https://bugzilla.wikimedia.org/show_bug.cgi?id=18429
Andrew Garrett <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Extra functions for |Allow filter rules to |AbuseFilter |consider private data such | |as source IP, reverse DNS | |and user agent. --- Comment #4 from Andrew Garrett <[email protected]> 2009-04-12 14:47:26 UTC --- Discussed this on IRC with FT2. My general comments on the outcome of that discussion (from my perspective, FT2 may have different opinions): 1/ Adding additional hierarchy to AbuseFilter is a pain, both programmatically and socially. 2/ The fact that the abuse filter log is viewable by all users is a core principle guiding the Abuse Filter. It is critical that all filters may be assessed on their performance, if not on their construction. Smaller groups/cabals of checkusers, oversighters and what-not may have good intentions, but without the accountability of having the impact of filters assessed by the wider community. Smaller "cabals" encourage groupthink, and create an environment which may ease carelessness or outright negligence in filter construction. 3/ It would be technically trivial to hide variables containing private data from the abuse filter log, in order to allow them to be sent to filters. 4/ There are concerns (as expressed by Gurch) that the abuse filter log for filters using private data could allow users not identified to the Foundation to guess private information, or at least part of it (for instance, that a particular user edits from a particular IP range). The privacy policy permits disclosure of private data for the purposes of preventing and monitoring abuse of editing privileges, and covers only personally identifiable information. Residing on a particular range is not by itself personally identifiable information, although it may be private information; and while the user-agent header sent by a user is not public data, I would not really classify it as "private", per-se, and certainly not personally identifiable. Accordingly, I believe the benefits of hiding log entries for rules considering private data are outweighed by the detrimental effect on filter use transparency (see point 2). -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
