On 11/06/13 10:41, Anthony wrote:
> One thing I'd also appreciate is that if indeed Wikipedia access logs are
> not even collected in the first place (except for 1/1000 samples), that
> this be stated officially, rather than relying on a two-year-old comment by
> a single, now-former employee.
In
On Mon, Jun 10, 2013 at 10:06 PM, MZMcBride wrote:
> Anthony wrote:
> >One thing I'd also appreciate is that if indeed Wikipedia access logs are
> >not even collected in the first place (except for 1/1000 samples), that
> >this be stated officially, rather than relying on a two-year-old comment
>
Federico Leva (Nemo) wrote:
>Benjamin Lees, 10/06/2013 08:13:
>>
>>http://thread.gmane.org/gmane.org.wikimedia.foundation/49712/focus=49727
>>is probably relevant (if what Domas said then is still true).
>
>While I'm not aware of privacy changing substantially, speaking of
>fantastic names, Kraken
Anthony wrote:
>One thing I'd also appreciate is that if indeed Wikipedia access logs are
>not even collected in the first place (except for 1/1000 samples), that
>this be stated officially, rather than relying on a two-year-old comment
>by a single, now-former employee.
Minor point: I can't tell
Fred Bauder wrote:
>> This has come up in the context of database dumps and database
>> replication. We're basically asking for this information to one day be
>> leaked by retaining it indefinitely (including usernames that out
>> individuals, CheckUser logs, content buried inside page histories,
>
Anthony and John beat me to it -- I was going to second the suggestion that
the sentence spend a bit of time being wordcrafted on Meta for extra eyes,
to clarify things like the National Security Letters, NSL gag orders, etc.
-Dan
Dan Rosenthal
On Tue, Jun 11, 2013 at 4:02 AM, Anthony wrote:
On Mon, Jun 10, 2013 at 7:13 PM, John Vandenberg wrote:
> e.g. "we have never received or honored an NSA or FISA subpoena or
> order" is good (and far better than I've seen from Google or
> Facebook), but ...
>
> does that exclude all possible orders under the Patriot Act?
> does that exclude ord
On Mon, Jun 10, 2013 at 6:15 PM, Luis Villa wrote:
> We should have a blog post up within the next few days to discuss
> PRISM and our values in more detail; we will pass that along here when
> it is posted.
Thanks. I do appreciate this. And it seems to be better worded than the
statements of
> David Gerard wrote:
>>On 10 June 2013 18:01, Rand McRanderson wrote:
>>> I think the key here is not to keep more information about users than
>>> necessary.
>>
>>In particular - at present. as I understand it, we don't keep full
>>access logs, just 1/1000 samples.
>>
>>We need to not keep full
David Gerard wrote:
>On 10 June 2013 18:01, Rand McRanderson wrote:
>> I think the key here is not to keep more information about users than
>> necessary.
>
>In particular - at present. as I understand it, we don't keep full
>access logs, just 1/1000 samples.
>
>We need to not keep full access log
On Tue, Jun 11, 2013 at 8:15 AM, Luis Villa wrote:
> Hi, all-
>
> For your information, we have not been approached to participate in
> PRISM, and we have never received or honored an NSA or FISA subpoena
> or order. If we were to be approached in the future, we would reject
> participation in an
On 11/06/13 05:21, Anthony wrote:
> On Mon, Jun 10, 2013 at 9:36 AM, Fred Bauder wrote:
>
>> You are right, Anthony, never assume you're not dealing with idiots. If
>> NSA is doing doing detailed surveillance of Tea Party activists or
>> defense lawyers we are truly well along the road to hell.
>
"Because Luis, Geoff and Stephen all know me well, and in particular they
know that if they did sign up to such a programme I'd deck them" :P.
On 10 June 2013 23:29, Tomasz W. Kozlowski wrote:
> Luis Villa wrote:
>
> For your information, we have not been approached to participate in
>> PRISM,
Luis Villa wrote:
For your information, we have not been approached to participate in
PRISM, and we have never received or honored an NSA or FISA subpoena
or order.
"Google and Facebook both flatly denied having any relationship to
PRISM, and it turned out not to be exactly true—is there any
> On Fri, Jun 7, 2013 at 2:31 PM, Ryan Lane wrote:
>> A very small minority of users don't have HTTPS
>> support, or their computers are so old that it makes the site unusably
>> slow. That's a *very* small percentage of users, though.
There's also the small issue of a billion people in China who
Hi, all-
For your information, we have not been approached to participate in
PRISM, and we have never received or honored an NSA or FISA subpoena
or order. If we were to be approached in the future, we would reject
participation in any PRISM-type program to the maximum extent possible
and challen
Hi,
The report covering Wikimedia engineering activities in May 2013 is now
available.
Wiki version:
https://www.mediawiki.org/wiki/Wikimedia_engineering_report/2013/May
Blog version:
https://blog.wikimedia.org/2013/06/10/wikimedia-engineering-may-2013-report/
We're also proposing a shorter, sim
They tap directly into the internet backbone. Only if there is some
particular matter which interests them which they would need our help to
decipher would they contact the Foundation. There are a few things out
there that I can imagine them being interested in, but very few. For
example, there are
On Mon, Jun 10, 2013 at 9:36 AM, Fred Bauder wrote:
> You are right, Anthony, never assume you're not dealing with idiots. If
> NSA is doing doing detailed surveillance of Tea Party activists or
> defense lawyers we are truly well along the road to hell.
>
Maybe we are. It certainly wouldn't be
On Mon, Jun 10, 2013 at 9:09 AM, Theo10011 wrote:
> On Mon, Jun 10, 2013 at 6:33 PM, Anthony wrote:
> > We know that people's Google searches have been used against them in
> > court. I'm not aware of any cases where Wikipedia searches have been
> > used. But I can't imagine why they'd be any
> >> Encrypted, if you're using https everywhere (and Wikipedia hasn't
> > intentionally or unintentionally compromised their certificate).
> >>
> >
> > But simple encryption that NSA can break at will.
>
> No one will bother trying to break SSL/TLS. The NSA certainly doesn't
> need to. They can ju
Hi all,
On Friday, the Legal and Community Advocacy team posted a call for
community input on our trademark policy and practices:
http://blog.wikimedia.org/2013/06/07/call-for-community-input-trademark-policy-practices/
We have identified some trademark practices that we think are going well,
as
On 10/06/13 14:12, Tobias wrote:
> No one will bother trying to break SSL/TLS. The NSA certainly doesn't
> need to. They can just sign their own certificates and perform
> man-in-the-middle attacks. Browsers will in most cases accept those
> forged certificates, since the NSA can make sure that th
Forwarded to legal at wikimedia.org
Fred
> I think the key here is not to keep more information about users than
> necessary.
>
> Of course, there is the question of if the NSA asks for our checkuser
> data.
>
> I am relatively confident of WMF's honesty here. They have been pretty
> concerned ab
On 10 June 2013 18:01, Rand McRanderson wrote:
> I think the key here is not to keep more information about users than
> necessary.
In particular - at present. as I understand it, we don't keep full
access logs, just 1/1000 samples.
We need to not keep full access logs.
Yes, they care what yo
I think the key here is not to keep more information about users than
necessary.
Of course, there is the question of if the NSA asks for our checkuser data.
I am relatively confident of WMF's honesty here. They have been pretty
concerned about user privacy in general (I am sure that there is some
On Mon, Jun 10, 2013 at 7:31 PM, John Vandenberg wrote:
> Or DeCSS, or AACS, ..
>
> Or 2012 Benghazi attack, Efforts to impeach Barack Obama, Drone
> attacks in Pakistan, ..
>
> Or PRISM (surveillance program), Edward Snowden, Bradley Manning, ..
>
> It would be good *if* the WMF can provide assu
> It would be good *if* the WMF can provide assurances to editors that
> they havent received any national security letters or other 'trawling'
> requests from any U.S. agency.
>
> If the WMF has received zero such requests, can the WMF say that?
> There wouldn't be any gag order.
>
> https://en.w
On 06/10/2013 03:30 PM, Fred Bauder wrote:
>> Encrypted, if you're using https everywhere (and Wikipedia hasn't
> intentionally or unintentionally compromised their certificate).
>>
>
> But simple encryption that NSA can break at will.
No one will bother trying to break SSL/TLS. The NSA certainly
On Mon, Jun 10, 2013 at 11:00 PM, Anthony wrote:
> On Mon, Jun 10, 2013 at 6:21 AM, Fred Bauder wrote:
>> No, massive amounts of information about people doing ordinary
>> things like editing articles about Homer Simpson is kind of the opposite
>> of intelligence; it IS the haystack, not the need
National Security Letters have been served on Libraries. However, as we
keep no track whatever off who is reading the site; it is hard to see how
serving one on us would accomplish anything; we can't produce records we
don't keep. I suppose a secret court order could be applied for which
would requ
You are right, Anthony, never assume you're not dealing with idiots. If
NSA is doing doing detailed surveillance of Tea Party activists or
defense lawyers we are truly well along the road to hell.
Fred
> On Mon, Jun 10, 2013 at 6:21 AM, Fred Bauder
> wrote:
>
>> Correct. If Osama Bin Laden had b
> On Mon, Jun 10, 2013 at 6:10 AM, Fred Bauder
wrote:
>
>> Everything passing over the internet is archived. Nearly everything done
>> at Wikipedia passes over the internet.
>>
>
> Encrypted, if you're using https everywhere (and Wikipedia hasn't
intentionally or unintentionally compromised their
They tap directly into the internet backbone. Only if there is some
particular matter which interests them which they would need our help to
decipher would they contact the Foundation. There are a few things out
there that I can imagine them being interested in, but very few. For
example, there are
On Mon, Jun 10, 2013 at 6:33 PM, Anthony wrote:
> Wikipedia is not a top traffic website from people editing. 99% of the
> traffic is reading/searching.
>
Yes, and I as I pointed to the email written by Domas, that those logs
don't exist.
>
> We know that people's Google searches have been us
On Mon, Jun 10, 2013 at 8:59 AM, Theo10011 wrote:
> I'm not sure how that would have any
> bearing on Wikipedia though, the purpose there is to write an article, fix
> typos, add pictures, occasionally there is cross-communication between
> different editors.
Wikipedia is not a top traffic webs
On Mon, Jun 10, 2013 at 6:21 AM, Fred Bauder wrote:
> Correct. If Osama Bin Laden had been editing Wikipedia, before his death
> of course, through some account in Pakistan, it would have been rather
> reasonable to respond favorable to a request for information. But "plenty
> of reason to think
I don't understand this line of discussion.
From an intelligence stand-point, the goal of the program seems to be
communication interception COMINT through SIGAD means. From phone calls, to
emails, to private and public posts. I'm not sure how that would have any
bearing on Wikipedia though, the p
On Mon, Jun 10, 2013 at 6:10 AM, Fred Bauder wrote:
> Everything passing over the internet is archived. Nearly everything done
> at Wikipedia passes over the internet.
>
Encrypted, if you're using https everywhere (and Wikipedia hasn't
intentionally or unintentionally compromised their certifica
If the NSA, CIA, or some other spook agency is getting information off of
Wikimedia servers, they don't have a CU account or anything like that.
They'd have a program running at the operating system level that extracts
the data in a standardised format and sends it off to some secret server
somewh
Tobias wrote:
I think Wikimedia should protest openly against such unethical
surveillance. While previous posts have pointed out that indeed
Wikipedia contains less private information than Facebook or Google, it
still has a lot that should remain private. Most notably access logs of
both reader
On 06/10/2013 12:21 PM, Fred Bauder wrote:
> Correct. If Osama Bin Laden had been editing Wikipedia, before his death
> of course, through some account in Pakistan, it would have been rather
> reasonable to respond favorable to a request for information. But "plenty
> of reason to think the governm
On 06/10/2013 03:17 AM, Liam Wyatt wrote:
> This is a simple question with a potentially very complicated answer.
>
> What, if any, are the implications of the PRISM scandal for Wikimedia?
> Does the fact that our servers are based in the US now compromise our
> mission either in a technical,
> There is plenty of reason to think the government would be interested in
> Wikipedia access logs.
>
> On the other hand, there's very little reason to believe an organization
> when they say they haven't been turning over information under a top
> secret
> order which they're not allowed to tell
On 06/10/2013 04:53 AM, Benoit Landry wrote:
> What "information" could the WMF disclose that isn't already available
> to some volunteers anyhow? The IP addresses of logged-in editors are
> visible to volunteer CUs; deleted revisions and log entries are visible
> to all volunteers admins. Wikipedi
On 10 June 2013 10:56, Florence Devouard wrote:
> Precisely, they could ask to have "CU" accounts...
There are people who closely monitor who has what powers.
- d.
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://li
Everything passing over the internet is archived. Nearly everything done
at Wikipedia passes over the internet.
Fred
> My understanding is that PRISM focused on private electronic
> communication. I can't see a situation where we would be concerned by
> that.
>
> But some official statement could
Precisely, they could ask to have "CU" accounts...
Flo
On 6/10/13 4:53 AM, Benoit Landry wrote:
What "information" could the WMF disclose that isn't already available
to some volunteers anyhow? The IP addresses of logged-in editors are
visible to volunteer CUs; deleted revisions and log entries
On 06/10/2013 08:49 AM, Federico Leva (Nemo) wrote:
> Benjamin Lees, 10/06/2013 08:13:
>>
>> http://thread.gmane.org/gmane.org.wikimedia.foundation/49712/focus=49727
>> is
>> probably relevant (if what Domas said then is still true).
>
> While I'm not aware of privacy changing substantially, speak
Short reminder, sorry for cross-posting:
Application deadline for the "Chapters Dialogue" contractor position is
tonight at 23:59 UTC.
Cheers,
Nicole
On 21 May 2013 14:45, Nicole Ebber wrote:
> Dear Wikimedia friends,
>
> thanks for the valuable input on the project draft for the Chapters
> D
Dear all,
==AGM==
Wikimedia CH had its Annual General Meeting, April the 27 this year.
A new board has been elected, and will officially start its mandate June 27:
President: Charles Andrès (reelected)
Secretary: Frédéric Schutz (reelected nut new secretary, FR press contact)
Treasurer: Bagawa
Federico Leva wrote:
>...
> WMF will log the same (partial) data, but for 100 % of visits rather than
> 1/1000.
How much more will that cause the Foundation to spend on processing
subpoenas from law enforcement agencies? Will those agencies be
charged for the time and organizational overhead of t
52 matches
Mail list logo
