not qualified to appreciate the difficulties already existing. Don't make it impossible. Shenme (talk) 04:49, 2 November 2020 (UTC)

It also encourages vandalism. Now, if someone vandalises from the UK Parliament, they get shamed. After this? They completely get away with it. Adam Cuerden (talk)Has about 7.6% of all FPs 04:59, 2 November 2020 (UTC)
And the counter-vandalism efforts of most users without access to advanced privacy tools would be rendered useless if it is impossible to track patterns now ascribed to a single IP (static school IPs, for example) or range of IPs (the classic IP-hopping vandal within a subnet). Vandalism and "sockpuppetry" would run rampant when there are fewer users capable of identifying and reporting the source of problematic edits; the rest of us would basically be playing whac-a-mole with vandalism in articles, which in my opinion is a wholly unacceptable outcome by itself. We'll see what WMF comes up with, but anything that is a net negative for non-admin (or worse, non-CheckUser) RC patrollers is a step in the wrong direction for the project (admins and CheckUsers especially are overworked enough as is). As a non-admin RC patroller, I hold reservations about this. ComplexRational (talk) 14:08, 2 November 2020 (UTC)
I don't believe in a magical wand tool either, to be clear, though I would love one – we don't have a single tool that would drastically change the field. I'd describe the current plans as smaller changes across various areas, combined with making sure that the information isn't limited to checkusers, or admins for that matter. /Johan (WMF) (talk) 17:51, 4 November 2020 (UTC)

EU Privacy Law

I used to work in the Data Protection area in the EU, so I have a suspicion that I know why this is necessary, and why the WMF might not want to concede that IP data is personal information until they are in a position to stop displaying it. However I'm curious as to what we are going to do with the hundreds of millions of edits that are currently linked to an IP address. Leave them untouched? If you stop displaying the IP address how do you expect people to comply with the attribution part of CC-BY-SA? To me it has long seemed a bit of a nonsense that we require attribution of IP addresses, better in my view to have edits by logged in users as CC-BY-SA and in future to have some of legalese to the effect that if you choose not to use an account the SA bit of CC-BY-SA does not apply to you as you have not given a name for reusers to attribute your edits to. The recruitment of new editors is a really important point, but there is an alternative. Currently we are over dependent on the desktop view as the mobile view recruits very few readers to become editors. Making the mobile view more editor friendly for smartphone users is probanbly too big a software task for the WMF. But if we launched a tablet view an intermediate in editor friendliness between mobile and desktop, and maybe upgraded everyone on their first edit from Vector to Monobook, we might have sufficient new editors that we could afford to lose IP editing. ϢereSpielChequers 09:55, 2 November 2020 (UTC)

So, for my sins, my last job was also in EU data compliance (May 2018, fun days...), and this got discussed a bit more on meta, in obviously non-confirmed ways. Given that they didn't say we had to do this a couple of years ago, I had wondered whether one of the regulators had dropped them an unofficial message, or if one of the jurisdictions had had a case WMF Legal re-interpret the articles/recitals. Nosebagbear (talk) 16:27, 2 November 2020 (UTC)

User contributions

I ask this as an editor without much technical understanding of the "masking" process being proposed here: will editors still be able to see the user contributions of IP editors? Help:User contributions points out that "Other users' user contribution pages can also be accessed and are useful for seeing how other users have contributed. They can be used to track down vandalism, serial copyright violations, etc." I routinely use IP editors' user contributions pages to find and revert all of the vandalism a vandal has posted after stumbling across one instance of it in my watchlist. Will this still be possible with the IPs "masked"? If not, it will make spotting and quickly fixing the work of vandalism-only IP editors much more difficult for me. -Bryan Rutherford (talk) 04:26, 3 November 2020 (UTC)

My interpretation of that is that side would still be as normal - it would just be "user contributions of IPMask-12345" rather than looking like an IP address. Nosebagbear (talk) 10:12, 3 November 2020 (UTC)
I can confirm that everyone will still have access to contributions, just like today. The only real difference here is that you'll see something else than the IP as the user ID. The one other question mark is persistence for the masks (the user IDs, the "user names" so to speak). /Johan (WMF) (talk) 17:54, 4 November 2020 (UTC)

Years ago I remember an exchange over a biographical article which the Foundation had blanked due to a complaint, yet when queried about what the problematic content was, WMF counsel (I believe that was Mike Godwin) replied they not only could not tell us "for legal reasons". This led to the equivalent of a bizarre version of 20 questions between editors & the WMF counsel to figure out what the content was so it could be excluded from future versions. I also remember another exchange where another editor needed some legal advice concerning an edit, only to be told by Mike Godwin, "I don't work for you, I work for the Foundation." In other words, WMF Foundation has not only managed to antagonize the editing community, but taken the stance that for the most part we volunteers & our concerns are not important to the success of the projects. (If we are not considered part of the problem hindering that success.)

Reading once again this evasive language, that IP masking must be done, but the reasons can't be explained to us "for legal reasons" is, frankly, insulting. It's a repeat of the insult many of us felt in the FRAM incident: that the opinions of the people who are creating this treasure of information aren't important. Now, I'm sure someone from the Foundation will appear to argue that this is not the case, but those words won't work. Even if that person is the head of the WMF Legal team, because it's clear WMF Legal only cares about the Foundation, not about the volunteers who enable the Foundation to exist. We volunteers have given far more in labor & resources to the success of Wikipedia & related projects than the visible heads of the Foundation, & unless we are seriously included in matters like these, one day we will stop editing. This is an observation, not a threat. -- llywrch (talk) 19:07, 3 November 2020 (UTC)

@Llywrch: As a 16-year volunteer editor who also happens to work for the WMF, I can assure you that the WMF would absolutely not be doing this unless it was a clear legal necessity. And unfortunately, I can't explain why it is a legal necessity due to specific legal reasons. You may consider that evasive or insulting, but it is not intended to be either. Due to the laws under which the projects and the WMF operate, it unfortunately isn't always possible to have complete transparency. This is just as frustrating for the WMF as it is for the community. Ryan Kaldari (WMF) (talk) 17:51, 4 November 2020 (UTC)
Please note this was directed at WMF Legal. While many WMF employees are concerned about the relationship between the volunteer communities & the Foundation, I have yet to encounter any who work for that department. If anything, of all of the units within the foundation they are the most hostile to our needs & requests. -- llywrch (talk) 18:26, 4 November 2020 (UTC)
@Llywrch and Ryan Kaldari (WMF): I actually find Legal's action here annoyingly uncharacteristic - I have quite a lot of communication with them through OTRS, where they are both pleasant, to the point and treat agents more akin to colleagues. I also feel it's somewhat bonkers to say that WMF Legal only cares about the Foundation, given fairly strenuous efforts to aid the Community when they could have just required compliance, and still avoided risk to the WMF. However, here, they've listed a bunch of things which wouldn't be legally binding, which makes it read more like covering detail, to make it harder to pin down the specific reason - hence a viewpoint of evasion Nosebagbear (talk) 14:50, 5 November 2020 (UTC)

EU-US Privacy Shield invalidation

Those interested in details about this requirement might want to review the July ruling from the European Court of Justice finding that the EU-US Privacy Shield framework failed to protect Europeans' rights to data privacy.[1] 107.242.121.56 (talk) 21:30, 3 November 2020 (UTC)

About time

I have raised this issue a number of times. I think Wikipedia is today the only website which openly displays users' IP address, which can reveal data about them, and make them potentially vulnerable to hackers. We know that revealing such data can be highly inappropriate, which is why we allow oversighting of edits by unlogged in users. But by default the WMF is revealing information about users without adequately warning them of the consequences. It should be a priority matter to automatically hide people's IP address, and not because the WMF can get sued but because it can put people in harm's way, and nobody should be put in harm's way because of editing Wikipedia, even if they are vandals. The WMF could automatically assign a unique username to each IP address, making it clear this is an unregistered account, but identifying it so it can be monitored, and still allowing checkusers to look at the IP address if appropriate. It should do this for each new IP user, but also convert all existing IP edits into unique usernames, providing functionaries with all the data of the changed IP names. The information the legal team probably wants to conceal is detail on the ways that an IP address can be vulnerable (and thus the rationale for why they want to do this), and it is right that such information is concealed, and that we shouldn't be speculating here on those vulnerabilities. SilkTork (talk) 12:06, 6 November 2020 (UTC)

I think Wikipedia is today the only website which openly displays users' IP address... that's because WMF sites are among the few that allow unregistered editing. I don't know of any non-WMF wiki sites that allow unregistered editing; they may exist, but they are rare. So this simple solution to mitigate privacy problems may simply be to ban unregistered editing like everywhere else. Jules (Mrjulesd) 20:25, 6 November 2020 (UTC)
I'm not seeing a requirement to register, nor any particular difference between someone editing Wikipedia unlogged in and being automatically assigned "UserNo123456" rather than "IP:774637", other than giving that user safety which they would not otherwise have. Everything else is the same - their edits are automatically logged to them, and they are not having one moment's pause as the software assigns their user name in the same way that it currently assigns (and reveals) their IP. If you're seeing something in it which I can't see, I'd be interested to hear it. SilkTork (talk) 13:49, 7 November 2020 (UTC)
Well particular problems include ranges; for example IPv6 connections use /64 ranges, without seeing these it will be difficult to pick up on user contributions. Likewise if "IP usernames" are allocated dynamically, user contributions from a particular IP will be difficult to assess, e.g. whether they come from from an educational establishment that could be blocked. Not allowing IP editing seems like a simple solution; accounts are cheap, and are used in all other wikis (that I know of). It could help to alleviate a huge exodus of vandal fighters if this comes to pass. Jules (Mrjulesd) 14:03, 7 November 2020 (UTC)
Good points. But I should imagine that one IP would equal one username to make identification easier, but without revealing any information that could be misused. Information about the actual IP address behind the username would still be available to checkusers the same as a manually created username. And if these automatically created usernames are differentiated from manually created ones, then vandal fighters would still be able to quickly identify users who have not manually created a user name, and so may have less commitment to the project, and so be more likely to make test edits. SilkTork (talk) 18:56, 7 November 2020 (UTC)
@SilkTork: This probably isn't the place to have this discussion, but along with the concerns that Mrjulesd has mentioned, consider how automatically assigned IDs might differ from usernames. I'm making some sensible assumptions about how this will be done (let's ignore cookies to keep this short). IDs will be assigned based on some form of fingerprinting of the user's device combined with IP address. If the browser gets updated, that ID will change. If their IP address is dynamic, it will change occasionally (or regularly, depending on how they access the internet) and that ID will change, even if they are the same person using the same device from the same location. If they edit from more than one place, say, school and a coffee shop, they will be assigned different IDs because the IP addresses are different, even though they are the same person using the same device. If they edit with more than one device, say a laptop at home and a phone while on the train, they will be assigned different IDs. Compare this to mandatory creation of an account and then signing in to that account when editing. Which makes more sense? Mo Billings (talk) 22:53, 7 November 2020 (UTC)
I am not opposed to mandatory creation of an account, I am opposed to WMF revealing people's IP's when they edit without logging in. And any problems associated with auto-generated account names would also occur with mandatory manually created account names because users can create multiple accounts. As regards incorporating the user's device into the creation of an automatic account, I'm not seeing why that is necessary or useful. The idea of an automatic account is purely to conceal the user's IP so they are not open to potential abuse. Information about the device itself would still be available to checkusers, but does not need to be incorporated into the account creation because it's not publicly revealed anyway. Any changes that can occur to the automatically generated account would also occur to the IP address, so vandal fighters would have the same problems they have now. Automatically generated accounts would not make the vandal fighters job any easier or harder, but would offer greater protection to all unlogged in users, many of whom are not vandals. SilkTork (talk) 01:33, 8 November 2020 (UTC)
You are right, it is not necessary to make use of the device information if the aim is to simply mask IP addresses. It would be useful in distinguishing users for the purposes of persistent IDs or detecting abuse. Mo Billings (talk) 04:11, 8 November 2020 (UTC)
  • @SilkTork: - it's probably worth you taking a look at m:Talk:IP Editing: Privacy Enhancement and Abuse Mitigation, as well as its archived sections (links in the 4th discussion point, as well as the normal, albeit clunky, meta-archiving route) - a large number of areas where your proposed method wouldn't provide anywhere near the same level of safeguards were highlighted. I also occasionally look at editing when logged out to see its perspective. Distinct from that, I personally find it immensely hard to see how individuals manage to ignore the truly in your face warning - I know some people do, but it's not like we are hiding it in the T&Cs. Nosebagbear (talk) 10:52, 11 November 2020 (UTC)
Thanks for the link - I'll take a look. As regards the unlogged in warning: Are you talking about the phrase: "Your IP address will be publicly visible if you make any edits."? I would regard that as a bland statement rather than a warning, as it doesn't explain that in some circumstances a hacker can make use of their IP address to force entry to their device and steal personal information which can be used in financial scams. This is not just about roughly pin pointing someone's location, it's also about identity theft. If there was a two stage access to editing unlogged-in in which the dangers were explained and on the second page a small box had to be located and ticked to confirm the person was aware of the dangers of editing unlogged in and was happy to proceed, that would be a suitable warning. Bear in mind that some very experienced users have occasionally edited unlogged in by accident - and had to have their edits suppressed. SilkTork (talk) 16:21, 12 November 2020 (UTC)
I suppose that's why they're taking this action, they're probably worried about being sued over data breeches occurring from public exposure of IP addresses from people editing here. One solution perhaps would be to make all IP edits go through a very clear disclaimer process, but even that could be subject to legal problems, particularly in regards to minors. But that is obviously not what they're considering here.
All this stems from the extremely antiquated process of allowing unregistered editing. All other major web-sites simply do not allow this, and therefore are not subject to liability from data-breeches in this manner. I think this proposed solution of "pseudo-accounts" could cause mass confusion and consternation, and is simply not needed in this day and age, where user registration for contributing is not only an accepted practice but also an obligatory practice. User retention is simply more important than user recruitment, and we should accept that and not create these hodge-podge "solutions" which will likely cause more problems than they solve. Jules (Mrjulesd) 17:23, 12 November 2020 (UTC)

Yes, it seems quite extraordinary that we allow unregistered and anonymous people to join in without logging in from any fly-by-night Internet Cafe or temporary SIM card phone and have a go at doing whatever they fancy for good or ill with basically no accountability at all. A site "that anybody can edit" should simply mean "that anybody can freely register for" (in a couple of minutes), basta - every other website in the world works that way, and it doesn't seem to stop many of them getting huge numbers of customers. As for masking, well, it seems utterly extraordinary that the legal eagles can't tell us what law we're supposed to be complying with - why the hell not, it's a basic right to know how we're being governed. Masking is an utterly ludicrous solution, both because the IPs should be logging in, and because (as others have said above) it will make the tracking-down of vandalism worse - how are we going to warn somebody when we have no way at all of knowing if they did it before, it makes no sense: doubly ridiculous. Get them to log in and all the technical faffing-about and complexity is sidestepped. Should have been done years ago. Chiswick Chap (talk) 20:42, 14 November 2020 (UTC)

I was about to start a thread called "About damned time", but I'll just use the existing less vulgar heading. >;-) This has been a long time coming, and is very overdue. Without repeating all of HaeB's pro and con arguments, I just want to say that the fact that IP-address disclosure is meaningless to and harmless for many (maybe even most) anon editors is no excuse. The fact that it's a serious security problem for some (possibly even a safety one) is reason enough to stop broadcasting potentially personally-identifiable IP addresses to the entire world. Especially since it's very easy to become logged out without noticing until after having made some additional, now-IP edits that directly connect that IP to the user ID you were just logged in as.  — SMcCandlish ¢ 😼  16:32, 17 November 2020 (UTC)

A different IP problem

Since we have IP-related dev attention here, I want to raise a side topic: It's intensely frustrating (as well as a security problem) that our systems are presently blanket-blocking (often on a WMF-global basis) all sorts of IP addresses that WMF assumes are "web host providers or colocation providers", without regard to the obvious facts that a) IP addresses and the servers behind them often serve multiple purposes; b) once a user is logged into an actual account, what IP address they are coming from and what other services are provided by the owner of that IP address are irrelevant; and c) the endpoints of most VPNs anyone would bother subscribing to are very likely to be "web host providers or colocation providers" as most of their bread-and-butter, or they would not have the bandwidth to be useful VPN endpoints in the first place.

Example of the kind of block notice generated by this nonsense (though anonymized and without all the giant red text formatting and other hooey):

You do not have permission to edit this page, for the following reason:

You are currently unable to edit Wikipedia.

You are still able to view pages, but you are not currently able to edit, move, or create them.
Editing from 123.456.789.0/22 has been blocked (disabled) by AdminUserName for the following reason(s):
The IP address that you are currently using has been blocked because it is believed to be a web host provider or colocation provider. To prevent abuse, web hosts and colocation providers may be blocked from editing Wikipedia.
You will not be able to edit Wikipedia using a web host or colocation provider.

Since the web host acts like a proxy or VPN, because it hides your IP address, it has been blocked. To prevent abuse, these IPs may be blocked from editing Wikipedia. If you do not have any other way to edit Wikipedia, you will need to request an IP block exemption.

If you do not believe you are using a web host, you may appeal this block by adding the following text on your talk page: {{unblock|reason=Caught by a colocation web host block but this host or IP is not a web host. My IP address is _______. Place any further information here. ~~~~}}. You must fill in the blank with your IP address for this block to be investigated. Your IP address can be determined using whatismyip.com. Alternatively, if you wish to keep your IP address private you can use the unblock ticket request system. If you are using a Wikipedia account, you will need to request an IP block exemption by either using the unblock template or by submitting an appeal using the unblock ticket request system.

Administrators: The IP block exemption user right should only be applied to allow users to edit using web host in exceptional circumstances, and they should usually be directed to the functionaries team via email. If you intend to give the IPBE user right, a CheckUser needs to take a look at the account. This can be requested most easily at SPI Quick Checkuser Requests. Unblocking an IP or IP range with this template is highly discouraged without at least contacting the blocking administrator.

Using ISP Rangefinder

This block has been set to expire: 14:28, 11 October 2022.

Even if blocked, you will usually still be able to edit your user talk page and email other editors and administrators.

Other useful links: Blocking policy · Username policy · Appealing blocks: policy and guide

If the block notice is unclear, or it does not appear to relate to your actions, please ask for assistance as described at Help:I have been blocked.

I sometimes have to bounce around between 10+ endpoints on my VPN provider's network before I find one from which I can edit, and this is just downright stupid. (And then it changes again a few days later so I can't use that one, meanwhile the unnecessary block on another expires and I can use it again. For a few days. Then I have to try to come in from Panama or Japan or Zimbabwe. Until next week, then maybe Liechtenstein or New Zealand. It's just random, brain-farty, wannabe-security nonsense.)

I've had requests to unblock a specific VPN IP address, for me as a logged-in user, declined simply because it's a technical hassle. It shouldn't be a hassle. It's only a hassle because of how things have been set up on the sysadmin side of things. And sometimes these requests are declined for even more daft reasons, like maybe I'm not really who I say I am, and why am I coming in from IP addresses all over the globe, is maybe my account compromised, or am I "really me" but a bad-actor after all, despite years of service? It's blatant circular reasoning: We're screwing with your ability to edit by carpet-bombing various IP addresses because someone vandalized through them once upon a time; then we're declaring you to be a possible vandal or sockpuppet or system cracker because this idiocy has forced you to try to use other IP addresses to get in. That's called "blaming the victim".

This has to stop. While I don't entirely disagree with the dev's announcement/op-ed thing above expressing concerns that just blockading all anon IP edits would do harm to the projects by erecting a barrier to entry that many potential editors would not climb (though pt.wikipedia is providing direct evidence against that prediction), it's more than just hypothetically harmful to use blunderbuss approaches to "security" (actually just anti-vandalism and anti-socking convenience) that thwart editors like me (with 15+ years of solid experience here, and advanced permissions), and actually reduce real security by convincing various legit, account-registered editors to stop trying to log in through VPNs. Given how many editors are now editing with mobile laptops, phones, and tablets, from locations they do not completely control and which are sometime actively targeted by persons and organizations trying to eavesdrop on data, this is a real and growing security hole (especially for users with advanced permissions like TemplateEditor, Admin, etc), as well as a totally unnecessary pain in the butt.

Johan Jönsson, I doubt you have anything personally to do with this problem, but you appear to be in a development-insider position to amplify the squeaking of this wheel so that it actually gets some grease.

PS: This firehose approach to IP blocking doesn't even function as intended, anyway. It is often the case that I can edit from one of my VPN's IP address for anywhere from several minutes to an hour or longer without incident, only to eventually have it stop working, with that dunderheaded block notice popping up finally. There is a huge lag in the ability of the system that does the IP address analysis to even "get a bead" on what the IP address is and match it to a block list. That's a bit like having a car-door lock that only actually locks the door at some random interval, anywhere from a minute to several hours, after you press the lock button (and probably do it when the actual car owner is trying to get in, not when a thief is). It's certainly doing jack to prevent vandalism or socking, since by far the majority of such unconstructive behavior is going to happen quickly, not after 39 minutes or 2.6 hours of editing around as an anon at that same IP address. The entire approach is just flat-out broken.
 — SMcCandlish ¢ 😼  16:32, 17 November 2020 (UTC)

SMcCandlish: This is indeed not really my area, but that doesn't mean I can't help at least get this to the right persons. Just to make sure I understand you correctly: Is your request that the Foundation look into the technical aspects to make it easier for the Wikimedia communities to handle exceptions in the long-standing discussion around VPN access to Wikipedia and the privacy wins (and sometimes necessities, in some areas of the world, to simply access the wikis) versus the anti-vandalism/anti-sockpuppet cons? I.e. that this behaviour is partly driven by the bluntness of blocking tools, and we should give the communities the chance to act with more consideration of the specific situation? Or were you thinking of non-technical aspects? /Johan (WMF) (talk) 04:43, 18 November 2020 (UTC)
Thank you for getting back to me (and I apologize for venting a bit; it's just been maddening – it's one of the reasons my once-prodigious editing is now fractional). Your summary does indeed get to the gist of it, though there is also a social/policy/administrative "gatekeeping" aspect: it should be easier to get approval for an exception as a logged-in user. I'm not making any kind of argument/request with regard to what anons should be able to do from these same IP addresses. The tool is overly blunt (and seemingly a bit damaged, given the lag bug), but it's also being wielded more crudely than should be necessary. If there's some complication that would make anti-vandal/sock actions seriously more difficult, a likely compromise would be to make the permission available (or usually available) only to editors of a certain trust level. That could be anything from bare AutoConfirmed up to one or more advanced, high-trust permissions with an vetting process like TemplateEditor, PageMover, or FileMover. I'm not feeling strongly about the specifics. If it should be rather low but not super-low, ExtendedConfirmed might be good. If it must involve administrative judgment but still be broadly available, the Rollbacker seems reasonable. Etc. PS: I was inspired to bring this up here and now because your piece above indicates that the impending legally required changes to IP-address handling are already necessitating some "re-code stuff so we don't break abuse-fighting tools" efforts, so now seems like the ideal time to deal with both problems.  — SMcCandlish ¢ 😼  06:09, 18 November 2020 (UTC)
@Johan (WMF): forgot the ping.  — SMcCandlish ¢ 😼  06:14, 18 November 2020 (UTC)
I have written an essay, User:Bri/Misapplication of blocking, that addresses some parallel concerns with overbroad application of IP blocks, and a lack of transparency and accountability. ☆ Bri (talk) 04:48, 18 November 2020 (UTC)
Thanks. I will have a look-see at it. :-)  — SMcCandlish ¢ 😼  06:09, 18 November 2020 (UTC)
@Bri: Zoiks. That's really troubling. I realize it's not the exact same issue I'm raising, but it has at-least-equally-bad implications.  — SMcCandlish ¢ 😼  06:14, 18 November 2020 (UTC)

Judging by the conclusion from the opening article (systematic bias), it rather reads that we were screwed from the off - either there was a bias, and so Wikipedia was deleting articles in line with a sexist agenda (possibly unconsciously) or we weren't, because we were doing so by instead limiting access. Nosebagbear (talk) 00:48, 2 November 2020 (UTC)

There were so many caveats that I don't think you can draw any definite conclusion. They drew up a list of words that they thought would define "...pages that may have interest to a given gender". From popular magazines? Really? So they obviously zeroed in on 'waxing' and 'beer', right? No, 'dishwashing'? I'm insulted already, at least three ways. "Once the Wikipedia content is matched to a demographic..." First wave of magic wand! Then there is "the authors note in the discussion" their editorial conclusion of bias mixed with weasel words 'likely', 'perhaps', usw. Then they conclude their conclusions by combining the standard research "needs more money" along with the oh so neutral assertion "future work should be done around the more pernicious ways that system bias is reinforced." Generally, or just at Wikipedia?
Given any particular 'demographic', there is a lack of articles here. There is a lack of development of the articles we already have here. I see it given my cross-section of interests. You do too. Does diversity of subjects really compete with breadth of subjects? No, unless viewed through the short-sighted lens of advocacy of self-interest vs. interests of others. Motivation over accusation is my preference. Shenme (talk) 05:42, 2 November 2020 (UTC)
Yes, I was concerned that "popular magazines" were the means of determining keywords. That smacks of a more risky demographic bias source than anything we might do. Given any particular 'demographic', there is a lack of articles here isn't quite true. The "LotR demographic" (I remember a census box for that, right) must have sufficient articles by now Nosebagbear (talk) 11:13, 2 November 2020 (UTC)
Given any topic, and there is a lack of sufficient good articles for it. Wikipedia is a work in progress. Also, I would like to point out that in some cases the deficiency is due to a lack of reliable sources, which is not our problem. We shouldn't go and use sketchy sources because of a "systemic bias" that some random researchers are worried about. And as for systemic bias on Wikipedia, there is one- that enforces strict adherence to notability and verifiability, among other high standards. See WP:LOC.--SilverTiger12 (talk) 16:56, 3 November 2020 (UTC)

Traffic report: Jump back, what's that sound? (2,039 bytes · 💬)

  • Interesting to see that the latest kerfuffle about Hunter Biden didn't propel his article, or the Biden–Ukraine conspiracy theory, into the Top 10 for the past 2 weeks. As much debate as is going on on the article talk pages, you'd think they'd be up at #1 & #2 but I guess the nonstory doesn't have the global/national traction & interest that movies, TV shows or MMA fighters have. Liz Read! Talk! 20:17, 1 November 2020 (UTC)
  • People do be really grasping at straws about the Biden campaign logo -Gouleg🛋️ (TalkContribs) 15:32, 2 November 2020 (UTC)
Yeah, some of the memes are actually the purest nonsense! Of course the graphic designer who made the campaign logo needed a visual eye catcher. And red is known to do that job best. BTW the number of young persons wearing red sneakers in my urban environment is increasingly high. -- Just N. (talk) 17:15, 9 November 2020 (UTC)
My second idea about the meme is a lot uglier. Aren' t a lot of American citizens/voters haunted by fear of any sort of socialism and hating China for *stealing* the inofficial No 1 position of leading world economy from the US? So by putting the Dems campaign logo into ugly framing context the anti-communist emotions are whipped up, at least in Republican readers. Indeed an ugly manipulation by drawing on mostly subconscious political emotion layers -> just by means of a socmedia meme. -- Just N. (talk) 17:34, 9 November 2020 (UTC)