Dear Colleagues at the Foundation
I just came across an artecle called "White Africans of European ancestry".
What is that even supposed to mean? Who would be any other "white people"
if not of Europen ancestry? What other white people (yes, WP has a
definition of "white people" could these be? Especially as it already says
on the talk page that Arabs don't count.
When we have 'white people' creating every conceivable article about 'white
people', but we have no 'Khoi' people writing about 'Khoi people, then we
can't call the WP an encyclopaedia. But them the rules do say - somewhere -
that "just because ...". And those "just because" rules are all over the
place - you can't use what was done in one case to justify another similar
case because someone is bound to throw a "just because" rule at you. But
the "just because ..." rule applies only when it is convenient - the
corollary of the "just because .." is "I know more rules and tricks than
you and I will win this/ I will not allow you to have your way even if I
have to break all the rules and make new ones as I go along".
So, "just because" there isn't an artice about "Khoi people living in
Denmark" is no reason to not have an article about "White Europens of
Europen descent livng in Patagonia" or "White Europens of Europen descent
livng in Timbaktu". We have allowed ourselves to fall victim of the digital
divide - the Khoi don't have computers and internet, white Europeans do.
That is not an encyclopaedia.
Why don't we have a page on "Black Americans of African ancestry"?
Or "Black Europeans of African ancestry"? Strangely enough, type "Black
African" and you get redirected to Black people, BUT the redirect actually
takes you all the way down to Africa - yes, the article on Black people
does not start with Africa, but with the United States, then Brazil ....
Like I said, When we have 'white people' creating every conceivable article
about 'white people', but we have no 'Khoi' people writing about 'Khoi
people, ...
The same goes for the so-called "Biographies of Living People". I had my
first clash on WP on the issue of the "dual nationality" of Nelly Furtado.
Two hundred million people see her as Portuguese, three - yes, 3 - editors
disagree and BRAG they will NEVER ALLOW it. The rationale changes, as can
be seen from the talk pages and archives. They go as far as 'challenging'
editors that NF sees herself as Portuguese, to then dismiss all the
evidence as not good enough - even Nelly HERSELF saying she is PORTUGESE
was thrown out! Why? Obvious! She doesn't count, she is not a NEUTRAL
source!!!!!!!!!!! We have become a joke!
How about being constructive?
If we can come up with every conceivable script in the world, why has
nobody come up with a script for controversial articles that would appear
on the the edit page - like the script that says the article is protected -
ALERTING unsuspecting editors to the fact that said article is cotroversial
for xand y reason, and that if the edit the editor is about to do falls
under that theme, to please first read the talk page, with a direct link
ALSO to an explanation on BLP and the issue of ethnic background/ present
nationality. It would save lots of wasted time and effort and the three
editors who spend sleepless nights reverting the artcile might actually do
something constructive for a change.
In closing, of the nine people featured in photos on that page, I know
(have met 5) and correspond with 2 - I can guarantee that all five of them
(and most likley all 9 [or the descendents of those no longer with us])
would object to being featured in such a racist article.
I will write to them about this. I know that each one is not a valid source
about him/ herself and therefore them objecting will probably not count.
Just as an side, in case you didn't know, the census in Brazil is done on
the basis of how people see themselves - white, back, green, pink - and
then we carry those figures here in the WP. Ah, sorry, those figures are
credible, because they come from the CIA fact book, people speaking for
themselves are not.
Best regards,
Rui
--
Rui Correia
Advocacy, Human Rights, Media and Language Consultant
--
_________________________
Rui Correia
Advocacy, Human Rights, Media and Language Work Consultant
Bridge to Angola - Angola Liaison Consultant
Mobile Number in South Africa +27 74 425 4186
Número de Telemóvel na África do Sul +27 74 425 4186
_______________
Why not make the visual editor the default with opt-out for 5% of
newly registered editors and anonymous IP page loads, and opt-in for
everyone else until there is evidence that it is not decreasing the
number of edits?
Marc A. Pelletier wrote:
>...
> A minor random increase of size in document wouldn't even slow
> down [fingerprinting.]
That's absolutely false. The last time I measured the sizes of all
9,625 vital articles, there was only one at the median length of
30,356 bytes but four articles up to 50 bytes larger. Scale that up to
4,300,000 articles, and are you suggesting anyone is seriously going
to try fingerprinting secondary characteristics for buckets of 560
articles? It would not only slow them down, it would make their false
positive rate useless.
This is why we need cryptography experts instead of laypeople making
probabilistic inferences on Boolean predicates.
Marc, I note that you have recommending not keeping the Perl CPAN
modules up to date on Wikimedia Labs:
http://www.mediawiki.org/w/index.php?title=Wikimedia_Labs/Tool_Labs/Needed_…
saying that out of date packages are the "best tested" when in fact
almost all CPAN packages have their own unit tests. That sort of
reasoning is certain to allow known security vulnerabilities to
persist when they could easily be avoided.
Anthony wrote:
>
> How much padding is already inherent in HTTPS?
None, which is why Ryan's Google Maps fingerprinting example works.
>... Seems to me that any amount of padding is going to give little
> bang for the buck....
Again, can we please procure expert opinions instead of relying on the
existing pool of volunteer and staff opinions, especially when there
is so much FUD prevalent discouraging the kinds of encryption which
would most likely strengthen privacy?
All,
The developer team at Wikimedia is making some changes to how accounts
work, as part of our on-going efforts to provide new and better tools
for our users (like cross-wiki notifications). These changes will mean
users have the same account name everywhere, will let us give you new
features that will help you edit & discuss better, and will allow more
flexible user permissions for tools. One of the pre-conditions for
this is that user accounts will now have to be unique across all 900
Wikimedia wikis.[0]
Unfortunately, some accounts are currently not unique across all our
wikis, but instead clash with other users who have the same account
name. To make sure that all of these users can use Wikimedia's wikis
in future, we will be renaming a number of accounts to have "~” and
the name of their wiki added to the end of their accounts' name. This
change will take place on or around 27 May. For example, a user called
“Example” on the Swedish Wiktionary who will be renamed would become
“Example~svwiktionary”.
All accounts will still work as before, and will continue to be
credited for all their edits made so far. However, users with renamed
accounts (whom we will be contacting individually) will have to use
the new account name when they log in.
It will now only be possible for accounts to be renamed globally; the
RenameUser tool will no longer work on a local basis - since all
accounts must be globally unique - therefore it will be withdrawn from
bureaucrats' tool sets. It will still be possible for users to ask on
Meta for their account to be renamed further, if they do not like
their new user name, once this takes place.
A copy of this note is posted to meta [1] for translation. Please
forward this to your local communities, and help get it translated.
Individuals who are affected will be notified via talk page and e-mail
notices nearer the time.
[0] - https://meta.wikimedia.org/wiki/Help:Unified_login
[1] - https://meta.wikimedia.org/wiki/Single_User_Login_finalisation_announcement
Yours,
--
James D. Forrester
Product Manager, VisualEditor
Wikimedia Foundation, Inc.
jforrester(a)wikimedia.org | @jdforrester
Hi,
I posted research about the factors that may impact English Wikipedia Did
You Know article traffic on the day. Because the research is a bit long,
a copy of it can be found at
http://meta.wikimedia.org/wiki/Research:Anatomy_of_English_Wikipedia_Did_Yo…
Summary: This research examines the traffic of 544 English Wikipedia Did
You Knows to try to determine which variables play a role in the
determining the number of page views an article will get on the day. It
largely concludes that the number of dependent and independent variables
make it to difficult to isolate specific reasons why one type of article
performs better than another, though there are some general time and topics
that will likely result in greater views.
Any feedback is appreciated either here, on the research talk page or
privately.
Sincerely,
Laura Hale
--
twitter: purplepopple
blog: ozziesport.com
http://www.technologyreview.com/news/517781/math-advances-raise-the-prospec…
is another example of a very highly placed secondary news source casting
fear, uncertainty, and doubt on the value of industry-standard encryption
practices which is not only based on the unchecked alleged reliability mere
primary sources, but on such sources who willingly refer to themselves as
"black hats," meaning malicious actors.
That is preposterousness.
Elliptic curve-based cryptography is profoundly secure and has been
considered such ever since it came into vogue in the 1980s and well before
its predecessors were exposed as flawed.
Although some mathematicians have suggested that they are not completely
invulnerable to advances in quantum computing, the discrete logarithm
problem and elliptic curve-based trapdoor functions are both completely
impenetrable to any currently known applications of qubit-based attacks.
Shame on those who promulgate such FUD.
Marc A. Pelletier wrote:
>...
>> http://www.ieee-security.org/TC/SP2012/papers/4681a332.pdf
>...
> have you actually /read/ that paper?
Of course I have. Have you read the conclusions at the bottom right of page
344? What kind of an adversary trying to infer our readers' article
selections is going to be able to use accuracy 10% better than a coin flip?
The National Pointless Trial Attorney's Employment Security Agency?
>... random padding without (at least) pipelining and
> placards *is* worthless to protect against traffic analysis
No, that is not true, and
http://www.ieee-security.org/TC/SP2012/papers/4681a332.pdf
explains why. Padding makes it difficult but not impossible to distinguish
between two HTTPS destinations. 4,300,000 destinations is right out.
> since any reliable method to do it would be necessarily robust
> against deviation in size....
That's like saying any reliable method to solve satisfiability in
polynomial time would be necessarily robust against variations in the
number of terms per expression. It's not even wrong.
When is the Foundation going to obtain the expertise to protect readers
living under regimes which completely forbid HTTPS access to Wikipedia,
like China? I suppose I better put that bug about steganography for the
surveillance triggers from TOM-Skype in bugzilla. I wish that could have
happened before everyone goes to Hong Kong.
George William Herbert wrote:
>...
> It would also not be much more effort or customer impact
> to pad to the next larger 1k size for a random large fraction
> of transmissions.
Padding each transmission with a random number of bytes, up to say 50
or 100, might provide a greater defense against fingerprinting while
saving massive amounts of bandwidth.
>... At some point the ops team would need a security team,
> an IDS team, and a counterintelligence team to watch the
> other teams, and I don't know if the Foundation cares that
> much or would find operating that way to be a more
> comfortable moral and practical stance...
I'm absolutely sure that they do care enough to get it right, but I
think that approach might be overkill. Just one or two cryptology
experts to make the transition to HTTPS, PFS, and whatever padding is
prudent would really help. I also hope that, if there is an effort to
spread disinformation about the value of such techniques, that the
Foundation might consider joining with e.g. the EFF to help fight it.
I think it's likely that a single cryptology consultant would probably
be able to make great progress in both. Getting cryptography right
isn't so much as a time-intensive task as it is sensitive to
experience and training.
Setting up and monitoring with ongoing auditing can often be
automated, but does require the continued attention of at least one
highly skilled expert, and preferably more than one in case the first
one gets hit by a bus.