On Thu, Nov 17, 2016 at 11:09 PM, Gergo Tisza <gti...@wikimedia.org> wrote:

> the ability to claim recent anonymous edits when you register.

Here, here.  I'm sure my IP address is lying around in lots of places in
the wikidump because I forgot to log in or my cookie expired and I never
noticed.  Automating the task of claiming those edits once you log in would
go far toward preventing accidental IP exposure.

I might also suggest thinking of this in terms of architectural change.  We
have been too casual about IP information inside mediawiki.  What if we
took as a first step factoring out all IP-related code from the core db and
pushing it into a separate db.  So instead of "IP edits" we have some sort
of automatically-generated pseudonym *but also recorded the IP address
associated with this pseudonym in a separate database* -- perhaps this
function is actually in an extension, not in core mediawiki.  Now we
preserve all our abilities to track down sock puppets or do IP blocks, but
at the cost of one indirection.

We can then take steps to further protect/limit/purge this IP address
database independent of the core mediawiki database, and we don't have
"hidden gotchas" in the core code because the core code doesn't manipulate
IPs any more.  And folks who do routine tasks like processing archive dumps
of the core db don't stumble across IPs.

Wikimedia-l mailing list, guidelines at: 
New messages to: Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Reply via email to