[Wikimedia-l] Update on IPv6

classic Classic list List threaded Threaded
56 messages Options
123
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Nathan Awrich
On Wed, Jun 13, 2012 at 2:21 PM, Risker <[hidden email]> wrote:

> On 13 June 2012 14:09, Nathan <[hidden email]> wrote:
>
> I believe that FT2 is saying that we should seriously consider masking the
> *publicly viewable* IPv6 addresses.  The only reason that we publish the IP
> addresses of any logged-out user is for attribution purposes, although some
> use it for other reasons (both positive and nefarious).  Quite honestly, it
> doesn't matter what information is put in place in the publicly viewable
> logs, provided it's consistent.
>
> Risker
>
>
Sure, that's the assertion, but it leaves unanswered a lot of "why"
questions. Why should we make publicly viewable attributions less
identifiable than they have been for a decade? Is that step valuable at
all, given the reality that anyone likely to use the IP address for
"nefarious" reasons would simply register an account?

I think a stable, predictable privacy regime that doesn't discourage users
is a perfectly good goal which Wikimedia has largely achieved. I'm not sure
there is a lot of value in FT2's suggestion from a privacy perspective (it
would make far more sense to make the mask applicable to everyone but CUs
or admins), let alone whether a significantly more anonymous method for
contributing is either necessary or desirable.

~Nathan
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Brandon Harris-4
In reply to this post by Risker

On Jun 13, 2012, at 11:21 AM, Risker wrote:

> I believe that FT2 is saying that we should seriously consider masking the
> *publicly viewable* IPv6 addresses.  The only reason that we publish the IP
> addresses of any logged-out user is for attribution purposes, although some
> use it for other reasons (both positive and nefarious).  Quite honestly, it
> doesn't matter what information is put in place in the publicly viewable
> logs, provided it's consistent.


        A couple of weeks ago, Brion Vibber and I started walking through a series of thoughts about eliminating publicly viewable IP addresses altogether, creating "Proto Accounts".  That is, to completely anonymize anonymous users (by calling them "Anonymous XXXXXX") and at the same time creating system whereby Anonymous users might be encouraged to become registered users (and retain the edits they did anonymously).

        This would work by "back-loading" the account creation process:

                1) User makes anonymous edit (as "Anonymous 1234").  Edit is logged as "Anonymous 1234").
                2) User is given call-to-action to convert to a registered account.
                3) User fills out account form (username, password, email) (let's call them "AwesomeSauce89")
                4) Proto account gets renamed to "AwesomeSauce89"; the edits that were under "Anonymous 1234" are now listed as being by "AwesomeSauce89"

        I also spoke with Tim Starling about this in Berlin and he agreed that it was a good idea.  However, this would be no small feat.  A big part of the problems involved in this type of anonymizing involve how we deal with range blocks.

        Would this be something people might like to see happen?


---
Brandon Harris, Senior Designer, Wikimedia Foundation

Support Free Knowledge: http://wikimediafoundation.org/wiki/Donate


_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
FT2
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

FT2
In reply to this post by Nathan Awrich
Wikipedia has held since the start, a philosophy that some aspects of
neutral accessible editing are enhanced by pseudonymity.  One only need
look at early policies and current policies to see they started with strong
strict views on this, and retain strong strict views.  Reasons where it
matters are codified in policies themselves - freedom to edit without fear
of social backlash, freedom to edit unpopular views and topics or those
which would be professionally harmful, freedom to edit from places and
regimes where uninhibited authorship would be dangerous, freedom to be
judged by the edits one makes and not the person one is.

Obviously there are negatives too - ease of abuse, reduced ease of
detecting bad behavior, and so on.  None the less over time the view has
stuck, pseudonymity is a cornerstone of the environment we offer users and
that users may rely upon.  In that context, improving pseudonymity is a
valid goal. That an area established 10 years ago has not yet been fully
revised or brought into the 2010-2020 era is not salient. The same could be
said of many Mediawiki functions. Pseudonymity is "de facto" in the
culture, and part of our multi-branched attempt to facilitate neutral open
editing. It is an area of interest and an area where improvemenet and
advancement are worthwhile to seek. It is odd to rationalize that a user
with an account has safeguards which users without accounts should not
"deserve".

Most of the rest of your questiopns are technical - how would this or that
be done?  Those technical questions need technical consideration, but the
basic question is a non technicval one, as is my comment.  This is a
desirable area to dovetail.  How that works and to what extent cost v
benefit means we do some things but accept limitations on others, are
questions that technical people will need to consider.

FT2

On Wed, Jun 13, 2012 at 7:09 PM, Nathan <[hidden email]> wrote:

> On Wed, Jun 13, 2012 at 1:36 PM, FT2 <[hidden email]> wrote:
>
> (snip)
>
>


> Why is "improving anonymity" a goal? Our privacy policy governs the
> disclosure of non-public information, but the IP addresses of editors
> without an account have always been effectively public. Are IP editors
> clamoring for more privacy? Is masking IPv6 addresses more important than
> the uses to which IP addresses are currently put? Is masking a better way
> to solve the problem of potentially more identifiable information in IPv6
> than, say, a more prominent disclosure and disclaimer? Would masking the IP
> addresses only for logged-out users be a worthwhile change, given the ease
> of registering an account? Would they remain masked in the histories of
> project dumps? There are a lot of questions to answer here before it's
> reasonable to start suggesting changes be made, and these are only some.
>
>
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Nathan Awrich
In reply to this post by Brandon Harris-4
On Wed, Jun 13, 2012 at 2:29 PM, Brandon Harris <[hidden email]>wrote:

>
> On Jun 13, 2012, at 11:21 AM, Risker wrote:
>
> > I believe that FT2 is saying that we should seriously consider masking
> the
> > *publicly viewable* IPv6 addresses.  The only reason that we publish the
> IP
> > addresses of any logged-out user is for attribution purposes, although
> some
> > use it for other reasons (both positive and nefarious).  Quite honestly,
> it
> > doesn't matter what information is put in place in the publicly viewable
> > logs, provided it's consistent.
>
>
>         A couple of weeks ago, Brion Vibber and I started walking through
> a series of thoughts about eliminating publicly viewable IP addresses
> altogether, creating "Proto Accounts".  That is, to completely anonymize
> anonymous users (by calling them "Anonymous XXXXXX") and at the same time
> creating system whereby Anonymous users might be encouraged to become
> registered users (and retain the edits they did anonymously).
>
>        This would work by "back-loading" the account creation process:
>
>                1) User makes anonymous edit (as "Anonymous 1234").  Edit
> is logged as "Anonymous 1234").
>                2) User is given call-to-action to convert to a registered
> account.
>                3) User fills out account form (username, password, email)
> (let's call them "AwesomeSauce89")
>                4) Proto account gets renamed to "AwesomeSauce89"; the
> edits that were under "Anonymous 1234" are now listed as being by
> "AwesomeSauce89"
>
>        I also spoke with Tim Starling about this in Berlin and he agreed
> that it was a good idea.  However, this would be no small feat.  A big part
> of the problems involved in this type of anonymizing involve how we deal
> with range blocks.
>
>        Would this be something people might like to see happen?
>
>
>
In my view, no. I think we need to balance the "risk" argument for
anonymity (dissidents, whistleblowers, people editing topics they wouldn't
want to be publicly associated with, etc.) with the benefits of partial
anonymity. Among these benefits I'd cite the many news items regarding the
discovery of fishy editing patterns from Congressional offices, corporate
offices, government agencies, political candidates, etc.  We're an
organization with competing aims: we'd like to be as transparent as
possible, and by and large believe in the value of radical transparency,
but we also want to protect our users from undue harm. I think we can
maintain that balance by having a very stable and predictable approach to
privacy, and by being abundantly clear with our disclosures and user
education with respect to privacy. The above approach wipes out any
transparency in favor of complete privacy, without (to my mind)
establishing the particular benefits of that outcome.

~Nathan
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
FT2
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

FT2
In reply to this post by Risker
Yes. Risker has understood.

Her word "masking" means for me, that we would like to make it hard or
create a high hurdle, for third parties wanting to find or prove a link
between the public displayed ID of non-logged in users and other off-site
ID such as their IP address that can be used to externally correlate or
identify a real-world individual.   (Which is not really any more than we
do for logged in users)

What exact label is publicly displayed is secondary.  Otherwise
pseudonymity wouldn't work either.  Its functions are (1) attribution, (2)
a convenient shorthand for "the unknown real world individual responsible
for this edit" in wiki-discussions, and (3) some minimal consistency of
identification.

FT2

On Wed, Jun 13, 2012 at 7:21 PM, Risker <[hidden email]> wrote:

> On 13 June 2012 14:09, Nathan <[hidden email]> wrote:
> (more snipping)



> I believe that FT2 is saying that we should seriously consider masking the
> *publicly viewable* IPv6 addresses.  The only reason that we publish the IP
> addresses of any logged-out user is for attribution purposes, although some
> use it for other reasons (both positive and nefarious).  Quite honestly, it
> doesn't matter what information is put in place in the publicly viewable
> logs, provided it's consistent.
>
> Risker
>
>
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Risker
In reply to this post by Nathan Awrich
On 13 June 2012 14:29, Nathan <[hidden email]> wrote:

> On Wed, Jun 13, 2012 at 2:21 PM, Risker <[hidden email]> wrote:
>
> > On 13 June 2012 14:09, Nathan <[hidden email]> wrote:
> >
> > I believe that FT2 is saying that we should seriously consider masking
> the
> > *publicly viewable* IPv6 addresses.  The only reason that we publish the
> IP
> > addresses of any logged-out user is for attribution purposes, although
> some
> > use it for other reasons (both positive and nefarious).  Quite honestly,
> it
> > doesn't matter what information is put in place in the publicly viewable
> > logs, provided it's consistent.
> >
> > Risker
> >
> >
> Sure, that's the assertion, but it leaves unanswered a lot of "why"
> questions. Why should we make publicly viewable attributions less
> identifiable than they have been for a decade? Is that step valuable at
> all, given the reality that anyone likely to use the IP address for
> "nefarious" reasons would simply register an account?
>

I think perhaps I was not clear in what I meant by "nefarious" purposes.
The IP addresses in our contribution logs have been used by others to
locate editors, to make allegations against individuals and organizations
because their IP address showed up in those logs, and so on. It is a key
reason why "accidentally editing logged out" is one of the top reasons for
suppression requests, because it can provide a non-negligible amount of
information about the user.



>
> I think a stable, predictable privacy regime that doesn't discourage users
> is a perfectly good goal which Wikimedia has largely achieved. I'm not sure
> there is a lot of value in FT2's suggestion from a privacy perspective (it
> would make far more sense to make the mask applicable to everyone but CUs
> or admins), let alone whether a significantly more anonymous method for
> contributing is either necessary or desirable.
>
>
I would put to you that, actually, our publishing of full IP addresses of
our logged-out contributors is a very significant privacy issue. There is
no other top-10 website that publishes this information; in fact, the
number of websites that attributes contributions to specific (often
traceable) IP addresses is minuscule.  The only rationale that has ever
been given for publishing of IP addresses is for the purpose of edit
attribution.  That can be done any number of other ways.

Risker
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Nathan Awrich
On Wed, Jun 13, 2012 at 2:42 PM, Risker <[hidden email]> wrote:

>
> I think perhaps I was not clear in what I meant by "nefarious" purposes.
> The IP addresses in our contribution logs have been used by others to
> locate editors, to make allegations against individuals and organizations
> because their IP address showed up in those logs, and so on. It is a key
> reason why "accidentally editing logged out" is one of the top reasons for
> suppression requests, because it can provide a non-negligible amount of
> information about the user.
>

I think I understood what you meant by nefarious, but regardless of the
definition, the point remains: unless you restrict any IP-related data to
administrators and/or CUs, the type of masking FT2 described is ineffective
at improving privacy.

I would put to you that, actually, our publishing of full IP addresses of

> our logged-out contributors is a very significant privacy issue. There is
> no other top-10 website that publishes this information; in fact, the
> number of websites that attributes contributions to specific (often
> traceable) IP addresses is minuscule.  The only rationale that has ever
> been given for publishing of IP addresses is for the purpose of edit
> attribution.  That can be done any number of other ways.
>
> Risker
>
>
I have to disagree for several reasons. First, while you are correct that
no other top 10 website publishes IP information of users, that is in no
small part a byproduct of how different Wikipedia is from the other 9.
Without belaboring the point too much, search engines and passive viewing
sites don't publish user information at all in any format, and commercial
social networks have a wholly different set of interests than do Wikimedia
projects.  Second, more complete anonymity is and has always been available
to any editor; while the primary and original purpose of an IP address in
edit history is attribution, it has long been put to many other beneficial
uses. Given that we've had a stable approach to IP addresses for 10 years,
and no rush of demand to change the paradigm, it makes sense to balance the
public benefit nature of the projects against the reasonable privacy needs
(on which we all generally agree). We should discuss that balance rather
than just assume that more perfect privacy is worth significantly less
transparency.
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Risker
On 13 June 2012 15:06, Nathan <[hidden email]> wrote:

> On Wed, Jun 13, 2012 at 2:42 PM, Risker <[hidden email]> wrote:
>
> >
> > I think perhaps I was not clear in what I meant by "nefarious" purposes.
> > The IP addresses in our contribution logs have been used by others to
> > locate editors, to make allegations against individuals and organizations
> > because their IP address showed up in those logs, and so on. It is a key
> > reason why "accidentally editing logged out" is one of the top reasons
> for
> > suppression requests, because it can provide a non-negligible amount of
> > information about the user.
> >
>
> I think I understood what you meant by nefarious, but regardless of the
> definition, the point remains: unless you restrict any IP-related data to
> administrators and/or CUs, the type of masking FT2 described is ineffective
> at improving privacy.
>
> I would put to you that, actually, our publishing of full IP addresses of
> > our logged-out contributors is a very significant privacy issue. There is
> > no other top-10 website that publishes this information; in fact, the
> > number of websites that attributes contributions to specific (often
> > traceable) IP addresses is minuscule.  The only rationale that has ever
> > been given for publishing of IP addresses is for the purpose of edit
> > attribution.  That can be done any number of other ways.
> >
> > Risker
> >
> >
> I have to disagree for several reasons. First, while you are correct that
> no other top 10 website publishes IP information of users, that is in no
> small part a byproduct of how different Wikipedia is from the other 9.
> Without belaboring the point too much, search engines and passive viewing
> sites don't publish user information at all in any format, and commercial
> social networks have a wholly different set of interests than do Wikimedia
> projects.  Second, more complete anonymity is and has always been available
> to any editor; while the primary and original purpose of an IP address in
> edit history is attribution, it has long been put to many other beneficial
> uses. Given that we've had a stable approach to IP addresses for 10 years,
> and no rush of demand to change the paradigm, it makes sense to balance the
> public benefit nature of the projects against the reasonable privacy needs
> (on which we all generally agree). We should discuss that balance rather
> than just assume that more perfect privacy is worth significantly less
> transparency.
>

The original Wikipedia platform (lo those long years ago) published only
partial IP addresses.  Today, "significantly less transparency" seems to
mean "create an acccount" to many people. However, that is antithetical to
the "anyone can edit" principle on which our projects are based.  "Anyone
can edit, as long as they don't mind that everyone in the world will know
where they're from, what ISP they use, and possibly even the physical
location from which they are editing and what equipment they're using to do
so,  unless they create an account" is what it has become.

We want the edits. We don't need to know the rest, and never have. If we
needed to know that information, we would have decided not to permit
account-based editing in the first place.  There's no template at the
bottom of the talk pages of editors with accounts that allows
identification and geolocation of their IP.  If it's useful for logged-out
editors, it is just as useful for logged-in ones, according to the
"transparency" logic.

One of the reasons that many of us were taken by surprise with the sudden
appearance of the IPv6 change was that this very discussion could have
taken place beforehand, and would have guided the Engineering team in their
progress.  I for one have long been concerned about the use of IP addresses
to attribute edits, but that may be because I'm one of the few people who
winds up suppressing those that happen accidentally to account holders.
It's a discussion we need to have, though.

Risker
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Risker
In reply to this post by Nathan Awrich
On 13 June 2012 15:06, Nathan <[hidden email]> wrote:

<snip>


> I have to disagree for several reasons. First, while you are correct that
> no other top 10 website publishes IP information of users, that is in no
> small part a byproduct of how different Wikipedia is from the other 9.
>

<snip>

I am struggling to think of any other website of any nature that I have
ever visited that publicly identifies editors/posters by their IP address,
except for a few other wikis.  I've seen "unregistered user" before, and
similar nomenclature. Can anyone think of another site (regardless of
purpose) that links the editor/poster publicly to their full IP address?

Risker
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Nathan Awrich
In reply to this post by Risker
On Wed, Jun 13, 2012 at 3:18 PM, Risker <[hidden email]> wrote:

>
> The original Wikipedia platform (lo those long years ago) published only
> partial IP addresses.  Today, "significantly less transparency" seems to
> mean "create an acccount" to many people. However, that is antithetical to
> the "anyone can edit" principle on which our projects are based.  "Anyone
> can edit, as long as they don't mind that everyone in the world will know
> where they're from, what ISP they use, and possibly even the physical
> location from which they are editing and what equipment they're using to do
> so,  unless they create an account" is what it has become.
>

I'm not sure I understand how "create an account" is antithetical to
"anyone can edit". Are you saying there is some bar to creating an account
that prevents some people from editing? People can choose to use an account
name or choose to edit from an IP address. You're suggesting making account
names mandatory and dynamic, I'm not seeing how that is a necessary
outgrowth of "anyone can edit."


>
> We want the edits. We don't need to know the rest, and never have. If we
> needed to know that information, we would have decided not to permit
> account-based editing in the first place.  There's no template at the
> bottom of the talk pages of editors with accounts that allows
> identification and geolocation of their IP.  If it's useful for logged-out
> editors, it is just as useful for logged-in ones, according to the
> "transparency" logic.
>
>
Sure - the same principle that makes IP information useful for transparency
purposes works as well on IP editors as it does on account holders. But
account holders have chosen to restrict access to that information, and IP
editors have not. A better solution to mandating automatically assigned
account names is to provide reasonable education and disclosure (say, a
pop-up on first edit or something else fairly prominent) to people editing
without an account. That way we let users judge privacy for themselves, and
preserve the usefulness of IP data when a user chooses to disclose it.

Risker wrote:

"I am struggling to think of any other website of any nature that I have
ever visited that publicly identifies editors/posters by their IP address,
except for a few other wikis.  I've seen "unregistered user" before, and
similar nomenclature. Can anyone think of another site (regardless of
purpose) that links the editor/poster publicly to their full IP address?"

IP address, no. Facebook profile (which is, as for most people, under my
real name)? Sure. Even so, a comparison between Wikimedia and Google or the
NY Times or Facebook or Gawker etc. fails because it does not recognize the
many philosophical and practical differences between those sites and a
Wikimedia project.
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Risker
On 13 June 2012 15:39, Nathan <[hidden email]> wrote:

> On Wed, Jun 13, 2012 at 3:18 PM, Risker <[hidden email]> wrote:
> Risker wrote:
>
> "I am struggling to think of any other website of any nature that I have
> ever visited that publicly identifies editors/posters by their IP address,
> except for a few other wikis.  I've seen "unregistered user" before, and
> similar nomenclature. Can anyone think of another site (regardless of
> purpose) that links the editor/poster publicly to their full IP address?"
>
> IP address, no. Facebook profile (which is, as for most people, under my
> real name)? Sure. Even so, a comparison between Wikimedia and Google or the
> NY Times or Facebook or Gawker etc. fails because it does not recognize the
> many philosophical and practical differences between those sites and a
> Wikimedia project.
>

Nathan, I'm still trying to come up with *any* site that permits
unregistered users to post but also publishes their full IP address.  Can
you think of any at all?  Let's not limit it to the big guys, let's really
think this through and explore what is going on outside of our own
bailiwick.  Just because we've done things for a long time doesn't mean we
shouldn't improve ourselves.

Risker

Risker
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Nathan Awrich
On Wed, Jun 13, 2012 at 3:49 PM, Risker <[hidden email]> wrote:

>
> Nathan, I'm still trying to come up with *any* site that permits
> unregistered users to post but also publishes their full IP address.  Can
> you think of any at all?  Let's not limit it to the big guys, let's really
> think this through and explore what is going on outside of our own
> bailiwick.  Just because we've done things for a long time doesn't mean we
> shouldn't improve ourselves.
>

Well, there are many sites (my local newspaper for instance) that permit
users with no site-specific registration to comment, but only using a
Facebook profile. Assuming the commenter is following Facebook's account
policies, that is at least as revealing as an IP address.

And we can just as easily look at it from the other direction - are there
really other sites out there like Wikipedia, with our mix of mission and
global impact for a user-generated product? I think Wikipedia is unique in
many ways, and I believe that renders the comparison you're attempting to
make not useful. And finally, you take for granted a principle that I have
challenged - mandating complete anonymity for all users (other than those
who edit using a real name) is not, in my view, the same as "improv[ing]
ourselves."

I'd like to get other opinions on this, so I'm going to hold off on posting
again in this thread... at least for as long as I can stand it :-P

~Nathan
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Platonides
In reply to this post by Kim Bruning
On 13/06/12 00:39, Kim Bruning wrote:
> What with XS4ALL (my ISP) now also offering IPv6 out-of-the-box, there's
> at least one extra IPv6 anon on en.wp. ;-)
>
> I noticed that my current IPv6 address appears to be assigned
> dynamically by XS4ALL. I can probably get static if I choose it. But the
> dynamic assignment option does alleviate some people's privacy
> concerns, right?

A 'privacy problem' of IPv6 addresses is that they could be tied to your
network card identification number (the MAC), so even if you changed
networks, and got a different ip, the lower bytes would remain constant
indentifying you. Then privacy extensions were developed to avoid that.
I think you should check how much dynamic it by looking not just but
what ranges change. Maybe it's static but your OS is making it look
dynamic on each reboot. Or viceversa, your OS could be leaking your MAC
even though your ISP gives you a dynamic one.


_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

John Mark Vandenberg
In reply to this post by Brandon Harris-4
On Jun 14, 2012 1:30 AM, "Brandon Harris" <[hidden email]> wrote:
>
>        A couple of weeks ago, Brion Vibber and I started walking through
a series of thoughts about eliminating publicly viewable IP addresses
altogether, creating "Proto Accounts".  That is, to completely anonymize
anonymous users (by calling them "Anonymous XXXXXX") and at the same time
creating system whereby Anonymous users might be encouraged to become
registered users (and retain the edits they did anonymously).
>
>        This would work by "back-loading" the account creation process:
>
>                1) User makes anonymous edit (as "Anonymous 1234").  Edit
is logged as "Anonymous 1234").
>                2) User is given call-to-action to convert to a registered
account.
>                3) User fills out account form (username, password, email)
(let's call them "AwesomeSauce89")
>                4) Proto account gets renamed to "AwesomeSauce89"; the
edits that were under "Anonymous 1234" are now listed as being by
"AwesomeSauce89"
>
>        I also spoke with Tim Starling about this in Berlin and he agreed
that it was a good idea.  However, this would be no small feat.  A big part
of the problems involved in this type of anonymizing involve how we deal
with range blocks.
>
>        Would this be something people might like to see. .

Yes!

--JV
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Andrea Zanni-2
>
> On Jun 14, 2012 1:30 AM, "Brandon Harris" <[hidden email]> wrote:
> >
> >        A couple of weeks ago, Brion Vibber and I started walking through
> a series of thoughts about eliminating publicly viewable IP addresses
> altogether, creating "Proto Accounts".  That is, to completely anonymize
> anonymous users (by calling them "Anonymous XXXXXX") and at the same time
> creating system whereby Anonymous users might be encouraged to become
> registered users (and retain the edits they did anonymously).
> >
> >        This would work by "back-loading" the account creation process:
> >
> >                1) User makes anonymous edit (as "Anonymous 1234").  Edit
> is logged as "Anonymous 1234").
> >                2) User is given call-to-action to convert to a registered
> account.
> >                3) User fills out account form (username, password, email)
> (let's call them "AwesomeSauce89")
> >                4) Proto account gets renamed to "AwesomeSauce89"; the
> edits that were under "Anonymous 1234" are now listed as being by
> "AwesomeSauce89"
> >
> >        I also spoke with Tim Starling about this in Berlin and he agreed
> that it was a good idea.  However, this would be no small feat.  A big part
> of the problems involved in this type of anonymizing involve how we deal
> with range blocks.
> >        Would this be something people might like to see. .
>

 If I understand it well, YEAH.

Aubrey

_______________________________________________

> Wikimedia-l mailing list
> [hidden email]
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
>
_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
Reply | Threaded
Open this post in threaded view
|

Re: [Wikimedia-l] Update on IPv6

Federico Leva (Nemo)
In reply to this post by Nathan Awrich
Nathan, 13/06/2012 20:37:
> In my view, no. I think we need to balance the "risk" argument for
> anonymity (dissidents, whistleblowers, people editing topics they wouldn't
> want to be publicly associated with, etc.) with the benefits of partial
> anonymity. Among these benefits I'd cite the many news items regarding the
> discovery of fishy editing patterns from Congressional offices, corporate
> offices, government agencies, political candidates, etc.  We're an
> organization with competing aims: we'd like to be as transparent as
> possible, and by and large believe in the value of radical transparency,
> but we also want to protect our users from undue harm.

I'm quite surprised that only Nathan seems to be voicing this concern.
For many years when people criticized the lack of responsibility in
Wikipedia's authors we've repeated that every word and comma is
attributed to a person, either by pen name or IP, and that there's no
need of a real name policy. The most important feature of MediaWiki is a
[user] "tracking" feature: the diffs, the history, the contributions
page; everything is transparent.
This is not needed to please some big brother fans but rather for the
wiki (the community) to work; replacing IPs with unusable
non-identifying strings would be a bad thing and it's not obvious at all
that "improving privacy" is the prevalent aim here. In fact, the main
problem with how IPv6 addresses are exposed in MediaWiki is that the
bytes of information random users have to digest and remember to
identify users are just too much and in a user-unfriendly format (even
for the standard sysop). On the other hand, IPv6 will improve
identification in a very good way; ISP are already heavily using NAT,
and quite often hundreds or thousands of users in my city have been
blocked on it.wiki by blocking just a single IPv4 address, not to
mention community drama around dubious CheckUser results.
That said, we've used domains before IPs and it's surely possible to
invent something new, although I don't have enough imagination to find a
solution.

Nemo

_______________________________________________
Wikimedia-l mailing list
[hidden email]
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
123