Wiki Anonymity

InfoInfo
Search:    

Some argue that this wiki should allow for editing without the creation of an account — also known as anonymous editing. Others argue for something even stronger: a public accounts that don't have an IP addresses publicly visible, as all wiki user's IP Addresses are publicly viewable.

Empirical Studies done on the quality of anonymous wikipedia editing:


The argument in favor for anonymous (no-login required) editing is that it lowers the barrier to entry, and has the potential to widen the base of editors and edits in general. The idea behind wiki is that quality is proportional to the number of people using it and the easier it is to quickly edit the better. Even the few moments required to create an account (or to log in from another machine) could be spent to correct a spelling issue or formatting problem. Dedicated editors will always clean up messy crud, which can be contributed by someone even if they create an account to log in with.

Historically wikis operate in this no-login required fashion. We have seen the creation of many one-time spam accounts, joke accounts, and accounts such as DavisWikiGnome that are used just to avoid identity. If someone is dedicated to being anonymous, they will find a way to be such regardless of whether an account is required or not. If someone wants to spam or be messy they can do that with an account as well. Making logins not required for editing just makes this process easier for everyone. Good-willed editors who wish to simply correct something without creating an account or logging in will do so quicker, mean people will make mean comments quicker, nice people will delete said mean comments faster — it's all one big circle.


The argument against anonymous (no-login required) editing is that it decreases accountability and encourages individuals to avoid creating an identity — even if that identity is a pseudonym. By creating identities we increase our accountability and recognizability on the wiki. There is also a likelihood that more wiki spam will come about if editing is easier. With anonymity comes a lack of accountability.

Creating an account here is also particularly easy. The lack of anonymous edits contributes to a slightly higher quality. What we've been doing has been working rather well for us for so long, so why change? It would be really easy for a conniving restaurant owner to tell fibs such as, "I found a band-aid in my food at <competitor x>." That possibility really lowers the integrity of the information on the wiki.

In a talk recently psychologist Larry Jacoby gave an analogy thats fitting here. A factory can put out a good products by (1) having the production machinery work near perfectly so it doesn't produce defective products or (2) having lots of quality control specialists throwing out defective products before they hit the market. What hits the stores is the same, but the burden of efficiency is displaced differently. Wiki people tend to be busy people, and I'd prefer a lack of anonymity to having to clean up other people's messes.

Anonymous editing on the wiki

2005-05-02 14:52:39   Every website logs your IP. The Wiki is open enough to level the playing field so everybody has access to that information. Open is better. There is no validation of user information when you signup, and the only consequence of false information is a bit less respect if you don't use your common name. (And dammit, now my SO is calling me JabberWiki). —JabberWokky


2005-05-02 15:13:03   I see no problem with the way things are now and if you think the wiki is violating your privacy rights then you are unfamiliar with how much every website knows about you. The wiki works off of communal trust. There is the practical reason to allow anonymous editing: It's quicker than logging in. But, interestingly, it also opens up to a lot of automated spam-bot attacks. For the reason that editing a page is just that much faster I would perhaps support no-account usage. But having 'anonymous' accounts where the IP is not logged seems misguided. Wikipedia and every other wiki on the planet logs anonymous IPs and displays them prominently instead of usernames. From a practical point of view, we are all basically using a couple of IP subnets here in Davis, and if you wanted to you could easily obtain privacy by posting something from one of the many public places. Hiding the IPs is just an illusion of privacy. Imagine the situation in which someone posts something terribly libelous or some jerk decides to automatically delete every page in the wiki. Then many would want me to try and cross-reference that IP with some others in my logs and figure out who it is. Logging everything and being public about everything allows me to be free from having to make that kind of call, ever. —PhilipNeustrom


2005-05-02 15:51:05   Anonymous editing is absolutely asking for trouble. (trouble, here should be spelled S-P-A-M-M-E-R-S. having a login but publicizing it on the site won't stop them) —KenBloom


2005-05-02 15:54:57   The fact that this wiki didn't open with anon edits, makes it lame. —KennethWaters


2005-05-02 15:55:05   I like it the way it is. Anons annoy me. —JackHaskel


2005-05-02 15:57:11   I think the word you want is " y'all's ", Arlen. Also, it's not like its hard to make a troll. Not that I would ever do that ;) —BrentLaabs


2005-05-02 17:12:01   the anonymous account idea sounds terribly misguided. —KrisFricke


2005-05-02 17:16:00   Please, no anonymous editing. What we have has been working way too well to abandon it. —MikeIvanov


2005-05-03 12:06:03   d00d, you have to register an account to look at newspapers online. Creating an account here is particularly easy. I think the lack of anonymous edits contributes to a slightly higher quality. Besides, we are the most successful local wiki in the world, so it must not be that hard for people to join up. —BrentLaabs


2005-05-03 12:18:43   who says we are the most successful? —GeorgeLewis

IP Addresses on the wiki

The wiki should display a hash of the users IP address + some secret data to make reversing the hash hard. (i.e. 192.168.1.1 becomes e568dcd0a1568334c309858f4145529f798fcb58) The following bit of code is great for mining the current setup (Works in bash):

wget -O - -q http://www.daviswiki.org/Recent_Changes |\ 
tr \; \\n |\
grep rceditor|\
perl -pe '/<span\ class=\"rceditor\"><span\ title=\"(\d+\.\d+\.\d+\.\d+)\">(<a href=\"\/\w+\">)?([^<]+)(<\/a>)?/;print "$2 $1\n";' |\
grep -v class |\
egrep '[0-9]' |\
sort -u
The above code produces the following type of output:
 172.24.15.92
<a href="/Bob"> 192.168.80.82
<a href="/Bob"> 172.18.102.99
<a href="/Sally"> 10.192.131.6
This is listing the ip addresses of edits appearing on the Recent Changes page: where 172.24.15.92 represents the ip address of an edit made by a user without a personal page; the user Bob made edits from ip addresses 192.168.80.82 and 172.18.102.99; and Sally made an edit from the ip address 10.192.131.6


The problem is the wiki is keeping history of your name and IP address forever, and anyone who wanted to could get your IP from some other activity could spider daviswiki to find if anyone has made edits from that IP, and know who they are.
Yesterday I placed an image on my Wiki page that is located on my website. This has allowed me to see that at least the following people (NAT, proxies, and people sharing computers may have caused an error or two.) have visited my wiki page since then:

RyanCastellucci

If you really wanted to, you could also find this information from lots of other websites and internet services that log IPs (IRC, etc). If we made it into a hash then people wouldn't be able to trace IPs and do other muchiness in the face of spammers and anonymous villains (the fact it's displayed isn't because it's a unique identifier but because it's an IP address). Of course, when 'bad dudes' pop up, everyone would bother me to provide them with information about the users and so forth. It's just that releasing all the information to the users — essentially treating everyone as an administrator — protects me from a lot of police work I might feel like I have to do. "The Wiki is open enough to level the playing field so everybody has access to that information. Open is better," as JabberWokky said before.PhilipNeustrom

Giving people the ability to see IPs has a large potential for abuse. Some immature person could DDoS another user who's opinions they didn't agree with, or even worse, write up some fake abuse reports and get them kicked off their ISP. If you still want IP addresses visible, then perhaps you could not show IP for changes more then a few days old, and only show them to logged in users. —RyanCastellucci

2005-09-27 18:59:23 I partially agree with Ryan. The fact that the website logs IPs should be mentioned on User Preferences, which is where you make accounts. Something along the lines of "This website logs your IP address when you edit, and displays it publicly. This could make it possible for people to connect your computer to your real name, which most users use as their login." —BrentLaabs


2005-09-27 15:34:41   "one could argue that the wiki is violating our privacy rights by requiring a login and logging our IPs" — I don't think this could be legitimately argued. There was no promise of anonymity that I'm aware of, and daviswiki does have a privacy policy, right? It's like saying the library's violating our privacy rights by requiring a library card. First, they need to keep track of who's got what and who's responsible if a book goes out clean and comes back destroyed; second, nobody's forcing you to go to the library. In a like manner, every sysadmin knows that logging is necessary in cases of vandalism, and second... ditto, no one's forcing you to use the wiki. Delete the page. —DomenicSantangelo


It should be noted that IP address hiding/masking has been requested and rejected on the [WWW]MediaWiki bugtracker:

Closing as WONTFIX because:

_ there is clause to no way to figure out the identity of someone given his ip address.

_ people can use an anonymizing service or create an account


2005-09-28 09:15:14   "Giving people the ability to see IPs has a large potential for abuse. Some immature person could DDoS another user who's opinions they didn't agree with, or even worse, write up some fake abuse reports and get them kicked off their ISP". Alarmist much? DDoS attacks against a single IP address should almost instantly get filtered at the ISP level, and if they don't - good, you just made your ISP aware that they need to be a little more vigilant about DDoS attacks. As far as the fake abuse report goes, puhhh-leeeeeeez. You don't think the user's ISP is going to check their logs to verify the abuse report? I DO think users should be aware that their IPs are being logged and are publicly visible, but honestly, if you're that paranoid about privacy you probably shouldn't be on the internet in the first place. —DomenicSantangelo


For those who care deeply about their anonymity I'd recommend using the [WWW]Tor network. This seems like a nice compromise to wanting anonymous editing. Create a new account while using the Tor network, then you can edit the pages and it will log Tor's exit proxy IPs instead of yours. It's what I do. This would deter spam bots but allow people to make edits. Anonymous proxies and the Java Anonymous Proxy also work. OnceLivedInDavis 2005-09-30 01:00:55


2005-10-04 16:36:46   I thought I'd clarify my position on this... I am far more worried about data mining the wiki to find out who was using an IP at a specific time then I am worried about script kiddies. —RyanCastellucci


2005-10-11 17:49:45  I'm on Ryan's side now. This alone should be reason enough: go check udavislife.com. They pulled Carl's name and are trying to randomly trash talk. Carl mentioned it on their wiki page. Unnecessary. I agree that ip addresses either shouldn't be viewed. And not just when you're not loggin in, cause anyone can quickly make an account. It imo should be a reserved privilege that you get when you reach 500, 750, 1000, something like that edits. Besides, someone with 10 or 15 edits wouldn't even really (probably) know enough to know how to deal with some sort of troublemaker anyway. Everyone who knows how/would do it usually/ or is active enough to catch and ban or whatever some type of attack or troublemaker is over 250 edits as a base minimum regardless. —ES

This is a Wiki Spot wiki. Wiki Spot is a 501(c)3 non-profit organization that helps communities collaborate via wikis.