User talk:SirFozzie/Alternate

Invisible

Try announcing this at the community noticeboard or village pump. Durova³²⁰ 20:19, 30 September 2009 (UTC)

Yeah, I was hoping to keep it low key to start, but it might be good to get as many eyes as possible as quick as possible. It's already been mentioned by others elsewhere (off-WR) SirFozzie (talk) 20:23, 30 September 2009 (UTC)

Did you mean "off-WP"? ... I know that some think of WR as a combination turbo-watchlist and AN/I-annex. ++Lar: t/c 22:09, 30 September 2009 (UTC)

No, I meant that someone had emailed me about it.. but I expected it to be picked up on WR at some point (but not that quick) SirFozzie (talk) 22:41, 30 September 2009 (UTC)

Gotcha. So you have three equivalence classes for communication then... WP, WR, and everything else ? :) Me, I have 4... ++Lar: t/c 22:49, 30 September 2009 (UTC)

Lar

No we can't. Privacy is a Foundation level policy. Fork your own wiki, or join Citizendium. ;) Durova³²⁰ 21:27, 30 September 2009 (UTC)

One could joke that with all the scrapers, etcetera out there, Wikipedia's all forked up already... *grin, duck.. RUN!* SirFozzie (talk) 21:35, 30 September 2009 (UTC)

Yes we can. Merely requires Foundation level policy change, that's all. Nothing major. :) (as I said, fork, or something equally disruptive, so telling me to fork isn't exactly a novel criticism). How badly do you want the socking problem solved? This solves it. You may not like the side effects but it solves it. Cold. ++Lar: t/c 21:38, 30 September 2009 (UTC)

Merely? Um, remember a certain someone who gained CU at WikiQuote last year? A fiftysomething fellow who impersonated a twentysomething woman...are you planning to bankroll the necessary staff to improve upon the credentials checks? This site currently has over 10 million accounts and WMF operates hundreds of websites. Durova³²⁰ 21:50, 30 September 2009 (UTC)

That's right, merely. I don't see the need to bankroll anyone to do anything. Just find the right org to partner with and leverage their already existing verification infrastructure. We're big enough that the branding from doing that would be payment enough. I bet a well written proposal to Google, or Amazon, (or half a dozen other outfits that validate real names) would work.

How badly do you want this problem solved? For more on this, see my blog with search label Anonymity But please realise that I'm not advocating this as a practical proposal. Merely as a proposal that definitely solves the socking problem. Regardless of other factors. Any other proposal has to be measured against this one.... does it solve the socking problem this well? If not this well, what are the benefits? ++Lar: t/c 22:06, 30 September 2009 (UTC)

You lost me, we have to compare all proposals against one that is not necessarily practical?--Tznkai (talk) 22:08, 30 September 2009 (UTC)

YOU don't, unless you want to. But it's a useful metric nevertheless. This proposal solves socking, cold, except for a very very small residue (people with enough resources to fake identity sufficient to pass "Amazon.com level" identity validation and enough motivation to do it in order to sock here). Other proposals can be measured against it to see if their not solving socking as well is outweighed by their increased practicality. Or not, as you like. As an avowed technocrat (or technocrat-wannabe) I'd expect you to get that idea. ++Lar: t/c 22:16, 30 September 2009 (UTC)

Generally speaking, I find it more useful to compare amongst all viable proposals, rather than against impractical thought experiments, thus my confusion.--Tznkai (talk) 22:28, 30 September 2009 (UTC)

Additionally, and just so we're clear, don't those orgs verify based on financial information? That seems to create an unintentional limitation from "everyone willing to sign up" to "everyone willing to sign up that is also participating in a particular chunk of the economy" Perhaps I missed something?--Tznkai (talk) 22:11, 30 September 2009 (UTC)

Yep. Not seeing that as a serious limitation. ++Lar: t/c 22:16, 30 September 2009 (UTC)

I don't have the numbers to prove it, but my suspicion is that subgroup of people are going to be disproportionately middle class to affluent, American, and white (granted, I'm sure Wikipedia is already, but that might make it worse) Not to mention I'm not sure if I'm comfortable with segmenting off people who have excellent reasons for not wanting to have or expose their financial information. --Tznkai (talk) 22:28, 30 September 2009 (UTC)

Not seeing either of those as a serious limitation either. How badly do you want to edit here? How badly does the project want to solve the socking problem. These are mere side effects. :) If you're unwilling to trust Amazon with your data, you don't shop there. If you're unwilling to trust the WMF with your data (and by extension Amazon or whoever) you don't edit here. ++Lar: t/c 22:34, 30 September 2009 (UTC)

On that point, I'm not sure if selecting for people who really want to edit is a good way to do it. Casual editors are not the problem. As to the rest, I DO think its dubious to talk about using financial verification as even a theoretical benchmark with how it prevents participation outside of the class of people with such access. That should seem a non trivial cost, on face.--Tznkai (talk) 01:40, 1 October 2009 (UTC)

(various ec's) Its likelihood of solving the socking problem is dubious. Substitute various concessions that the 'right org to partner with' would demand and two forms of identity theft: sockpuppeteers who impersonate other people and untrustworthy verification staff members themselves. I still wonder what would pay their salaries. Advertising? Scalability is impractical, and some of our most valuable editors who contribute good content to sensitive subjects would likely depart. Would older accounts get grandfathered in? My inner troll Hamlet chuckles at the fun that 4chan would have overwhelming a modestly sized verification staff. Durova³²⁰ 22:17, 30 September 2009 (UTC)

I'm pretty sure it solves it except for a very small residue. I do not see Amazon, or Google, as all that easy to spoof. Maybe you or Jehochman have more hard data, mine is observational, so I might be wrong but I doubt it. As to this salary thing: I don't know how Amazon does their verification but I am 99.999% sure it doesn't involve anyone actually looking at anything, it's all automated. Ditto Google. The salary you pay is whoever developed the code that connects WMF to Google. This proposal may not be practical. It's not really intended to be practical. It was never put forward as a practical proposal (at this stage of the project lifecycle for WMF as a whole). But it would work. It's a benchmark you can measure practical proposals against, how close to this reduction do they come for how much less cost (I mean organizational cost, the implementation cost done properly is low). All THAT said, should I ever find myself an accidental billionaire (who wants to be only a centimillionaire by blowing lots of money on things) and I was funding son of WMF, a complete startover, real names would be required. At least. ++Lar: t/c 22:30, 30 September 2009 (UTC)

It isn't intended to be a practical proposal or a serious one, but you contend it would work? Straddling the fence is uncomfortable. Especially for men. Smirk. Durova³²⁰ 22:37, 30 September 2009 (UTC)

It would technically work. It's actually not technically all that hard to implement. However if you've been a techie (or around techies) as long as you or I have been, you know that something working from a technical perspective doesn't mean it's actually a practical idea. If it was practical to change WMF culture to the point where this proposal would be socially implementable, it would be a practical proposal. But it's not practical to change WMF culture to that point. So it's not a serious proposal in the sense of "we should go implement this right now!" But it's a workable proposal technically that you can measure other proposals against. (You could instead measure other proposals against "what if we asked God to make sure there was no socking at all" but that proposal isn't implementable technically... (think of the user interface design problem!) this one at least is technically possible...) ++Lar: t/c 22:47, 30 September 2009 (UTC)

Hard problem

Identity on the net is a hard problem. It's the topic of much current research and investment. IP reputation is another avenue to explore. Wikipedia is a treasure trove of data. We probably could get some solutions if we made our publicly available data available as a set of feeds. For instance, if I am a bank, I'd love to get a real timre report from Wikipedia about open proxies discovered on particular IPs. One thing I don't want, as a bank, is people trying to login from open proxies! Jehochman ^Talk 22:21, 30 September 2009 (UTC)

By the way, when I explained how we identify open proxies to one of the high level Google guys, his eyes lit up because we are able to do some things that Google can't do. Jehochman ^Talk 22:22, 30 September 2009 (UTC)

One thought, regarding RfAdmin and discouraging socks..

I think that if we made it clear.. "You run for administrator, and you will be checkusered mercilessly and if anything is found, you will be questioned privately, and if no good explanation is given, the results of the checkuser will be made public.. (ie, AdminCandidateX is LIKELY EvilSockmasterY, per results of checkuser.)", it would be a good dis-incentive for alternate account folks seeking the mop. It probably wouldn't catch any of the SMART sockmasters, but it's at least an additional step they would have to take. SirFozzie (talk) 22:47, 30 September 2009 (UTC)

Works for me. So does DGG's proposal that if you want to be an admin, real name required. However the current validation infrastructure won't scale. Say, did I mention I know of another way to validate real names that scales? ++Lar: t/c 22:55, 30 September 2009 (UTC)

Comparing different cases

Just picking up on a point made by Karanacs: "There have been several high-profile cases recently where abusive sockpuppets of vested contributors have been discovered and no real sanctions have been imposed (I don't consider desysopping to be much of a sanction). Making exceptions to the rules for some people while throwing the book at others is a great way to confuse everyone." My view is that if you look in detail at each case, you will discover reasons why the results differed. Consider the following cases of socking or block evasion: (i) Creating a new account while still under ArbCom sanctioned block of x months; (ii) Creating a new account while still under an (indefinite) community ban; (iii) Running for RFA with an account without disclosing past accounts; (iv) Running for RFA with an account without disclosing past ArbCom sanctions; (v) Running for ArbCom with an account without disclosing past accounts and sanctions; (vi) An admin running an alternate account in parallel with a main account, breaching policies, but not under any ArbCom sanctions; (vii) Running an alternate account that is breaching policies while still having access to an account with access to advanced tools (i.e. functionary-level tools); and so on and so on (those are only the examples I can remember). The point here is that in each case the circumstances were different. That is why the results were different in each case. The factors seem largely to be the degree of evasion of previous community bans or ArbCom sanctions (if any), and returning things to the status quo in terms of tools being removed (admin and functionary bits), and also some degree of consideration of the amount of trust abused by the actions of the party in question. It is difficult to compare specific examples without getting dragged into fresh arguments over the specifics of individual cases. It needs someone objective to lay out all the different examples and compare them using certain criteria. There are plenty of examples of socking and desysoppings to work with from this year. Carcharoth (talk) 23:37, 30 September 2009 (UTC)

I suggest that this is not an accurate view as to why the cases are different. Permit me an alternative explanation - a. "Creating a new account if you inform your 'trusted' 'senior' wikifriends" or b. "Creating a new account if you don't inform your 'trusted' 'senior' wikifriends." Please evaluate if the outcomes of the various cases you can think of line up more clearly on those axises. Thanks! Hipocrite (talk) 12:30, 1 October 2009 (UTC)

This is very difficult to read

I believe the policy regarding sock accounts needs to be clear. If arbitrators are not clear, then how can the community be[1]? I am flummoxed. Regards, —mattisse (Talk) 23:49, 30 September 2009 (UTC)

Alanyst

 CheckUser is not magic pixie dust ... Don't count on it to get you answers every time or to prevent a fairly large number of different sorts of abuse. It's just not up to it. Further, I fear that, like penecillin, overuse will make it even less effective. ++Lar: t/c 10:28, 1 October 2009 (UTC)

Not that kind of checkuser. I meant "checkuser" as in "trusted person with the role of checkuser (or similar)" rather than "techniques used to identify socks". I don't think my idea depends on the use of checkuser techniques any more than the status quo does. alanyst ^/talk/ 13:43, 1 October 2009 (UTC)

OK, so a role expansion then rather than relying on a fallible technical ability. Thanks. It's an interesting idea and worth further exploration. ++Lar: t/c 14:17, 3 October 2009 (UTC)