[Foundation-l] should not web server logs (of requests) be published?

[FastLizard4]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My reply inline with quoted message.

dinar qorbanof wrote:
> i have said "as i know it is used to make some anonymousity of ip
> address in russian providers", it is "as i think", i think that
> probably they intentionally use dynamic ip for some anonymousity,
> partially just to connect many people through few ip-addresses. i have
> said "but that was because
> of shortage of ipv4 addresses". but if it is made for anonymousity,
> that can be made also with ipv6.

Here in the U.S., ISPs keep records of who used what IP address at what
time.  So, let's say that I had a dynamic IP address that changed every
day.  If I got arrested and the courts ordered my ISP to give them a
list of IP addresses I have used in the last month, they would do so,
complete with the times I used each IP address.  At least here in the
U.S., dynamic IPs aren't used for anonymity, but simply because there
aren't enough IPv4 addresses left.

> Huib Laurens has said "Its againt the privacy poliicy to publish logs
> like that" and FastLizard4 has said "The Wikimedia Foundation believes
> otherwise.  Take a look at their Privacy Policy".
> these arguments are not very correct, because i say about changing
> that privacy policy itself, and am not i talking to wikimedia
> foundation?

No, you aren't.  You're talking to a mailing list of people interested
in Foundation affairs.  You'll find that most of the people posting to
this list, including myself, are simply volunteer Wikipedia editors
interested in what's going on in the WMF.  There are a few WMF staffers
that subscribe to this list, but this isn't the appropriate place for
requesting a change to the Privacy Policy, and I don't know where that
place is.  And, as I have said, it is *extremely* unlikely that the
Privacy Policy will be changed.  But, I believe to actually propose the
change, you need to go to
<http://meta.wikimedia.org/wiki/Talk:Privacy_policy>.

> FastLizard4 has said:
>> some
>> people are understandably quite frankly scared by the idea of
>> broadcasting their IP address to the world, since very often, rather
>> accurate details about the location - amongst other things - of the user
>> can be found from checking the IP address.
> i think, that is quite secure for them, if only their town or region
> is found.

Although I am no longer really this way, for a few years as a Wikipedia
editor, when I was more active, I certainly didn't want people to know
what city I lived in.  I live in a very small one, and there's probably
twelve or less Wikipedia editors that live there.  Many editors
(especially administrators) have had threats of violence made against
them; all the more reason to keep your IP address secret to ensure one
less way for people to find out where you live.

Besides, the aim with keeping IP addresses confidential is not to be
convenient to people who want access to server logs, but to take
reasonable measures to protect users' privacy.  Why should we even take
the risk of putting lists of IP addresses from server logs out in the
public?

> how many people think so?

You're missing the central point here: the fact that *some* editors do
believe that their IP address should be kept confidential means that IP
address info will be kept confidential for *all* users - it's simply too
much trouble to cherry-pick IPs that want and do not want to be kept
confidential; it's far easier (and makes the Foundation far less liable)
if they just keep all IPs secret.  This is why the process for checking
the IP addresses of registered users is so complex and checked
<http://en.wikipedia.org/wiki/Wikipedia:CheckUser> - and even then, the
actual IP addresses are never given to anyone.

> how many people have one ip address for a family (home) or even
> personal ip (if it is personal modem of gprs/edge/3g for personal
> notebook)?

I'm not exactly sure what you're asking here, but if I do understand you
correctly, almost everyone here in the U.S. has only one external IP
address per household.  Most families only need (and can afford) one
Internet connection, hence one IP address.  The only exceptions, I'd
imagine, are people that run servers.  Hence why I have two IP addresses
I use primarily - my home, and my server.

> may be they should use proxy
>
> FastLizard4 has said:
>> As for open proxies for editing, they are generally
>> disallowed from editing.
> i had not known about that. i want to check that.

http://en.wikipedia.org/wiki/Wikipedia:PROXY (Other WMF wikis may have
different policies on the matter, but the English Wikipedia's is pretty
common, I believe.)

> ...or ask their provider to make anonymous ip for them?

Some ISPs here in the U.S., such as AOL, do use anonymizing proxies
normally, but many (including AOL) have agreements with the WMF in which
the ISP will send X-Forwarded-For headers, which contain the original
user's IP address; XFF headers, if present and approved for use by the
WMF, are used instead of the external IP as seen by the servers.  And,
as far as I know, in the U.S., requesting an anonymous IP from your ISP
is not a request a user can make.

And, besides, what are we going to do?  Put up a banner on top of every
WMF website saying "Hey, we're releasing your IP address information to
people!  If you don't like this, go call your ISP to get an anonymous IP
address!"  Half the people visiting probably don't even know what an IP
address is, and in this case, not knowing about it doesn't make it any
less dangerous to your privacy.

> Huib Laurens has said:
>> there is
>> really no good reason given why people should see al the ip
>> information for all visitors on a wiki
> what about opening ips not of all wikipedias, but of only several
> language subdomains?

Subdomains are also covered under the WMF Privacy Policy, so it's really
a moot point.  But, what exactly would you do with the IP address logs
for a few subdomains, as opposed to the entire Wikimedia farm?
- --
- --FastLizard4 (http://en.wikipedia.org/wiki/User:FastLizard4)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFM8kHtIUvvVwjDo7YRAjCwAJ4x95sEBCJtELPZzkhSTFWHzQL61wCeNVhw
9d8z49psxQJtVok0LpsRLOs=
=sX/O
-----END PGP SIGNATURE-----