Talk:Requests for comment/Poetlister and Cato
First replies
edit(Moved from main page)
Thank you for this report, FT. I'd like to add one point. You suggested that the sockring was first noticed in 2007, but it was in fact uncovered in November or December 2005, which is when David Gerard first blocked Rachel Brown for socking. The person behind the accounts then started campaigning against the admins he suspected were behind his exposure. I was one of them, and it made me a major target on the newly formed Wikipedia Review. BlissyU2/Zordrac took up Poetlister's case, and the two of them, together with the neo-Nazi founder, did their best, with a great deal of success, to turn my name into mud, because they thought I was behind the block. Poetlister was also responsible for trying to out me on WR, which Guy on WR (who was also obviously Poetlister) confirmed, and which Daniel Brandt confirmed again today.
It was only because some ArbCom members took up Poetlister/RachelBrown's cause that the man behind the Poetlister accounts was able to continue doing damage, and I'm thinking specifically here of Charles Matthews and FloNight. Charles and FloNight unblocked Poetlister (now called Quillercouch, for some reason) [1] and FloNight supported Poetlister as bureaucrat on Wikiquote, where Poetlister also had a checkuser account. Charles and FloNight did this despite the fact that it was obvious the accounts were run by the same person: prior to discovering proxies, they had all used the same IP address both to post to WP and to e-mail people from (with Hotmail accounts, which exposed the address). The ArbCom was aware of this, or at least the longer term members were. They were also aware of Poetlister's involvement in outing and attacking WP editors, yet apparently this wasn't serious enough to warrant a block. Not one member of the ArbCom e-mailed me before Poetlister was unblocked to ask for my views, or even to give me the heads-up. I recall FloNight resigning as an editor once because a similar thing happened with another WR member, but now she actively campaigns to have someone unblocked without so much as a note to that person's targets.
It's important not to whitewash the involvement of ArbCom members in this, because ArbCom's support of this person has caused a number of editors, myself included, very real distress, and serious real-life consequences. An apparent "trap" was recently set on Wikiquote, for example, in order to obtain IP addresses; I won't say more here because I don't know whether the person targeted wants to be discussed. My point is that this was a case of AGF run wild, but it was AGF only of the troublemaker, not of the regular editors he had targeted and outed. That is the real scandal here, in my view, and I hope lessons are learned from it at last, because it's not the first time it has happened.
Having said that, a big thank you to everyone involved in investigating this, including those members of the ArbCom who took part in it. SlimVirgin (talk) 09:08, 6 September 2008 (UTC)
- As a brief summary, it's enough as background for others to know the sock ruing was formally banned in 2007. The prior history doesn't matter so much.
- If you read the 2008 unblock post, you'll find your hypothesis is badly mistaken. Poetlister was unblocked despite being a proven past sock user, on the hope of change following good work on wikiquote, not because of some shady conspiracy. We all knew there had been abuse a year before. Even so, it was the consensus (partly allowing for communal mood), and not just one or two arbitrators, leading to a trial unblock, and a chance based on good work, and to see if it might have changed. FT2 (Talk | email) 09:23, 6 September 2008 (UTC)
- FT, the prior history matters a great deal. It is thanks to certain ArbCom members that this happened, because it had all been wrapped up in December 2005. If ArbCom members had just left it alone, it probably wouldn't have developed. I think it's important to bear this in mind, because the culture of assuming good faith in troublemakers, but to hell with regular editors, has gone way, way too far. I appreciate that some members of the ArbCom have acted extremely well here (you, for example), but some of them actively facilitated what went on, so please let's not try to whitewash it. SlimVirgin (talk) 09:49, 6 September 2008 (UTC)
- Not for this it doesn't. We aren't reopening 2005-06 here, nor are we discussing whether some historic 2005 event needs a place in the history books either. Sorry. The issue here is "direct relevance to this specific set of actions". Sorry, no. FT2 (Talk | email) 10:05, 6 September 2008 (UTC)
- FT, the prior history matters a great deal. It is thanks to certain ArbCom members that this happened, because it had all been wrapped up in December 2005. If ArbCom members had just left it alone, it probably wouldn't have developed. I think it's important to bear this in mind, because the culture of assuming good faith in troublemakers, but to hell with regular editors, has gone way, way too far. I appreciate that some members of the ArbCom have acted extremely well here (you, for example), but some of them actively facilitated what went on, so please let's not try to whitewash it. SlimVirgin (talk) 09:49, 6 September 2008 (UTC)
- FT, with respect, why do you feel it's for you to decide what this case is about? SlimVirgin (talk) 11:13, 6 September 2008 (UTC)
- Sorry SlimVirgin, much as it pain you, this incident actually isn't all about you. Giggy 10:54, 6 September 2008 (UTC)
- One of the issues this is about is why some arbitrators felt it was fine to unblock, support, and help to promote someone who had completely trashed another editor, outed her, and seriously affected her life; who had wildly sockpuppeted; who was clearly using fake photographs of other women; who administered an attack site; who had strongly supported the original neo-Nazi founder of that site; who suggested I myself was a neo-Nazi pretending to be a Jew; and who had faked an admin account on WP. All this was known to FloNight. That is a serious issue, in my view. If there's a lesson to be learned from this, it's that, if you sweep these things under the carpet, all you do is delay the day when they come out. You don't stop it. SlimVirgin (talk) 11:13, 6 September 2008 (UTC)
- Give it a fucking rest! Your constant forum shopping for drama is beyond tired. Just go away already! --Dragon695 11:28, 6 September 2008 (UTC)
- You've been following me around with this obvious sockpuppet account for months doing nothing but attack, attack. No edits since June 2006, then suddenly you turn up again in 2008. This is your IP address, and this piece of vandalism is an example of your editing. Quit being such a foul-mouthed coward; say who are you or back off. SlimVirgin (talk) 11:40, 6 September 2008 (UTC)
- Um, the university I attend has its wireless network behind a firewall. That could be any one of 35,000 students. Yes, I have been following this discussion and your involvement is terribly unhelpful. I assure you that I am no sockpuppet. So quit your drama-mongering. --Dragon695 11:47, 6 September 2008 (UTC)
- The pseudonymous Dragon 695 wrote, "Really, OTRS needs to just be a recording that says "go away" or "fix your entry if you don't like it." I think it is totally ridiculous just how much the 'pedia has gotten into busybody meta about how things affect real world people."[2]
- Um, no.Proabivouac 11:51, 6 September 2008 (UTC)
- Um, yes. Far too many people try to use OTRS to game the system to remove accurate and verifiable information from the project. However, it seems that OTRS has increased their diligence in detecting bullshit requests, so I am feeling somewhat different from what I did at the time. Anyways, this is not the point, this is a serious matter which SlimVirgin should not be trying to use to her own ends. --Dragon695 12:17, 6 September 2008 (UTC)
- Not that it matters, since poetlister lied, but I am not psuedoanonymous. My information is on my en-wp user page, for what little it is worth. --Dragon695 12:20, 6 September 2008 (UTC)
- Um, yes. Far too many people try to use OTRS to game the system to remove accurate and verifiable information from the project. However, it seems that OTRS has increased their diligence in detecting bullshit requests, so I am feeling somewhat different from what I did at the time. Anyways, this is not the point, this is a serious matter which SlimVirgin should not be trying to use to her own ends. --Dragon695 12:17, 6 September 2008 (UTC)
(moved from main page, since she is not the part of this investigation as far as I know; if she is, please feel free to back to main page)
When Poetlister, Runcorn, etc. were banned from English Wikipedia last year it was foreseeable that well-meaning editors would have difficulty believing the conclusion was correct. Naturally there was need to be discreet and avoid posting details onsite. I stepped forward then because I was one of the few people who knew something and was free to talk: the portion I had been involved in had been gleaned entirely from public edit histories. If there's one thing to be learned moving forward it's the need to improve cross-project communication. Best wishes to the editors of Wikiquote at this difficult time. Durova 12:01, 6 September 2008 (UTC)
- You might want to provide a link to that for reference, as not everyone here follows en:wp doings closely... FT2 brought this here because of the crosswilki implications, I'm sure. ++Lar: t/c 13:47, 6 September 2008 (UTC)
- If anyone specifically asks for it, sure. I'm not so much interested in rehashing the past as in seeing how we can prevent something like this from happening again. It's unlikely that anyone who watches this closely would want to repeat my decision: I stepped forward with the intention of being available to answer questions and reduce the chance of further exploitation. That didn't actually help Wikiquote, it turned out, but it did make me hated by the PL sockfarm at WR. People who had better ops could confer with each other to some extent, but not so much with the communities at large. There ought to be a way around the Catch-22. Durova 22:09, 6 September 2008 (UTC)
- You might want to provide a link to that for reference, as not everyone here follows en:wp doings closely... FT2 brought this here because of the crosswilki implications, I'm sure. ++Lar: t/c 13:47, 6 September 2008 (UTC)
- The original Runcorn saga really knocked my socks off when it was first revealed. Unfortunately I cannot say that this latest twist makes me feel any better. However I would like to offer my thanks to everyone who has obviously spent so much time digging into this ... our own nightmarish version of the never-ending-story. Kudos to all! --Kralizec! 13:38, 6 September 2008 (UTC)
I'm inclined at this time to, uncharacteristically for myself, cut SlimVirgin a huge degree of slack for the simple fact that, in the specific issue of the ongoing behavior of this sockpuppet farm, she has been right all along, while many others (including myself) have been wrong. I consider admitting one's own mistakes to be a desirable attribute to have, and here I was highly mistaken when I let my sympathies for the "dissident faction" and my dislike of certain on-wiki cliques lead me to accept uncritically the meme that Poetlister/etc. was unjustly banned and that the other associated usernames were merely a group of friends unfairly accused of sockpuppetry. I was wrong there, and am one of a large group of people who need to eat some crow now. On the other hand, this slack and crow-eating will only go so far... I hope Slim can manage to dial back the drama a bit and not try to push things into areas where it's still not clear that she's right and everybody else is wrong, such as labeling people "Nazis" (shades of Godwin's Law) and once again pushing the BADSITES meme by adding "administering an attack site" to the litany of charges against the sockpuppeteer. This is unnecessary; there are now plenty of valid reasons to regard the person in question as abusive and worthy of banning, and even the "WR crowd" seems to be trending that way, as they too have been abused and played for fools by that person. For once, a lot of people in factions that are usually at one another's throats are in agreement on something; don't screw it up by trying to twist it around to a "Wikipedia vs. the Evil Attack Sites" war yet again. Dtobias 15:04, 6 September 2008 (UTC)
- Agreed; one of the outcomes I'm kind of hoping for is WR and WP/WM to slightly notice that shading the differences between them so black-and-white doesn't help either, and both may surprisingly have at least some interests in common (fanatics on both sides not withstanding). In this case "we're being abused by a sock-user" and "we probably ought to act ethically and not just take revenge by outing" are common interests. Both may benefit. Demonizing is unrealistic and unhelpful. There are at least some honorable people on each "side" and some who have been grossly misconstrued. (And some who just can't or won't, sadly.) Both sides have grown up somewhat. We probably won't resolve all the differences but some at least we might be able to manage something where it serves a common benefit. Just choose carefully and be prepared to step back without "flaming" if it doesnt work with someone. And avoid fanatics. FT2 (Talk | email) 15:41, 6 September 2008 (UTC)
- Oh, and another thing... Slim's statement that "if you sweep these things under the carpet, all you do is delay the day when they come out" is one I can wholeheartedly agree with, as it is one of the things underlining my own strong opposition to secrecy and censorship, which has led to many of the fervent stands I have taken (some of which have put me in opposition to Slim herself). Dtobias 15:19, 6 September 2008 (UTC)
- Thank you very much for your statement, Dan. That can't have been an easy thing to write. Durova 19:51, 6 September 2008 (UTC)
- Yes, thanks Dan. Paul August 20:00, 6 September 2008 (UTC)
- Dan, I feel that you have opened my eyes a bit and I begrudgingly admit that you have a point. Thank you, I'll withdraw from further discussing this now. --Dragon695 20:40, 6 September 2008 (UTC)
- Good idea.--MONGO 21:08, 6 September 2008 (UTC)
- Thanks for that, Dan. I have to credit WR for their response here. Georgewilliamherbert 22:35, 6 September 2008 (UTC)
- Good idea.--MONGO 21:08, 6 September 2008 (UTC)
- Thank you very much for your statement, Dan. That can't have been an easy thing to write. Durova 19:51, 6 September 2008 (UTC)
FYI, SV has provided an expanded version of her perspective on the issue [3]. Cla68 23:13, 7 September 2008 (UTC)
A bit of WR history (clarification on the "neo-nazi" thing)
editA site at proboards called "Wikipedia Review" was founded by Igor Alexander, who has been alleged by multiple people (not just SV and not just people connected to SV) to be a neo-nazi and specifically a holocaust denier. These allegations resulted in a somewhat acrimonious split between him and those in charge of the current Wikipedia Review site at wikipediareview.com. He has never had any role in the current WR site. —Random832 22:42, 6 September 2008 (UTC)
- I note only that BluAardvark was strongly involved with the site (his comments on Jews can be found in various places on the web, including in his "work" on Wikipedia) and that the guy who started the wikipediareview.com site, Zordrac/Blissyu2, is also a Holocaust denier. There is some small relevance here because of the Poetlister farm's interest in creating comprehensive lists of Jews of different types on Wikipedia, which rightly proved alarming to some of the Jewish editors on the site. I sympathise with SlimVirgin here, because she had this right from day one, and much of the purpose of Wikipedia Review, particularly in its early days, was to punish her for getting this right, and for being Jewish in general, and it has been genuinely distressing for her not to be protected by a project she has served in great measure--whether one agrees with her way of going about it or not, it would be churlish to ignore her good work. I'm astonished to see a contributor of good standing suggest that we should credit WR. Yeah right. Credit due for facilitating and encouraging what was quite clearly a sick person. I knew this the first time he emailed me. Are you seriously suggesting that they didn't? Dr Zen 02:02, 7 September 2008 (UTC)
- Poetlister & Co was a pro-Jewish sock ring, not anti. But mostly, just a sock ring. FT2 (Talk | email) 03:13, 7 September 2008 (UTC)
- How sure are we of that though? I mean, the entire identifying effort seems to be akin to antisemitic activity. Also, these earlier efforts to go after Slim led to the entire well documented anti-SlimVirgin meme that permeates WR still today. I cannot condemn those that were duped by Poetlister and his sockfarm, but people need to start using WR for more positive approaches and not continuing memes that are so very often completely erroneous.--MONGO 05:03, 7 September 2008 (UTC)
- Since the guy behind it all is Jewish himself, both of your opinions are looking pretty laughable right now. I've read people have issues with FT2 (I don't know him myself and haven't paid attention to that drama yet. It's been nowhere near as much as I've seen complaints about "Mongo" though (isn't that an anti-Downs syndrome epithet?)) but on this one he's right. I'm not going to link to the press release since it has his real name and I don't really agree that was needed to be revealed, but it was obvious who he was to anyone who looked at some of the edits anyway - I realised that when people who weren't in on things started talking about government statistics etc.
- How sure are we of that though? I mean, the entire identifying effort seems to be akin to antisemitic activity. Also, these earlier efforts to go after Slim led to the entire well documented anti-SlimVirgin meme that permeates WR still today. I cannot condemn those that were duped by Poetlister and his sockfarm, but people need to start using WR for more positive approaches and not continuing memes that are so very often completely erroneous.--MONGO 05:03, 7 September 2008 (UTC)
- Poetlister & Co was a pro-Jewish sock ring, not anti. But mostly, just a sock ring. FT2 (Talk | email) 03:13, 7 September 2008 (UTC)
- As for the SlimVirgin "meme", no amount of whitewashing will cover the corruption there, and calling anyone who disagrees anti-semitic or a nazi must be disgusting for those who have suffered from real abuse. And if you want to go and call me a "nazi" now, go ahead, anyone who knows anything about me knows that's not true, even Grace note (using his Dr Zen alias there). In fact I've been accused by nazis of the opposite, as you can see from this spittle-covered diatribe (I even get called "Super Defender of the Jews".... I guess anything even-handed is seen as totally biased to a nutter) --Selina
- Nope, MONGO was a character in the movie Blazing Saddles...I liked the name so used it. The complaints about me at the troll website you haunt known as Wikipedia Review range from factual to simply trolling...hopefully your IQ is high enough to be able to tell the difference. My involvement in Poetlister and sock comparative editing styles dates back several years and I hadn't kept up on the latest. The "corruption" you talk about is proof positive that you suffer from this very same group think lunacy that is pervasive at the troll website...but maybe if you and others can think outside your little walled gardens, you might be able to decode what is based on fact and what is based on fiction now.--MONGO 16:34, 7 September 2008 (UTC)
- But probably not...[4]--MONGO 16:43, 7 September 2008 (UTC)
- As for the SlimVirgin "meme", no amount of whitewashing will cover the corruption there, and calling anyone who disagrees anti-semitic or a nazi must be disgusting for those who have suffered from real abuse. And if you want to go and call me a "nazi" now, go ahead, anyone who knows anything about me knows that's not true, even Grace note (using his Dr Zen alias there). In fact I've been accused by nazis of the opposite, as you can see from this spittle-covered diatribe (I even get called "Super Defender of the Jews".... I guess anything even-handed is seen as totally biased to a nutter) --Selina
Temporary Checkuser loss?
editI figure I will be the bad guy and ask the question, since it seems other people were wondering this as well. I really don't want to cause any trouble but feel I need to ask. The loss of Checkuser access by PoetGuy (I'm just using this phrase I coined on WR rather than referring to the various individual names for ease of discussion--Poet for the principle WMF account, Guy for the principal WR account) under the WikiQuote Cato name has been called "temporary".
- Is the Foundation considering returning Checkuser access to this individual?
- Does the Foundation have final say on access to levels like Checkuser/Oversight access, a veto if you will, over local projects? rootology (T) 04:15, 7 September 2008 (UTC)
Good questions. I was wondering what the answer to #2 is myself, although I had assumed the answer to #1 was that it was up to the WQ community to they come to a consensus, and if it was to re-grant, make the request here at meta, and then up to the stewards to try to decide what policy applied (which is where my analysis broke down!). ++Lar: t/c 05:31, 7 September 2008 (UTC)
- Checkuser is an extension of the WMF Privacy policy and is within the purview of the Foundation. Granting of this permission is only with the agreement of the Foundation; stewards cannot proceed until such time as the Foundation states that the requirements have been met. While community agreement is required on many projects (including Wikiquote) in order for an editor's name to be put forward for access to this permission, that does not oblige the Foundation to grant it. It is the WMF that is liable for any privacy violations that may occur due to improper use of the privilege, not the individual project. I would recommend that the stewards have a discussion with the appropriate WMF representative specific to this question so that an action plan is in place, and that Cary Bass or another appropriate WMF representative notify the Wikiquote community in advance whether or not the Foundation considers the person behind these accounts to be a suitable candidate for reinstatement to checkuser access. Risker 05:48, 7 September 2008 (UTC)
- Thank you for your attention, but actually the Wikiquote community, not as a whole but through a member (that's me), was notified this issue before this request for comment opened. Cary Bass talked to me as Wikiquote CU and said it is the community issue if we recall Cato. I don't publish our whole talk since it contains sensible information, but if WMF reviewed is your concern, they did. Thanks. --Aphaia 05:54, 7 September 2008 (UTC)
- No need to make a problem where one didn't exist. Aphaia has known about this since July, and has been kept in the loop as best able. In an informal way she has acted for or represented the interests of the wikiquote community in the inquiry, and I have deferred to her wherever that's been relevant. My own focus has been to handle the actual investigation, being extremely familiar with the sock-user, which has the potential to impact a wide range of wiki* projects, and to ensure that when the time came, the people and communities who need to make decisions could make them well.
- Rather than assume what wikiquote will or won't do, I would rather simply do the clean-up. The Wikiquote community and WMF office both know the rough situation already. There is now a fair bit of evidence I have to collate for review (see above) following which Aphaia and Jeff Q will surely carefully form their own view what post to write for their community, and that's nobody's concern except their own. If they did wish Cato reinstated, that and any safeguards (if needed) for other projects would not be a matter for anyone except themselves and the WMF office (and possibly for steward-l), and I am sure they would not give any advice unless they truly felt knowing all the facts, that it was good.
- If this individual under any circumstances is reappointed a checkuser I will immediately resign. While Cato was pumping FT2 for technical details of how Poetlister was caught, he was also pretending to be a 14 year old boy asking the same questions of other users. Simply having an alternate account of a different name on another wiki is not necessarily a problem, but the deception involved in the Bedivere account is incompatible with the implicit trust that checkusers must have. If Wikiquote somehow decides to reinstate Cato and the Foundation loses its mind and accedes, I will immediately resign. Thatcher 12:59, 7 September 2008 (UTC)
- 99% chance Cato won't get reinstated, but even if he did, you resigning in a huff over this certainly wouldn't help anything. Majorly talk 13:13, 7 September 2008 (UTC)
- Not a huff, a matter of principle. If I thought any checkuser was behaving in a deliberately dishonest way, and after brining it to the attention of the appropriate people they shrugged and looked the other way, I would probably resign. I would not care to be associated with a position of such high trust if others were deliberately abusing that trust and getting away with it. Thatcher 13:42, 7 September 2008 (UTC)
- Not likely to bother anyone but I'd be likely to do the same as Thatcher. There is stuff I've not posted to the CU list since Cato has been on it because I'd had my doubts. --Herby talk thyme 14:38, 7 September 2008 (UTC)
- How long have you had these doubts for? Did you bring it up with another CU you trusted? Majorly talk 14:54, 7 September 2008 (UTC)
- He did bring them up with another CU he trusted. More importantly, why do you ask? Majorly, this is one of those times where you ought to ask yourself what you're trying to do before you speak. How is characterising Thatcher's statement of his concerns as "resigning in a huff" helpful? ++Lar: t/c 16:49, 7 September 2008 (UTC)
- I asked because since Cato was promoted in March, and it's taken 6 months to realise he was behind the accounts, I was wondering since Herby had suspected something, if he had brought his concerns up with others, instead of leaving it. I was merely wondering why it took so long. Majorly talk 17:05, 7 September 2008 (UTC)
- He did bring them up with another CU he trusted. More importantly, why do you ask? Majorly, this is one of those times where you ought to ask yourself what you're trying to do before you speak. How is characterising Thatcher's statement of his concerns as "resigning in a huff" helpful? ++Lar: t/c 16:49, 7 September 2008 (UTC)
- Long story which I don't have time for now. Well over a year ago I had some sympathy with PL & exchanged a number of mails over a period. As time went by my doubts increased and I ended the exchanges before the unblocking. PL mailed me asking me to support Cato as CU and I became very suspicious - those suspicions never went away (but then I am highly suspicious!). One or two other CUs were aware of my views. I'd see little point in continuing as a CU is Cato had access to the list I guess. --Herby talk thyme 15:06, 7 September 2008 (UTC)
- How long have you had these doubts for? Did you bring it up with another CU you trusted? Majorly talk 14:54, 7 September 2008 (UTC)
- I'd also just like to concur here with Thatcher. If Cato or whatever-his-name-is gets re-instated, and especially if he regains access to the checkuser mailing list, I'll also promptly resign on principle - Alison ❤ 17:56, 7 September 2008 (UTC)
- I'm afraid I have to join the chorus of the principled. Furthermore, there is a practical matter to consider - it is worth noting that in my experience the mailing list is as effective as the tool itself (as was the log until recently). I couldn't in good conscience share any checkuser data with him after this, and I would fully expect the same from every other checkuser worthy of having access. That would essentially stop cross-wiki cooperation on the mailing list, which is an unacceptable outcome to me. Having someone as untrustworthy as Cato on the list again would render it essentially useless. — Mike.lifeguard | talk 18:07, 7 September 2008 (UTC)
- I suppose if he was reinstated (which is incredibly unlikely), he wouldn't get access to the list, and only have access to the Wikiquote log, which if they agreed he was fine to access, should be respected. It is their project after all. I personally don't edit it. Majorly talk 18:13, 7 September 2008 (UTC)
- Not likely to bother anyone but I'd be likely to do the same as Thatcher. There is stuff I've not posted to the CU list since Cato has been on it because I'd had my doubts. --Herby talk thyme 14:38, 7 September 2008 (UTC)
- I respectfully disagree with FT2 that waiting to see what WQ does ("No need to make a problem where one didn't exist") is the only way to approach this. I've, as Risker suggested, initiated a conversation among stewards and a request for guidance from Cary, because it's an important question. Although hopefully not a relevant one this time, I have every faith in en:wq's sound judgement (although I'm curious as to when they will start discussing it) in this matter, it is nevertheless something it's better to have prepared for. ++Lar: t/c 14:18, 7 September 2008 (UTC)
- I doubt Cato will get re-instated after this, since Checkusers should be someone the community can really trust and after this incident, I don't think that trust remains.."Once bitten, twice shy" ...--Cometstyles 13:09, 7 September 2008 (UTC)
- I hope not, but there is a tradition of great deference to the wishes of the individual communities, and this situation is still presented on WQ as "temporary." Thatcher 13:17, 7 September 2008 (UTC)
- Of course this individual must not function as a checkuser on any project again, even if ensuring this requires intervention at the Foundation level, if necessary, superseding any norms of local discretion that might otherwise apply. (I suspect that false identification may have been used when he identified to the Office, which would make them unwilling to confirm him now in any event, but my comment stands even if this were not the case.) Newyorkbrad 14:55, 7 September 2008 (UTC)
- I hope not, but there is a tradition of great deference to the wishes of the individual communities, and this situation is still presented on WQ as "temporary." Thatcher 13:17, 7 September 2008 (UTC)
I would say that, unless the other shoe is of a wholly different stripe, the CU-access is gone for good. The big issue that I see is the abuse of photos of women. That's totally uncool. Cheers, Jack Merridew 14:59, 7 September 2008 (UTC)
As a Wikiquotian now I have very a doubt who wants to get involved into this discussion. Now I daresay, after a discussion about disbanding Wikiquote was proposed. As Jimmy said, Wikiquote is a small project and therefore have a small human resources. I myself have no time enough to spare two discussions. Personally I think not this one, but the other is much important for the project sustainability. I agree with Cbrown1023 it was very rude to raise that discussion now and there, even without noticing the community on its wikis or on mailing list. I don't say it is an attack but I simply have no enough time to deal with two things about Wikiquote at the same time. Now Cato is desysopping so he couldn't do no harmful. Wikiquote own sustainability is much bigger issue in my opinion as for that project, for me who are a sysop on multiple Wikiquotes including my own language, which is not English. English Wikiquote matter is at any rate a local issue but disbanding the project is the issue of the whole Wikiquote project which has now over 40 languages. Thanks. o--Aphaia 21:38, 7 September 2008 (UTC)
- I'm not sure anyone here is advocating disbanding Wikiquote. I do think that the en:wq community ought to have a discussion about what they want to do about this matter, and that it ought to start relatively soon, but that's just my personal opinion. ++Lar: t/c 05:01, 8 September 2008 (UTC)
- Metapub/On disbanding Wikiquote. Ty 05:08, 8 September 2008 (UTC)
- I stand corrected, thanks for that pointer. But I nevertheless think that here is not the place to discuss that question. Further, that question (a long term one) ought to perhaps be put on hold to allow the community to deal with this one, which is more immediate. ++Lar: t/c 05:27, 8 September 2008 (UTC)
- Disagreed. The presence and existence of the whole project is much more important. Remind that I serve not only English Wikiquote but I am also active on Japanese and Latin Wikiquotes. It is not the matter of place but the matter of time each editor can spare. I simply said I have no enough time to get involved into two and this matter is less important for me regarding the situation. The benefit and existence of the whole project is for me much more important than English Wikiquote local issue which is even temporally redeemed. I cannot see Japanese Wikiquote altogether shut down just I cannot join the discussion. You cannot hinder us to save our project. It is very nonsense for us to see our project shut down just because you Enwiki folks claims there is more immediate. We decide to keep or go away an once restricted access posessing user and then the other decide to disband our project? NO It shouldn't happen! And you don't advocate us there but demand us to deal with this admin? NO sorry it is a nasty trap we don't want to be caught. Everyone can determine which is more important and immediate problems and Lar, your argument is not compelling here. I am back to the other discussion now and won't be back here until it settles. Thank you for your understanding. --Aphaia 06:24, 8 September 2008 (UTC)
- The discussion at Metapub/On disbanding Wikiquote is not a formal proposal to close the project. It is just a discussion, and it would take a lot of discussion to result i na Proposals for closing projects, and even more for it to eventuate as a closure. It would take months and months of discussion before it happened. This Poetlister and Cato matter is here and now. John Vandenberg 07:04, 8 September 2008 (UTC)
- Note: John Vandenberg hsa shown he is not supportive for Wikiquote. You cannot disturb our endeavor to survive. You supported the idea to close it there and now here demand to join this discussion not that. I don't buy your tactics. --Aphaia 07:49, 8 September 2008 (UTC)
- The discussion at Metapub/On disbanding Wikiquote is not a formal proposal to close the project. It is just a discussion, and it would take a lot of discussion to result i na Proposals for closing projects, and even more for it to eventuate as a closure. It would take months and months of discussion before it happened. This Poetlister and Cato matter is here and now. John Vandenberg 07:04, 8 September 2008 (UTC)
- Disagreed. The presence and existence of the whole project is much more important. Remind that I serve not only English Wikiquote but I am also active on Japanese and Latin Wikiquotes. It is not the matter of place but the matter of time each editor can spare. I simply said I have no enough time to get involved into two and this matter is less important for me regarding the situation. The benefit and existence of the whole project is for me much more important than English Wikiquote local issue which is even temporally redeemed. I cannot see Japanese Wikiquote altogether shut down just I cannot join the discussion. You cannot hinder us to save our project. It is very nonsense for us to see our project shut down just because you Enwiki folks claims there is more immediate. We decide to keep or go away an once restricted access posessing user and then the other decide to disband our project? NO It shouldn't happen! And you don't advocate us there but demand us to deal with this admin? NO sorry it is a nasty trap we don't want to be caught. Everyone can determine which is more important and immediate problems and Lar, your argument is not compelling here. I am back to the other discussion now and won't be back here until it settles. Thank you for your understanding. --Aphaia 06:24, 8 September 2008 (UTC)
- I stand corrected, thanks for that pointer. But I nevertheless think that here is not the place to discuss that question. Further, that question (a long term one) ought to perhaps be put on hold to allow the community to deal with this one, which is more immediate. ++Lar: t/c 05:27, 8 September 2008 (UTC)
- Metapub/On disbanding Wikiquote. Ty 05:08, 8 September 2008 (UTC)
More direct concerns
editReading the 7th point under the Cato evidence section I'm not following the second sentence. Can that possibly be clarified? JoshuaZ 01:49, 8 September 2008 (UTC)
- FT2 thinks he knows Poetlister's real name, and Wikipedia Review has come to the same conclusion. Cato was required to provide identification to the Foundation when he was elected a checkuser. Either Cato provided the identification of this person, which strengthens the sockpuppetry evidence, or Cato provided the identification of a different person, in which case further investigation is required. That is to say, he is not this person, in which case some kind of personal identification with a trusted person can be arranged; or he is this person but provided a false ID, which is a serious matter of concern. I think FT2's point of "evidence" is to highlight that this issue is in the hands of the Foundation and that they have not affirmed or denied anything to us, but they have removed his checkuser access, from which certain conclusions can be drawn. (I'm not sure it's "evidence" so much as a "point of information" but there you have it.) Thatcher 02:42, 8 September 2008 (UTC)
- More accurately (and I've amended #7 to try and make it clearer). Beyond any reasonable doubt, to an extraordinary certainty, we do know exactly who Poetlister is. Office know who Cato is (or has identified themselves as). The logical step is to ask Office, "This is who Poetlister is. Can you check if Cato is the same person or obviously connected?" WMF cannot and should not tell who cato is, but they have my statement who Poetlister is and request to cross-check. If it were different, I would surely expect to have been told somehow, before it had got to this point. I have not been told I am mistaken, but indeed, the reply told me to remove the access as soon as possible, compatible with the investigation. This suggests that the answer is likely to be that the two sets of data did match. If WMF had wanted to say more they would have, and to my mind they are acting properly in not saying more, since identification is private and I don't really need to know it. The access was temp removed by me (not WMF office) when I felt the risk was too high of abuse, until Wikiquote community and WMF could make whatever final decision gets made. FT2 (Talk | email) 09:21, 8 September 2008 (UTC)
- A minor point here... you made the request at Meta, but it was a steward that actually removed the access. That may seem like nitpicking but it's germane. As I mentioned above, I raised the issue of how to resolve an apparent conflict between a local project and the Foundation. Remember that normally CUs and Oversighters are turned on after a process in which the local project's will is made clear, and a Foundation representative vets them and that's it. But more formally, CUs and Oversighters serve at the pleasure of the Foundation, that is, it is with foundation approval that they serve. No steward is going to reverse this temporary suspension unless both the local project AND the foundation make it clear that they approve. So if the local project chooses not to act for a while, that prolongs the drama, I suppose, which is unfortunate, but has no other effect. And if the local project ultimately decides they want access restored in this case, I am certain no steward is going to turn the access on, regardless of local project wishes, without a clear indication that the Foundation approves. (just leaving the identification edit in place would not be sufficient) I suspect such an indication will not be forthcoming. So... that minor point, I think, when followed through, clarifies a lot. ++Lar: t/c 11:21, 8 September 2008 (UTC)
- More accurately (and I've amended #7 to try and make it clearer). Beyond any reasonable doubt, to an extraordinary certainty, we do know exactly who Poetlister is. Office know who Cato is (or has identified themselves as). The logical step is to ask Office, "This is who Poetlister is. Can you check if Cato is the same person or obviously connected?" WMF cannot and should not tell who cato is, but they have my statement who Poetlister is and request to cross-check. If it were different, I would surely expect to have been told somehow, before it had got to this point. I have not been told I am mistaken, but indeed, the reply told me to remove the access as soon as possible, compatible with the investigation. This suggests that the answer is likely to be that the two sets of data did match. If WMF had wanted to say more they would have, and to my mind they are acting properly in not saying more, since identification is private and I don't really need to know it. The access was temp removed by me (not WMF office) when I felt the risk was too high of abuse, until Wikiquote community and WMF could make whatever final decision gets made. FT2 (Talk | email) 09:21, 8 September 2008 (UTC)
- Liaising with Wikiquote checkuser Aphaia, I decided the disclosure/discussion could not be posted at enwiki. It's too global, and also most of its impact wasn't on enwiki at all. So the disclosure was always going to be on Meta. The de-checkuser was approved by Office for when the time seemed right (I'd removed OTRS previously as described) and this was done by a steward, but I was asked to also post the request on Meta to ensure transparency. That's how it went. I'm collating evidence, and also handling the follow-up, which is complex. There's quite a bit to do. Will keep informed but if it has delays... this is one of those cases where not messing up (if possible) matters more than an extra time. FT2 (Talk | email) 22:47, 8 September 2008 (UTC)
- Thanks. That makes that much more clear. JoshuaZ 21:42, 9 September 2008 (UTC)
Comment
editThe case
editSomeone asked above why it took the time it did. The short answer is, we knew ages ago and therefore had strong and carefully watched protective measures in place for most of that time. It took time to be fully explored and to make the matter public, which was unavoidable. The steps to get there are somewhat described in the report. They were not trivial.
Culturally, there is a very strong presumption of "no wrongdoing" and a high standard of proof, when a trusted user is felt to be misbehaving. In this case there was also an exceptional, unspoken, cross-wiki pressure from many community members when it came to reasserting the sock-puppetry claim. This was a pressure placed on any investigation, ultimately by communal consensus rather than by any given individual. (Think back to just how many users would not accept that there was a problem and chose - vocally and wrongly - to distrust instead.)
In a way, the almost impossible standard of evidence demanded by a wide range of members of several wiki communities (including many at enwiki), the attention paid to off-site "candid truths" and conspiracy theorizing that people had already been told were inaccurate, and the extent and skill used in the sock-puppetry activities, was what mandated the approach and time-scale even after suspicions formed.
As to what caused this, four factors: Minimal disclosure at enwiki (to protect the new means of detection in light of newly discovered admin sock-puppetry) that was seized upon by some as evidence of a conspiracy, a minority of users who wished to see this be an error so much that they didn't give due weight to the idea it might be right, a minority of vocal and/or impressionable individuals, and intensive off-site (web and email) activity. Lessons all round and nobody slapped for it; mistakes were made by everyone. Low initial disclosure in 2007 was one of them, in hindsight, and perhaps that would have helped... or perhaps not much. FT2 (Talk | email) 09:55, 8 September 2008 (UTC)
Conduct as administrator and editor
editReposted from s:Wikisource:Scriptorium#Poetlister, to centralize facts on this issue. The question was asked as an admin, what had Poetlister/Cato/Runcorn's conduct been like. This was my response (link + tweaks):
- On English Wikipedia, Poetlister's first admin sock was used to ban someone who tried to argue with him, claiming untruthful things about them. They were quickly unbanned by another sysop who stated it was "spurious", without merit, but the attempt was real and the user could have easily left after being indef-blocked with a bad block log reason, or the reason given could have been trusted by any reviewing admin and become "official truth". This was a user who did right, tried to address abuse, and was blocked by the abusers' admin sock. The sock was also used to close deletion and RFA debates according to an agenda, and to add the weight of an "independent" admin to other debates where other socks were involved.
- On Wikiquote, Cato was used to test an improper open proxy and the sock that used it, prior to proposing that sock for RFA in Spring this year, and on Wikipedia Runcorn was used during 2006-07 to quietly change hard blocks of proxies to soft blocks for months, and then the socks used those proxies.
- Finally although not an admin matter, evidence that the attitude about abuse is unchanged: Poetlister argued badly with a user on a separate website in August 2008. After this argument, he used two sock-puppets to both oppose that person's article on English Wikipedia in retaliation.
Separate from behavior as an admin, this user also stacked (or tried to influence) dozens - some 40 or 60 - RFAs and xFDs, and used socking to try and force his viewpoint in unknown numbers of other article debates. He uploaded a range of identifiable images of vulnerable people and co-workers without their permission and claimed to be them, in one case ascribing a wide range of heavy duty sadomasochistic fetishes to her. He represented that images uploaded were made available under a valid free license when in fact they were other people's copyrighted images used without permission. According to some at Wikipedia Review, he fuelled a number of hostilities between WMF users and WR for his own agendas. He also heavily damaged the reputations of a wide range of users who expressed concerns, by using his many accounts to push a view (openly and via covert email to selected contacts) that they were biased, had hidden agendas, and the like.
Between these matters, he also posted an extraordinary amount of content too, across several projects. Much of this needs review, but a lot will surely be valid.
Sadly, since the recent events, his sole discernable motives have been to try and hide what can be hidden, prevent discovery by real-life associates, disclose as late and minimally as viable, and use email to mislead various users via FUD.
To sum up, the problem in my view is, it's like the bank clerk who is fine and upstanding - except occasionally dips $2000 now and then for gambling, and persists in repetition and denial despite multiple warnings and chances. It has to give rise to serious concerns. FT2 (Talk | email) 19:21, 14 September 2008 (UTC)
What Now?
editWell hopefully, the foundation will make the right decision as per how to deal with this person but regarding those who were used as a pawn in his "diabolical plan"..what about them?..the foundation needs to apologise to these women and to avoid further embarrassment, this should be solved within the next few days... the person who pointed out what was happening did warn us over 2 years ago, but it was laughed off by admin and editors alike, maybe we need to be more strict on "identity theft" issues from now on and if reported on any board on any wiki, it should straight away be reported to the OTRS or that community's ArbCom..just a friendly suggestion--Cometstyles 10:15, 8 September 2008 (UTC)
- I have to agree with Cometstyles on this - at the very least, those people who had their identity stolen need to be apologised to (albeit without prejudice). As of 14 hours or so ago, somebody close of somebody caught up in this posted I am disgusted that I have not received anything from Wikipedia, I would have thought someone there would have e-mailed me to apologise and let my girlfriend and I know they care and are going to look into this for us Regards George The Dragon 11:26, 8 September 2008 (UTC)
- It might be appropriate for me to apologize to these individuals because I uploaded copies of their photos to Commons. Had I known what I know now, I would not have uploaded those photos. I was aware of ArbCom's statement in 2007 that these photos were of people other than the sockmaster, but I disbelieved it because, after corresponding with Poetlister and investigating the available evidence thoroughly, I concluded that the separate accounts were different people, and I used the photos as evidence to prove that point, while claiming that ArbCom had suppressed evidence of innocence by deleting the photos. (Actually, WJBscribe deleted them.) Even those people who believed ArbCom's version did not fully appreciate the seriousness of impersonating these innocent young women until now. Certainly, since I believed ArbCom's version was wrong, I should not be faulted for uploading these photos to Commons.
- I obtained the photos from a mirror site called Wikivisual which probably still carries the photos today, but it is a low-profile site and should not cause much of a headache for the real people involved if they cannot succeed to remove the photos from there.
- I uploaded the photos to Commons because "Poetlister" and other accounts had uploaded the same photos to Wikipedia on a free-content license, those photos were subsequently copied to Wikivisual, and I copied them to Commons for my evidence presentation. It was like any other free-content photo that may be uploaded to Commons. Now I know it was not free-content.
- I have no other connection to Poetlister aside from trying to get her unbanned.
- I emphasize that I accept no legal responsibility for any of this. The sockmaster promulgated the illegal impersonation. I copied the photos because I believed his story. It was an honest mistake. Any of the other users who believed the story could have made the same mistake.
- Nonetheless, for my minor role in the incident, I apologize to Jamie L., Giselle H., Chris Selwood and the other real people who were hurt by this jerk. Shalom Yechiel 20:52, 8 September 2008 (UTC)
- Not your fault, Yechiel, it was intended to deceive. The person who posted in 2006 was told to speak to taxwoman, and did so, but I can't find a record of him coming back at all, to say he was still unhappy. So... maybe he did, maybe he didn't, I can't find the post or OTRS link if so. The situation back then (unless there is extra evidence I haven't seen) was that 2 people had both claimed the pics were of them or people they knew, but neither provided any evidence or pursued it. Then it got dropped. So by 2007-08 you were probably reasonably entitled to not know it, or to assume it was a historic oddity. I first knew of the pics issue in the last week or so, so there may be evidence I'm not seeing, and if so, I may be mistaken in this tentative understanding and will self-correct if so. FT2 (Talk | email) 22:56, 8 September 2008 (UTC)
Communications
editStuff is happening in the background. In the meantime, out of interest - has anyone had an email in the background arguing this is all a setup, there isn't evidence, those checking were biased, etc?
I'd be curious since I haven't seen it, but that's been the pattern before, every time he's wanted to build a bit of support and momentum. If it is going on, can we document it in the open?
FT2 (Talk | email) 18:08, 9 September 2008 (UTC)
- Since this has come to light, Poetlister opened communication with me at "Mon, 8 Sep 2008 14:05:30 +0100" from the email address that I have communicated with on a few previous occasions over the last year, and I have recieved a second email from Poetlister. At present, the ball is in Poetlisters court, and I am hoping that Poetlister/Cato will post here soon.
I have a high confidence that the emails I have recieved are not forged in spite of there being some information floating around that hacking has been going on. With regards to the contents of these emails, they have not been suggesting that this is a setup. If there are emails being sent suggesting that it is all a setup, then it throws an awkward twist on the meaning of the communications I am having with Poetlister, so I echo FT2's request for open disclose of the basic nature of these emails, or at least a private note to either myself and/or FT2. John Vandenberg 03:28, 10 September 2008 (UTC) - Since it has been in public, I got a mail at "Date: Tue, 09 Sep 2008 16:33:01 +0000" from the email address which is new to me but technical evidence suggests that it is unlikely written by none but Poetlister. The content is consistent with what the user has been saying, I think therefore it wouldn't be forged with all technical evidence. I replied briefly and recommended to make all their socks in public on this page. In my case too, the ball is in Poetlister's court at present and I'm strongly hoping that PL/Cato will post here soon. --Aphaia 06:25, 10 September 2008 (UTC)
- I got two mails. One from the same mail address which I mentioned on the above, another from a different but which PL has used for months. There is generally nothing new. In all three mails there is no claim of setup. --Aphaia 05:28, 11 September 2008 (UTC)
What if not now, then in the near future?
editAre there plans or even discussions about more vigilance regarding c/u etc in the future? KillerChihuahua 23:17, 10 September 2008 (UTC)
- Hm? Even enwiki (who is most familiar with the user) was fooled, this is not about Wikiquote not being vigilant. Cbrown1023 talk 00:05, 11 September 2008 (UTC)
- I don't see KillerChihuahua mentioning that this was specific to English Wikiquote, or any other wiki for that matter. I think we should take a closer look at our current systems for granting access to CheckUser. However I doubt there will be any overnight change, as the CheckUser policy would have to be rewritten. It is certainly worth thinking about at the very least. Perhaps some discussion on the policy's talk page will be fruitful. — Mike.lifeguard | talk 00:18, 11 September 2008 (UTC)
- I don't think it would be possible for any rouge CU to be prevented access. Anyone determined enough could get it if they wanted. Majorly talk 00:24, 11 September 2008 (UTC)
- I don't see KillerChihuahua mentioning that this was specific to English Wikiquote, or any other wiki for that matter. I think we should take a closer look at our current systems for granting access to CheckUser. However I doubt there will be any overnight change, as the CheckUser policy would have to be rewritten. It is certainly worth thinking about at the very least. Perhaps some discussion on the policy's talk page will be fruitful. — Mike.lifeguard | talk 00:18, 11 September 2008 (UTC)
Speaking only for myself, I doubt this is a type of problem that's likely to recur in large numbers. It takes a very special kind of person to be this patient, this productive, and also this deceptive. Most people who have the self-control that it takes to earn a community's trust for advanced ops also have the temperament to earn it honestly, because if ethics isn't enough (it nearly always is), then the person sees the risk simply isn't worth the benefit. Why jeopardize years of volunteer work, scores of relationships, and one's good name for such a trivial payoff? Obviously this individual believed it was worth it, but the end of it is a good object lesson. It's something to keep our eyes open for in case it does happen again, but I doubt it would be a frequent problem. Durova 02:15, 11 September 2008 (UTC)
- As I am unfamiliar with the details of how c/u's are vetted, I am certainly not the person who would know whether strengthening that process were feasible, and I appreciate the responses of those more knowledgeable. I did not mean to imply that standards were loose, merely to inquire whether tightening them was possible and/or being discussed. I apologize for my lack of clarity. That said, I fail to see Mike.lifeguard's point - please explain what difference there is in what project this occurred upon - are standards that different? KillerChihuahua 19:46, 11 September 2008 (UTC)
- Well, standards do differ somewhat, for instance, at en.wp, one must only be approved by the Arbitration Committee to have the CU right, at Meta stewards receive CU after approval by usually 80% of the WM universe, at other wikis it is generally 25 votes of support and at least 80% overall support. So yes, the standards do very a great deal when one considers the size differences in editing populations between the various wikis. MBisanz talk 21:15, 11 September 2008 (UTC)
- Am I correct in understanding that cu's receive access to the global mailing list, or has that gone the way of the dodos and I am out-of-date? KillerChihuahua 22:21, 11 September 2008 (UTC)
- All checkusers are eligible to subscribe to checkuser-L. Thatcher 23:15, 11 September 2008 (UTC)
- Well all wikis have different standards for appointing CU's, some follow the 25 support rule, some follow the 80% whereas others might follow both such as Meta and commons and enwiki has its own policy..it seems you are concerned with the global implication of CU i.e the Global CU log which i believe is no longer in existence though I think if the developers can make the global CU log in to a permission, it will be useful to the global staff, ombudsmen and stewards group only and regarding mailing list, well cato had access to both the mailing list and the OTRS though his OTRS access was removed in late august possibly because they suspected something was out of place and though he did have access to the Cu-mailing list, i really don't think they discuss (well thats what a Cu told me) really important matters relating to major cases, its mainly the smaller socking cases discussed..most of the bigger ones are discussed on a private IRC channel or via e-mails and yes, we may have future problems relating to this and a possibility of sock puppeteers blocked on bigger wikis going on to smaller wikis, trying to redeem themselves or having some ulterior motives, becoming admins, bureaucrats and even CU's..but thats how it goes, it can't really be stopped, all we can hope for is that the communities on those wikis can make the right decisions in selecting their a/b/c's but one thing worth mentioning is that if the Cu's know a person is socking or suspects them of socking, they should notify other CU's and keep tabs on those users always and if they ever do request for rights such as CU or oversight, a Cu member or preferably an Ombudsmen should step in and make sure it doesn't proceed any further...--Cometstyles 23:54, 11 September 2008 (UTC)
- @Cometstyles... 25 votes in support seems a pretty hard and fast requirement, stewards are not going to turn the bit on if that's not there. At least I won't, at any rate. ++Lar: t/c 14:02, 13 September 2008 (UTC)
- Am I correct in understanding that cu's receive access to the global mailing list, or has that gone the way of the dodos and I am out-of-date? KillerChihuahua 22:21, 11 September 2008 (UTC)
- Well, standards do differ somewhat, for instance, at en.wp, one must only be approved by the Arbitration Committee to have the CU right, at Meta stewards receive CU after approval by usually 80% of the WM universe, at other wikis it is generally 25 votes of support and at least 80% overall support. So yes, the standards do very a great deal when one considers the size differences in editing populations between the various wikis. MBisanz talk 21:15, 11 September 2008 (UTC)
Wow... That's quite the run-on sentence. I thought I was bad, but you... that's impressive, Cometstyles. Also, incidentally, thorough. It seems the bottom line is more or less "yes we do the best we can, but we cannot plug every possible crack". A rational position, if somewhat cynical. KillerChihuahua 14:35, 12 September 2008 (UTC)
- Getting back to the issue of vigilance, there are two separate vigilance issues. The first is making sure that when checkuser appointee user:Smith presents identification to the Foundation of being John Smith of Birmingham, that that is accurate and honest. There are a few ways to approach this, such as sending an email to a hard to fake address like an employer, meeting another trusted user in person, or sending a letter by signature-restricted express delivery. But that was not the problem here—as far as we know, Cato gave his correct identification. The second issue is making sure that checkusers are not running abusive sock farms. I don't have any good ideas about how to approach this. We could have the stewards run extensive cross-wiki IP checks of checkuser appointees; for that matter, we could run cross-wiki checks of all admin and bureaucrat candidates as well. However, that will only catch the sloppy sockpuppeteers; Cato was not caught by checkuser evidence but by behavioral evidence and through the complaint of one of the people whose photo he misappropriated. It is not clear to me that anything could have been done at the time Cato was appointed checkuser that would have uncovered the multiple accounts, although I'd be glad of any suggestions. Thatcher 15:07, 12 September 2008 (UTC)
- I had mentioned this on Checkuser-l but would like to broach it again here--perhaps the Ombudsman commission's role can be expanded to investigate checkuser elections and contribution history; and any suspicions be brought, at the very least to myself or a board member. Given the fact that several users had recently expressed that they had some concerns when Cato was elected, I believe that advance notice could have proven fruitful. Cary Bass demandez 17:33, 12 September 2008 (UTC)
- Is something like a Merseyrail travel card proof of identification - sent in as a scan?? Indeed, any regional travel pass or scan of company ID, would that be suitable?? Just my 0.02 cents. Thanks, AP aka --Kelsington 19:44, 12 September 2008 (UTC)
- I had mentioned this on Checkuser-l but would like to broach it again here--perhaps the Ombudsman commission's role can be expanded to investigate checkuser elections and contribution history; and any suspicions be brought, at the very least to myself or a board member. Given the fact that several users had recently expressed that they had some concerns when Cato was elected, I believe that advance notice could have proven fruitful. Cary Bass demandez 17:33, 12 September 2008 (UTC)
- By itself, no. When I identified to the Foundation, I emailed a scan of somebodys drivers' license. How would the Foundation know that drivers' license belonged to the person who uses this account? However, if Cary had sent a letter to the address on the license by signature-restricted delivery, it would soon be obvious if that license was a forgery or was something I borrowed from a co-worker. Likewise with an employer-provided email address that matched the name on the license. But as I noted above, identity was not the problem in this case, so I don't know how much effort we should put into this side of the problem. Thatcher 21:03, 12 September 2008 (UTC)
- Another, more international alternative would involve a webcam. It would be rather difficult to fake a video that has an image of a person matching a fake ID. MBisanz talk 21:15, 12 September 2008 (UTC)
- Are you saying that anyone could have easily forged an identity like that? When I identified, I sent a photo of my passport to Cary. But it could have been any old person's passport (though Cary has met me in person, so knows it's not a fake). How thoroughly are IDs checked? Are passport numbers/licenses etc checked to see if the number on it is real, and reflects a real individual? It seems so incredibly easy to fake ID in this way... Majorly talk 21:19, 12 September 2008 (UTC)
- Given we have CUs from countries where I suspect there are no easy to query identification databases, I suspect it is more of a check of "Does the person have a legit looking ID" than "Does it pass a background check". In any case, driver's licenses are accepted and in the USA they are notoriously easy to fake, even down to fake ID numbers. MBisanz talk 21:42, 12 September 2008 (UTC)
- It's good to know that we have CUs who aren't 100% accountable. Majorly talk 21:49, 12 September 2008 (UTC)
- Guys, WP:BEANS... Giggy 06:41, 13 September 2008 (UTC)
- It's all very well saying that, but I am extremely uncomfortable. I think I should start a new thread though to express my concerns. Majorly talk 14:08, 13 September 2008 (UTC)
- This is becoming very off-topic here. A number of people have checked the CU logs, and there is no signs of checkuser abuse in this case, so there is nothing to be worried about in this case. If improvements are going to be made to prevent similar situations in the future, new measures would be needed, and they would need to be discussed on a village pump, mailing lists, and then accepted by the WMF & community. John Vandenberg 14:19, 13 September 2008 (UTC)
- No signs so far, but there's still tomorrow. And I'll repeat what I posted above: "I think I should start a new thread though to express my concerns." So let me do that, without telling me this is off topic, because I know it is. Thanks a lot! Majorly talk 14:30, 13 September 2008 (UTC)
- You gave me the impression you were going to start a new thread here; a new thread on Metapub is a good idea. Cheers, John Vandenberg 14:44, 13 September 2008 (UTC)
- No signs so far, but there's still tomorrow. And I'll repeat what I posted above: "I think I should start a new thread though to express my concerns." So let me do that, without telling me this is off topic, because I know it is. Thanks a lot! Majorly talk 14:30, 13 September 2008 (UTC)
- This is becoming very off-topic here. A number of people have checked the CU logs, and there is no signs of checkuser abuse in this case, so there is nothing to be worried about in this case. If improvements are going to be made to prevent similar situations in the future, new measures would be needed, and they would need to be discussed on a village pump, mailing lists, and then accepted by the WMF & community. John Vandenberg 14:19, 13 September 2008 (UTC)
- It's all very well saying that, but I am extremely uncomfortable. I think I should start a new thread though to express my concerns. Majorly talk 14:08, 13 September 2008 (UTC)
- Guys, WP:BEANS... Giggy 06:41, 13 September 2008 (UTC)
- It's good to know that we have CUs who aren't 100% accountable. Majorly talk 21:49, 12 September 2008 (UTC)
- Given we have CUs from countries where I suspect there are no easy to query identification databases, I suspect it is more of a check of "Does the person have a legit looking ID" than "Does it pass a background check". In any case, driver's licenses are accepted and in the USA they are notoriously easy to fake, even down to fake ID numbers. MBisanz talk 21:42, 12 September 2008 (UTC)
- Are you saying that anyone could have easily forged an identity like that? When I identified, I sent a photo of my passport to Cary. But it could have been any old person's passport (though Cary has met me in person, so knows it's not a fake). How thoroughly are IDs checked? Are passport numbers/licenses etc checked to see if the number on it is real, and reflects a real individual? It seems so incredibly easy to fake ID in this way... Majorly talk 21:19, 12 September 2008 (UTC)
- Another, more international alternative would involve a webcam. It would be rather difficult to fake a video that has an image of a person matching a fake ID. MBisanz talk 21:15, 12 September 2008 (UTC)
- Not sure why we are talking about this, the foundation hasn't really told us if the name and ID Cato provided is legitimate or not, because even though the person behind Poetlister is known for identity theft, I really don't think he borrowed or stole a passport or whatever proof he submitted to the foundation....--Cometstyles 21:31, 12 September 2008 (UTC)
- It is a somewhat related issue, that Cato could have easily faked his ID. It perhaps shows we need tighter standards in how people identify to the foundation. Majorly talk 21:49, 12 September 2008 (UTC)
- But, as far as I know, he did not fake his ID, right? He did not need to fake his ID, anyhow, since (obviously) no one knew that John Doe (if that would be his name) had countless sockpuppets. Even an absolutely perfect verification system would not have revealed this, so I'm not sure why this discussion is taking place here in the first place. --Conti 01:03, 13 September 2008 (UTC)
- It is a somewhat related issue, that Cato could have easily faked his ID. It perhaps shows we need tighter standards in how people identify to the foundation. Majorly talk 21:49, 12 September 2008 (UTC)
- By itself, no. When I identified to the Foundation, I emailed a scan of somebodys drivers' license. How would the Foundation know that drivers' license belonged to the person who uses this account? However, if Cary had sent a letter to the address on the license by signature-restricted delivery, it would soon be obvious if that license was a forgery or was something I borrowed from a co-worker. Likewise with an employer-provided email address that matched the name on the license. But as I noted above, identity was not the problem in this case, so I don't know how much effort we should put into this side of the problem. Thatcher 21:03, 12 September 2008 (UTC)
- I have no interest in becoming a CheckUser or oversight, but having seen an ITV documentary on dumpster diving, it makes you think about tightening procedures... Thanks, AP aka --Kelsington 00:04, 13 September 2008 (UTC)
- Mr. Bass states above that "…this has demonstrated that our process does, in fact, work." If this is success, what would count as failure?
- What steps did Mr. Bass take to verify Cato's identity? Was the information given accurate?[5][6] Proabivouac 02:50, 18 September 2008 (UTC)
Progress
editAny updates on the progress of this?? --Kelsington 17:36, 8 October 2008 (UTC)
Thoughts on the recent revisiting of this case
editMoved on-wiki from a foundation-l thread
There are two separate problems raised by Poetlister's return to edit Wikiversity (uncontroversially, so far).
- First: How do we carry out global blocks and bans, and how can we better visualize contributions and problems across the Projects?
- Second: How do we deal with users who are competent contributors, and also chronic troublemakers? They don't immediately raise red flags, and there are obvious downsides to excluding them.
How do we decide on global blocks and bans?
editHow do we determine when they are appropriate, and how can we better visualize contributions and problems across multiple Projects?
- 1) [Technical] Implement cross-project messaging, status flags, and contribution-history review.
- This requires real technical support, both in the libraries available for multi-project MediaWiki installations, and in extensions/visualizations that make it possible to browse and follow contribs across many projects
- 2) [Technical] Implement tools for blocking, and for granting flags, across multiple projects.
- Right now this is largely done by hand, in a laborious fashion.
- 3) [Policy] Define a Dispute Resolution Committee to evaluate global ban requests and guide related Meta policy
- Set criteria for conduct that requires a global ban. For example, criminal stalking, legal action against other Wikimedia contributors or entities, &c. Clarify how all involved projects can be notified of the discussion of such a ban, and what group makes the decision.
Steven and Millosh have both made good suggestions on the DRC proposal.
Scott wrote:
- > What you need is a mechanism so that one local community, when banning a user who meets the criteria, can refer the case to a cross-project review group for a global decision.
How do we deal with good contributors who are chronic troublemakers?
editThese users don't immediately raise red flags. They are always repentant after a bout of mischief or anger or deception. There are obvious downsides to excluding them - one fewer good editor/scripter/vandal-fighter.
- 4) [Technical] Create permanent options other than banning.
- For instance, there could be options to
- - flag a user as not allowed to have multiple accounts at all, subject to auto or spot checks for socks (after socking)
- - flag a user as not allowed to have permissions (after permissions abuse)
- - flag a user as not allowed to !vote (after vote stacking)
These flags need not be casually visible to other editors, but implementing/acting on them needs to be easy or automatic.
- 5) [Technical] Create activity reports that can be shared across projects
- Ex: Cross-wiki reports on vandalism, bad-faith contribution, and manipulation of community policies and processes. Tools for tracking and visualizing such problems.
- Risker pointed out in the mail thread that this is one of the biggest barriers to global bans.
- Currently, for historical reasons, each project has an independent system for dealing with this, and most are updated manually (or by bot). Make this a top priority for interface upgrades -- this aspect of site maintenance gets heavy use; and the quality of our toolchain here is directly related to how much editor overhead is required to keep the sites running. This applies to recentchange and new page patrol, just as to behavioral trouble with active users.
- 6) [Tech and Policy] Offer more nuanced ways to profile new users.
- Right now if you are trying to log in from an IP in a range that has been blocked, you are simply blocked. You get an email you can contact to request a reversal, but it the whole process is shocking and distasteful to anyone who isn't a vandal or spammer.
- Offer a mechanism for flagging an IP range or user (or usergroup) as worthy of closer attention, without blocking them. For instance: flag them as a permanent newbie (subject to the same restrictions as new accounts) until further notice.
- 6) [Tech and Policy] Define ways to share checks on problematic users, including private data, across projects.
- Find ways to publicly indicate concerns that are founded in private data. Make a pointer to this information available to all projects.
- If a user has caused trouble on multiple projects and is subject to regular spot checks for socking, have a policy for meta-checks for socking by that user as well. This should involve a way to inform all communities where that user starts editing, some of which will have their own checkusers.
- 7) [Policy] Define the negative impact of toxic contribution.
- At present there is no clear sense of how problematic an angry, or malicious, or deceptive user is. A few hundred or a few thousand good contributions are sometimes considered "enough" to balance out a persistent negative or socially destructive personality.
- Offer cross-project guidance on the long-term value of both content and social contributions. [some visualization of social contributions, similar to the crude but persistent use of 'edit count' for edits, might help.]
- 8) [Policy] Define when 'clean starts' are appropriate, and how they should be carried out.
- What standards of transparency should all projects uphold when offering clean starts to former troublemakers? Whatever the standards are for deciding that a user is likely to throw away a second chance, they probably should be cumulative across all projects. [someone with a history of deception over many years is likely to continue that way, even on a new project]
Various comments from foundation-l
editSue asked:
- > Is there something the Foundation could do to support that happening?
The Foundation could make "tools for community management" a priority, including addressing the 4 or 5 technical issues above. Those are things which the community members addressing the social and policy aspects can't fix on their own.
Newyorkbrad wrote:
- > Poetlister should not be editing under any account name on any project.
Is this a punitive statement or a practical one? The reason this user hasn't been banned on more than one project (a full ban was considered but not implemented on wikisource, and considered and soundly rejected on wikiquote) is a combination of things:
- his identity theft, surely his worst offense and one with real-world consequences for others, was not very widely known when this RFC was started. It is hidden even in the final text of the RFC.
- his contributions on some projects were excellent.
Doing things that hurt people in their personal lives does seem like a reasonable rule of thumb for saying "too dangerous / divorced from reality, not wanted here".
- > [a system for global bans] may be a solution that keeps staff from stepping in to ban folks who have violated community norms consistently and egregiously across the projects.
In my view, staff should never "step in to ban folks" with a staff flag, unless they're the only one around during a crisis. If there is an urgent need to ban someone, any steward can carry that out, on having the reason pointed out to them. Any staff member interested in being a steward is strongly encouraged to run -- it requires understanding how to carry such actions out in a transparent way, what the alternatives are, how to use the tools involved, &c.
Scott writes:
- > I'm wondering whether there is a structural problem in getting lunatics like poetlister banned
The result of the 2008 RFC was not that poetlister was "a lunatic who should be banned everywhere" - which is why the account was not. The real-world impact of his impersonations was downplayed and most of the discussion was about socking and whether there had been any abuse of admin or checkuser tools.