Admin accounts still getting compromised
Hi all - little surprised this hasn't been posted a little more...prominently.. but there are still administrator accounts getting compromised, and you should be taking action to prevent your account being used maliciously. More information on the actual incident can be found here on Commons and a more recent update here.
- Related discussion at WP:BN referencing how to deal with these compromised accounts
To help defend against these compromises please consider;
- Changing your password - Krebs has a great article on the "dos and donts" here
- Enabling two-factor authentication - see above and read this simple guide
- Using a unique password for Wikipedia
- Creating a committed identity
I think I speak for the community when I say this is important, and we need to overcome whatever hold it is these malicious actors have over our credentials. Thank you -- samtar talk or stalk 13:24, 16 November 2016 (UTC)
- Yeah this is a pretty big deal. Can we initiate a forced reset of all admin passwords? Ivanvector (Talk/Edits) 13:34, 16 November 2016 (UTC)
- This would be a nuisance to those who have already changed their passwords. The linked e-mail states "Please change your password, if you haven't already changed it in the last week." Espresso Addict (talk) 22:35, 16 November 2016 (UTC)
Couple of comments. 1. I would strongly recommend the WMF immediately attempt to crack every administrator password via a simple dictionary / rainbow table attack and desysop everyone they get hold of. This is a standard security procedure that is perfectly acceptable. 2. The instructions WP:2FA have got to be super-duper simple that I can do with my brain turned off. "First you must have or install a Time-based One-time Password Algorithm (TOTP) client" - that means I want a direct link to the Apple or Google store that works. The current instructions point to Google Authenticator, an article littered with {{fact}}
tags which I normally take to mean "everything in this article is suspicious and may be false". Great. I do not want to have spend time fiddling around with apps on my phone when I get it wrong, while simultaneously trying to deal with my kids who can do it with their eyes shut. You must not run the risk of people thinking it's too much hassle and not bothering. Remember, it is not a requirement to be good with computers or programming languages to become an administrator. Ritchie333 (talk) (cont) 13:46, 16 November 2016 (UTC)
- (edit conflict) Point taken - I've updated the 2FA instructions with some Google Play/iTunes App store links and will try to rewrite some of the guide -- samtar talk or stalk 13:50, 16 November 2016 (UTC)
- Okay, I've got 2FA turned on. One more thing, Special:OATH needs to be done on the local wiki where you have administrator rights, the instructions tried to log me in to Meta, where I don't have admin rights. All that said, once I had the app, scanned the code and put the key in, it didn't seem to be any more onerous than accessing internet banking, so my fears are a little alleviated. But we should still make the instructions as good as we can get. How can I help in this area? Ritchie333 (talk) (cont) 14:01, 16 November 2016 (UTC)
(edit conflict)The 2FA instructions still don't work. I have installed Google Authenticator but "Special:OATH" is a link to an "Unauthorized" page. Admins on a Wikipedia are not automatically admins on Meta-Wiki and so this system simply doesn't work. Also it is not a "mobile phone" but a "smart phone". The two terms mean different things. Tim 14:05, 16 November 2016 (UTC)
- (Solved it thanks to User:Ritchie333 but these instructions are all over the place. Tim 14:07, 16 November 2016 (UTC) ) — Preceding unsigned comment added by Timrollpickering (talk • contribs)
- (edit conflict × 2) Well I've made an edit-request for the watchlist notice which needs a helpful admin to move over. Other than changing/clarifying the Special:OATH link, is there anything else which could do with some clarification? Personally Ivanvector's suggestion to force-reset everyone's passwords is the next step if we see any other compromises -- samtar talk or stalk 14:08, 16 November 2016 (UTC)
- Moved the watchlist notice. Katietalk 14:25, 16 November 2016 (UTC)
- Cheers Katie, and good idea with the committed identity -- samtar talk or stalk 14:29, 16 November 2016 (UTC)
- Moved the watchlist notice. Katietalk 14:25, 16 November 2016 (UTC)
- (edit conflict × 2) Well I've made an edit-request for the watchlist notice which needs a helpful admin to move over. Other than changing/clarifying the Special:OATH link, is there anything else which could do with some clarification? Personally Ivanvector's suggestion to force-reset everyone's passwords is the next step if we see any other compromises -- samtar talk or stalk 14:08, 16 November 2016 (UTC)
- I'll update the help page on meta to state that is needs to be enrolled from wiki you are admin on. — xaosflux Talk 16:35, 16 November 2016 (UTC)
- I have updated Wikipedia:Simple 2FA as best I can to document what worked for me today, but I can't do much else unless without more testing. Ritchie333 (talk) (cont) 18:00, 16 November 2016 (UTC)
- May I make another, somewhat late, suggestion? Include a second suggestion besides Google authenticator. Google is banned in some countries, such as China. Heimstern Läufer (talk) 10:21, 17 November 2016 (UTC)
- I have updated Wikipedia:Simple 2FA as best I can to document what worked for me today, but I can't do much else unless without more testing. Ritchie333 (talk) (cont) 18:00, 16 November 2016 (UTC)
General discussion
To save people visiting this section from the watchlist notice, I've moved a block of discussion down here -- samtar talk or stalk 15:06, 16 November 2016 (UTC)
- UK and EU law does not allow for the WMF (or anyone else for that matter) to forcibly attempt to crack user or admin accounts on Wikipedia. Force-reset the passwords yes, actively crack the account passwords no. There are ways a systems administrator can identify weakly passworded accounts (running the hashed PW against known blah blah blah), but these do no extend to actually identifying the password, as to test it is correct would require logging into it and opening them up to all sorts of data laws regarding accessing private accounts without permission. Consider this a friendly warning before someone starts getting bright ideas about doing their own pre-emptive cracking. Only in death does duty end (talk) 14:11, 16 November 2016 (UTC)
- That aside (and yes, it wouldn't be a good idea for anyone to try that) - all we expect is our admins to reset their passwords if they haven't already, and strongly consider enabling two-factor authentication. If possible I'd like to see that watchlist notice get done, as some other editors may wish to reset their passwords also - it wasn't just administrator accounts which details were supposedly gained, but its fairly obvious which can cause more damage -- samtar talk or stalk 14:18, 16 November 2016 (UTC)
- IANAL, but the ToU specify that any legal claim one might have against the WMF is subject to California law. If that doesn't suffice, WMF should add a clause to the password security section allowing cracking audits for priviledged accounts. BethNaught (talk) 14:21, 16 November 2016 (UTC)
- Its a long and detailed discussion but the short version is 'The TOU do not protect the WMF or individual editors/admins in this situation'. If you want a longer explanation pop a note on my talkpage. Only in death does duty end (talk) 14:32, 16 November 2016 (UTC)
- And one can well imagine why such laws are necessary. "Hey, it's our site, (we're the bank, the local community org, Wikimedia) let's hack into everybody's account. And as long as we're there...hmmm...let's see if those accounts lead us to access on a person's computer....hmmm...the sky's the limit." — Maile (talk) 14:47, 16 November 2016 (UTC)
- I'm not saying it's a good or a bad idea to run a password-cracker program (which I know has been done before), but anything the WMF did in this regard they would do in California through individuals based in California, and I suspect that any objection based on laws of other countries would simply be disregarded. Newyorkbrad (talk) 14:52, 16 November 2016 (UTC)
- And one can well imagine why such laws are necessary. "Hey, it's our site, (we're the bank, the local community org, Wikimedia) let's hack into everybody's account. And as long as we're there...hmmm...let's see if those accounts lead us to access on a person's computer....hmmm...the sky's the limit." — Maile (talk) 14:47, 16 November 2016 (UTC)
- Its a long and detailed discussion but the short version is 'The TOU do not protect the WMF or individual editors/admins in this situation'. If you want a longer explanation pop a note on my talkpage. Only in death does duty end (talk) 14:32, 16 November 2016 (UTC)
We aren't doing anything dumb like storing the 'password strength' value in the database, are we? If we are, please contact me. I understand we use PBKDF2 for password storage, which wouldn't be my preference (I prefer bcrypt), but is reasonable provided we are using a reasonable number of iterations. OWASP's Password Storage Cheat Sheet is useful, and this stackoverflow question implies Wikipedia should be using 256,000 iterations as of 2016 (64,000 in 2012, doubling every year, so two doublings). The rule of thumb is to target roughly 1 second of CPU time; I haven't run tests to ensure that's the case. But, given some of the accounts have apparently been hacked while using strong passwords, it's very likely Wikipedia's password storage isn't the source of the compromise, even if we are using a stupidly low number of iterations. --Yamla (talk) 15:03, 16 November 2016 (UTC)
- The attackers appear to have a password dump from a different website. They do not appear to be bruteforcing/dictionary attacking passwords directly from our db (either online, or trying to reverse our password hashes), as they are only successfully compromising about one in every 10 accounts they tried. Thus password strength is irrelevant in this attack (That said, please use strong passwords to protect against other potential attackers), the problem is users using the same password on other insecure websites. Do not share your passwords among multiple websites. Please enable 2FA. Thank you. BWolff (WMF) (talk) 15:11, 16 November 2016 (UTC)
- In the light of the newest batch of compromised accounts, is it worth doing another mailshot round to admins? I ignored the first message as it seemed to skimp over the real reason for sending it and made me think (as I'm sure other admins did) "well of course my account is doing to be compromised!", only to change my mind like Beeblebrox after seeing more cracks. Just a paraphrase of "please change your password ASAP" should be enough - something as simple and idiot proof as you can get it. That TRP had no idea why his account was locked (despite getting the mailshot) suggests the previous mailshot did not work. Ritchie333 (talk) (cont) 15:23, 16 November 2016 (UTC)
- Clearly worth doing - I believe from a message on Xaosflux's talk that there are discussions of some sort relating to this. I appreciate the possible PR issues and understand why the softly softly approach is needed, but its clear that unless we get a grip on this situation now we're just going to be playing catch-up. Thankfully its eased up, but the attempts are still ongoing, so it will happen again at some point -- samtar talk or stalk 15:29, 16 November 2016 (UTC)
- In the light of the newest batch of compromised accounts, is it worth doing another mailshot round to admins? I ignored the first message as it seemed to skimp over the real reason for sending it and made me think (as I'm sure other admins did) "well of course my account is doing to be compromised!", only to change my mind like Beeblebrox after seeing more cracks. Just a paraphrase of "please change your password ASAP" should be enough - something as simple and idiot proof as you can get it. That TRP had no idea why his account was locked (despite getting the mailshot) suggests the previous mailshot did not work. Ritchie333 (talk) (cont) 15:23, 16 November 2016 (UTC)
- For admins, we certainly can send another enwiki massmessage - suggest they change their passwords and consider enrolling in WP:2FA. There is a MMList here that can be used: Wikipedia:Administrators/Message_list. If this needs to go out to all editors, then we will need a banner campaign (and likely not limited to enwiki!) - or enwiki can put up a sitenotice for logged in users (mass message or watchlist will not be as effective for contacting all editors). — xaosflux Talk 16:28, 16 November 2016 (UTC)
- Last time something like this happened we initiated a new policy, WP:STRONGPASS that should have made an attack like this impossible. This was supposed to be a binding policy on all administrators, but apparently a number of them, including Jimbo, ignored it. It was widely advertised at the time. Beeblebrox (talk) 16:39, 16 November 2016 (UTC)
- Password strength is totally orthogonal to the issue being exploited in this attack. The strongest password in the world is useless if you reuse it on other websites that the attacker has access to. BWolff (WMF) (talk) 16:41, 16 November 2016 (UTC)
- (edit conflict) @Beeblebrox: as much as having a strong password is important, unfortunately here it would not have helped - the attackers likely gained access to password dumps leaked from earlier hacks of other services (such as the Adobe hack earlier this year) and tried them on Wikipedia. It appears a number of editors and admins have been re-using passwords, which is why this attack worked. The key thing here is to change your password, use a unique password for Wikipedia and consider enabling 2FA -- samtar talk or stalk 16:44, 16 November 2016 (UTC)
- I guess we didn't specify that since it seems so basic we shouldn't have to tell admins not to use their facebook password or whatever. It does appear to be mostly users who used their real names, making it easy to tie the two accounts. Beeblebrox (talk) 16:49, 16 November 2016 (UTC)
- This serious security breach has reminded me why I've always refused to register with WP:UTRS. The registration page says "Warning: Do not use the Labs Project (this site) if you do not agree to the following: information shared with the Labs Project, including usernames and passwords, will be made available to volunteer administrators and may not be treated confidentially". I wonder how many UTRS admins use the same passwords as their Wikipedia accounts? Boing! said Zebedee (talk) 16:56, 16 November 2016 (UTC)
- Please do not use your wikipedia name/password with stuff on tool labs. Anyone is allowed to create a tool, so the password can go to anybody. All new tools should use OAuth for authentication, which stops tools from needing your password. BWolff (WMF) (talk) 17:38, 16 November 2016 (UTC)
- Obviously people shouldn't, no, but a UTRS system in which passwords are not confidential is asking for trouble - I was staggered when I found out about it. But can you at least confirm that UTRS was not the source of the current hack? Boing! said Zebedee (talk) 17:43, 16 November 2016 (UTC)
- Please do not use your wikipedia name/password with stuff on tool labs. Anyone is allowed to create a tool, so the password can go to anybody. All new tools should use OAuth for authentication, which stops tools from needing your password. BWolff (WMF) (talk) 17:38, 16 November 2016 (UTC)
- I think we return to the WP:NOTSUICIDE argument. The community has a right to protect itself. Admin accounts, if compromised, can do damage. A forced reset and mandatory 2-factor should be the minimum response, especially considering how many inactive admins we have on the books. Audits (although controversial) should be considered. Chris Troutman (talk) 17:19, 16 November 2016 (UTC)
- Wikipedia talk:Password strength requirements#RFC November 2016 let's just make this policy. Beeblebrox (talk) 17:14, 16 November 2016 (UTC)
- Audits were approved by the community in the RFC that led to the STRONGPASS. As far as I know they have never been done though. Maybe now's the time? It's been a local policy for about a year and was adopted as a global policy as well. WMF staff were active in the global discussion at meta so they are well aware of it. Beeblebrox (talk) 17:23, 16 November 2016 (UTC)
- Is there any technical reason that TFA has not been enabled for either all accounts or, to cut down on numbers but catch most active editors, any account with any additional permission? JbhTalk 17:50, 16 November 2016 (UTC)
- @Jbhunley: There simply isn't the infrastructure currently to deal with the people who will inevitably get locked out of their accounts. 2FA wasn't supposed to be rolled out this early at all, but in light of the circumstances it was. In due time it will be enabled for everyone once everything is set up. In the meantime, if you wish to have 2FA enabled on your account all you have to do is ask a steward to add you to the testing group (as I have). This can be done at m:Steward requests/Global permissions. Note that you only need advanced permissions on one CentralAuth wiki. So if you are a sysop on the testwiki for example you can enable 2FA there and it will be enabled here. --Majora (talk) 21:26, 16 November 2016 (UTC)
- I don't think it's technically possibly to automatically enable it as it's also a two step process to set up, because it requires you to enter in a verification code from whatever client you will be getting the tokens from (e.g Google Authenticator, winauth) in order to be paired up with that service. Jauerbackdude?/dude. 21:33, 16 November 2016 (UTC)
- "Enabled" as in turn the button that you have to click on. If you aren't a sysop or above on one CentralAuth wiki and you aren't part of the 2FA "testers" group you won't even see the button in your preferences to turn it on. Otherwise, yes. You have to physically enable 2FA by clicking said button. --Majora (talk) 21:37, 16 November 2016 (UTC)
- @Majora: Thank you. JbhTalk 01:48, 17 November 2016 (UTC)
Is there any technical reason that TFA has not been enabled for either all accounts or, ... any account with any additional permission?
— I suggest that forcing all editors, or even editors with some additional minor-not-admin rights (eg me, with AP, ECo, Rv) to use 2FA might be a bad idea, and might lose editors. I would be reluctant to have to get a smartphone, or install additional software on my PC, just to edit as a registered user. (I currently have a password that easily exceeds WP:STRONGPASS and is not used on any other site.) Mitch Ames (talk) 01:04, 17 November 2016 (UTC)- I think "enable" meant "make available for those who want it", not "make mandatory". Right now it's unavailable to regular users, but they are working on that. 50.0.136.56 (talk) 02:30, 18 November 2016 (UTC)
- Is this a mobile only thing? I do not own a table and do not use my smart phone all that much (in fact I abhor the thing so I make a point to "forget it" as much as I feel I can get away with) and the way I am reading this its primary to defend against mobile editing issues, but I contribute only with a tower and/or laptop. I'm not going to put myself through the aggravation of doing the Texas two-step to log in if this is not an issue for the non-mobile editors (the tower/laptop crowd). TomStar81 (Talk) 02:42, 17 November 2016 (UTC)
- Not specifically, you can install a code generator on your computer (see Wikipedia:Simple_2FA#How_to_enable_2FA.2C_the_simple_way_.28desktop_-_Windows.29 for an example). If you do this, keep your setup information very secret so that it can't be used elsewhere. — xaosflux Talk 02:48, 17 November 2016 (UTC)
- The traditional way to do it is with a dedicated device that you put on your keys, like this. That's both more convenient and more secure than a software token like on a smartphone, if you don't mind the additional small gizmo. They're around 5 USD each in quantity and I could imagine the WMF issuing them to users with access to private info (CU's etc.) who have to self-identify to the WMF anyway. The WMF issuing them would also make sure that the person supplied a working snail mail address to receive the token. I'm trying to find a place to get them cheap in small quantity for people who want to buy their own. 50.0.136.56 (talk) 10:22, 17 November 2016 (UTC)
- Comment One further bit of advice: if you have a password manager and 2FA token on the same device (mobile phone or whatever), then if someone pinches your phone they have both authentication credentials. That may be less of an issue of password dumps getting loose though. 50.0.136.56 (talk) 10:11, 17 November 2016 (UTC)
if you have a password manager ... if someone pinches your phone they have both authentication credentials...
— Not necessarily. If you have a password manager that encrypts your passwords with a strong master password/phrase (personally I use Password Safe), and if you keep the password manager locked (with the master password) when not in use, then someone stealing the device gets no passwords - just a database encrypted with a strong password that is only in your head. Of course the attacker may install a keylogger or other snooping software on the device then return it ("evil maid attack"), but that's a different problem. Mitch Ames (talk) 10:58, 17 November 2016 (UTC)- That works, but it's asking a bit much to expect most people to enter a complicated master password if their phone is idle for more than a few minutes. I can think of some alternatives but nothing I know of has caught on. Lots of people in fact do exactly what I described, which is why I brought it up as something to be careful about. You're using more cautious procedures than most people are willing to bother with. 50.0.136.56 (talk) 00:20, 18 November 2016 (UTC)
Two questions
- 1) Is this latest hacking activity happening only to admin accounts, or is it part of a wider hacking happening on Wikipedia?
- 2) How is WP:INACTIVITY monitored? Right now, it doesn't seem like a good idea to have stagnant admin accounts on Wikipedia.
— Maile (talk) 17:07, 16 November 2016 (UTC)
- As far as I know it is limited to admins. There's little point to hacking an account with no advanced permissions. And don't get me started on the inactive admin policy. I tried to get it beefed up a while back, but everybody insisted that just making one edit every few years was enough to protect the project from rogue admins. Beeblebrox (talk) 17:13, 16 November 2016 (UTC)
- So far 5 of the compromised accounts have been normal users, however they don't seem to be targeting them as much anymore. Additionally at one point they compromised a crat and used it to promote a normal account they had recently created. However patterns can change, so please secure your account even if you are not an admin. BWolff (WMF) (talk) 17:36, 16 November 2016 (UTC)
- I was surprised to find the compromised admin accounts are seem to be people with recent activity. If this were not the case, and the crackers were targeting "sleeper admins", we'd have a brilliant case for strengthening WP:INACTIVITY. But I don't think we do. Ritchie333 (talk) (cont) 18:03, 16 November 2016 (UTC)
- So far 5 of the compromised accounts have been normal users, however they don't seem to be targeting them as much anymore. Additionally at one point they compromised a crat and used it to promote a normal account they had recently created. However patterns can change, so please secure your account even if you are not an admin. BWolff (WMF) (talk) 17:36, 16 November 2016 (UTC)
- As far as I know it is limited to admins. There's little point to hacking an account with no advanced permissions. And don't get me started on the inactive admin policy. I tried to get it beefed up a while back, but everybody insisted that just making one edit every few years was enough to protect the project from rogue admins. Beeblebrox (talk) 17:13, 16 November 2016 (UTC)
I gave up on that after the RFC last year. I presented an example of an admin whose last hundred edits go back eight years, who hasn't used their admin tools in any way in seven years, so basically isn't an admin, but gets to permanently keep the tools so long as every time they are informed they are about to use them, they just reply to the message and -bam- renewed for another two years. Why someone would cling to administrative right they clearly have no intention of using is a bit obscure to me, but apparently enough of the community is ok with it to let it persist. Or maybe, looking back, I didn't do a good enough job presenting the case, I don't know. Beeblebrox (talk) 18:50, 16 November 2016 (UTC)
- @Beeblebrox: In light of recent events, I think that now is a good time to revisit the current policy on admin inactivity. If you and/or any other users are interested, I'm willing to help draft a new RfC -FASTILY 09:38, 17 November 2016 (UTC)
- @Beeblebrox and Fastily: As an editor who has also proposed increasing the activity requirements, this is another good reason for it. I doubt anything will change unless we have proof that inactive editors have been targeted though. Sam Walton (talk) 11:01, 17 November 2016 (UTC)
Possibly related at VPump. This individual has not edited since Dec 2015, but more significantly, has not used the tools since May 2012. And still has the tools. Nobody seems to be saying it's a compromised account, but it's a case for more oversight of tools. — Maile (talk) 19:04, 16 November 2016 (UTC)
- To be more specific, they used their tools once in 2012, and that is the only time they have used them in the past ten years, before that they used them about fifty times in 03-06, and that's it. But still an admin so long as they make an edit every two years. Beeblebrox (talk) 19:13, 16 November 2016 (UTC)
For reference, though, getting back tot the original question, the actua process for removing admins via our current, extremely lax policy i documented at Wikipedia:Inactive administrators. All one would have to do is remove themselves from the list there and then they're good for another two years even if they do nothing else. Beeblebrox (talk) 19:22, 16 November 2016 (UTC)
- A bot actually updates that, if they make any edit-anywhere, or any log action they will get retained. If the community wants to define a new activity requirement for admins a RfC will need to be passed. — xaosflux Talk 22:43, 16 November 2016 (UTC)
- A vote (link) three weeks ago to remove rights from a long term Commons bureaucrat, based on the spirit of the inactivity policy rather than a literal reading, makes for an interesting test case. If only for the fact that the mood of the community is demonstrated by the vote being 100% to remove rights. --Fæ (talk) 10:25, 17 November 2016 (UTC)
- I would support putting through an amendment to the de-adminship policy permitting some sort of non-adversarial process for doing a similar thing. Perhaps talk with the Arbcom folks about using the committee members as a decision-making panel, to avoid WP:NOTAVOTE issues. When there's concern that an admin with no misconduct issues isn't really going with the spirit of the inactivity policy, the members of Arbcom would then vote on whether the admin should retain rights. Since the voting would be done by the arbitrators as individuals, not as the official committee acting on a case, we'd go to the vote without workshop, case pages, proposed decisions, etc. A decision to remove rights would be treated as any other inactivity case — we would need to be careful to emphasize that the desysop was not some sort of sanction, and the rights-removal log would need to be something like "Procedural removal of +sysop due to inactivity", just like with an admin who just hadn't edited at all. Nyttend backup (talk) 16:39, 17 November 2016 (UTC)
- I do stilll believe the policy needs to be stricter, but I don't want to be the primary drafter of an contentious RFC. I started one on unique passwords because I feel this is an emergency situation and it is important for all admins to know about it and to get it into policy ASAP, but other than that I'm pretty much done with pushing big policy RFCs. I'll happily participate and offer advice to drafters who are interested though. As always, I will shamelessly plug my essay on the subject: User:Beeblebrox/The perfect policy proposal. Beeblebrox (talk) 19:52, 17 November 2016 (UTC)
- I thought that inactive admins got their bit turned off for security reasons, but they could get it back on request if they became active again. If you're saying they'd need a new RFA or something like that, then that would be a hard sell and I'd hope it wouldn't pass. I'd expect there aren't a huge number of inactive admins (> 1 year) so maybe it's worthwhile to send an email reminder to any admins that haven't edited in that long. 50.0.136.56 (talk) 00:12, 18 November 2016 (UTC)
- Inactive admins (no logged events in > 1 year) should indeed have their bit removed permanently (or until they pass another RfA). The main issue being admins that haven't edited for a long time and then find themselves doing something wrong because they weren't up to date with current community norms. There have been a couple of examples recently. Black Kite (talk) 00:16, 18 November 2016 (UTC)
- Meh, the same thing happens with active admins. An admin with good common sense is much more valuable than someone who is boned up on the latest wikilawyering but is clueless, even if the sensible admin has some out-of-date knowledge here and there. The cases where someone got in trouble is that they were obnoxious about defending errors instead of saying "oops, I see what you mean, thanks". 50.0.136.56 (talk) 00:29, 18 November 2016 (UTC)
- Inactive admins (no logged events in > 1 year) should indeed have their bit removed permanently (or until they pass another RfA). The main issue being admins that haven't edited for a long time and then find themselves doing something wrong because they weren't up to date with current community norms. There have been a couple of examples recently. Black Kite (talk) 00:16, 18 November 2016 (UTC)
- I thought that inactive admins got their bit turned off for security reasons, but they could get it back on request if they became active again. If you're saying they'd need a new RFA or something like that, then that would be a hard sell and I'd hope it wouldn't pass. I'd expect there aren't a huge number of inactive admins (> 1 year) so maybe it's worthwhile to send an email reminder to any admins that haven't edited in that long. 50.0.136.56 (talk) 00:12, 18 November 2016 (UTC)
- I do stilll believe the policy needs to be stricter, but I don't want to be the primary drafter of an contentious RFC. I started one on unique passwords because I feel this is an emergency situation and it is important for all admins to know about it and to get it into policy ASAP, but other than that I'm pretty much done with pushing big policy RFCs. I'll happily participate and offer advice to drafters who are interested though. As always, I will shamelessly plug my essay on the subject: User:Beeblebrox/The perfect policy proposal. Beeblebrox (talk) 19:52, 17 November 2016 (UTC)
- I would support putting through an amendment to the de-adminship policy permitting some sort of non-adversarial process for doing a similar thing. Perhaps talk with the Arbcom folks about using the committee members as a decision-making panel, to avoid WP:NOTAVOTE issues. When there's concern that an admin with no misconduct issues isn't really going with the spirit of the inactivity policy, the members of Arbcom would then vote on whether the admin should retain rights. Since the voting would be done by the arbitrators as individuals, not as the official committee acting on a case, we'd go to the vote without workshop, case pages, proposed decisions, etc. A decision to remove rights would be treated as any other inactivity case — we would need to be careful to emphasize that the desysop was not some sort of sanction, and the rights-removal log would need to be something like "Procedural removal of +sysop due to inactivity", just like with an admin who just hadn't edited at all. Nyttend backup (talk) 16:39, 17 November 2016 (UTC)
We do all make mistakes here and there, no doubt, but there is an ever-diminishing group of admins who were appointed "back in the day",( usually defined as pre-2007) when RFA was a cakewalk, or in some cases not even done at all. Some of these admins are still active members of the community, but there are some that seem to make an edit once every year or so just so they get to hold onto their bits for another year. Some of them have not actually used their tools in five years or more, yet stubbornly cling to them for no apparent reason. We shouldn't have people holding advanced permisssions if they don't intend to use them, yet our current policy allows exactly that, having no requirement whatsoever regarding actually using admin tools. One edit every two years is all you need to retain admin status indefinitely, and even if you have it removed you still have another year to ask fo it back, and then you're set for another two years. Does that really seem right to anyone? Beeblebrox (talk) 21:16, 18 November 2016 (UTC)
- We have one of the loosest admin activity policies of the "big" Wikimedia wikis - see m:Admin activity review/Local inactivity policies. --Rschen7754 05:22, 19 November 2016 (UTC)
Tools
If we enable 2FA, how are we supposed to login to tools like AWB? Timrollpickering 10:58, 17 November 2016 (UTC)
- @Timrollpickering:Either the tool is changed to use OAUTH, letting MediaWiki take care of the authenication, or you can use bot passwords. -- AntiCompositeNumber (Leave a message) 12:13, 17 November 2016 (UTC)
I've created a new page Wikipedia:Compromised accounts to try to explain why accounts get compromised, and measures that can be taken. Also a new account navbox might help people find account related info more easily, including a/c security.
.
Any comments at all? --Jules (Mrjulesd) 00:09, 18 November 2016 (UTC)
- I made a few small edits. 50.0.136.56 (talk) 00:37, 18 November 2016 (UTC)
- Thanks! --Jules (Mrjulesd) 02:03, 18 November 2016 (UTC)
- I made a few copyedits too, though this may overlap with Wikipedia:Personal security practices; perhaps the two should be combined. Sam Walton (talk) 11:50, 18 November 2016 (UTC)
- Thanks. I agree that this may be possible. --Jules (Mrjulesd) 12:07, 18 November 2016 (UTC)
- I made a few copyedits too, though this may overlap with Wikipedia:Personal security practices; perhaps the two should be combined. Sam Walton (talk) 11:50, 18 November 2016 (UTC)
- Thanks! --Jules (Mrjulesd) 02:03, 18 November 2016 (UTC)
- Tell people that writing down passwords is much safer than using the same password on every site. That outdated rule ("don't write passwords down") made sense at a time when people only used a computer at work, nowadays it does more harm than good... Prevalence 02:58, 19 November 2016 (UTC)
- I dont think anyone is saying not to write them down. Generally speaking using password managers is probably the safest technique, but obviously they need to be backed up elsewhere otherwise they are lost from a broken device. Physically writing them is vulnerable to theft unfortunately.--Jules (Mrjulesd) 22:47, 20 November 2016 (UTC)
2016 Arbitration Committee elections
Voting in the 2016 Arbitration Committee Elections is now open through Sunday, 23:59, 4 December to all unblocked users who have registered an account before Wednesday, 00:00, 28 October 2016 and have made at least 150 mainspace edits before Sunday, 00:00, 1 November 2016. If you wish to participate, please review the candidates' statements and submit your choices on the voting page. Mz7 (talk) 00:09, 21 November 2016 (UTC)
Interested editors can comment on the Deletion process talk page. Thanks. Lourdes 05:38, 21 November 2016 (UTC)
Mass (and probably multilingual) addition of unsourced birth dates, etc
The edits of User:Swineposit came to my attention via the article on Sirkka-Liisa Konttinen (see Talk:Sirkka-Liisa Konttinen), but Yamaguchi先生 had already noticed oddities. Swineposit has been most active with birth dates, in particular adding those that are "sourced" by virtue of appearing in Wikipedia articles on other languages, or that are "unsourced", which seems to mean "invented". Yamaguchi先生 blocked him indefinitely; and rightly so, I believe. (And massive thanks to Davey2010 for mass rollbacking.)
It does seem that, whether out of laziness or incompetence, Wikipedia contributors do often pull stuff from articles in other-language Wikipedias. Thus a lot of the poorly sourced and unsourced (probably including fictional) material added to biographical articles here will make its way to their equivalents in French, Japanese, etc. However, there's more. Swineposit nonchalantly talks of editing French- and Macedonian-language Wikipedias. I'd already known that he'd been active on Portuguese-language Wikipedia; it doesn't stop there. Few edits to each of these, but some are newish: Latvian, Asturian, Serbo-Croatian. Few edits to each of these, none of them new: Uzbek, Irish, Kazakh, Basque, Faroese, Dutch, Swahili, Ido, Esperanto, Azeri. This list is not exhaustive. And there may be other usernames involved (cf "MaryCatherineismyname" here).
Oh, and another fun fact: a remarkable percentage of the edits concern 27 March. I'd had no reason to think that this wasn't as humdrum a date as most others, but Wikipedia proved me wrong. -- Hoary (talk) 01:38, 19 November 2016 (UTC)
- Macedonian (a single, recent edit); French (a lot, some of it recent); Greek (very little, but very recent); German (not much; very recent); Neapolitan (little, old); Russian (little, very recent); maybe more besides. -- Hoary (talk) 02:08, 19 November 2016 (UTC)
- And some more: Ilokano (two, this year); Slovenian (quite a few, this year); Afrikaans (one, new); Tamil (one, this year); Nahuatl (several, two of them this year); Malay (two, old); simple English (four, two of them this year). -- Hoary (talk) 02:31, 19 November 2016 (UTC)
- No worries, It seems apart from my mass rollback he's been adding unsourced crap for quite some time and has more or less constantly been reverted by various editors too, He's blocked indef and personally I don't think that should change - Ofcourse if someone would mentor the editor then I would perhaps support unblocking providing the unsourced edits stop. –Davey2010Talk 02:53, 19 November 2016 (UTC)
- And some more: Italian (quite a bunch, several of them this month); Spanish (few, but two of them this month); Turkish (only one, old); Czech (only one, old); Slovak (only one, old); Swedish (only four, but one very recent); Danish (only four, old); Norwegian (Bokmål) (few, but one from this year); Norwegian (Nynorsk) (only one, but it's new); Icelandic (not many, but one from this year). ¶ Again, I have no reason to think that this list is exhaustive. I'd thought that there was some tool that presented stats for any username across the entire range of WMF sites (every Wikipedia, plus Commons, plus very much more); but if it does exist then I can't think where it might be, and some searches have failed to unearth it. -- Hoary (talk) 04:38, 19 November 2016 (UTC)
- @Hoary: WMFlabs Global user contributions may be what you're looking for. What a mess. BlackcurrantTea (talk) 05:15, 19 November 2016 (UTC)
- Excellent! Just what I'd been looking for. Here's Swineposit, who's been active in "104 projects". ¶ I do know that global blocks only work for IP numbers; and that although a "global lock" would do the job, the circumstances wouldn't demand it. -- Hoary (talk) 05:34, 19 November 2016 (UTC)
Yes, multilingual childishness
Let us consider Dimitrios Maximos (Δημήτριος Μάξιμος): not a household name to most anglophones, but a prime minister and definitely somebody meriting an encyclopedia article free of "factual information" merely plucked from a contributor's fundament. On 11 November 2016, Swineposit added a birth date of 27 March to the English article about this person. (Does 27 March sound familiar?) And on the same day he did the same to the Greek article. Four days later, he did the same to the French article (together with a special bonus).
However, also on 11 November:
- Swineposit added a birth date of 21 March (Portuguese)
- Swineposit added a birth date of 21 March (Russian)
- Swineposit added a birth date of 3 March (Dutch)
- Swineposit added a birth date of 17 March (Italian)
- Swineposit added a birth date of 27 February (Spanish)
-- and yes, all for the same one person, Dimitrios Maximos.
Davey2010 and BlackcurrantTea are right. And if global blocking worked for user IDs and not just IP numbers, I'd apply for a global block of Swineposit right now. -- Hoary (talk) 07:19, 19 November 2016 (UTC)
- @Hoary: What you're looking for is meta:Global locks: stewards can globally lock named accounts, which prevents log-ins and editing across all wikis. — Diannaa 🍁 (talk) 14:21, 19 November 2016 (UTC)
- Thank you, Diannaa. I doubt that I could get a global lock for this. But I have asked on Wikidata:Administrators'_noticeboard that Swineposit be blocked from Wikidata. -- Hoary (talk) 05:14, 20 November 2016 (UTC)
- I think you could build a fair case for this account being locked. My concern is that some good edits are being made, so maybe more should be done to contact the person and ask them why this is happening first. But if it continues, then a global lock would be absolutely appropriate if bad content is being added across multiple wikis. -- Ajraddatz (talk) 23:33, 20 November 2016 (UTC)
- I've tried asking on User talk:Swineposit, but all I've elicited is semi-comprehensible apologetic waffle about "mistakes" and also -- I think, but it's hard to understand -- the use of other-language Wikipedia articles as sources. If these really are mistakes (which strains credulity), then I'm certain that anybody capable of them shouldn't be allowed to edit anything. And the latter story is highly implausible, given that (i) Swineposit happily splatters different misinformation on various pages about the same person (see my description here in Wikidata), and (ii) he has demonstrably given two different dates of birth (one of them a trolls' favorite, 27 March) for somebody Sirkka-Liisa Konttinen whose only other-language page (in Finnish) had no date. (It was the edits to the article on Konttinen that first alerted me to this mess.) My concern is that this person will simply lie low for a little while and then pop up with a different username. (I don't want to reopen the extremely tired debate about the ease with which untried, brand new and unregistered users can edit Wikipedia, but I am amazed that even Wikidata allows mere IP numbers to fiddle with the data that connect the various Wikipedias.) -- Hoary (talk) 00:05, 21 November 2016 (UTC)
- I think you could build a fair case for this account being locked. My concern is that some good edits are being made, so maybe more should be done to contact the person and ask them why this is happening first. But if it continues, then a global lock would be absolutely appropriate if bad content is being added across multiple wikis. -- Ajraddatz (talk) 23:33, 20 November 2016 (UTC)
- Thank you, Diannaa. I doubt that I could get a global lock for this. But I have asked on Wikidata:Administrators'_noticeboard that Swineposit be blocked from Wikidata. -- Hoary (talk) 05:14, 20 November 2016 (UTC)
- PS. I talk above of difficulty of understanding. In order to illustrate this, here's a fairly randomly chosen example from Swineposit's user talk page: "Her birth date was unknown, because it was correct. Keep her article on birth date unsourced." In the context, it would make sense if it were instead: "Her birth date was unknown; therefore it was correct not to give any birth date. Keep her article free of any claim for a birth date, because any claimed birth date would be unsourced." However, something very different might have been intended. -- Hoary (talk) 05:49, 21 November 2016 (UTC)
Puff piece?
I've just come across Mark Featherstone-Witty as linked from Liverpool Institute for Performing Arts. Both articles appear to have substantial CoI issues, with the former seemingly almost totally created by a user with the same name. I've put on warnings on both articles, talk pages, and users, but would appreciate a second look from another admin or two to consider whether either or both should be radically reverted (the former even deleted?) --AlisonW (talk) 14:14, 21 November 2016 (UTC)
- For the account named LIPALiverpool, I'm going to soft-block them, as that's a pretty obvious violation of WP:GROUPNAME. The edits don't seem to be TOO promotional, so hopefully a hard block won't be needed in the future. RickinBaltimore (talk) 14:37, 21 November 2016 (UTC)
I've had this article on my watchlist and I've been noticing a lot of strange edits popping up in the past month (see history). They are mostly minor unconstructive changes and they were all made by new users with only a few edits who appear to have no knowledge of the article subject. Even the most substantial edit upon further observation appears to be just a re-arranging of sentences. It seems suspicious, but I don't know what purpose these edits would serve, so I thought I'd let you guys know. Daß Wölf 19:41, 21 November 2016 (UTC)
Possible (old) paid-editing account
I've stumbled across one of these. What's the best venue for discussing it? --Dweller (talk) Become old fashioned! 17:59, 21 November 2016 (UTC)
- Can you share some diffs to see what is going on? RickinBaltimore (talk) 18:08, 21 November 2016 (UTC)
- Usually, Wikipedia:Conflict of interest/Noticeboard is the venue, I would think. Alanscottwalker (talk) 18:12, 21 November 2016 (UTC)
- If by old you mean inactive, and the paid-editing is declared/obvious, merely adding a connected-contributor-paid banner to article talk pages plus a user talk warning (and article maintenance tags if edits are still live and need review) is what I'd do. If the account is still active then yea, WP:COI/N would be the first venue I guess (after a user-talk discussion attept). ☺ · Salvidrim! · ✉ 19:38, 21 November 2016 (UTC)
Thanks, chaps. Salvidrim, they're by a long since inactive contributor. Please point me in the direction of the right tags. Some of the articles may be heading for AfD, as he's not done the best job of it (mind you, they've survived 5 or so years, so what do I know). --Dweller (talk) Become old fashioned! 21:46, 21 November 2016 (UTC)
- {{Connected contributor (paid)}} is the talk page banner (or {{Connected contributor}} for COI without specific monetary ties, such as autobios), see the template page for documentation on parameters. {{COI}} is the one that goes on the article itself, and {{uw-coi}} is the user warning but if the user is long gone it might be useless. ☺ · Salvidrim! · ✉ 22:00, 21 November 2016 (UTC)
Deletion by new User?
It appears User:Aaron's The Best deleted a page and moved pages but it also appears this user is new and not an admin. Something seems off about that, no? Alanscottwalker (talk) 12:14, 21 November 2016 (UTC) This is what my watchlist says:
- (Move log); 06:15 . . Aaron's The Best (talk | contribs) moved page Talk:Slave and free states to Talk:Slave states and free states
- (Move log); 06:15 . . Aaron's The Best (talk | contribs) moved page Slave and free states to Slave states and free states over redirect
- (Deletion log); 06:15 . . Aaron's The Best (talk | contribs) deleted page Slave states and free states (G6: Deleted to make way for move)
--Alanscottwalker (talk) 12:22, 21 November 2016 (UTC)
- I can't find the link now, but there was a change to the logging so that when a user moves a page over a redirect, it now logs it as a delete of the old redirect, whereas it didn't before. Edit: ah, here you go -> link. Black Kite (talk) 12:24, 21 November 2016 (UTC)
- Oh, ok. Thanks. Alanscottwalker (talk) 12:29, 21 November 2016 (UTC)
- I guess the only question now, is how G6 really applies, as that says it's for admins who are absolutely certain there is no need for discussion or controversy - and now moves over re-directs apparently need no discussion and no admins. Alanscottwalker (talk) 12:34, 21 November 2016 (UTC)
- "and now moves over re-directs apparently need no discussion and no admins." - As far as I am aware they didnt before except where a move was contested (like any other move). The only difference is that now it is logged more explicitly. I dont see why the reference to G6 needs to be there anyway, 'Deleted to make way for move' should be enough? Only in death does duty end (talk) 13:18, 21 November 2016 (UTC)
- Well, G6 is there. As to contested, the call from WP:MOVE is conditional and requires a pre-determination that there will not be contest or else don't make it, without an attempt at discussion. At any rate, we'll see how it goes regarding controversy, and if documentation remains as is. Alanscottwalker (talk) —Preceding undated comment added 13:35, 21 November 2016 (UTC)
- "and now moves over re-directs apparently need no discussion and no admins." - As far as I am aware they didnt before except where a move was contested (like any other move). The only difference is that now it is logged more explicitly. I dont see why the reference to G6 needs to be there anyway, 'Deleted to make way for move' should be enough? Only in death does duty end (talk) 13:18, 21 November 2016 (UTC)
- I guess the only question now, is how G6 really applies, as that says it's for admins who are absolutely certain there is no need for discussion or controversy - and now moves over re-directs apparently need no discussion and no admins. Alanscottwalker (talk) 12:34, 21 November 2016 (UTC)
- Oh, ok. Thanks. Alanscottwalker (talk) 12:29, 21 November 2016 (UTC)
The MediaWiki software automatically adds the content of MediaWiki:Delete and move reason as the deletion reason when moving a page over an already existing one. That text is used regardless of what permissions one has, hence also for non-admins, irrespective of what the policy says. Jo-Jo Eumerus (talk, contributions) 16:09, 21 November 2016 (UTC)
- Ahh, I saw this recently on my watchlist from a user I know isn't an admin. Thanks for clearing up the mystery. Lugnuts Precious bodily fluids 18:36, 21 November 2016 (UTC)
- There's literally no technical difference from previous operations: it's just appearing in the logs. Before, any autoconfirmed user could create B as a redirect to A and then move A to B; now, any autoconfirmed user can do the same. Before, the edit creating B would just disappear; now it actually shows up as a deleted edit in the logs, and admins can view the creating edit in Special:Undelete. See the history and logs for User:Nyttend/A and User:Nyttend/B, which I just now created and moved without using any admin tools. So basically, it's just a better way of documenting what's been possible since 2004 at latest. Nyttend (talk) 22:12, 21 November 2016 (UTC)
- Are you saying it only works if you create the redirect and then move it? (Why you did it that way, instead of just moving is just extra steps?). Alanscottwalker (talk) 23:02, 21 November 2016 (UTC)
- Once again, nothing has changed except the logging mechanism. If you could move a page over a redirect before, you can still move it. If you couldn't move it before, you still can't. I gave that as an example because it was simpler than saying "move A to B, make no edits to A whatsoever (even ones that don't change the content), and move B over A". Nyttend (talk) 00:27, 22 November 2016 (UTC)
- Are you saying it only works if you create the redirect and then move it? (Why you did it that way, instead of just moving is just extra steps?). Alanscottwalker (talk) 23:02, 21 November 2016 (UTC)
- There's literally no technical difference from previous operations: it's just appearing in the logs. Before, any autoconfirmed user could create B as a redirect to A and then move A to B; now, any autoconfirmed user can do the same. Before, the edit creating B would just disappear; now it actually shows up as a deleted edit in the logs, and admins can view the creating edit in Special:Undelete. See the history and logs for User:Nyttend/A and User:Nyttend/B, which I just now created and moved without using any admin tools. So basically, it's just a better way of documenting what's been possible since 2004 at latest. Nyttend (talk) 22:12, 21 November 2016 (UTC)
Jytdog
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
There was a harsh overreaction by Jytdog (talk · contribs) on my talk page that I would like to kindly ask the user to refrain from repeating, and preferably have deleted from my talk page. It's not proportionate. I am aware that there are more users who feel bullied by this user and I would like to express my consideration for our common responsability of contributing to a positive Wikipedia. As for his sense of ownership of the article Craig J. N. de Paulo, which has been very hard to improve under his constrains (feel free to investigate its history), I don't really care anymore. It's fine, he may have it his ways completely with that article of his. I really just don't want to have him harassing my talk page. Thank you. Chicbyaccident (talk) 17:47, 21 November 2016 (UTC)
- User:Chicbyaccident, did you add unsourced content and did you try to restore unsourced content? QuackGuru (talk) 18:58, 21 November 2016 (UTC)
- If you add unsourced material to a BLP ([1]) you can't really complain when another user drops an {{unsourced}} template on your talk page. However, it does appear that this can be sorted out via discussion on the talk page, and is thus a content dispute and not something that WP:ANI needs to concern itself with. Black Kite (talk) 19:03, 21 November 2016 (UTC)
- Admins usually consider unsourced content a "content dispute". We can change how Wikipedia works. How about if an editor repeatedly restores unsourced content they can be greeted with a short ban if they were previously warned to stop? QuackGuru (talk) 19:11, 21 November 2016 (UTC)
- Chicbyaccident: I am sorry that you feel badly treated by the messages on your talk page, but they really are not harassment, and are standard practice at Wikipedia. Please feel free to simply delete any message that you do not want to keep on your own user talk page (but of course not anywhere else). It is perfectly acceptable to delete personal messages once they have been read, so you do not need to feel like those messages have to stay there. --Tryptofish (talk) 20:08, 21 November 2016 (UTC)
- Broadly agree with all of the above. This is a perfectly acceptable response to adding unsourced content and edit warring. If you don't like it, don't do those things. Beeblebrox (talk) 22:13, 21 November 2016 (UTC)
- just as a note, the relevant article Craig J. N. de Paulo is one of several in WP that are related to a shadowy world on the fringes of established churches (mainly Roman Catholic, Orthodox, and Anglican) populated by people who are obsessed with elaborate titles (and strangely, heraldry) who create whole fancy hierarchies for themselves to inhabit. WP is very fertile ground for them to build and "authenticate" these sand castles. User:Anglicanus kindly explained all that to me - he/she is one of WP's quiet laborers patrolling and keeping that stuff out of WP. The OP is the latest in a series of accounts that have sought to elaborate this article. Jytdog (talk) 22:56, 21 November 2016 (UTC)
Patrolling without user right RfC
See this RfC clarifying whether editors without the new page reviewer user right may patrol new pages (in the sense of cleanup tags and deletion nominations). ~ Rob13Talk 12:19, 22 November 2016 (UTC)
Two-Factor Authentication now available for admins
Hi,
TOTP based two-factor authentication is now available for all administrators, crats, CU, and OS. I highly recommend you enable this from Special:Preferences - it provides an extra layer of security besides passwords. You can use an app on your phone like Google Authenticator to manage the codes, and if you don't have a smart phone, there are other alternatives that run on laptops. Please be careful and write down the scratch codes though - if you get locked out of your account because you lose your 2fa, it may not be possible to recover your account. I would appreciate if others could help disseminate this information to other admins/crats/CU/OS. I'll work on creating some documentation about this once I'm no longer scrambling. Thanks, Legoktm (talk) 15:14, 12 November 2016 (UTC)
- Thanks, Legoktm, I assume that you're using it yourself now? ;) I've forwarded a link to this to the Functionaries email list as well. —DoRD (talk) 15:47, 12 November 2016 (UTC)
- I'm passing it around the IRC areas, and letting my Commons colleagues know. Nick (talk) 15:56, 12 November 2016 (UTC)
- Could @Legoktm: or somebody else please explain this in terms suitable for the stupider admin demographic? I see the link "Enable two-factor authentication" in my prefs, but I hesitate to click on it. Will something irreversible happen if I do? Will I have to remember and somehow use (?) my "scratch codes" (?) forever more? Bishonen | talk 16:23, 12 November 2016 (UTC).
- Everytime you log on with a password you will also have to enter your 2FA code from your authentication device. The scratch codes are one time logon codes in case you loose your device. — xaosflux Talk 16:27, 12 November 2016 (UTC)
- (edit conflict) Nope. I once clicked it on Commons, didn't activate it there, and opened a new browser (say, Firefox) and tried to log in there. Success. — regards, Revi 16:27, 12 November 2016 (UTC)
- You said you didn't activate it? You have to activate it, then it should be active on all projects using central auth. — xaosflux Talk 16:34, 12 November 2016 (UTC)
- Yes, I didn't activate it. (I'm replying to "but I hesitate to click on it. Will something irreversible happen if I do?" of Bishonen.) — regards, Revi 16:40, 12 November 2016 (UTC)
- If you click on the link, there are still steps you have to go through to activate 2fa. It is also possible to deactivate it if you decide you don't want to use it. —DoRD (talk) 17:12, 12 November 2016 (UTC)
- What happens when an user with 2FA enabled loose sysop/CU/OS/etc rights? Is 2FA still enabled? --Thibaut120094 (talk) 17:25, 12 November 2016 (UTC)
- My understanding is that if a user loses their eligibility to use 2FA (e.g. by losing any and all groups that granted it to them) then it will remain enabled, but they will no longer be able to access the special pages for managing OATH, so they won't be able to disable 2FA. --Alex Monk (WMF) (talk) 18:32, 12 November 2016 (UTC)
- What happens when an user with 2FA enabled loose sysop/CU/OS/etc rights? Is 2FA still enabled? --Thibaut120094 (talk) 17:25, 12 November 2016 (UTC)
- If you click on the link, there are still steps you have to go through to activate 2fa. It is also possible to deactivate it if you decide you don't want to use it. —DoRD (talk) 17:12, 12 November 2016 (UTC)
- Yes, I didn't activate it. (I'm replying to "but I hesitate to click on it. Will something irreversible happen if I do?" of Bishonen.) — regards, Revi 16:40, 12 November 2016 (UTC)
- You said you didn't activate it? You have to activate it, then it should be active on all projects using central auth. — xaosflux Talk 16:34, 12 November 2016 (UTC)
This is good information, I suggest we massmessage the enwiki admins - will give it a day for any comments first; if anyone wants to help write up the massmessage text, feel free to drop a template below! — xaosflux Talk 16:36, 12 November 2016 (UTC)
- What where and how is "my authentication device"? On my non-existent smartphone? I'm frankly not sure it sounds like something I want. I log in and out quite a lot [inexplicable coughing fit] and would rather not add extra hassle to the procedure. Anyway, I have a pretty strong password. And, while I respect WP:BEANS, is it known or suggested that the recent hackery attacked weak passwords? (Was Jimbo's 1234..?) Bishonen | talk 16:41, 12 November 2016 (UTC).
I notice admin socks apparently can't use it. (I don't have an "Enable two-factor authentication" link.) But shouldnt they be able to? Suppose somebody hacked me or Bishzilla and started making statements with our authority seemingly behind it. Unfortunate to say the least. darwinbish BITE ☠ 16:43, 12 November 2016 (UTC).
- Striking out. You're not allowed in Wikipedia space! However, to be serious, is there a reason everybody can't have it? Bishonen | talk 16:45, 12 November 2016 (UTC).
- There's currently phab:T100375 about the user interface of the feature, and open questions as to what the procedure might be for resetting accounts for users who lose their device and their one-time scratch codes. Anomie⚔ 18:17, 12 November 2016 (UTC)
It is written that we cannot lose our scratch codes, as the account cannot be restored without them. If we do lose them however, can't we identify ourselves to stewards, much like written in here? Bharel (talk) 16:54, 12 November 2016 (UTC)
- You need a root DB user to do that. We stewards don't have such access. If I am right those single-use codes serve as TOPT tokens just in case you loose your token generator device. To prove the identity of an account, My guess is that I'd continue sticking to a committed identity. Corrections welcome. Regards, MarcoAurelio (talk) 17:22, 12 November 2016 (UTC)
- If you loose your scratch codes and your 2fa device, and you can prove who you are beyond doubt (What "beyond doubt" means I'm not sure, but I guess committed identity is a good choice), then a developer will remove the 2fa from your account. However, please don't loose your scratch codes. BWolff (WMF) (talk) 17:58, 12 November 2016 (UTC)
The scratch codes are HOTP rather than TOTP, although the distinction doesn't make any difference to you as an end user. Anomie⚔ 18:17, 12 November 2016 (UTC)
How does this work for people who are admins on another project, but not this one - will the TFA be global? Andy Mabbett (Pigsonthewing); Talk to Andy; Andy's edits 17:11, 12 November 2016 (UTC)
- Presumably, with SUL, once activated on any project, it will be active everywhere. —DoRD (talk) 17:14, 12 November 2016 (UTC)
- Yes it works globally and it is also available for admins on other projects. --Thibaut120094 (talk) 17:23, 12 November 2016 (UTC)
- Yes. I activated on Commons, and when I was logging in to enwiki (where I don't have sysop bit) I was asked to submit. — regards, Revi 17:24, 12 November 2016 (UTC)
How will this work with WP:AWB? --Rschen7754 17:41, 12 November 2016 (UTC)
- Good question. I've opened phab:T150582. Regards, MarcoAurelio (talk) 17:50, 12 November 2016 (UTC)
- Wanted page Help:Two-factor authentication - anyone with good experience in writing up Help pages :D — xaosflux Talk 18:07, 12 November 2016 (UTC)
- Excellent news. I would also support mass messaging administrators about this. Are there plans for expanding access to all users sometime in the future? Mz7 (talk) 19:08, 12 November 2016 (UTC)
- I think that 2FA should definitely be extended to Edit Filter Managers as they can screw things up mightily as well. BethNaught (talk) 19:12, 12 November 2016 (UTC)
FWIW: This may be compromised email accounts (shared passwords possibly) - I got notice of a password recovery email that I did not initiate. — xaosflux Talk 19:24, 12 November 2016 (UTC)
- @Xaosflux: Could we get that mass message sent out ASAP? More accounts are getting compromised, left and right... — MusikAnimal talk 19:27, 12 November 2016 (UTC)
- Awesome initiative! I suggest adding Board members, stewards, arbitrators, and soon propagate to other projects. Pundit|utter 19:54, 12 November 2016 (UTC)
- I don't understand why us lowly users don't get access to this extra layer of security. Does this mean I need to go through an RfA, just so I can use 2FA? Doesn't sound quite fair.—cyberpowerChat:Limited Access 19:58, 12 November 2016 (UTC)
- @Cyberpower678: All in due time. They were/are working on it for everyone. It was rolled out early for people with advanced permissions in light of the circumstances. Once they have the infrastructure and the protocols to help the people who get locked out of their accounts (which will happen) it will be rolled out to everyone. --Majora (talk) 20:04, 12 November 2016 (UTC)
- Makes sense. I'm fortunately a sysop on the testwiki so I can activate mine from there.—cyberpowerChat:Limited Access 20:06, 12 November 2016 (UTC)
- @Cyberpower678: All in due time. They were/are working on it for everyone. It was rolled out early for people with advanced permissions in light of the circumstances. Once they have the infrastructure and the protocols to help the people who get locked out of their accounts (which will happen) it will be rolled out to everyone. --Majora (talk) 20:04, 12 November 2016 (UTC)
A good bit of the above would make a good start of a FAQ for the help page, if someone is interested in doing that. —DoRD (talk) 20:24, 12 November 2016 (UTC)
- I wrote a quick blog post about this, corrections earnestly welcomed. Anyone else remember Tubgirl in the site notice in 2007? - David Gerard (talk) 20:23, 12 November 2016 (UTC)
- Talk:Main Page/Archive 98#Who the hell put encylopedia my ass on the page?????? 53 seconds I'll never forget. -- zzuuzz (talk) 20:29, 12 November 2016 (UTC)
- @David Gerard: In regards to your comment about fobs in your blog post - In the long term, we would actually like to support physical tokens as an option people could enable (e.g. U2F). See phab:T150565. BWolff (WMF) (talk) 21:02, 12 November 2016 (UTC)
- I'll add that then :-) It's useful that these days everyone carries a suitable token device around with them, of course ... - David Gerard (talk) 09:11, 13 November 2016 (UTC)
- I have 2 questions. What to do if you lose access to appliction on your phone? And how to authorize via API if you have two-factor authorisation.--Anatoliy (Talk) 20:57, 12 November 2016 (UTC)
- When you enable 2FA you are given a number of one time use codes to print out and keep in a safe place. If you loose both the app and these extra codes, you are then locked out of your account (Similar to if you totally lose your password and recovery email. If you can prove who you are, a developer can restore your account to you, but you must have strong proof). BWolff (WMF) (talk) 21:02, 12 November 2016 (UTC)
- As for the API: You can use action=clientlogin for interactive login, or OAuth (preferred) or BotPasswords for automated login. Anomie⚔ 22:57, 12 November 2016 (UTC)
- Question: Before someone complains, it note of the Google Authenticator used in the 2FA service "Previous versions of the software were open-sourced but subsequent releases are proprietary." Does anyone else feel we will get 'issues' because of that? I know it is only a service, but somehow it feels wrong to be closed source. --AlisonW (talk) 21:37, 12 November 2016 (UTC)
- This is fantastic. It was very easy to implement for my own account. Great work! Mkdwtalk 01:35, 13 November 2016 (UTC)
- Question/comments When I first read about this security layer on mailing list, I felt really interested. Now, I am not feeling that much interested. a) My main issue is I don't have a smartphone with scanning feature. Looks like I have to add those long codes manually. b) These tokens will never be shown again. -- I have not enabled it still, but everytime I am refreshing the page I am getting same 5 codes. Does it mean, these tokens will never be shown again after I enable it? c) I am using Google 2 Step Verification for many years now. I find it easier to use where they send code to your phone, backup phone, and finally you have an option to add recovery code. Anyway, thanks for enabling this feature. We needed better protection options/ --Tito Dutta (talk) 02:35, 13 November 2016 (UTC)
- Shouldn't 2fa be available to bots? Compromised bots could do bad things which would not be easily noticed (because their edits are marked as a bot edit). And maybe also for filemovers, since they could easily vandalize a lot of pages with just one filemove (using a gadget). Pokéfan95 (talk) 02:52, 13 November 2016 (UTC)
- 2FA does not make sense for bots, since the idea is to authenticate through separate systems, but a bot does not have separate systems. Bots are encouraged to use the bot password feature though. BWolff (WMF) (talk) 04:18, 13 November 2016 (UTC)
- @BWolff (WMF): For the most part, bots should be using OAuth or BotPasswords already to limit their exposure, that is why 2FA for the main account shouldn't be an issue. Older bots that don't support oauth or botpasswords would have a problem trying to use 2FA though. — xaosflux Talk 04:19, 13 November 2016 (UTC)
- 2FA does not make sense for bots, since the idea is to authenticate through separate systems, but a bot does not have separate systems. Bots are encouraged to use the bot password feature though. BWolff (WMF) (talk) 04:18, 13 November 2016 (UTC)
- Two-factor-authentication is a welcome addition, certainly. I'll echo-paraphrase a post above ... I don't have a smartphone at present. I'm wondering if this is 3rd-generation 2FA technology; most 2FA I've seen involves the use of text messages as the second factor for 2nd gen. 1st gen 2 factor is based on, like, RSA hard tokens or, more recently, soft token applications. I look forward to the manual which explains in less technical terms how to take advantage if you are not a smartphone user. Thank you for taking this forward - it is a step in the right direction. --User:Ceyockey (talk to me) 03:03, 13 November 2016 (UTC)
- If you don't have a "smart" phone, but your phone still supports java apps (I think that's called a "feature" phone), you can use http://totpme.sourceforge.net/ BWolff (WMF) (talk) 04:16, 13 November 2016 (UTC)
- Google's 2-step verification is user-friendly and allows users to lock it onto their home PC so they can skip the dual stage, and only need to type in a password, though would continue to require two stage for any other machine. Wikipedia's 2-step is a little off-putting, and doesn't appear to allow locking onto a chosen machine, so two stage verification would always be needed, even on a secure home PC. I should image there would be a number of admins who would not be using Wikipedia's 2-step because it appears difficult to implement, insists on 2 stage verification every time, and would permanently lock you out of your account if you make a common human error of losing things. I think it would make sense to implement a more flexible and user-friendly two stage verification - even if that makes it slightly less safe. Better to have a 95% safe verification system that 100% of admins use, than a 100% safe verification system that only 5% of admins use. SilkTork ✔Tea time 12:30, 13 November 2016 (UTC)
- Just a thought - is this going to be made compulsory for admins? If not, then I fear it might not help much, because those admins more conscious about security and more likely to adopt it are already more likely to be using more secure passwords that better resist brute-force attacks (which is very likely what's happened here). Those who aren't too hot on security and who are likely to be the ones with weaker passwords won't be as keen to adopt 2FA. (I've been involved in password security issues for a long time in one way or another, and my biggest lesson is that appealing to people to voluntarily do things better is usually doomed to failure.) Boing! said Zebedee (talk) 13:14, 13 November 2016 (UTC)
- In the near future, it will not be compulsory for admins. In the long term - its a possibility. However, we will not do that without having an extensive discussion/rfc on wiki. BWolff (WMF) (talk) 19:29, 13 November 2016 (UTC)
- OK, thanks. Boing! said Zebedee (talk) 23:14, 13 November 2016 (UTC)
- In the near future, it will not be compulsory for admins. In the long term - its a possibility. However, we will not do that without having an extensive discussion/rfc on wiki. BWolff (WMF) (talk) 19:29, 13 November 2016 (UTC)
I keep getting "Failed to validate two-factor credentials" when I hit Submit with the code from Google Authenticator and "Wikimedia:<my name>" .... anybody else having this problem? - DavidWBrooks (talk) 17:07, 13 November 2016 (UTC)
- Did you use "Wikimedia:DavidWBrooks" or "Wikimedia:<my name>"? De728631 (talk) 18:04, 13 November 2016 (UTC)
- "Wikimedia:DavidWBrooks" - not sure why I wrote it the other way. - DavidWBrooks (talk) 21:06, 13 November 2016 (UTC)
- DavidWBrooks The name is actually just a label for your device, and does not actually "do" anything as far as I can tell (e.g. I enrolled a second device and put WikiPEDIA instead of WikiMEDIA, but still get the same codes). The two-factor secret key is important, check your entry for things like ZERO vs "O" mismatches. — xaosflux Talk 00:16, 14 November 2016 (UTC)
- "Wikimedia:DavidWBrooks" - not sure why I wrote it the other way. - DavidWBrooks (talk) 21:06, 13 November 2016 (UTC)
- Why don't I have the option to receive an email when my password or other critical information has changed? That seems common sense for security. I don't use mobile devices as admin, so this seems to be a lot more pain than gain. A second "different" password would be simpler and more effective, particularly since uptake would be higher and the learning curve is zero. Dennis Brown - 2¢ 19:52, 13 November 2016 (UTC)
It'd be nice to see this implemented for our bots as well, unless it already is and I missed the memo.«»Who?¿? 23:53, 13 November 2016 (UTC)
- What about us admins who don't have smart phones (call me old-fashioned but I have a phone for phoning, a camera for taking photographs with, and a laptop for computing). I'm pretty sure that my password is secure. Should there be any attempt to force admins to use this, I for one will be voicing my opposition to such proposal. Mjroots (talk) 16:12, 14 November 2016 (UTC)
- There are ways to run 2FA apps on a standard computer (though this can weaken the security model 2FA is meant to support). Chrome users can run the GAuth addin; it is possible to get an Android virtual machine on Windows to run the android-based Google Authenticator app within it. There's probably more similar methods too. --MASEM (t) 16:32, 14 November 2016 (UTC)
Update: People in the Edit filter managers group can now also enable 2FA. BWolff (WMF) (talk) 20:25, 14 November 2016 (UTC)
Quick question : does enabling 2FA mean it is reasonably safe to log into an administrator account on a public PC, such as in a library, school or airport? I know many admins have alt accounts specifically for this purpose? Ritchie333 (talk) (cont) 13:34, 16 November 2016 (UTC)
- @Ritchie333: I suppose as long as you don't select
Keep me logged in
or if you explicitly log out you should be safe from having someone log in, as they will be presented with the 2FA challenge (more on that). However, I think the main reason admins are twitchy about logging into public computers is the possibility of keyloggers/other unsavoury software making a record of your password. It's still not the best idea, but it is slightly safer -- samtar talk or stalk 13:42, 16 November 2016 (UTC)- Hmm. Recent account compromises suggest that many admins are following security practices significantly worse than logging into shared computers. If the computer was maliciously controlled, the attacker could steal your session cookie and then continue using your account on other computers (This applies regardless of if you check the remember my password. In fact, since the computer is not yours, someone could have modified it to always check the box even without it being shown as checked). Of course the counter argument, is probability wise, how likely is it that someone has modified that computer, and cares about your wikipedia account (As opposed to people's bank accounts)? Someone could also modify the computer to record your password (2FA would mean that they can't use that password to log in, but attacker having your password is in a significantly better position than one without your password, even with 2FA enabled). I would recommend against logging in on shared computers if your account is sensitive. If you do ever log in on a shared computer, you should probably at a bare minimum have 2FA enabled and be browsing in "incognito" mode, which will make you mildly safer, but ultimately not that much safer. BWolff (WMF) (talk) 15:45, 16 November 2016 (UTC)
Mass message draft
I've drafted a short message that could be sent out to administrators. @Xaosflux and MusikAnimal, and others, do you have any additional suggestions?
If all looks well, I can send it out shortly. Mike V • Talk 19:54, 12 November 2016 (UTC)
- What is "TOTP"? Jo-Jo Eumerus (talk, contributions) 19:57, 12 November 2016 (UTC)
- @Mike V: I would also add the recommendation to enable 2FA on their email account, if possible. The issue here as I understand it is they're getting passwords that were leaked from other sites, so we should make sure our admins know to use a unique password for their WM account and their email account — MusikAnimal talk 19:58, 12 November 2016 (UTC)
- @Jo-Jo Eumerus: TOTP is short for Time-based one-time password. In a nutshell, to log-in you enter your password and an additional code that changes frequently (usually every 30 seconds). @MusikAnimal: After,
... your account will not be recoverable.
I could add "Furthermore, you are encouraged to utilize a unique password and two-factor authentication for the email account associated with your Wikimedia account. This measure will assist in safeguarding your account from malicious password resets." Mike V • Talk 20:09, 12 November 2016 (UTC)- Sounds good :) Thanks! — MusikAnimal talk 20:10, 12 November 2016 (UTC)
- @Jo-Jo Eumerus: TOTP is short for Time-based one-time password. In a nutshell, to log-in you enter your password and an additional code that changes frequently (usually every 30 seconds). @MusikAnimal: After,
- @Mike V: I would also add the recommendation to enable 2FA on their email account, if possible. The issue here as I understand it is they're getting passwords that were leaked from other sites, so we should make sure our admins know to use a unique password for their WM account and their email account — MusikAnimal talk 19:58, 12 November 2016 (UTC)
- "Authentication device"? I don't use apps and am liable to change computer at a moment's notice. Also I edit from different IPs at times. I don't use a smartphone for anything much online except finding out where 'here' is, and how to get 'there'. (In fact, a lot of my phone use is done on a stupidphone...) My password at WP isn't used anywhere else, and nor is my email PW. If someone will give me a link for this confirmation of identity thing, I'll do that, but I think I'm more likely to lock myself out using this other thing. Peridon (talk) 21:01, 12 November 2016 (UTC)
- @Peridon: Full instructions for creating a committed identity are in the template documentation for Template:Committed identity. In short, you take a bunch of non-public verifiable information about yourself, turn it into a random string using a cryptographic hash function, and then post it on your userpage. If you ever need to confirm that you are the same person who put the committed identity on your userpage, you would send the information to a trusted user, who would put it through the same hash function and compare the results. -- AntiCompositeNumber (Leave a message) 21:22, 12 November 2016 (UTC)
- @AntiCompositeNumber: Thanks for that - I'll look into it tomorrow, As to the other thing, I hope that by then someone will have a definitive version of what it's about in language that people like Bishonen and I can understand. And I too don't trust a Google involvement. I haven't got a password with them, and I don't intend to give them one. Peridon (talk) 22:08, 12 November 2016 (UTC)
- I just set up 2FA after my account got compromised earlier today. Much easier than I expected, in fact! Thanks. --AlisonW (talk) 21:09, 12 November 2016 (UTC)
Whenever I have implemented two-factor authentication in the past, I've always done it by providing my phone number. Is there a reason why this is being done by Google Authenticator? I don't use my phone to log in. I log in from a laptop. The impression I get from the Google Authenticator article is that you have to be logging in from the mobile device. Or will logging in from any device generate a code sent to your phone? I am sure that is what actually happens, but am double-checking here first, as the Wikipedia article is not clear, has a 'citation needed' tag, and shouldn't be relied on anyway... Carcharoth (talk) 21:35, 12 November 2016 (UTC)
- @Carcharoth: Sites such as Yahoo Mail that send you a code via text message, that you use to login, are simply inplementing the same 'standard' without requiring you to generate the codes locally. You can actually configure a code generator for Yahoo Mail, and it will produce the same codes that they send you by text. Google Authenticator is simply one 'implementation' of this software... any compliant generator will work (I use the Amazon one). Reventtalk 21:40, 12 November 2016 (UTC)
- Thank you. My concern is that the Google Authenticator requires Android 2.1 or higher to be installed. I have recently had a problem with upgrading What's App on my phone, and the upgrade process keeps failing. I wouldn't want to be locked into relying on upgrades on my phone to the Google Authenticator app to be able to access Wikipedia. To be clear, can the process of generating codes be transferred from device to device if one of them fails for some reason? Carcharoth (talk) 21:44, 12 November 2016 (UTC)
- @Carcharoth: TOTP code generation is dependent on the 'account name', 'secret key', and 'time of day'. You can simultaneously generate identical codes on any number of programs or devices if configured with the same information. Print out the 'enable two-factor authentication' page, with that information, and secure it physically... you can then use it to configure a new device. Reventtalk 21:50, 12 November 2016 (UTC)
- Thank you. My concern is that the Google Authenticator requires Android 2.1 or higher to be installed. I have recently had a problem with upgrading What's App on my phone, and the upgrade process keeps failing. I wouldn't want to be locked into relying on upgrades on my phone to the Google Authenticator app to be able to access Wikipedia. To be clear, can the process of generating codes be transferred from device to device if one of them fails for some reason? Carcharoth (talk) 21:44, 12 November 2016 (UTC)
Just to make this clear to people, since there seems to be a widespread misunderstanding. You do NOT need a smartphone to use this, you merely need a TOTP code generator. There are physical devices that do this, Windows and MacOS applications, and multiple addons for Google Chrome. The 'manual' configuration information displayed on the confirmation page, where your scratch codes are located, can be used to configure any number of devices/programs to produce the codes... any properly configured TOTP code generator, with a synchronized clock, will produce identical and synchronized codes. If you lose your device, but still have the configuration information, you can configure another one to produce a valid code (though your login is no longer secure, since you no longer possess all copies of your code generator). Reventtalk 21:37, 12 November 2016 (UTC)
- Does that mean you can generate codes on the same device that you use to login with? That is a security hole, surely? THe whole point is to separate this between different devices, isn't it? Login on one device. Get authentication codes on the other device. But then many people log in from all devices these days. Carcharoth (talk) 21:47, 12 November 2016 (UTC)
- @Carcharoth: You 'can', but obviously should not. Reventtalk 21:52, 12 November 2016 (UTC)
- (e/c) Yes. Remember that you still need access to that actual device in that case. Whereas before you did not. That is an extra barrier. It's even better if you use two devices, but it's not the most important aspect of 2FA. 2FA is about "something you know" (password) AND "something you have" (a unique key on a device). Having just one iis not enough. That's what makes it safer than just the password. —TheDJ (talk • contribs) 21:56, 12 November 2016 (UTC)
- @Carcharoth: You 'can', but obviously should not. Reventtalk 21:52, 12 November 2016 (UTC)
- Just enabled it and it seems to work just fine. Also for the many people using the word "loose" above, it's actually "lose". Jauerbackdude?/dude. 21:46, 12 November 2016 (UTC)
- So, let's see.. "experimental", "must have an app", "Google <whatever>", "scan a QR code" " if <this and that> you will totally be locked out of your account". Other than be being insane, why would I want such a thing? I do not have a smartphone (yes I read that we do not need one, still...), I do not trust "Google <whatever>" to have anything to do with my passwords or anything (yes, I do use some Google stuff, but the less the better), I do not trust Wikimedia if you're pushing me into Google arms either... What "recent events"? All my passwords are unique and pretty much scrambled ones. Why should I use a Google thingy that will eventually lock me out? (I am not saying I will not, I am saying the current information scares me more of the TOTP - starting from using weird acronyms on messages... - than from any hacker :) - Nabla (talk) 21:54, 12 November 2016 (UTC)
- @Nabla: "Google Authenticator" is just one software implementation of this. You can use Microsoft Authenticator, if you want, or any other TOTP code generator (including an open source one). They will all produce identical, synchronized codes if properly configured. There are 'keychain' devices as well, though they tend to suffer from time drift and have to be resynchronized. The protocol involved is an IETF standard, not a Google product. Reventtalk 21:59, 12 November 2016 (UTC)
- Thank you, Revent. I appreciate you trying to help. I hope you understand that replying with a few more "weird words", helps little :-) 'keychain' devices? IETF standard? Can't technical people talk in a way that only-mildly-technical people like me understand? :-) Please do not take me the wrong way, I know you and others mean well, but the current explanation is simply too strange. Damn... I use two-factor authentication already, to access my bank online, and it is way simpler than this. Or at least it feels like simpler, maybe is just the explanation that is still making things too complicated. I would suggest a couple of improvements for the help page. A simple one: the link to "others" links to a non existing page (named Google something - so the alternatives to Google are... Google, so the help pages says :-) or not). A not so simple one: provide step by step instructions on how to set it up without a smartphone. I presume quite a few people will not do something that may block us out, unless we are mostly sure it will work. Again, thanks for the effort, please keep improving it - Nabla (talk) 22:23, 12 November 2016 (UTC) PS: Went to check the activation page. It states "Step 1 - Download a mobile app for two-factor authentication (such as Google Authenticator) on to your phone." If there are alternatives, please someone explain them. Weird as it may seem not everybody has a smartphone... - Nabla (talk) 22:31, 12 November 2016 (UTC)
- @Nabla: TOTP = Time-based One-time Password Algorithm. IETF = Internet Engineering Task Force.
- A 'keychain device' would be a physical device, that you hang on your key chain, like one of these. Any TOTP 'implementation', properly configured (with the account name and secret key shown on the 'enable' page) will produce identical valid keys.
- There are also four or five different extensions to Google Chrome that do it, and Windows/MacOS software, but as mentioned above programming the device you use to actually login (your computer) to generate the codes is insecure.
- You will be unable to enable two factor authentication without 'proving' that you have a valid method to generate codes. The valid code changes approximately every minute. Scanning a QR code simply saves typing the configuration information (the secret key is a quite long alphanumeric code) into the code generator to program it. Reventtalk 23:01, 12 November 2016 (UTC)
- Thank you, Revent. I appreciate you trying to help. I hope you understand that replying with a few more "weird words", helps little :-) 'keychain' devices? IETF standard? Can't technical people talk in a way that only-mildly-technical people like me understand? :-) Please do not take me the wrong way, I know you and others mean well, but the current explanation is simply too strange. Damn... I use two-factor authentication already, to access my bank online, and it is way simpler than this. Or at least it feels like simpler, maybe is just the explanation that is still making things too complicated. I would suggest a couple of improvements for the help page. A simple one: the link to "others" links to a non existing page (named Google something - so the alternatives to Google are... Google, so the help pages says :-) or not). A not so simple one: provide step by step instructions on how to set it up without a smartphone. I presume quite a few people will not do something that may block us out, unless we are mostly sure it will work. Again, thanks for the effort, please keep improving it - Nabla (talk) 22:23, 12 November 2016 (UTC) PS: Went to check the activation page. It states "Step 1 - Download a mobile app for two-factor authentication (such as Google Authenticator) on to your phone." If there are alternatives, please someone explain them. Weird as it may seem not everybody has a smartphone... - Nabla (talk) 22:31, 12 November 2016 (UTC)
- @Nabla: "Google Authenticator" is just one software implementation of this. You can use Microsoft Authenticator, if you want, or any other TOTP code generator (including an open source one). They will all produce identical, synchronized codes if properly configured. There are 'keychain' devices as well, though they tend to suffer from time drift and have to be resynchronized. The protocol involved is an IETF standard, not a Google product. Reventtalk 21:59, 12 November 2016 (UTC)
- Is there a way to do it like in Gmail where you can just select an option to "remember this device" and not have to do the authentication every time? ~Awilley (talk) 22:27, 12 November 2016 (UTC)
- That's a good point. What if we set it up with cookies to remember the device? Perhaps if you've activated the new two-factor login process for your account, it could avoid requiring the additional steps whenever you log in with the device in question: you'd only need the additional steps when you're setting up the cookie in the first place, or when you're logging in from a different device. Nyttend (talk) 22:43, 12 November 2016 (UTC)
- I think it would be very useful if someone would simply give the steps required to log in after this is activated. A simple, non-technical list. To log in, you will do A, B, C. - Nunh-huh 11:17, 13 November 2016 (UTC)
- @Nunh-huh: It's simple.
- A. Go to login screen. B. Enter 'normal' username and password, hit "Log in" (as normal) C. Look at your 'device', and enter the token (it's a six digit number). Hit 'continue login'.
- That's it. Reventtalk 12:38, 13 November 2016 (UTC)
- Well, thanks for that; I think adding that to the message of availability might be prudent. So it will work just like, say, Google does now? The cell phone rings, and the number is there? I don't have to open an application and ask it for the code? - Nunh-huh 16:36, 13 November 2016 (UTC)
- No, you need an application either on your phone (preferred) or on your computer that generates the token string for you. It's not automated, so you need to activate this app yourself each time you want to log in to get a new token. De728631 (talk) 17:37, 13 November 2016 (UTC)
- So then the actual sequence would be: A. Go to login screen. B. Enter 'normal' username and password, hit "Log in" (as normal) C. Find your smartphone (or other device-I imagine it could be the computer proper, so perhaps no finding involved). D. unlock it. E. open an authorizing-app. F. Look at your 'device', and enter the token (it's a six digit number). Hit 'continue login'? - Nunh-huh 22:42, 13 November 2016 (UTC)
- It's worth noting, though, that these apps have basically 'no' user interface beyond showing codes... tap on phone... look, code. Moments. Reventtalk 17:55, 13 November 2016 (UTC)
- Sure, but as I said above, I recently suffered from an app that failed to upgrade properly and probably needs reinstalling in some way. Having to do that is a pain, and ties you into the app. You need both the mobile phone and the app to work. When receiving a text message with the code, you only need the phone to work (assuming it can receive text messages). It is like having to launch an app each time you want to make a phone call or send a text message, or each time you think someone is trying to contact you. The question I would have is whether this app launches in the background each time the phone is switched on, and waits there waiting for the signal to generate a code (similar to the way incoming phone calls and text messages work without needed to actively switch those functions on). If you have to physically launch the app each time (similar to using online banking fobs), rather than it activating itself by a signal received from the site in question, and there is no way to have a 'home' device where you only use TFA infrequently, then that is a deal-breaker for me (I don't mind using TFA on other devices). I do have a PGP public key. Carcharoth (talk) 20:31, 13 November 2016 (UTC)
- And on the other hand, if it sits in the background, how much battery life will it eat up? -Nunh-huh 22:42, 13 November 2016 (UTC)
- Yes you "launch" the application. I installed it on 2 android phones (same key and codes on each), one is a $20 disposable type - it gives me my code in less time then it takes to unlock the phone. Please note, if you edit from the same secure device and "remember me" - you will not be getting prompted for this unless you try to perform a security action such as changing your email or password. — xaosflux Talk 22:54, 13 November 2016 (UTC)
- Yes, but for some people that will be a barrier too far. The good thing is that if people try it and find it is too much hassle, they can disable it again. Carcharoth (talk) 23:11, 13 November 2016 (UTC)
- Instead of a smartphone, you can also use a local program on your PC/laptop. For those who don't like Google software, e. g. WinAuth is a free open-source app that doesn't even need to be installed. You download it onto your desktop and launch it only when you need to log in. De728631 (talk) 14:33, 14 November 2016 (UTC)
- Sure, but as I said above, I recently suffered from an app that failed to upgrade properly and probably needs reinstalling in some way. Having to do that is a pain, and ties you into the app. You need both the mobile phone and the app to work. When receiving a text message with the code, you only need the phone to work (assuming it can receive text messages). It is like having to launch an app each time you want to make a phone call or send a text message, or each time you think someone is trying to contact you. The question I would have is whether this app launches in the background each time the phone is switched on, and waits there waiting for the signal to generate a code (similar to the way incoming phone calls and text messages work without needed to actively switch those functions on). If you have to physically launch the app each time (similar to using online banking fobs), rather than it activating itself by a signal received from the site in question, and there is no way to have a 'home' device where you only use TFA infrequently, then that is a deal-breaker for me (I don't mind using TFA on other devices). I do have a PGP public key. Carcharoth (talk) 20:31, 13 November 2016 (UTC)
- No, you need an application either on your phone (preferred) or on your computer that generates the token string for you. It's not automated, so you need to activate this app yourself each time you want to log in to get a new token. De728631 (talk) 17:37, 13 November 2016 (UTC)
- Well, thanks for that; I think adding that to the message of availability might be prudent. So it will work just like, say, Google does now? The cell phone rings, and the number is there? I don't have to open an application and ask it for the code? - Nunh-huh 16:36, 13 November 2016 (UTC)
- Too complicated - While I applaud this idea, implementing it should not require reading more information than is contained in the entire United States constitution, scattered over several pages. Can't it be more simple just to figure out? As noted (in probably several hundred words), not everybody connects here via smartphone. Not everybody wants to read through "...if A does not apply....you can do B....or you can do C...or" and then on and on and one. The first and ONLY thing that comes up under Preferences/Enable two-factor authentication are instructions for a mobile app. I don't know if I enabled it or not - but didn't click on submit - but there is a place there that gives me the secret key numbers and scratch tokens..and then says to enter a code from a mobile phone. Oh, give me a break. If your account has been compromised, you're already stressed. Why does this have to be more complicated than Einstein's theory of relativity? Just give us a simple bulleted list of instructions that work the same for all systems across the board. Please. — Maile (talk) 14:17, 16 November 2016 (UTC)
- I think this is a very good point. I'm going to use the analogy with accessing my bank account online (as I did below) because it's similar; the bank provides me with a security device I use for authentication, and went over it with me when I first got it in order to confirm I understood it. Or, to give you another analogy, if I think my back door is a bit weak and easily breakable by a burglar, I might phone a locksmith out to have a look at it. The point is that I don't need to think about how to set the security up when I can pay for somebody to do it for me. Obviously that's not practical here, so I think we need to accept that 2FA just isn't going to work for some people and anyone who thinks it's "simple" needs to do a bit of hallway usability testing with newbies to cancel the inverse-Dunning–Kruger effect they're experiencing. Ritchie333 (talk) (cont) 16:06, 16 November 2016 (UTC)
- @Maile66: Please feel free to email me directly if you'd like any help, but I'm trying to de-tech WP:2FA a little at Wikipedia:Simple 2FA. I've also found a windows based TOTP client which you may find helpful -- samtar talk or stalk 16:15, 16 November 2016 (UTC)
- Please understand that this was an expedited deploy to deal with an immediate problem. As a side effect of that, all steps to "improve the usability" of this process were skipped (and this is one of the reasons the feature is not yet offered to everyone). There is a list of user experience tickets that will have to be dealt with post-fact, which was never really how anyone intended to make these improvements. I personally have already solved 4 usability issues that should land in the coming weeks, mostly based on feedback in this and similar discussion. Improving the messaging and workflow is a bit larger a task, but hopefully someone should be able to take that on soon as well. —TheDJ (talk • contribs) 12:24, 22 November 2016 (UTC)
Why Wikipedia is vulnerable to attacks by the alt-right
I sometimes think of Wikipedia as an undefended picnic of truth, made of anonymous volunteers from all over the political spectrum, with differing agendas which pretty much balanced each other out into a kind of mainstream position, perhaps leaning a bit to a liberal or progressive orientation. And I think established contributors here will agree with me when I say that it has worked beautifully so far. But our shared project is highly dependent on a good-spirit among volunteers to have a collegial disposition and to work constructively, to learn from each other, even when we disagree with each other, to work out those differences, and add to the general knowledge. Most of us who have been contributing here for a while know how easy it can be for one or two contributors to stir up a lot of trouble, how time-consuming and frustrating it is dealing with abrasive types (it can cause many good contributors to leave). But what if swarms of new volunteers with a shared alt-right agenda enter the picnic? There is nothing stopping them. I claim there is a huge temptation for such groups to try to re-write truth, or cause so much distortion and friction that well-meaning contributors give up. My sense is the encyclopedia is vulnerable to such an attack. I believe it makes sense for us now to begin to think about prevention methods, or ways for the community to figure out quickly when something like this happens, and to have counter-measures ready to deploy, without, of course, ourselves becoming so reactionary and fixed. I realize this is a tough problem but I am calling on contributors smarter than me to begin thinking about it.--Tomwsulcer (talk) 11:04, 19 November 2016 (UTC)
- You should have kept this on your userpage. A solution in search of a problem. "Counter-measures". Seriously... Doc talk 11:08, 19 November 2016 (UTC)
- I agree entirely with Doc9871; I hold no brief at all for the American alt-right, but you are the one who looks like a conspiracy theorist here. Why is this particular group any different to any other political movement, religion, band fan-club etc whose members participate on Wikipedia in large numbers? ‑ Iridescent 11:21, 19 November 2016 (UTC)
- What do you mean.--Tomwsulcer (talk) 11:21, 19 November 2016 (UTC) Okay so you people are saying that I am needlessly concerned, that it is a non-problem, that Wikipedia, by its very nature, will cope with such a problem.--Tomwsulcer (talk) 11:23, 19 November 2016 (UTC)
- I'm sure you know exactly what I mean. Substitute "the Jews" or "the communists" for "alt-right" in your original post to get an idea of how ridiculous you sound; that a group is theoretically capable of organising its members to participate in Wikipedia en masse doesn't mean it's any particular concern, or that the existing protocols (which have managed successfully to control POV-warriors ranging from the I-P hardliners to the Church of Scientology) can't handle it. This is the admin noticeboard; what administrative action are you requesting here, other than a vaguely-worded "I think we shouldn't allow people who disagree with me to edit here" appeal? ‑ Iridescent 11:26, 19 November 2016 (UTC)
- Perhaps I am still in shock after the US election, and I hope you are right that the existing protocols will work as before, and that balance will prevail.--Tomwsulcer (talk) 11:34, 19 November 2016 (UTC)
- Sorry, but this sounds like gaslighting to me. The "alt-right" aren't just "people who disagree with us". This is not political. Their views are hateful and bigoted and they really should not be allowed to edit here. We shouldn't give them the time of day or even validate their racist, sexist, homophobic, etc. opinions disguised in the form of so-called NPOV. That's almost as bad as the opinions themselves, if not worse.--WaltCip (talk) 15:34, 22 November 2016 (UTC)
- I'm sure you know exactly what I mean. Substitute "the Jews" or "the communists" for "alt-right" in your original post to get an idea of how ridiculous you sound; that a group is theoretically capable of organising its members to participate in Wikipedia en masse doesn't mean it's any particular concern, or that the existing protocols (which have managed successfully to control POV-warriors ranging from the I-P hardliners to the Church of Scientology) can't handle it. This is the admin noticeboard; what administrative action are you requesting here, other than a vaguely-worded "I think we shouldn't allow people who disagree with me to edit here" appeal? ‑ Iridescent 11:26, 19 November 2016 (UTC)
- What do you mean.--Tomwsulcer (talk) 11:21, 19 November 2016 (UTC) Okay so you people are saying that I am needlessly concerned, that it is a non-problem, that Wikipedia, by its very nature, will cope with such a problem.--Tomwsulcer (talk) 11:23, 19 November 2016 (UTC)
- I agree entirely with Doc9871; I hold no brief at all for the American alt-right, but you are the one who looks like a conspiracy theorist here. Why is this particular group any different to any other political movement, religion, band fan-club etc whose members participate on Wikipedia in large numbers? ‑ Iridescent 11:21, 19 November 2016 (UTC)
- I don't foresee a particularly worse alt-right invasion because of Trump than we already had because of Gamergate. And obnoxious agenda-pushing of every stripe has been around as long as Wikipedia. IMHO we've done a poor job of dealing with the problem (some of the cures we've implemented have been worse than the disease) and WP has become a worse project over the years because of it. There's been a ton of analysis of these issues published on and off of Wikipedia over the years, so I doubt we're likely to find a solution in any particular AN thread. 50.0.136.56 (talk) 21:00, 19 November 2016 (UTC)
Admin attention needed
at Files for discussion which has a backlog 350+ item backlog spanning over three months. All admins are invited to participate, as most of these are very easy closures. -FASTILY 08:33, 22 November 2016 (UTC)
- @Fastily: Is the usual process here to just delete the file and let the bot close the discussion? I've noticed that quite a bit. ~ Rob13Talk 10:21, 22 November 2016 (UTC)
- If there is a good case for deletion. Sometimes relicensing as non-free is better, or relisting. There is a script (User:Evad37/FFDcloser) for doing these. Jo-Jo Eumerus (talk, contributions) 16:02, 22 November 2016 (UTC)
- A lot of these don't require admin action. A lot of them, as Jo-Jo mentioned, are simple relicensing. I've gone through a lot of them myself and done just that. FfD has been perpetually backlogged since the closing of PUF. Really doesn't need a new AN notice every few weeks telling people that. I'm sure everyone knows by now. --Majora (talk) 21:35, 22 November 2016 (UTC)
- Disagree, since many listings go un-actioned indefinitely until I post about them. Here's our day-over-day count at FfD; downward spikes are usually the result of AN notifications. -FASTILY 02:00, 23 November 2016 (UTC)
- A lot of these don't require admin action. A lot of them, as Jo-Jo mentioned, are simple relicensing. I've gone through a lot of them myself and done just that. FfD has been perpetually backlogged since the closing of PUF. Really doesn't need a new AN notice every few weeks telling people that. I'm sure everyone knows by now. --Majora (talk) 21:35, 22 November 2016 (UTC)
- If there is a good case for deletion. Sometimes relicensing as non-free is better, or relisting. There is a script (User:Evad37/FFDcloser) for doing these. Jo-Jo Eumerus (talk, contributions) 16:02, 22 November 2016 (UTC)
Assistance required at AfD, re Wikipedia:Articles for deletion/Prakash Vir Shastri Avenue (2nd nomination)
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Could someone look at the above - It has been running for more than a month, had three relists (last one 18 days ago) and appears to be going nowhere. Thanks Nordic Nightfury 10:52, 21 November 2016 (UTC)
Wikipedia:Requests for page protection
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
I just finished going through the page and there are two left, Wikipedia:Requests for page protection#Toronto and Wikipedia:Requests for page protection#Moses in Islam, both of which I am involved. Could someone take a look at them. Thanks. CambridgeBayWeather, Uqaqtuq (talk), Sunasuttuq 11:37, 22 November 2016 (UTC)
- @CambridgeBayWeather: Done ~ Rob13Talk 12:03, 22 November 2016 (UTC)
- Thanks. CambridgeBayWeather, Uqaqtuq (talk), Sunasuttuq 12:32, 22 November 2016 (UTC)
North Carolina gubernatorial election, 2016
We've an IP (107.77.208.138) who keeps editing in that the 2016 North Carolina gubernatorial election is decided. The election-in-question has not been decided & is likely headed for a recount. GoodDay (talk) 21:10, 23 November 2016 (UTC)
Murder of Jo Cox
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
The article Killing of Jo Cox was previously move-protected while the case was sub-judice. As Mair has now been convicted of murder and sentenced to life imprisonment (see Talk:Killing of Jo Cox#Requested move 23 November 2016 and BBC news here) we now have the unnecessary bureacratic hurdle of moving the page to its correct title. Would an administrator please review and move the article? Thanks for your attention. Keri (talk) 13:29, 23 November 2016 (UTC)
- I've removed the move protection (put in place 4 months ago), so the page can now be renamed. I would encourage you to find consensus on a new name at the discussion page before changing the page name. Dragons flight (talk) 13:56, 23 November 2016 (UTC)
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Could you please delete this edit and hide the edit summary. An IP wrote a personal attack against me in the edit summary, but no private information was leaked. Emir of Wikipedia (talk) 15:38, 15 November 2016 (UTC)
- I was wondering if you could please hide the edit summary for this edit too. Emir of Wikipedia (talk) 17:08, 15 November 2016 (UTC)
- @Emir of Wikipedia: These would fall under the "not "ordinary" incivility, personal attacks or conduct accusations" clause of the Revdel criteria; it's not so bad as to require revision deletion in my opinion. Sam Walton (talk) 19:36, 15 November 2016 (UTC)
- @Samwalton9: Would the first edit come under #3 of the CRD? The edit had no value to the article, and likely its' only purpose was to put in a edit summary concerning me. Emir of Wikipedia (talk) 19:40, 15 November 2016 (UTC)
- Warned the IP about personal attacks and what is not "vandalism", but I agree with Sam that it doesn't warrant revdeletion. Miniapolis 23:09, 15 November 2016 (UTC)
- The IP address you warned had been hopped off too, the current one is User talk:2607:FB90:1E0A:4EE6:0:30:F809:8501. This hopping has been going on for about a month now I think, and it's why I believe it is not ordinary incivility but prolonged. Emir of Wikipedia (talk) 23:15, 15 November 2016 (UTC)
- Warned the IP about personal attacks and what is not "vandalism", but I agree with Sam that it doesn't warrant revdeletion. Miniapolis 23:09, 15 November 2016 (UTC)
- @Samwalton9: Would the first edit come under #3 of the CRD? The edit had no value to the article, and likely its' only purpose was to put in a edit summary concerning me. Emir of Wikipedia (talk) 19:40, 15 November 2016 (UTC)
- @Emir of Wikipedia: These would fall under the "not "ordinary" incivility, personal attacks or conduct accusations" clause of the Revdel criteria; it's not so bad as to require revision deletion in my opinion. Sam Walton (talk) 19:36, 15 November 2016 (UTC)
Warned again about personal attacks. Do you have evidence that it's a dynamic IP? Miniapolis 22:19, 22 November 2016 (UTC)
- Thanks for the warnings. I do believe it is a dynamic IP, and some other linked IP's (and maybe a possible account) are listed at ANI. Emir of Wikipedia (talk) 22:30, 22 November 2016 (UTC)
- I'm not going to put up with long-term harassment, and since I'm handing out rangeblocks for that stuff this morning, I've blocked 2607:fb90:1e00::/44 for one month. Katietalk 12:06, 23 November 2016 (UTC)
- @KrakatoaKatie: Thanks for the help. Emir of Wikipedia (talk) 12:11, 23 November 2016 (UTC)
Odd editing - review please
Could someone please take a look at the contributions by Chitt66? I've found some rather odd edits (and reverted a couple of them) and am not sure what's going on, but don't have the time to do a full review. Tony Fox (arf!) 19:13, 24 November 2016 (UTC)
Deceased Wikipedian
User:JDG is almost certainly deceased. He wrote several times he was terminally ill, such as here, and has not edited since December 2007. I just reverted anonymous edits to his userpage, almost certainly in good faith efforts to "disambiguate" the user from a hacker who uses the same handle, but unintentionally making it look like the ex-Wikipedian and hacker are one and the same. I fear the userpage will continue to attract the same attention and that it be locked. I also believe there used to be a convention to block deceased Wikipedians' accounts to prevent compromise, but don't know if that's still the case. Ribbet32 (talk) 23:02, 24 November 2016 (UTC)
- Wikipedia:Deceased Wikipedians/Guidelines. Hope this helps. - jc37 23:17, 24 November 2016 (UTC)
- Per that link (and presuming you are correct), I've protected the userpage. The rest should be able to be done at editorial discretion.
- If it turns out that the page should be unprotected, there is no need for the unprotecting admin to notify me first in this case. - jc37 23:24, 24 November 2016 (UTC)
- Agreed. Protection for deceased editors' userpages is a matter of policy, not a matter of editorial judgement in fighting vandalism or edit wars; it's something we'd have MediaWiki do automatically if it had some way of determining which editors were alive and which weren't. In cases of "the report of my death was an exaggeration", to quote Clemens, the reason for the protection has obviously expired and should be undone by anyone. Nyttend (talk) 13:39, 25 November 2016 (UTC)
Trial (report mode) for new blocking adminbot User:AnomieBOT III/Trial block log
For any admins that process speedy blocks, please note the new feed at User:AnomieBOT III/Trial block log - these entries may actually need to be actioned - and any feedback is welcome at Wikipedia:Bots/Requests for approval/AnomieBOT III 3. — xaosflux Talk 15:47, 25 November 2016 (UTC)
Backlog at AIV
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
There's a backlog at WP:AIV. Been a few hours since last admin attended to it. EvergreenFir (talk) 04:55, 26 November 2016 (UTC)
Fake news website
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Please semi-protect the page Fake news website.
Because of increase in incoming vandalism and disruption after the recent block on PantherBF3 (talk · contribs · deleted contribs · logs · filter log · block user · block log).
Thank you ! Sagecandor (talk) 20:43, 25 November 2016 (UTC)
- Sagecandor please post your request at Wikipedia:Requests for page protection. — Maile (talk) 21:05, 25 November 2016 (UTC)
- Okay, thank you. Sagecandor (talk) 21:42, 25 November 2016 (UTC)
Harassment by editors
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Hi guys & gals, I'm being harrassed by some of your editors on Sports in the United States. Can you please tell them to stop reverting my good edits to a subject they clearly have no knowledge of? Would appreciate it. Thanks 2A02:C7D:89A3:F400:C83A:BFAD:6BF4:26D3 (talk) —Preceding undated comment added 20:59, 25 November 2016 (UTC)
- Further, they have now taken to harrassing me on my IP 'talk page' here: User talk:2A02:C7D:89A3:F400:C83A:BFAD:6BF4:26D3 as well as at this very admin page! 2A02:C7D:89A3:F400:C83A:BFAD:6BF4:26D3 (talk) 21:04, 25 November 2016 (UTC)
- All you have to do is copy the source from the article you're linking to, and add it with your additions. And stop making comments such as calling people "dumbass" - that will get you blocked for being uncivil. - BilCat (talk) 21:07, 25 November 2016 (UTC)
- Also, you have violated the three revert rule and have reverted
fivemake that seven times in the last few minutes. Gluons12 ☢|☕ 21:10, 25 November 2016 (UTC).
- Also, you have violated the three revert rule and have reverted
- All you have to do is copy the source from the article you're linking to, and add it with your additions. And stop making comments such as calling people "dumbass" - that will get you blocked for being uncivil. - BilCat (talk) 21:07, 25 November 2016 (UTC)
- Everybody involved here needs to calm down. Edit warring is absolutely not how we resolve these issues, neither is hurling insults, but I would also note that it was completely inappropriate for @KGirlTrucker81: to repeatedly try to prevent this from being posted here at all. Nobody is behaving particularly well here, and I see no attempt to discuss this on the talk page either. Beeblebrox (talk) 21:13, 25 November 2016 (UTC)
- I've left helpful notes at both user's talk pages. Hopefully this doesn't happen again. Primefac (talk) 21:14, 25 November 2016 (UTC)
- Message from Primefac and zzuuzz recieved, understood and appreciated. Matter over as far as I'm concerned. 2A02:C7D:89A3:F400:C83A:BFAD:6BF4:26D3 (talk) 21:17, 25 November 2016 (UTC)
Srb
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Indef block please, per WP:NOTHERE. Thanks, Baffle gab1978 (talk) 01:07, 27 November 2016 (UTC)
- Can you please clearly who you want blocked? At first I thought it was someone named Srb as per what was in this section's title but there is no one with that name here.--76.65.43.0 (talk) 02:09, 27 November 2016 (UTC)
Portuguese Wikipedia seems to have been overtaken by a clique of politburo bureaucrats who see as their role to prevent editors from contributing to Wikipedia
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
On 24 Nov 2016, I started a Portuguese translation of the Job guarantee wiki page. 1h later the self-proclaimed wiki police user Stego put the page for deletion. As I attempted to continue the translation, he insisted on vandalising my work, putting it for deletion 2 more times. A feud ensued over a page, that is not even that controversial, and a mob of other self-proclaimed wiki bureaucrats gathered around to bash and block me. These people seem not to understand the collaborative spirit of Wikipedia, and act rather to suppress other people's contribution, instead of adding to it. There is a serious perversion of the Wikipedia culture going on in the Portuguese realm, as it was captured by a clique of self-proclaimed petty authorities. Perhaps something was lost in translation when Wikipedia was exported to a culture fraught with soviet-style bureaucracy. — Preceding unsigned comment added by Andre.levy.al (talk • contribs) 12:36, 27 November 2016 (UTC)
Deletion review / Please help make a decision on William Tunberg's article
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
The deletion banner has been at the top of Tunberg's article since November 9 (17 days). There are 5 keeps and one delete. The editor who wants to delete is SwisterTwister. SwisterTwister and I have dialoged on the page. He feels Tunberg doesn't have enough museum collectors. The majority of Tunberg's collectors are religious institutions, universities and corporations. He's had a long and varied career that has spanned 50 years, and his commissions include large altar crosses, Arks of the Covenant, and large sculptural installations, such as the 30-foot marquetry wall he did for University of California, Riverside. He's taken the ancient art of marquetry and applied it to fine art sculpture and has been called one of the world's most foremost woodworking and marquetry artists. In the process of adapting the medium to fine art, Tunberg has developed new technologies and applications in marquetry. I've been prohibited from completing the marquetry section or editing his article because I'm his wife. Marchjuly has been working with me and I can't speak highly enough about him. He's taught me a lot about Wikipedia -- the COI rules, linking, citing, and other subjects too numerous to mention. He's been kind, generous and especially patient with all of my questions and concerns. But what do we do now? I'm afraid one of Tunberg's collectors will see the banner, which will injure his reputation. Please intervene and make a decision one way or the other. Thank you.Cstwct (talk) 02:37, 27 November 2016 (UTC)
- William Tunberg (artist) (edit | talk | history | protect | delete | links | watch | logs | views)
- AfD
- Johnuniq (talk) 06:59, 27 November 2016 (UTC)
Incorrect posting to the main page
The posting of Florence Henderson to the main page by User:Jehochman has been determined to be against consensus and has been reported at WP:ERRORS for a few hours. Could someone please action the pull consensus at ITN? Thanks. The Rambling Man (talk) 20:25, 25 November 2016 (UTC)
Done — Maile (talk) 20:47, 25 November 2016 (UTC)
- Thanks. Can I suggest that a few more of our "trustworthy admins" add WP:ERRORS to their watchlist? Problems on the mainpage can persist for hours and that's something that the project should strive to avoid. The Rambling Man (talk) 20:58, 25 November 2016 (UTC)
- Yeah, and the only reason I saw this was luck of the draw. Being a holiday weekend, I had been logged off for hours. — Maile (talk) 21:08, 25 November 2016 (UTC)
- Indeed, but it's only a "holiday weekend" in the US, there are thousands of other admins who aren't American, so there's no reason to continue to allow failures of process, errors, etc on the main page once they've been identified, for hours and hours. The Rambling Man (talk) 22:04, 25 November 2016 (UTC)
- I've added WP:ERRORS to my watchlist. Joyous! | Talk 22:10, 25 November 2016 (UTC)
there are thousands of other admins who aren't American
You mean hundreds. Of which only 522 are currently active. Curiously, there is no Category:Wikipedia administrators by location. — Scott • talk 20:29, 27 November 2016 (UTC)- @Scott, actually there is but it's a couple of years out of date, and (rightly) only lists those who've publicly disclosed where they live. (FWIW I'd guess that the issue isn't that the admins don't exist to maintain the main page, but that most admins are totally fed up with constant demands to tinker with a page about which the number of readers who care could probably be counted on two hands at most, and at least one hand's worth of those are probably the more obsessive element of WR/WO looking for nits to pick.) ‑ Iridescent 20:41, 27 November 2016 (UTC)
- Well, there are well over a thousand admins, and while most of them are American, there's little reason that the ERRORS page receives such little interest. More admins need to add the page to their watchlist. Thanks for your note Scott. Thanks, Iridescent, for your constructive and helpful dialogue. The Rambling Man (talk) 20:43, 27 November 2016 (UTC)
- Indeed, but it's only a "holiday weekend" in the US, there are thousands of other admins who aren't American, so there's no reason to continue to allow failures of process, errors, etc on the main page once they've been identified, for hours and hours. The Rambling Man (talk) 22:04, 25 November 2016 (UTC)
- Yeah, and the only reason I saw this was luck of the draw. Being a holiday weekend, I had been logged off for hours. — Maile (talk) 21:08, 25 November 2016 (UTC)
Creating page redirect
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Would you please be so kind to create a redirect to Rainbow flag from it's emoji sign? Humanity will thank you! Flávio Neves Rodrigues (talk) 20:40, 26 November 2016 (UTC)
- That's a pair of two emojis. It doesn't seem like a likely search term to me. ~ Rob13Talk 20:43, 26 November 2016 (UTC)
- Well, emojipedia redirects to that page. Cheers! Flávio Neves Rodrigues (talk) 21:00, 26 November 2016 (UTC)
- P.S.: I also used in this tweet and it seems to work as emojipedia is saying. Flávio Neves Rodrigues (talk) 21:06, 26 November 2016 (UTC)
- Done TheCatalyst31 Reaction•Creation 09:25, 27 November 2016 (UTC)
Suspected sock puppets of User:Mokshanine
I've noticed recently a bunch of disruptive article talk page posts that are signed "Amanbir". The name seems unique enough that one can assume it is all from the same person. When searching user talk and article talk I have found posts going back to 2012 from this person from a number of IP addresses. I have started making those with Template:IPsock. (See Category:Suspected Wikipedia sockpuppets of Mokshanine.) Is it a waste of time to mark the ones from past years or does that help? Is marking the recent ones helping? Richard-of-Earth (talk) 08:40, 27 November 2016 (UTC)
- According to this baby name web page, the name comes from Punjabi. I wouldn't assume that this name is unique without consulting someone who knows more about Punjabi names. עוד מישהו Od Mishehu 11:51, 27 November 2016 (UTC)
- A few users I could find quickly with over a thousand edits here, with some recent activity: Gman124, Hunnjazal, Nauriya, Satdeep Gill, Shemaroo, TopGun, Uchohan. עוד מישהו Od Mishehu 12:24, 27 November 2016 (UTC)
- Od Mishehu whats the issue why I ahve been taged here? Nauriya User talk: Nauriya 17:34, 27 November 2016 (UTC)
- Is it true that "Amanbir" is a unique name? I underestand that it's a Punjabi language name, and that you speak Punjabi. עוד מישהו Od Mishehu 12:37, 27 November 2016 (UTC)
- @Od Mishehu: Yes, I haven't heard of a name Amanbir and indeed it is unique. But it is obviously a Punjabi name as Aman and Bir both are pretty common as prefixes and suffixes in various names like Amandeep, Amanpreet and Rajbir, Sukhbir etc. --Satdeep Gill (talk • contribs 13:38, 27 November 2016 (UTC)
- Is it true that "Amanbir" is a unique name? I underestand that it's a Punjabi language name, and that you speak Punjabi. עוד מישהו Od Mishehu 12:37, 27 November 2016 (UTC)
- Od Mishehu whats the issue why I ahve been taged here? Nauriya User talk: Nauriya 17:34, 27 November 2016 (UTC)
Hi there, it's not clear to me why I've been tagged in this discussion. I'm not aware of the persons being discussed here. --عثمان وقاص چوہان 15:21, 27 November 2016 (UTC)
- Od Mishehu. I meant it seems unique on Wikipedia talk spaces and I am going on more then just his name. (Of course I googled it.) His style is very consistent. Much WP:QUACK in his posts and edits. That is not the question I asked. The question was is it helpful to mark the IPs as suspected sock puppets. Is there a point to marking the ones from years ago. He is IP hopping quite a bit and seems to never come back to an IP he used in the past once it is blocked. I un-tagged those people in your post, so we do not have any more "why am I here" posts. Richard-of-Earth (talk) 20:25, 27 November 2016 (UTC)
- Having a name in an unusual language is not, all by itself, a reason to think that multiple accounts/IPs are the same person. And speakers of the same language also tend to have similar IPs more often than speakers of different languages. When the main evidence is the name, you need to be sure that the name is, in fact, unusual and not just foreign. עוד מישהו Od Mishehu 05:36, 28 November 2016 (UTC)
This is being continually overlooked. Could admins please add it to their watchlist and address issues that appear on the most important page on the entire project please? Some stuff has been on there for 12 hours now. The Rambling Man (talk) 20:41, 26 November 2016 (UTC)
- Saying that the Main Page is "the most important page" on Wikipedia is like saying that the cover is the most important part of the book: it confuses prominence with value. I wouldn't give a damn if the Main Page was discontinued, as long as the content of the encyclopedia remained. Beyond My Ken (talk) 23:35, 26 November 2016 (UTC)
- You missed the point entirely. We have errors on the main page. The main page is visited by millions of people per day. The main page isn't a "cover", it is full of so-called facts and encyclopedic content. We shouldn't be allowing errors (which have been reported for hours and hours) to persist. The Rambling Man (talk) 08:08, 27 November 2016 (UTC)
- Sorry, I should have been more explicit. I agree with you that errors on the Main Page should be fixed quickly, and your call for more admins to monitor WP:ERRORS is a laudable one; I simply disagree with your take on the importance of the Main Page. To me, it's the tail, not the dog. Beyond My Ken (talk) 18:29, 27 November 2016 (UTC)
- Ok cool. I still think it's far from the tail. We have dozens of claims on the main page every single day. Turns out that a lot of them are wrong. A mainstream newspaper would be forced into issuing corrections. Wikipedia just shrugs it off. So the least we can do is ensure error reports are given due consideration in a timely fashion. If someone found a glaring factual error on the homepage of a commercial website, I think they'd find it pretty ridiculous and it would undermine the integrity of the rest of the site (which, relatively speaking, is like the Wild West compared the scrutiny that should go into ensuring the main page is up to scratch). The Rambling Man (talk) 20:17, 27 November 2016 (UTC)
- Sorry, I should have been more explicit. I agree with you that errors on the Main Page should be fixed quickly, and your call for more admins to monitor WP:ERRORS is a laudable one; I simply disagree with your take on the importance of the Main Page. To me, it's the tail, not the dog. Beyond My Ken (talk) 18:29, 27 November 2016 (UTC)
- You missed the point entirely. We have errors on the main page. The main page is visited by millions of people per day. The main page isn't a "cover", it is full of so-called facts and encyclopedic content. We shouldn't be allowing errors (which have been reported for hours and hours) to persist. The Rambling Man (talk) 08:08, 27 November 2016 (UTC)
- I've fixed the obvious glaring error and another issue. I do find that I'm doing this far too often. Black Kite (talk) 20:54, 27 November 2016 (UTC)
I'm not normally around at weekends, sorry I wasn't there to help. I'm a regular at ERRORS and agree with BK and TRM:
- a there are very few admins that bother with ERRORS. Sadly.
- mistakes on Main page make Wikipedia look ridiculous.
- too many errors come through to Main page, especially from DYK and to a lesser extent from ITN.
- something ought to be done but it seems the community doesn't care
Cheers, --Dweller (talk) Become old fashioned! 21:41, 27 November 2016 (UTC)
User Issue
I saw today this user. I reverted some vandalism edits, but also some older edits that appears to be vandalism and still on Wikipedia. Like this edit (22 October) and this edit (17 November). I'm not an vandalism expert and don't know how to deal with it, but I think all his edits needs to be checked. Sander.v.Ginkel (Talk) 09:01, 29 November 2016 (UTC)
- Note I see this might not be the best place to post this issue. But I don't see what the best place is. Feel free to cut and past it to another place. Thanks, Sander.v.Ginkel (Talk) 09:09, 29 November 2016 (UTC)
Spartanburg, South Carolina
Does anybody know what is going on with this article? See history. Given the number of editors I haven't notified any right now. CambridgeBayWeather, Uqaqtuq (talk), Sunasuttuq 19:04, 29 November 2016 (UTC)
- Maybe a class project of some kind? Katietalk 19:13, 29 November 2016 (UTC)
- That was my impression. Is there someone from the education project that can intervene? The edits appear good faith, but extremely poorly executed. And obviously no inkling of Wiki - culture. John from Idegon (talk) 20:32, 29 November 2016 (UTC)
Proposal that may be of interest
Voting on a proposal that concerns block logs and the blocking policy is now open at meta:2016 Community Wishlist Survey/Categories/Admins and stewards#Enable administrators to update block logs, through December 12. The instructions say explicitly that it is permissible, and not a canvassing violation, to post a message such as the one I am placing here, so I hope that interested administrators and editors will take part in the discussion. --Tryptofish (talk) 22:51, 28 November 2016 (UTC)
- Would it be violating anything in particular to post a CentralNotice on this? — Maile (talk) 23:06, 28 November 2016 (UTC)
- Thanks for asking! No, they say that any kind of good-faith get-out-the-vote message is entirely permitted. Depending upon how widely one would distribute the message (and a CentralNotice would be pretty wide), it could be more appropriate to announce the election as a whole, rather than a single proposal. In fact, a broad notice to users that voting has begun is a good idea in any case. Here is a link to the main page for the survey, by the way: [2]. --Tryptofish (talk) 23:24, 28 November 2016 (UTC)
- Advocating a particular proposal might be seen as WP:CANVASSing, but a link to the full set of proposals seems like a good idea (ref Template:Cent which includes such a link now). --Izno (talk) 23:30, 28 November 2016 (UTC)
- They explicitly say there that linking to a particular proposal is permitted in this case. I would not have posted about it here if that were not the case. --Tryptofish (talk) 23:33, 28 November 2016 (UTC)
- "They" is not "us". There may or may not be users here at en.WP who have certain preferences and for which a link to the single proposal would be canvassing. --Izno (talk) 23:52, 28 November 2016 (UTC)
- Then I suggest that those users who may or may not exist take it up with "they". --Tryptofish (talk) 22:01, 29 November 2016 (UTC)
- "They" is not "us". There may or may not be users here at en.WP who have certain preferences and for which a link to the single proposal would be canvassing. --Izno (talk) 23:52, 28 November 2016 (UTC)
- They explicitly say there that linking to a particular proposal is permitted in this case. I would not have posted about it here if that were not the case. --Tryptofish (talk) 23:33, 28 November 2016 (UTC)
Requesting help closing an RfC
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Could an available admin or experienced editor please take a look at this RfC on Talk:Protests against Donald Trump and close it. Although WP:INVOLVED I had considered closing it myself given that it is so lopsided that I think it could be treated as uncontroversial. However, there are a couple of editors who are taking great umbrage at the consensus and out of an abundance of caution I think it best that someone else close it. Thanks. -Ad Orientem (talk) 17:53, 28 November 2016 (UTC)
- Anyone??? -Ad Orientem (talk) 20:54, 29 November 2016 (UTC)
User with 2 sockpuppet accounts
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Hello. I was referred here by an admin.. this is regarding a fellow editor who has, in the past, been blocked for sockpuppetry. I was wondering if this would be something that interests you and you'd like to block them. The user is HurluGumene and their past sockpuppet[s]: Lurulu and Lurulu2. Thanks --Jennica✿ / talk 22:26, 29 November 2016 (UTC)
- @Jennica: Such reports generally go at WP:ANI or their WP:SPI page. DarkKnight2149 22:30, 29 November 2016 (UTC)
malformed AFD
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
I see no discussion page for Project .44.--TonyTheTiger (T / C / WP:FOUR / WP:CHICAGO / WP:WAWARD) 15:04, 29 November 2016 (UTC)
- It has never existed. Note that the article was nominated by an IP, who couldn't create the discussion page in the first place. If the IP had given a rationale (e.g. at talk), I'd say to create the page with that as the rationale, but lacking a rationale, just undo the edit with an explanatory summary. Nyttend (talk) 15:20, 29 November 2016 (UTC)
- AfD message has been removed. I think this can be closed now. JudgeRM (talk to me) 19:36, 29 November 2016 (UTC)
User:BatteryIncluded and the US Election 2016 results
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
- BatteryIncluded (talk · contribs)
While we've been appaled by the surprise election of Donald Trump, BatteryIncluded appears not to exhibit any views on it. He seems to congratulate the new President-elect, as well as to attack anyone who's against him. He also supports any policy hostile to immigrants, which depended upon by the tech industry, and the proposal to ban the Internet. Most of his comments are favorable to both Trump and Russian President Vladimir Putin, which makes him a puppet.
Most disturbingly, BatteryIncluded is part of a silent majority that stands with Trump, and may helped him. He has shown authoritarian tendencies. There's a specific action to make sure that BatteryIncluded won't involve in un-American actions.
On the right hand note, BatteryIncluded is a long-term problem that crops up every now and then and has shown absolute power over the Internet.
119.40.126.96 (talk) 07:28, 30 November 2016 (UTC)
Please help at WP:ERRORS
There's a dearth of administrators who are willing to help with Main page issues. Really, there are not many of us about. Please do chip in. --Dweller (talk) Become old fashioned! 13:48, 28 November 2016 (UTC)
- Didn't we just have this here a couple of days ago? If the main page is dysfunctional and many admins are not willing to join in because of that, are repeated pleas for more fingers in the dike really the way to go? Boing! said Zebedee (talk) 15:12, 28 November 2016 (UTC)
- I dunno. But as I'm not planning on deleting the Main page today and it's had issues, I'll flag it up here. Maybe I ought to add a plea for this to every message I write in projectspace. Carthago delenda est! --Dweller (talk) Become old fashioned! 16:12, 28 November 2016 (UTC)
- Sorry, Zebedee, but what are you saying? The main page is only accessible to admins. If the content there is dubious or incorrect, it is incumbent on admins to fix it. If those admins want to make Wikipedia better, they should follow up on why there are so many issues (e.g. take a look at DYK for starters). But in any case, until we solve the cause, we have to deal with the symptoms. Please, admins, add ERRORS to your watchlist and reduce the embarrassing crap that ends up there day on day. The Rambling Man (talk) 21:56, 28 November 2016 (UTC)
- Well, there are currently 785 watchers at WP:ERRORS, and no way to tell how many are admins...or no longer even active at Wikipedia. But if my recent experience is any indicator, admins get tired of backing into personal disputes just because they are responding to a request to correct an error. Such a thing is not limited to WP:ERRORS, but is everywhere at WP. That junk gets old fast. I can see how admins get burned out in any area of Wikipedia. And let us please not haul out any project as a personal example of what's wrong with WP. It's a broken record already. If the flaws were mostly at one project, there would be no need for WP:ERRORS. Admins are people, too. — Maile (talk) 23:21, 28 November 2016 (UTC)
- Well DYK needs extra special attention, that's why I brought it up. It's hardly a broken record, it's more like a broken project. The Rambling Man (talk) 05:54, 29 November 2016 (UTC)
- Well, there are currently 785 watchers at WP:ERRORS, and no way to tell how many are admins...or no longer even active at Wikipedia. But if my recent experience is any indicator, admins get tired of backing into personal disputes just because they are responding to a request to correct an error. Such a thing is not limited to WP:ERRORS, but is everywhere at WP. That junk gets old fast. I can see how admins get burned out in any area of Wikipedia. And let us please not haul out any project as a personal example of what's wrong with WP. It's a broken record already. If the flaws were mostly at one project, there would be no need for WP:ERRORS. Admins are people, too. — Maile (talk) 23:21, 28 November 2016 (UTC)
- Perhaps all responsible editors should watchlist WP:ERRORS, and then all repeatedly ask for help from admins they know, whenever the Main Page is covered by serious errors that are not being dealt with. Such an arrangement could be made to a wider forum than those currently being made. MPS1992 (talk) 22:28, 28 November 2016 (UTC)
- One problem for me is that things like "pull it" don't mean anything--I wouldn't know what to pull, where to pull, and how to pull. That whole affair is so full of queues and pipelines and waiting rooms and templates within templates, I wouldn't know what to do. I don't mind looking at the page whenever I log on, but it's not a given that I can do anything about it. Drmies (talk) 04:16, 29 November 2016 (UTC)
- It's all easy enough. Let me know if you need anything explaining. The Rambling Man (talk) 05:54, 29 November 2016 (UTC)
- I have WP:ERRORS on my watchlist, and I've started stepping into the fray a bit more. I am comfortable with pulling DYK hooks because I am okay with responding to the aggrieved party who is upset their hook got yanked. I'm not so worried about the template syntax as the various rules and procedures in place - somebody's just asked why St. Andrew's Day isn't in the "On This Day" section, and quite frankly I agree, but I'm half guessing that this is so obvious an omission that it must have been done for a reason (in this case, the
{{refimprove}}
tag halfway down the article, perhaps). Ritchie333 (talk) (cont) 13:35, 30 November 2016 (UTC)
- I have WP:ERRORS on my watchlist, and I've started stepping into the fray a bit more. I am comfortable with pulling DYK hooks because I am okay with responding to the aggrieved party who is upset their hook got yanked. I'm not so worried about the template syntax as the various rules and procedures in place - somebody's just asked why St. Andrew's Day isn't in the "On This Day" section, and quite frankly I agree, but I'm half guessing that this is so obvious an omission that it must have been done for a reason (in this case, the
Challenging closure of Axis: Bold as Love RfC
MrX closed the RfC, claiming "no consensus. There's roughly equal disagreement about whether the source was referring to genres, or simply opining about the album's influences". I am challenging this because--reviewing the entire section--there were six editors who supported the inclusion of hard rock, jazz, and rhythm & blues in the infobox, and three who didn't. That's not "roughly equal", and if the RfC were to be closed, it should have not have been "no consensus"; I believe the closer missed the sixth editor who made his/her stance in a bold yes in the discussion subsection rather than the votes. Dan56 (talk) 21:07, 29 November 2016 (UTC)
- Step one is supposed to be discussing it yourself with the closer. Have you done this? Or did you take them straight to AN, without even notifying them? Sergecross73 msg me 21:10, 29 November 2016 (UTC)
- They suggested coming here to me ([3]). Dan56 (talk) 21:33, 29 November 2016 (UTC)
- Well, yeah, but you didn't so much discuss with them as you instantly revert their close. I'm pretty certain reverting closes and arguing through edit summaries is not what is intended by "contact the editor who performed the closure and try to resolve the issue through discussion" And with AN just being one possible scenario, you still need to notify them that you started up a discussion that involves them here. That's common courtesy. Sergecross73 msg me 21:37, 29 November 2016 (UTC)
- Linking their name above should've notified them. Is there anything you'd like to add regarding the actual subject of this post? Dan56 (talk) 02:11, 30 November 2016 (UTC)
- Yes, that you're skipping steps in the process of addressing this properly, and should do that first before coming here. I would have speedy closed this had I not participated in the RFC myself. Discuss with the closer first, then come here. And if you do have to take it here, notify people through talk pages - the pinging system is so inconsistent that it's not considered good enough. (You're an experienced editor, do you really not know these things?) Sergecross73 msg me 02:18, 30 November 2016 (UTC)
- I don't see what you're getting at about the pinging system; it works fine from my experience. The editor expressed their position plainly in the edit summary; what's there left to discuss elsewhere? (I've notified them here) Dan56 (talk) 03:39, 30 November 2016 (UTC)
- Go to the very top of this page. The one you're already on.
- Scroll down until you see the first block of red text. Then read it.
- And again, you didn't discuss anything. He closed the discussion, and you both reverted once with brisk, snippy edit summaries. Stop being so argumentative and difficult every step of the way; if you assistance from AN, then start will following the most basic of the basics. Sergecross73 msg me 14:21, 30 November 2016 (UTC)
- I don't see what you're getting at about the pinging system; it works fine from my experience. The editor expressed their position plainly in the edit summary; what's there left to discuss elsewhere? (I've notified them here) Dan56 (talk) 03:39, 30 November 2016 (UTC)
- Yes, that you're skipping steps in the process of addressing this properly, and should do that first before coming here. I would have speedy closed this had I not participated in the RFC myself. Discuss with the closer first, then come here. And if you do have to take it here, notify people through talk pages - the pinging system is so inconsistent that it's not considered good enough. (You're an experienced editor, do you really not know these things?) Sergecross73 msg me 02:18, 30 November 2016 (UTC)
- Linking their name above should've notified them. Is there anything you'd like to add regarding the actual subject of this post? Dan56 (talk) 02:11, 30 November 2016 (UTC)
- Well, yeah, but you didn't so much discuss with them as you instantly revert their close. I'm pretty certain reverting closes and arguing through edit summaries is not what is intended by "contact the editor who performed the closure and try to resolve the issue through discussion" And with AN just being one possible scenario, you still need to notify them that you started up a discussion that involves them here. That's common courtesy. Sergecross73 msg me 21:37, 29 November 2016 (UTC)
- They suggested coming here to me ([3]). Dan56 (talk) 21:33, 29 November 2016 (UTC)
Requesting help resolving accusations against me
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
I don't know if this is the right venue or if there is a certain way to do this but I am being accused of being another user named Kumioko here. One person, Bbb23 stated the "checkuser" evidence was inconclusive (I have no idea what that means, but inconclusive to me means not proven). Others seem to be insisting on blocking me just based on some coincidental edits. This Kumioko user attempted to comment but their edit was reverted as ban evasion and the IP they used was added as a "sock".
So I am left with no alternative but to just stop participating in Wikipedia because a couple of people want to ban me without evidence? I need help. Mr. Nosferatu (talk) 01:07, 30 November 2016 (UTC)
- You are obviously not a new user, and quickly launched into contentious parts of the project within days of registering your account. It is quite reasonable of editors and administrators to question what accounts you have previously used, and to suspect you might be banned from the project. The best way to help yourself would be to come clean as to your previous accounts, either publicly, or privately to the arbitration committee. Someguy1221 (talk) 01:14, 30 November 2016 (UTC)
- I suspect that you're about to be blocked for being a sock of Kumioko. The evidence is convincing, as is the self-incriminating tone and style of your comment at SPI. - MrX 01:26, 30 November 2016 (UTC)
- First I have no idea what I said that was self incriminating. I asked for help and linked to a discussion where i am being accused of being someone else.
- Secondly I agree I am probably going to get blocked regardless of guilt. There seems to be a culture of blood here and you are going to get it.
- Lastly, I have never had an account before. If you think I had one then prove it or move on. I did a few edits here and there over the years as an IP and have been reading things off and on for a while and yes I read bits and pieces of the Kumioko incident currently and in the past when it was ongoing. Personally I think they were railroaded and the actions I am seeing right now from all of you has me convinced that they were right. I hope you are proud of yourselves for running off another editor who is only trying to help. Mr. Nosferatu (talk) 02:01, 30 November 2016 (UTC)
- PS, I also have absolutely no idea what I did that was contentious. I assessed a few articles, most of which weren't for WPUS yet it is those you seem to be focusing on. So its pretty obvious you are digging for a reason, any reason at all, to block someone you can accuse of this Kumioko editor. I guess you found one. Go ahead and block me as a sock of them, I don't care at this point. You wonder why I am annoyed? Really? Come on. Mr. Nosferatu (talk) 02:06, 30 November 2016 (UTC)
- "Checkuser" looks at technical things (e.g. your IP address) that are otherwise concealed, and tools such as IP geolocation are relevant. If you're on a different continent from Kumioko, the checkuser can say "there's no chance that these two are the same person", if you're using the same IP address as Kumioko, the checkuser can say "the accounts are definitely connected", and if the evidence isn't clear either way, the checkuser says "inconclusive". Nyttend (talk) 02:08, 30 November 2016 (UTC)
- Go read the result. Bbb23 stated the CU was inconclusive. Yet, here we are. I don't really know what CU is or how it works and don't care. All I know is I am being falsely accused of being someone else because I commented on the WPUS talk page and assessed some articles that user also edited. If you have proof then fine block the account. Otherwise someone needs to close that accusation and apologize for the misunderstanding. The apology is less about wanting it and more about documenting the misunderstanding on my talk page to prevent it happening again. Mr. Nosferatu (talk) 02:15, 30 November 2016 (UTC)
- Once again, "inconclusive" means that the checkuser can neither connect you nor exonerate you. In other words, the checkuser results should be ignored, not used as a basis for a decision either way. This being the case, the sockpuppetry case has to proceed on behavioral grounds: are you acting like Kumioko? I'll not offer an opinion either way. Nyttend (talk) 03:16, 30 November 2016 (UTC)
- What I am acting like is someone who is pissed off that they are being accused of being someone else and even though the "evidence" doesn't prove it, a few people are continuing with the accusations anyway like they are the Ten Commandments. I'm not sure how someone should react to being accused, falsely, of being someone else...should I say thank you? You tell me? How does this community expect someone to react when they are being accused of something they didn't do or someone they are not? Mr. Nosferatu (talk) 03:35, 30 November 2016 (UTC)
- May I speak bluntly? We don't give a shit whether you are a sockpuppet or a saint. People who do useful things are welcome, while those who waste community time and energy by whining at noticeboards are not. Johnuniq (talk) 03:41, 30 November 2016 (UTC)
- Ok fine I will speak bluntly as well. I was contributing positively until Fram went to a Sockpuppet "noticeboard" "whining" and "wasting community time" by accusing me of someone else. Now, if you have a problem with me coming here and asking for help with clearing these baseless accusations then I also do not give a shit. Honestly, the longer I argue this with you "editors" that just seem to want to create drama for no F'ing reasons makes me think more and more than this "community" is a lost cause and not worth my time. Now either provide proof of your claims and block my account or close that accusation and apologize for the mistake. Its really that easy. Mr. Nosferatu (talk) 04:02, 30 November 2016 (UTC)
- Guessing that this is my final comment. Both in your wording and in your tone, you sound extremely similar to Kumioko/Reguyla, whether at the start of Commons:Village_pump/Archive/2016/03#My_block_on_IRC or in the final sections of User talk:Reguyla/Archive 1. Among other things, both you and Reguyla are unusually fond of the use of "false" and unusually prone to use "its" in place of "it's". Moreover, your tone is unusual for someone who's merely annoyed at how a previous editor was received, as is your focus on the idea that Kumioko was banned for criticising administrators; as far as I know, this position wasn't held by anyone other than Kumioko himself, and you sound very much like Reguyla's opening comments at the linked COM:VP discussion. Finally, the "go ahead and block me" sentiment is hardly what I would expect a newly registered user to say in his first comment at a talk page, his first comment in a discussion (it's very rare to see anyone say such a thing), because people who begin editing as IPs generally know how to fit in with the community, rather than agonizing them. Nyttend (talk) 04:41, 30 November 2016 (UTC)
- Ok so first thing first. The its versus it's thing is due to the spellchecker on my phone auto changing stuff. I just got a new phone and I haven't fixed all the settings yet. Next, I never had a problem as an IP because I rarely edited and was never accused of being someone else. It wasn't until I created an account and started editing more actively that I ran into problems. If Kumioko was accused of stuff they didn't do then sure I guess our tone would be similar. I also never realized using the word false to identify being falsely accused of something to be an uncommon term. It's used on TV a lot, I see it in the news and in printed media a lot, so I guess no one told the rest of the world its usage is uncommon. So again maybe you can tell me how a new editor who has been (what's the synonym for falsely accused) should act when they are "wrongly" accused of being someone else? I get it, you people hate Kumioko but you know what, get over it. Not every new editor who shows an interest in the same topics is going to be them and dare I say it, I am seeing why they had a problem with some of the people here if this is how they were treated as well. [insert sarcastic tone here]You're really doing a great job of proving them wrong. Mr. Nosferatu (talk) 11:31, 30 November 2016 (UTC)
- Guessing that this is my final comment. Both in your wording and in your tone, you sound extremely similar to Kumioko/Reguyla, whether at the start of Commons:Village_pump/Archive/2016/03#My_block_on_IRC or in the final sections of User talk:Reguyla/Archive 1. Among other things, both you and Reguyla are unusually fond of the use of "false" and unusually prone to use "its" in place of "it's". Moreover, your tone is unusual for someone who's merely annoyed at how a previous editor was received, as is your focus on the idea that Kumioko was banned for criticising administrators; as far as I know, this position wasn't held by anyone other than Kumioko himself, and you sound very much like Reguyla's opening comments at the linked COM:VP discussion. Finally, the "go ahead and block me" sentiment is hardly what I would expect a newly registered user to say in his first comment at a talk page, his first comment in a discussion (it's very rare to see anyone say such a thing), because people who begin editing as IPs generally know how to fit in with the community, rather than agonizing them. Nyttend (talk) 04:41, 30 November 2016 (UTC)
- Ok fine I will speak bluntly as well. I was contributing positively until Fram went to a Sockpuppet "noticeboard" "whining" and "wasting community time" by accusing me of someone else. Now, if you have a problem with me coming here and asking for help with clearing these baseless accusations then I also do not give a shit. Honestly, the longer I argue this with you "editors" that just seem to want to create drama for no F'ing reasons makes me think more and more than this "community" is a lost cause and not worth my time. Now either provide proof of your claims and block my account or close that accusation and apologize for the mistake. Its really that easy. Mr. Nosferatu (talk) 04:02, 30 November 2016 (UTC)
- May I speak bluntly? We don't give a shit whether you are a sockpuppet or a saint. People who do useful things are welcome, while those who waste community time and energy by whining at noticeboards are not. Johnuniq (talk) 03:41, 30 November 2016 (UTC)
- What I am acting like is someone who is pissed off that they are being accused of being someone else and even though the "evidence" doesn't prove it, a few people are continuing with the accusations anyway like they are the Ten Commandments. I'm not sure how someone should react to being accused, falsely, of being someone else...should I say thank you? You tell me? How does this community expect someone to react when they are being accused of something they didn't do or someone they are not? Mr. Nosferatu (talk) 03:35, 30 November 2016 (UTC)
- Once again, "inconclusive" means that the checkuser can neither connect you nor exonerate you. In other words, the checkuser results should be ignored, not used as a basis for a decision either way. This being the case, the sockpuppetry case has to proceed on behavioral grounds: are you acting like Kumioko? I'll not offer an opinion either way. Nyttend (talk) 03:16, 30 November 2016 (UTC)
- Go read the result. Bbb23 stated the CU was inconclusive. Yet, here we are. I don't really know what CU is or how it works and don't care. All I know is I am being falsely accused of being someone else because I commented on the WPUS talk page and assessed some articles that user also edited. If you have proof then fine block the account. Otherwise someone needs to close that accusation and apologize for the misunderstanding. The apology is less about wanting it and more about documenting the misunderstanding on my talk page to prevent it happening again. Mr. Nosferatu (talk) 02:15, 30 November 2016 (UTC)
- "Checkuser" looks at technical things (e.g. your IP address) that are otherwise concealed, and tools such as IP geolocation are relevant. If you're on a different continent from Kumioko, the checkuser can say "there's no chance that these two are the same person", if you're using the same IP address as Kumioko, the checkuser can say "the accounts are definitely connected", and if the evidence isn't clear either way, the checkuser says "inconclusive". Nyttend (talk) 02:08, 30 November 2016 (UTC)
- PS, I also have absolutely no idea what I did that was contentious. I assessed a few articles, most of which weren't for WPUS yet it is those you seem to be focusing on. So its pretty obvious you are digging for a reason, any reason at all, to block someone you can accuse of this Kumioko editor. I guess you found one. Go ahead and block me as a sock of them, I don't care at this point. You wonder why I am annoyed? Really? Come on. Mr. Nosferatu (talk) 02:06, 30 November 2016 (UTC)
- It's interesting that you mention your phone, because you are not using a phone to edit this site. —DoRD (talk) 13:00, 30 November 2016 (UTC)
Does anyone know how Mr. Nosferatu (talk · contribs) became aware of Wikipedia:Sockpuppet investigations/Kumioko? That is, what prompted them to post there? The 8 October 2016 comment shows precisely the same confusion believed only by Kumioko. Johnuniq (talk) 05:03, 30 November 2016 (UTC)
Can someone also block the static IP 138.163.0.41? It's Kumioko (self-declared and obvious anyway), and the previous 3-month block of that IP has expired without any improvements so a longer block may be needed for the IP. Fram (talk) 15:29, 30 November 2016 (UTC)
- We'll try six months this time. Boing! said Zebedee (talk) 15:45, 30 November 2016 (UTC)
Creation of six Regional Indicator Symbol redirects
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
I'd like an administrator to create six redirect pages for these Regional Indicator Symbol combinations (similar to the redirect of 🇦🇩 to Flag of Andorra):
#REDIRECT [[Flag of Ascension Island]]
#REDIRECT [[Flag of Brazil]]
#REDIRECT [[Flag of Europe]]
#REDIRECT [[Flag of the Canary Islands]]
#REDIRECT [[Flag of Tristan da Cunha]]
#REDIRECT [[Flag of the United Nations]]
I would do it myself but I get a "Permission error". Thanks. DRMcCreedy (talk) 23:27, 30 November 2016 (UTC)
IP pushing PoV?
We've an IP 66.244.122.100 who keeps pushing that Roy Cooper has be elected Governor of North Carolina & yet that election is still in dispute. It's quite likely that eventually Cooper will be declared the winner, but that hasn't happened yet. GoodDay (talk) 16:10, 1 December 2016 (UTC)
Russian editing on Articles Concerning American Politics
This is a general question but wanted to get some thoughts. It been widely reported that Russia has sponsored efforts to undermine US elections and politics. Russia has developed fake news, hacked emails, etc. I would think it would be likely that the Russian government could sponsor editors on Wikipedia to push certain POVs inside of US politics. Is this something that Wikipedia has considered? Could Wikipedia do anything to prevent this (e.g. identify editors from locations that are located in Eastern Europe or within Russia)? Casprings (talk) 22:31, 29 November 2016 (UTC)
- There's no evidence this has happened or will happen. If we see POV pushing editors, we'll deal with them, same as always. It's rather easy to do so in that topic area because it's under discretionary sanctions. Given that this is the encyclopedia that anyone can edit, we're not about to block all of Eastern Europe and Russia from editing a whole topic area. ~ Rob13Talk 11:30, 1 December 2016 (UTC)
- Just wanting to know.. but wouldn't this be easy to look at? You just look at articles the Russian government might be interested in (e.g. Syria) and see if ips are: 1. From Russia or Eastern Europe; 2. Editing the article in favor of known Russian positions. You wouldn't have to ban editors. You could then investigate further or even tag the editors so others would know. There is actually plenty of evidence that this is happening or will happen in the future. Russian efforts in cyber are very widely reported by mulitiple wp:rs.Casprings (talk) 11:59, 1 December 2016 (UTC)
- Do you really imagine that the USA is not also making "efforts in cyber"? If you accept that, then we just look at articles the U.S. government might be interested in (e.g. Syria) and see if ips are: 1. From the USA, Canada or Western Europe; 2. Editing the article in favor of known U.S. positions... and so on. The USA does have a past history of interfering in the internal affairs of other countries, after all. MPS1992 (talk) 19:04, 1 December 2016 (UTC)
- Yeah, not to mention that we should expect Russian citizens to enter from a pro-Russian POV at times, if only due to their government's influence. Same as US citizens, really. I should say there's no specific evidence of government-endorsed/paid POV editing. I seriously doubt this would ever happen. I could see it on the Russian Wikipedia as an inward-facing propaganda thing, but on the English Wikipedia? When you can choose to dedicate resources anywhere you want to influence American politics through espionage, hacks, theft of sensitive materials, military operations, etc., what sensible government chooses Wikipedia? As much as we like to pretend otherwise sometimes, we're not that important. ~ Rob13Talk 19:18, 1 December 2016 (UTC)
- Do you really imagine that the USA is not also making "efforts in cyber"? If you accept that, then we just look at articles the U.S. government might be interested in (e.g. Syria) and see if ips are: 1. From the USA, Canada or Western Europe; 2. Editing the article in favor of known U.S. positions... and so on. The USA does have a past history of interfering in the internal affairs of other countries, after all. MPS1992 (talk) 19:04, 1 December 2016 (UTC)
- I wouldn't suggest the US isn't making efforts. What I would suggest that it hasn't been reported in an WP:RS that the US government efforts "include thousands of botnets, teams of paid human “trolls,” and networks of websites and social-media accounts — echoed and amplified right-wing sites across the Internet as they portrayed Clinton as a criminal hiding potentially fatal health problems and preparing to hand control of the nation to a shadowy cabal of global financiers. The effort also sought to heighten the appearance of international tensions and promote fear of looming hostilities with nuclear-armed Russia." . Multiple sources do say that about Russia. Rather the US is or isn't doing that also seems a little irrelevant to the question. Shouldn't Wikipedia investigate possible influence by governments, rather or not other governments do it? If multiple reporting on Russia is true, editing Wikipedia to support certain POVs would be right in-line with their past behavior. Both the popularity, the rule based behavior of Wikipedia, and the openness to editing makes it a pretty easy target for any organized state effort to sway public opinion. Just saying... Casprings (talk) 21:52, 1 December 2016 (UTC)
- Thank you for your reply, Casprings. There seems to be a vague consensus here that it is unlikely that the WMF would or should spend much time investigating possible influence by governments. That, of course, is merely the opinions of some editors here on this one particular project. I think most or all of us volunteer editors do our best to deal appropriately with editing we encounter that seems not in accordance with WP:NPOV for whatever reasons. Speaking of which, you may wish to spend some of your volunteer time assisting User:Sagecandor, who has posted at Wikipedia:Neutral point of view/Noticeboard#Concerns about potential influx of Russian propaganda users regarding exactly that. MPS1992 (talk) 00:18, 3 December 2016 (UTC)
- Just wanting to know.. but wouldn't this be easy to look at? You just look at articles the Russian government might be interested in (e.g. Syria) and see if ips are: 1. From Russia or Eastern Europe; 2. Editing the article in favor of known Russian positions. You wouldn't have to ban editors. You could then investigate further or even tag the editors so others would know. There is actually plenty of evidence that this is happening or will happen in the future. Russian efforts in cyber are very widely reported by mulitiple wp:rs.Casprings (talk) 11:59, 1 December 2016 (UTC)
- We can't respond to every moral panic that crops up from time to time, whether it's rainbow parties or Russian whatevers. LavaBaron (talk) 00:27, 3 December 2016 (UTC)
- Everybody who is editing articles on Russian/Ukrainian topics knows that this happened already years ago. We have a lot of POV pushers, in particular, from the Russian side. They are often accounts which registered years ago but made may be several dozens edits. They appear from nowhere and start non-neutral editing, edit-war, often refuse to discuss or repeat the arguments which were already rejected previously etc. This takes enormous amount of time from editors in good standing, and in the end the accounts get blocked anyway. The easiest is to block these accounts per WP:NOTTHERE as early as possible if it is clear they behave disruptively.--Ymblanter (talk) 08:39, 3 December 2016 (UTC)
Requested unblock, user:zanimum
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Hi, I'm wondering if anyone could work with me to get me unblocked, as per this suggestion on Meta? I believe the password I was using on LinkedIn some years ago, which was leaked a few months ago, is the password I was using for my global Wikimedia account. Anyway, someone logged in and delinked the main page on about 170 pages, using my account.
I'm an editor since 2002, a sysops since 2003 or 2004, and part of the WMF Communications Committee. I'd like to simply change my password to something secure, and go back to editing, please. How can we go about doing this? My email address is available on my German Wikipedia user page. -- 198.96.114.148 (talk) 16:17, 2 December 2016 (UTC) (user:zanimum at work)
- Your email address, nicholasmoreaugmail.com, appears on your userpage here as well. Please reply to the email I've just sent you. Nyttend (talk) 17:13, 2 December 2016 (UTC)
- Whoops, that's true! (I got lazy and Googled my username, instead of typing in the URL, and strangely other projects came up first.) I've just replied, thank you for your help! -- 198.96.114.20 (talk) 18:29, 2 December 2016 (UTC)
- Just to note that I've no objection to any admin unblocking the account locally without reference to me, once the ID has been established. Sorry, I don't have time to look into this myself. Optimist on the run (talk) 18:40, 2 December 2016 (UTC)
- I have received a response from Nick, confirming that the IP really is his. Now let's see about getting him back in control of his account. Nyttend (talk) 21:58, 2 December 2016 (UTC)
- I appreciate Zanimum's posting here for the local community to be aware that he will be returning to editing En-WP, but I think the trust and security team in the Office has also been involved recently in confirming that compromised admin accounts have been secured. Zanimum, would it be possible for you to have someone there give us a go-ahead here? Newyorkbrad (talk) 22:16, 2 December 2016 (UTC)
- I have received a response from Nick, confirming that the IP really is his. Now let's see about getting him back in control of his account. Nyttend (talk) 21:58, 2 December 2016 (UTC)
- Just to note that I've no objection to any admin unblocking the account locally without reference to me, once the ID has been established. Sorry, I don't have time to look into this myself. Optimist on the run (talk) 18:40, 2 December 2016 (UTC)
- Whoops, that's true! (I got lazy and Googled my username, instead of typing in the URL, and strangely other projects came up first.) I've just replied, thank you for your help! -- 198.96.114.20 (talk) 18:29, 2 December 2016 (UTC)
User continues to remove sourced information
Hello, could I please have help in solving this matter? I added some information to the Guardian: The Lonely and Great God page but another user continues to remove this information. I tried to engage in a discussion with them on their talk page but they removed the message. This is not the first time I have encountered this. I have seen many other South Korean drama pages that list information like this. A few months ago, under a different IP address, the same user was removing large portions of information and when I tried to leave a message on their talk page they ignored it. I had to get another Wikipedia user to act as a mediator to solve that issue and I'm having to do that again. Could someone please help me solve this? Thanks. (124.43.93.21 (talk) 11:10, 4 December 2016 (UTC))
Active politician?
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
I have a dispute regarding this, active politician status on the talkpage of a biography - if a person was in a position then are no longer in a position, they have no political job, no political status at all, are they then classed as an active politician, yes or no on the talkpage settings? Govindaharihari (talk) 19:58, 3 December 2016 (UTC)
- Govindaharihari is referring to the discussion here. Absolutelypuremilk (talk) 20:03, 3 December 2016 (UTC)
- That discussion is about the actual article content, this concern is about the talkpage status only, is he to be classed as an active politician or not when he has no political job Govindaharihari (talk) 20:06, 3 December 2016 (UTC)
- This is a pure content dispute (about a banner that doesn't really matter at that). What administrative action are you looking for here? Work it out on the talk page. --Majora (talk) 20:08, 3 December 2016 (UTC)
- As an aside, your edit didn't actually do anything. -- zzuuzz (talk) 20:12, 3 December 2016 (UTC)
- user_talk:zzuuzz Then why was it reverted? https://en.wikipedia.org/w/index.php?title=Talk:Zac_Goldsmith&diff=prev&oldid=752856912 the use absolutallypuremilk is claiming there is a consensus for his change that a person without any political job is to be classed as an active Politian - active, yes or no - then why do we have the parameter?
- It is more important than that, although it is clear to me, Apsolutepurepilk is disputing it, I am looking for an administration comment to sort this out, it is important, otherwise why do we have the yes or no options, should inactive politicians be classed as active - yes because they have been active in the past? Govindaharihari (talk) 20:16, 3 December 2016 (UTC)
- When you've got users like Martinevans123 on the case you don't need an admin. Actually I see the the diff which is mentioned on the talk page will work - there's more than one parameter to change. Personally I think the talk page template should be reworded to include politicians who have recently left office. As it is currently worded however, it clearly does not apply. Don't bother with whether they are active or not, look at what the template says. -- zzuuzz (talk) 20:28, 3 December 2016 (UTC)
- I have requested an edit to the template so this issue does not suck up time again, see here Template_talk:Active_politician#Edit_request. I also suggest changing the wording so it applies to all politicians in office, regardless of whether they are campaigning for reelection. NPalgan2 (talk) 21:36, 3 December 2016 (UTC)
- That idiot Evans knows nothing about politics. He can't see the wood for the trees. Tell him to just get his skates on and stop being so ruddy reckless. Sheherazade Ventura-Bentley123 (talk) 21:43, 3 December 2016 (UTC)
- When you've got users like Martinevans123 on the case you don't need an admin. Actually I see the the diff which is mentioned on the talk page will work - there's more than one parameter to change. Personally I think the talk page template should be reworded to include politicians who have recently left office. As it is currently worded however, it clearly does not apply. Don't bother with whether they are active or not, look at what the template says. -- zzuuzz (talk) 20:28, 3 December 2016 (UTC)
Possibly compromised account
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
- WikiCats (talk · contribs · deleted contribs · logs · filter log · block user · block log)
Recent behavior of WikiCats (see deleted edits too) suggests that it might be compromised. Would appreciate if an admin (or admins) could investigate. Thanks, FASTILY 08:23, 28 November 2016 (UTC)
- Blocked. I'm going offline now for a while: I'm happy with anyone else taking further/different action. DrKay (talk) 08:32, 28 November 2016 (UTC)
- Considering the long absence, and that the edits they're making are similar to those made over 10 years ago, my money would be on the account not being compromised. -- zzuuzz (talk) 08:54, 28 November 2016 (UTC)
- I don't see any evidence of compromise either. The two things they have created (and which have been deleted), Parochialism in Sydney and Category:Catholic Church offices, have have been deleted before after being initially created by the same account - a hacker wouldn't be able to see their deleted contributions and wouldn't know they'd previously created them, would they? Also, there is evidence of long breaks before too - not as long as this 3-year gap, but we have only 2 edits between between December 2006 and January 2008, a gap between September 2008 and May 2010 with only two edits, and a gap of nearly 2 years between September 2011 and June 2013 with no edits. As per DrKay's comment, I have unblocked - and will keep an eye on edits. Boing! said Zebedee (talk) 09:32, 1 December 2016 (UTC)
- Actually, I've just realised that there are links to Parochialism in Sydney and Category:Catholic Church offices at User:WikiCats, so a hacker could have recreated them from there - but I still think these re-creations coupled with previous long absences put the balance in favour of not compromised. Boing! said Zebedee (talk) 09:35, 1 December 2016 (UTC)
- The editor has been unblocked by Boing! said Zebedee on the theory that there is no compromise of the account. In my opinion this thread can be closed. EdJohnston (talk) 19:42, 3 December 2016 (UTC)
Image files with embedded data
For those who don't wander over to commons often - there has been a large issue with uploaded jpgs containing a hidden video appended at the end of the file, in order to use Wikimedia as a free web host. I suspect less likely here, as we require autoconfimation to upload, but since commons has implemented an edit filter to stop such uploads, they may start looking elsewhere. See...
- c:Commons:Administrators'_noticeboard#Influx_of_files_with_embedded_data_.28CSD.23F9.29
- c:Special:AbuseFilter/160
- Filter Log
Would it be sensible to add their edit filter here to to make sure? Ronhjones (Talk) 01:49, 5 December 2016 (UTC)
- The query on Commons yields nothing here. MER-C 02:47, 5 December 2016 (UTC)
- Unless there's evidence of active damage on enwiki, I think we should let it be for now. Edit filters are expensive, and this a new/not-very-prevalent issue on Commons. It may be a temporary uptick in activity. ~ Rob13Talk 03:50, 5 December 2016 (UTC)
- As an admin here and at Commons, I agree: as long as the query finds nothing, we should be good, and we can always use the filter if needed. If I were one of these uploaders, finding myself thwarted at Commons, I'd try to find some other way to do it (I have a "good" idea, but WP:BEANS gets in the way...), rather than coming to the largest of all WMF projects, where folks might find it easy to stop me if I did the same thing. Nyttend (talk) 16:17, 5 December 2016 (UTC)
- Unless there's evidence of active damage on enwiki, I think we should let it be for now. Edit filters are expensive, and this a new/not-very-prevalent issue on Commons. It may be a temporary uptick in activity. ~ Rob13Talk 03:50, 5 December 2016 (UTC)
Arbitration enforcement action appeal by Anonywiki
The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Procedural notes: The rules governing arbitration enforcement appeals are found here. According to the procedures, a "clear, substantial, and active consensus of uninvolved editors" is required to overturn an arbitration enforcement action.
To help determine any such consensus, involved editors may make brief statements in separate sections but should not edit the section for discussion among uninvolved editors. Editors are normally considered involved if they are in a current dispute with the sanctioning or sanctioned editor, or have taken part in disputes (if any) related to the contested enforcement action. Administrators having taken administrative actions are not normally considered involved for this reason alone (see WP:UNINVOLVED).
- Appealing user
- Anonywiki (talk · contribs · deleted contribs · logs · filter log · block user · block log) – Anonywiki (talk) 15:39, 27 November 2016 (UTC)
- Sanction being appealed
- Topic ban from the subject of GMOs, imposed at
- Wikipedia:Arbitration/Requests/Enforcement#Anonywiki, logged at
- log of sanctions (according to EdJohnston, I can't find it.)
- Administrator imposing the sanction
- EdJohnston (talk · contribs · blocks · protections · deletions · page moves · rights · RfA)
- Notification of that administrator
- The appealing editor is asked to notify the administrator who made the enforcement action of this appeal, and then to replace this text with a diff of that notification. The appeal may not be processed otherwise. If a block is appealed, the editor moving the appeal to this board should make the notification.
Statement by Anonywiki
This is the by far most bizarre sanction I have ever received on Wikipedia.
The original text read that commentators were "pointing out" that Jill Stein's comments contradicted the scientific consensus. The "pointing out" was changed by me to "claiming". In the discussion I added the analogy that if Huffington Post writers are writing that Putin is trying to rebuild the Soviet Union we don't say commentators are "pointing out" that Putin is trying to rebuild the Soviet Union.
In the end some other editor changed the verb to "writing that", which has the equivalent point, marking an improvement to the accuracy of the article first initiated by me and a mistake in moderation by EdJohnston. I totally agreed with this edit, it was similar to my own, the "pointing out" was changed to "writing that" because we do not have a point of view about this opinion.
In my opinion EdJohnston has not understood the argument and is pushing his moderation powers around. In my opinion he has acted in an outrageous manner and I hope he is sanctioned himself.
I agreed with the new more correct wording but because EdJohnston did not like my opinions he found that he would ban me from the subject of GMOs for one year.
The reason that in one edit I removed the Huffington Post links was because of the incorrect wording. I had zero problem with it after that. Anonywiki (talk) 15:39, 27 November 2016 (UTC)
Statement by EdJohnston
The problem with Anonywiki's editing about GMOs was discussed in detail in the Arbitration Enforcement request. The complete set of diffs was presented there. Two other admins supported issuing a topic ban. Anonywiki speaks as though his own position on GMOs was obviously correct, writing that "Hobbyists and dilettantes should refrain from making edits on such articles that have specific meanings and contexts that are clearly lost on them." He does not seem to be aware that an RfC was closed on 7 July 2016 by a panel of three administrators that expresses the Wikipedia consensus on the topic of GMOs. The consensus was found to be Proposal 1 of that RfC. EdJohnston (talk) 16:45, 27 November 2016 (UTC)
Statement by Neutrality
I was the editor who originally filed the complaint against Anonywiki. His/her appeal should be denied for the reasons set forth by EdJohnston, and because Anonywiki presents no substantial reason to lift the topic ban. Neutralitytalk 00:18, 28 November 2016 (UTC)
Discussion among uninvolved editors about the appeal by Anonywiki
- I see no legitimate reason put forward by the OP for the sanction to be overturned. Beyond My Ken (talk) 18:26, 27 November 2016 (UTC)
- BTW, assuming that this appeal is declined, I assume that the clock starts ticking on the six months before Anonywiki can appeal the sanction at that time, and is not measured from the original placement of the sanction. Beyond My Ken (talk) 18:36, 27 November 2016 (UTC)
- Agree with BMK. Miniapolis 23:06, 27 November 2016 (UTC)
- I see no reason presented for lifting the topic ban. Decline. The Blade of the Northern Lights (話して下さい) 00:32, 28 November 2016 (UTC)
- Decline. This appeal clearly doesn't address the totality of the issues presented at AE, and I have no confidence in lifting a topic ban when the editor under sanction doesn't understand why their editing was problematic. ~ Rob13Talk 22:13, 29 November 2016 (UTC)
- Decline - Editor makes the same arguments made at the original AE, and is clearly attempting to unilaterally change consensus. I see no merit to the claim that EdJohnston overstepped their authority as an admin. Recommend that the six-month clock start over when this appeal is closed, and any appeals prior to that date should be summarily closed on that technicality. — Jkudlick • t • c • s 18:38, 3 December 2016 (UTC)
Result of the appeal by Anonywiki
- There is clear and active consensus to decline the appeal. ☺ · Salvidrim! · ✉ 17:27, 5 December 2016 (UTC)
Question of possible undue weight in articles on Hillary Clinton and Donald Trump
Because I don't have a freaking clue exactly where to post this, I am posting it here. In the first article, the lede prominently mentions the factoid that Clinton won the popular vote by 0.2%. There has been significant discussion on the talk page of the other article on Donald Trump about adding that material to the lede of that article as well. Personally, I think the matter is basically virtually trivia, and certainly doesn't deserve to be mentioned in the lede of either article at this point. The matter has received a great deal of press attention since the election, for various reasons, but I have to personally think that this attention to it is only a temporary blip. I could be wrong of course. I think broader input from a greater variety of experienced editors on this matter would be very useful, and sorry if I put this in the wrong place. John Carter (talk) 23:34, 5 December 2016 (UTC)
- I think you're very incorrect that this is going to be a blip. It's also in the lede not only of George W. Bush but of Rutherford B. Hayes! –Roscelese (talk ⋅ contribs) 23:47, 5 December 2016 (UTC)
- There is historical context in both of those mentions (gotta love the ref for the Bush one though), but more generally: House POV will prevail, don't drive yourself nuts about it. Arkon (talk) 23:53, 5 December 2016 (UTC)
- The only part that's really annoying is the tendency to phrase it as "despite winning the popular vote, XYZ lost the election." which puts the emphasis on the popular vote, not the true major event, the actual result of the election. It took a bit on Clinton / Trump to get it phrased as "...lost the election despite winning the popular vote". Subtle but very real POV push and yes, the house POV as well. Ravensfire (talk) 00:10, 6 December 2016 (UTC)
- I tend to agree that phrasing to the effect of "X lost in the electoral count, despite receiving (some) more popular votes," would probably be more neutral and place more emphasis on the matter that is really important in these instances, the electoral count, not the popular vote. John Carter (talk) 00:12, 6 December 2016 (UTC)
- The only part that's really annoying is the tendency to phrase it as "despite winning the popular vote, XYZ lost the election." which puts the emphasis on the popular vote, not the true major event, the actual result of the election. It took a bit on Clinton / Trump to get it phrased as "...lost the election despite winning the popular vote". Subtle but very real POV push and yes, the house POV as well. Ravensfire (talk) 00:10, 6 December 2016 (UTC)
- There is historical context in both of those mentions (gotta love the ref for the Bush one though), but more generally: House POV will prevail, don't drive yourself nuts about it. Arkon (talk) 23:53, 5 December 2016 (UTC)
- FWIW, nobody won the popular vote in 2016, as nobody got over 50%. GoodDay (talk) 00:20, 6 December 2016 (UTC)
- Yeah, that's been mentioned on the Trump talk page too, where someone indicated Clinton won the plurality not the majority. John Carter (talk) 00:21, 6 December 2016 (UTC)
This kind of thing goes to WP:NPOV/N after discussions on talk page. Alanscottwalker (talk) 00:24, 6 December 2016 (UTC)
It wouldn't surprise me if those articles-in-question were victims of WP:RECENTISM, as well. GoodDay (talk) 00:27, 6 December 2016 (UTC)
- Not necessarily; Hayes' article has mentioned this fact since at least 9 August 2002. Nyttend (talk) 02:21, 6 December 2016 (UTC)
- Particularly the bio of Trump. Clinton has been pretty much quiet lately, but there seems to be an almost uncontrollable urge on the part of people to add content to the main article on a topic, in this case the Trump bio, rather than the more directly relevant subarticle dealing with the narrower topic. John Carter (talk) 00:51, 6 December 2016 (UTC)
- Arnav19 (talk · contribs · deleted contribs · logs · filter log · block user · block log)
Arnav19 is a very prolific editor in Indian television articles, but for six months or more I've been dealing with massive cleanup efforts across his articles. He's created tons of them using some flawed template and just keeps creating more with the same weird and unnecessary errors:
- Numbering things 01, 02, 03 instead of 1, 2, 3. I had to fix a ton of these in August but they still keep coming.
- Adding Indic script to the lead (contravening WP:NOINDICSCRIPT)
- Misusing
|related=
,|followed_by=
,|preceded_by=
- the first is for spin-offs, adaptations, reboots. Arnav tends to use it to indicate shows that are thematically similar. The other two are for works in the same general continuity. Star Trek: Deep Space Nine precedes Star Trek: Voyager. Arnav et al. use it to indicate that Show X aired in the 8pm time slot before Show Y. - Generally having no awareness or understanding of Template:Infobox television despite numerous efforts to get him to look at it.
- Prematurely creating articles for individual TV seasons when the articles basically duplicate what's in the main article. Compare Annamalai (season 3) to Annamalai (2014 TV series). Or look at Rayil Sneham (season 3) and ask why there isn't even a main article on the show.
- There was an issue with him recreating Maragatha Veenai (Tamil series) after an AfD had been held for a AfD had been held on a similarly named article. (I just remember this issue. Not sure what to do about it.)
- A couple of months ago I had to fix a ton of articles that incorrectly listed Tamil Nadu (a state in India) as a country.
- I haven't even dealt with the matter of whether or not the articles he's creating are notable. Is it on Indian TV? Boom, he creates it.
- There were numerous other problems -- poorly sourced improperly formatted International broadcast sections, etc.
Now, he didn't create all the articles, but I found I kept finding his name at the bottom of a lot of them. Some of the problems have improved, but many have not. And as a very strange coincidence, many of my fixes were met with extreme resistance by a number of fly-by-night editors and IPs. Like, people were going out of their way to restore 01, 02, 03, and a number of the other bizarre mistakes. Very odd. IP 73.189.117.30 was one of them, a California-based IP on Comcast. In this edit from a few days ago, Arnav creates an article and includes the unnecessary |preceded_by=
, |followed_by=
and |related=
, which gets filled up (erroneously) by a California-based IPv6 editor from Comcast. Given the nature of Indian entertainment articles, it's not out of the question that there are numerous paid editors circulating around these articles. Anyway, the bigger issue is how to handle Arnav, how to get him to bring the articles he's already created up to snuff before creating more, and how to deal with the problems created. I'm happy to help with some of the cleanup, but since I've already been involved in a lot of the cleanup, I think it would be most equitable to let another admin handle the adminning here. Arnav has not been impolite, but his prior assurances that he'd help clean things up I don't think have been fulfilled and he keeps moving forward with new articles instead of being sure that the one's he's created meet a basic standard. I also think that English is not his strong suit, so that will be a challenge as well. Thanks. Cyphoidbomb (talk) 03:20, 6 December 2016 (UTC)
- I've come across the editor when I was cleaning up after another sockfarm. I've found most of the articles to revolve around shows on Raj TV but unlike that sockfarm (which was exclusive to the channel) Arnav19 is prolific on any dubbed TV series and the articles all had the same problems as the farm. —SpacemanSpiff 03:45, 6 December 2016 (UTC)
- Leaving pings for User:JamesBWatson, User:Huon and User:Doc James who have issued previous blocks to this editor. Per Cyphoidbomb, now that the editor has admitted there is a problem, if he still seems incapable of changing his approach then a block may be needed. EdJohnston (talk) 17:29, 6 December 2016 (UTC)
- I blocked them indefinitely due to copyright issues and than agreed to unblock them once they agreed they would not happen again. Any more of these since the block? Doc James (talk · contribs · email) 19:34, 6 December 2016 (UTC)
- Okay yes indefinitely blocked. They continue to copy and paste. Such as here[4] from [5]
- The problem with likely paid editors is that they will simply move onto socking. Doc James (talk · contribs · email) 19:38, 6 December 2016 (UTC)
- @Doc James: Thanks for the assist here. Yeah, it'll always be a problem, but at least if I now have a pattern in my head for this user, it might be able to get them blocked quicker and have CU confirm stuff. Thanks, Cyphoidbomb (talk) 19:55, 6 December 2016 (UTC)
- I blocked them indefinitely due to copyright issues and than agreed to unblock them once they agreed they would not happen again. Any more of these since the block? Doc James (talk · contribs · email) 19:34, 6 December 2016 (UTC)
- @SpacemanSpiff: thanks for your info on that other sockfarm. I'll try to keep that in mind. I've been dealing with something I've been calling a "Campaign of Ignorance" where it seems a ton of IPs and fly-by-night users keep reverting anything that doesn't fit with a cookie-cutter template. I'm going to bend your ear about that on your talk page in a minute. Regards, Cyphoidbomb (talk) 19:54, 6 December 2016 (UTC)
- Leaving pings for User:JamesBWatson, User:Huon and User:Doc James who have issued previous blocks to this editor. Per Cyphoidbomb, now that the editor has admitted there is a problem, if he still seems incapable of changing his approach then a block may be needed. EdJohnston (talk) 17:29, 6 December 2016 (UTC)
Topic ban
- Let's keep it neutral (talk · contribs · deleted contribs · logs · filter log · block user · block log)
- Sinbad Barron (talk · contribs · deleted contribs · logs · filter log · block user · block log)
Hello sysops. I am topic banned from making any edits on the Balkans and this is how it's now been for about a year and a half. I only edit from time to time anyway and the account I have is a legit alternative account of User:Sinbad Barron, but this is known to all editors that have dealt with my account. Ideally I would have liked to ping User:Swarm here but his editing pattern shows he may not be likely to respond to my message any time soon, it is one month since his last contrib. Anyhow, would someone be willing to allow me to make edits once more on Balkans subjects as I promise I will respect concensus, not edit war, and be constructive. I'm happy to accept some form of restriction if this can be allowed. Thankyou all from now for any consideration, in mean time I will edit as I do normally. --Sinbad Barron (talk) 09:46, 6 December 2016 (UTC)
Could you clarify the name E.V.R ( periyar)?. You have mentioned Erode venkata Ramasamy, but his actual name is Erode venkatappar Ramasamy. Pls check and correct it. — Preceding unsigned comment added by Elaiharajas (talk • contribs) 13:37, 6 December 2016 (UTC)
- Um, Elaiharajas, how is Periyar E. V. Ramasamy related to Sinbad Barron's topic ban from the Balkans? Nyttend (talk) 15:46, 6 December 2016 (UTC)
@Sinbad Barron: Can you please provide links to the prior discussion that resulted in the topic-ban? Newyorkbrad (talk) 17:03, 6 December 2016 (UTC)
- It appears to be @Let's keep it neutral: not Sinbad Barron, SB is blocked indef for being a sockmaster, and Let's Keep it Neutral, among others is a sockpuppet. 🔯 Sir Joseph 🍸(talk) 17:10, 6 December 2016 (UTC)
- See Wikipedia:Sockpuppet investigations/Sinbad Barron/Archive. User:Let's keep it neutral is employing a misleading signature that identifies him as User:Sinbad Barron, a blocked account. According to his block log, the surviving account User:Let's keep it neutral was unblocked by User:Swarm in September 2015 per the terms of the standard offer. In return for being allowed to return, the user accepted a ban from the topic of the Balkans as an unblock condition. EdJohnston (talk) 18:40, 6 December 2016 (UTC)
- Since Let's keep it neutral and Sinbad Barron are the same person, I see nothing wrong with the signature and account use. When a user's been blocked for sockpuppetry, and when a successful unblock request is made, there's no general requirement that the master account be used; if the unblocking admin unblocks a sock instead of the master, it's not block evasion. When the same person has multiple accounts that are openly disclosed, there's nothing wrong with having one account sign its posts with another account's username. See the "Except when doing so..." sentence of WP:ALTACCN. Nyttend (talk) 21:07, 6 December 2016 (UTC)
- See Wikipedia:Sockpuppet investigations/Sinbad Barron/Archive. User:Let's keep it neutral is employing a misleading signature that identifies him as User:Sinbad Barron, a blocked account. According to his block log, the surviving account User:Let's keep it neutral was unblocked by User:Swarm in September 2015 per the terms of the standard offer. In return for being allowed to return, the user accepted a ban from the topic of the Balkans as an unblock condition. EdJohnston (talk) 18:40, 6 December 2016 (UTC)
Request for re-close of an old RfC (and closure of a disruptive RfC)
I would like to request a review of the closure of this RfC regarding the page Paul Singer (businessman). It was discussed with the closer here.
The previous RfC for this same issue (12/10/15) can be found here where consensus was established six months prior to the RfC in question. Between the two RfCs, the closer had created a number of discussions (possibly in violation of WP:FORUMSHOP) here: [6] [7] [8] [9]. These discussions failed to garner much attention and mostly reinforced the 12/10/15 consensus.
It must be noted that the RfC in question is rather old (29/04/16) and editors protested the closure since it was closed by the same editor who opened both the RfC itself and all other discussions, and was not necessarily reflective of consensus which does appear to reinforce that set out in the 12/10/15 RfC.
The improper close of the RfC would normally not be an issue, however, yet another RfC has opened, claiming that the last discussion was "inconclusive" and we must therefore have another discussion.
I would argue that this has all been incredibly disruptive considering the huge number of editors involved (36) in the prior 8 discussions from a 16/07/14 RfC to the 29/04/16 RfC is plenty of discussion for something which editors have considered relatively uncontroversial - 23 have been in favour of the current consensus and 6 against, with 7 somewhere in between. Furthermore, consensus has often not been respected in the rare points of calm between discussion, with some of the "6 against" editors making against-consensus edits and reversions.
This is a messy situation, but to conclude, I would like to request the evaluation of the close here and the closure of the current RfC, considering the arguements made by other editors at Talk:Paul Singer (businessman)#RfC is Nonsense. Thanks. SegataSanshiro1 (talk) 19:42, 26 August 2016 (UTC)
- The issue is bifurcated in the prior RfCs. There was a limited consensus that a company could be called a "vulture fund" but no consensus that a person should be described as a "vulture capitalist" in the lead of a BLP. My own position has always been that specific pejorative terms should only be used as opinions ascribed to the persons holding the opinions, and that use of pejoratives about individuals should very rarely be allowed at all. To that end, I suggest that reversing prior closes is inapt, and the claims made that the prior RfCs support calling a living person a "vulture" are incorrect. The company can have cites of opinions that it is a "vulture fund" cited and used as opinions, but the use of that pejorative as a statement of fact about a living person falls under WP:NPOV and WP:BLP. The current RfC has 6 editors specifically noting that the use of the pejorative in the lead about a person is wrong, 1 says the person is absolutely a "vulture capitalist", 1 asserts that every RfC supports calling the person a "vulture" and one says we should not have any more RfCs - that the issue is settled and we should call the living person a "vulture capitalist" in the lead on that basis. I rather that the current 6 to 3 opposition to use of the term in the lead indicates a substantial disagreement with the assertions made here, and the request that a close be overturned out of process. Collect (talk) 21:08, 26 August 2016 (UTC)
- There has been no RfC to discuss whether someone should be called a vulture. I myself have said in past discussions that doing so, especially in WP's voice, would be contrary to what this encyclopaedia is about. Please do not mis-represent my views - it's things like that which have made these constant ongoing RfCs so toxic. My view is that Singer is most notable (WP:DUE) for running a vulture fund - and there are indeed countless sources (WP:RS) which confirm this and thus this fact should be made clear in the lede. Claiming that mentioning his company in an article equates to WP calling someone a vulture is nonsense and not a new arguement - this is the same line those same editors took over and over again in these discussions to no avail. SegataSanshiro1 (talk) 21:32, 26 August 2016 (UTC)
- Note that I specify the issue at hand is with regard to using the pejorative with regard to the single living person in the lead. A number of sources have branded him a "vulture capitalist" as distinct from his role at EMC, which has been called a vulture fund.. The two catenated uses of the pejorative are different here - ne is with regard to how some have categorized the fund, the other as a personal pejorative in the lead about the person. Do you see that distinction? Especially when the single sentence uses the term "vulture" twice? Collect (talk) 23:09, 26 August 2016 (UTC)
- You also failed to mention 2 more editors who had been in favour of using the term vulture fund in the lede but refused to partake in this particular discussion since they have made it clear that there have already been to many. SegataSanshiro1 (talk) 21:39, 26 August 2016 (UTC)
- Again - the word "vulture" is used twice now in a single sentence in the lead - once with regard to opinions held about the fund (for which the prior RfC found the use of the opinion as opinion about the fund was allowable), and the second, the problematic one, with regard to the use of a pejorative about a living person in the lead of the BLP. Collect (talk) 23:09, 26 August 2016 (UTC)
- I am the creator of the most recent RfC. Frankly SegataSanshiro1 forced this RfC to happen in the first place by refusing to engage in talk page discussion on the vulture point. I would like to request that anyone participating in this discussion carefully read Wikipedia:Status quo stonewalling, and then refer directly to each of SegataSanshiro1's actions leading up to this RfC, and his actions in this one as well. Whatever SegataSanshiro may personally believe, a slur in a lead is Always A Very Big Deal, and not something to be brushed under the rug. As WP:Biographies of living people says, "we must get it right." It seems clear to me that several parties want to freeze an ongoing discussion at a point they find satisfying. Yvarta (talk) 21:51, 26 August 2016 (UTC)
- There has been no RfC to discuss whether someone should be called a vulture. I myself have said in past discussions that doing so, especially in WP's voice, would be contrary to what this encyclopaedia is about. Please do not mis-represent my views - it's things like that which have made these constant ongoing RfCs so toxic. My view is that Singer is most notable (WP:DUE) for running a vulture fund - and there are indeed countless sources (WP:RS) which confirm this and thus this fact should be made clear in the lede. Claiming that mentioning his company in an article equates to WP calling someone a vulture is nonsense and not a new arguement - this is the same line those same editors took over and over again in these discussions to no avail. SegataSanshiro1 (talk) 21:32, 26 August 2016 (UTC)
- I have been involved in these ongoing discussions for quite some time now. As I've stated before, using a pejorative to describe an individual on a BLP is unacceptable, especially in the lead. That being said, the previous RfC was closed once discussion went stale. There were ample opportunities and there was more than enough time to provide arguments. Once users agreed upon a version, which limited use of the term "vulture", the user who closed the RfC made the edits in question but was reverted and the term was included an additional three times.
- SegataSanshiro1's antics on Singer's page has gotten out of control and his motive on the page is clear. Now that consensus on the newest RfC is shifting highly in favor of removing the slur from the lead, SegataSanshiro1 is grasping at straws to get the previous RfC reviewed. If SegataSanshiro1 had an issue with how the previous RfC was closed, why didn't he follow through with an secondary discussion after this one went stagnant? After realizing consensus is shifting, not in his favor, he wants to call this new productive RfC "disruptive". Also, after the last RfC was closed, an admin came in and suggested a new RfC so do not throw out WP:FORUMSHOPPING accusations. Meatsgains (talk) 02:39, 27 August 2016 (UTC)
- Meatsgains, consensus is not shifting as you cannot establish consensus in a discussion which half of the editors can't even take seriously. You have been at the heart of this whole drama. Every time there was an RfC or discussion and consensus was established to use the term, you actively went about making against-consensus edits and other highly disruptive behaviour (which myself and other editors have called you out on time and time again) such as misrepresenting the results of other discussions, claiming sources weren't reliable when they were and even making up terminology like "distressed securities funds" to avoid using actual terminology. You are the only editor who has been involved in every single one of these discussions - very possessive behaviour all in all and along with the other things, you should have been sanctioned and barred from editing on that page.
- Still, you continue to misrepresent what happened. There were five editors (myself included) who have said that this RfC is daft. If that were not the case, I wouldn't have opened this discussion on the noticeboard. I'm not going to let you make me lose it again, so please stop referring to me - I want absolutely nothing to do with you, and I know I shouldn't be addressing editors directly, but I really want to make that absolutely clear. Something hypothetical you might want to think about though:
- After you've rolled the dice so many times trying to prevent WP:RS from an article and failed miserably, let's say that now after 8 or so attempts at getting your way you finally do. How seriously do you think other editors would take that consensus? Would they simply carry on doing as they wished to the page regardless as you have? Would they simply call another RfC in three months time and pretend the others never happened as you have? I very much doubt I'll stick around after this because I'm sick of this page, but I have a feeling you will, and if you do and you carry on acting as you have, you will be doing this for years. Please don't answer me. SegataSanshiro1 (talk) 03:09, 27 August 2016 (UTC)
- I have weighed in on this on multiple occasions and will do my best to promptly summarize my opinion on the topic. The original dispute over the use of the term vulture has been over the derogatory nature of the term on vulture fund’s page. Subsequent discussions have taken place regarding the general use of the term, however the scope of the debate later concentrated on the term’s use in a BLP, specifically Paul Singer’s page. Some editors, whom I will not name, act as if they wp:own the article and have done everything in their power to keep vulture fund and vulture capitalist in the article. Some users have actually made the argument that "vulture" is not derogatory whatsoever (one even argued that it should be taken as a compliment. No reasonable and neutral arbitrator could disagree with the fact that “vulture fund” is a slur, invented by people who are deeply opposed to their entirely legal investments. Comatmebro User talk:Comatmebro 17:05, 27 August 2016 (UTC)
Reverted 1 edit by Collect (talk): You're hardly the person to close this RfC... is a splendid example of grotesque snark. I did not "close the RfC" and that snark is ill-suited for rational discussion. In addition, I left in the "vulture" opinion about EMC, and note that the lead is supposed to be in summary style. I am concerned that this sort of snark is poisonous to any discussion, and ask that any editor who feels such personal attacks should be used should get the aitch away from here. Collect (talk) 21:32, 27 August 2016 (UTC)
- Collect, it's quite understandable that a number of editors are very much on edge considering this has been discussed to death and the conduct of a couple of editors in particular. I think what Nomoskedasticity meant by that remark is that you were making edits about something which was being discussed... Were you not one of those supporting an RfC after all?
- From my own personal perspective, I think mentioning his main business area is running a culture fund, then including other references to him specifically in some sort of criticism section would be ideal. That and removing references to philanthropy from the lede as per WP:UNDUE. SegataSanshiro1 (talk) 22:18, 27 August 2016 (UTC)
- Comment: first of all I wish to state my astonishment at not being pinged when I was directly involved with one of the RfCs called into question. SegataSanshiro1's guerilla antics are indeed widespread and grave. I do not care about user behaviour at this stage, however, merely the state of Singer's biography. Said RfC was indeed improperly closed by myself, after which I requested admin intervention to reopen it (or closed by an uninvolved user - note I did so per WP:BOLD and because a determination was indeed agreed upon). This request was speedily rejected by KrakatoaKatie together with its corresponding ANI post, so I think it's safe to assume there is no interest in rekindling old fires. Attempts at mediation about this issue also failed. Regarding consensus, I counted at least 7 new voices in the current discussion, all offering interesting new insights (DGG, Collect, Elinruby, FuriouslySerene, Snow_Rise, Chris Hallquist, and Yvarta); there is strong indication at least some parties are willing to compromise. Some are under the impression consensus is a simple vote tally. I call into question this vehement ownership of the Paul Singer article. Every time any editor makes a serious attempt at a copy edit (no matter how minor), a concerted effort by the same bunch of editors reverses all possible changes. Just look at the edit history. Serious and pragmatic comments aimed at stemming this dreadlock are conveniently brushed aside, such as DGG's - "It's appropriate to use it in the article, since there is good sourcing, but it is not appropriate to use it in the lede. Ledes should be relatively neutral". If civil discussion cannot come about and admin action is required, so be it, but it does set a sad precedent. We had originally copy edited the lede back in October, trimming the use of "vulture" down to a single mention. This was of course then reverted maniacally even though discussion had concluded in that precise path. I don't see why a reasonable review of each instance of the word's use cannot take place. FoCuS contribs; talk to me! 22:59, 27 August 2016 (UTC)
- Focus, this wasn't intended to be "guerilla antics" - we had actually discussed a re-close prior to this and you were involved, together with a number of other editors who I did not ping since I figured they would not want to be dragged into this again - I take it you're a page watcher anyway and I mentioned this discussion on the talk page. I also never had a problem with you being WP:BOLD and closing the discussion (in fact if I recall correctly, me and other editors were all for it), what myself and other editors had a problem with was the closing remarks, in particular "the RfC question was not unequivocally answered" when in reality it had, for the nth time that it is appropriate to use this particular word in this particular article - that's beyond discussion at this point. To this day, I agree with the path of compromise we embarked on, what I did not agree with was the sheer amount of forums this was taken to and the manner in which the discussion was closed. To be honest, that close made me question your good faith and took away any desire on my part to be collaborative.
- The issue with these discussions is that they're never clear, we're never discussing on a point by point basis since one or two editors (should be fairly obvious who) take these discussions as an attempt to remove all mention of the terminology, digging in their heels until we're back in 2014 again discussing whether we should censor it entirely (again, always the same editors). All the while, creating serious NPOV issues by removing statements backed up by RS and adding in things which are UNDUE in an attempt to whitewash. If that stops, then I'm sure normal discussion could ensue and general anger levels could be drastically reduced along with the tedium. I have already said that I'm of the opinion that "vulture capitalist" should be discussed, but that's hardly going to happen if we still have editors claiming a vulture fund is not a thing, and the very presence of the term (what Singer is most notable for, if I may add) equates to Wikipedia calling a living person a vulture. That's not new, that's not productive and you're as aware of that as I am. SegataSanshiro1 (talk) 23:46, 27 August 2016 (UTC)
- It was a middle of the road close. . There is a distinction between someone being personally a vulture, which implies that he acts in that manner in all his activities or is of that personality type, and running a fund that shares some similar characteristics and goes by the common name of vulture fund. We cannot avoid using the full term, because even those sources that endorse the profession use it as a matter of course. But we can try to avodi personalizing things that don't need personalizing, especially things that some people are likely to consider highly negative. DGG ( talk ) 03:30, 28 August 2016 (UTC)
- And to the point - any BLP which stresses the use of "vulture" seventeen times is likely to be perceivable as making a point in itself. I just do not understand the concept that name-calling is something Wikipedia should actively pursue, and that editors who even remove a single use from the lead are somehow evil here. Argh. Collect (talk) 12:46, 28 August 2016 (UTC)
- It doesn't appear 17 times. I only see 6 mentions in the article itself and one of them was actually about an antisemitic cartoon - the rest are mentions in references. --Lemongirl942 (talk) 12:49, 28 August 2016 (UTC)
- That's INCREDIBLY misleading. Most of those are references, hence more reason to include it. Of the 6 ACTUAL uses, none of them are in WP's voice. SegataSanshiro1 (talk) 14:29, 28 August 2016 (UTC)
- @SegataSanshiro1: You keep claiming that "Singer is most notable for" his "vulture fund". This is your own opinion. Do a google news search and tell us how many pages you have to dig through before coming across a page that uses the slur? This is a false assumption, which you have consistently done throughout this dispute. Meatsgains (talk) 17:10, 28 August 2016 (UTC)
- Stop pinging me. This isn't my own opinion and vulture fund is not a slur, it's the name of a type of fund that buys debt at discount prices and attempts to sue for 100% payment. As much as you pretend it isn't, you should remember this since you were involved in multiple discussions where you pretended that there was consensus that it was a slur when there wasn't - you were called out on it multiple times: [10] [11]. You also made a no-consensus page move from vulture fund to "distressed securities fund" despite there being no sources to validate such naming and in clear violation of WP:COMMONNAME - you should also remember this since there were two discussions, both on the talk page and at WP:W2W which undid that rather stealthy move and established rather firmly that vulture funds are indeed a thing and that is indeed what they are called, while Singer's EMC is one of the most prolific. Why have you consistently misrepresented information and lied to other editors? There's plenty more examples where you have been called out on doing this, want me to give more? Meatsgains, you are the only editor (along with Comatmebro, actually) who has been involved in every discussion to do with Singer, vulture funds and Elliott Management Corporation and consistently used some very dodgy tactics to get your way, ranging from ignoring consensus and making edits regardless to protecting all these pages like a hawk (or vulture, more appropriately?) and claiming sources aren't reliable based on your own opinions. I'm still shocked you're still around and you haven't been sanctioned. SegataSanshiro1 (talk) 18:19, 28 August 2016 (UTC)
- "This isn't my own opinion and vulture fund is not a slur" - Yes it is and yes it is. Also, do not dilute this discussion with attacking me. Meatsgains (talk) 20:15, 28 August 2016 (UTC)
- Stop pinging me. This isn't my own opinion and vulture fund is not a slur, it's the name of a type of fund that buys debt at discount prices and attempts to sue for 100% payment. As much as you pretend it isn't, you should remember this since you were involved in multiple discussions where you pretended that there was consensus that it was a slur when there wasn't - you were called out on it multiple times: [10] [11]. You also made a no-consensus page move from vulture fund to "distressed securities fund" despite there being no sources to validate such naming and in clear violation of WP:COMMONNAME - you should also remember this since there were two discussions, both on the talk page and at WP:W2W which undid that rather stealthy move and established rather firmly that vulture funds are indeed a thing and that is indeed what they are called, while Singer's EMC is one of the most prolific. Why have you consistently misrepresented information and lied to other editors? There's plenty more examples where you have been called out on doing this, want me to give more? Meatsgains, you are the only editor (along with Comatmebro, actually) who has been involved in every discussion to do with Singer, vulture funds and Elliott Management Corporation and consistently used some very dodgy tactics to get your way, ranging from ignoring consensus and making edits regardless to protecting all these pages like a hawk (or vulture, more appropriately?) and claiming sources aren't reliable based on your own opinions. I'm still shocked you're still around and you haven't been sanctioned. SegataSanshiro1 (talk) 18:19, 28 August 2016 (UTC)
- @SegataSanshiro1: You keep claiming that "Singer is most notable for" his "vulture fund". This is your own opinion. Do a google news search and tell us how many pages you have to dig through before coming across a page that uses the slur? This is a false assumption, which you have consistently done throughout this dispute. Meatsgains (talk) 17:10, 28 August 2016 (UTC)
- That's INCREDIBLY misleading. Most of those are references, hence more reason to include it. Of the 6 ACTUAL uses, none of them are in WP's voice. SegataSanshiro1 (talk) 14:29, 28 August 2016 (UTC)
- It doesn't appear 17 times. I only see 6 mentions in the article itself and one of them was actually about an antisemitic cartoon - the rest are mentions in references. --Lemongirl942 (talk) 12:49, 28 August 2016 (UTC)
- And to the point - any BLP which stresses the use of "vulture" seventeen times is likely to be perceivable as making a point in itself. I just do not understand the concept that name-calling is something Wikipedia should actively pursue, and that editors who even remove a single use from the lead are somehow evil here. Argh. Collect (talk) 12:46, 28 August 2016 (UTC)
Thank you, DGG; that's a fair representation of my basic thoughts as well. As I just posted on the Singer talk page, we're trying to discuss the use of "vulture" as a descriptor of a human being. "Vulture" is as such a charged word in the sense that we're liable to annex this valued meaning to a word that is used in the context of a business endeavour. Handling a vulture fund is not the same as BEING a vulture. I am utterly amazed people fail to see that. The previous close was precisely that, a "middle of the road close". The "vulture fund" practices are thoroughly discussed throughout the article in the context of what quality sources have to say about the matter. Using the term through a personal angle by making a de facto generalisation in an article's lede is another story, and I believe we were making some progress back in October in this regard. I would very much like to see us return to that stage and come up with a neutral and balanced solution. FoCuS contribs; talk to me! 21:17, 28 August 2016 (UTC)
- Agree that handling a vulture fund does not equate to being a vulture - that's the main flawed premise that has been holding this back. I still disagree that the close was "middle of the road", since using vulture terminology does not violate NPOV (the question raised in the RfC) since it is WP:DUE - only a tiny, tiny number of people have said that all reference to vultures should be gone from the article. The Samsung affair and other criticism (such as "vulture capitalist") needs to go in a criticism section rather than the lede - Singer has received enough criticism from multiple sources to warrant one. Vulture fund, on the other hand, should remain firmly in the lede - that's what he's known for and what a large chunk of the article is about. I know you have argued that he has other investments, but that's akin to leaving out the Iraq war in Tony Blair's page. SegataSanshiro1 (talk) 22:30, 28 August 2016 (UTC)
- Yet again you are wildly, amazingly off topic. There is already an RfC discussing this issue, in case you forgot, and a talk page to discuss general improvements. This discussion, SegataSanshiro, you started to determine if the RfC creations are inappropriate. As you seem to have forgotten, I would like to remind you that you reverted my lead change on the grounds that I needed to first discuss, and now you are trying to shut that very discussion down - that, or apparently force it to stagnate by repeating the same arguments while ignoring the arguments of others. As far as I am concerned, you specifically continue to stonewall and disrupt a natural consensus building process. You are either nearing either an epiphany (i.e. that this is not a battle you are trying to win), or nearing a topic ban. Yvarta (talk) 23:45, 28 August 2016 (UTC)
- Not me specifically. There have been five editors (including me) who have questioned the validity of this RfC. SegataSanshiro1 (talk) 15:47, 30 August 2016 (UTC)
- Yet again you are wildly, amazingly off topic. There is already an RfC discussing this issue, in case you forgot, and a talk page to discuss general improvements. This discussion, SegataSanshiro, you started to determine if the RfC creations are inappropriate. As you seem to have forgotten, I would like to remind you that you reverted my lead change on the grounds that I needed to first discuss, and now you are trying to shut that very discussion down - that, or apparently force it to stagnate by repeating the same arguments while ignoring the arguments of others. As far as I am concerned, you specifically continue to stonewall and disrupt a natural consensus building process. You are either nearing either an epiphany (i.e. that this is not a battle you are trying to win), or nearing a topic ban. Yvarta (talk) 23:45, 28 August 2016 (UTC)
- Comment I am not opposed to having an administrator re-close a previous RFC if the stated consensus was incorrect (I was the one who suggested coming to AN on the Singer talk page as SegatSanshiro continues to question it), just for the sake of clarity and any subsequent discussions. I do not support closing the current RFC though. I don't see it as disruptive as opinion is clearly divided and the issue is contentious, the previous RfC was over 4 months ago and the closing and consensus is disputed, so getting new editors involved to seek consensus should be a good thing (I only joined this discussion thanks to this most recent RfC). As for my opinion about the underlying issue, I've already posted to the RfC and it may not be relevant here, but I believe that mainstream reliable sources do not refer to Singer as a "vulture." He is called a hedge fund manager by these sources. Therefore the term vulture should only be used when it is ascribed to a specific person or entity (i.e., his critics). My reading of the current RfC and previous ones is that most editors agree with that position. FuriouslySerene (talk) 17:30, 30 August 2016 (UTC)
- Comment I have never edited this article and am in this because the RfC bot asked me to give my opinion. The person who started the RfC however has repeatedly told me I am off-topic when I try to explain the BLP policy. As best I can tell however the person's argument is that the appellation is inappropriate because Singer is a living person, and they appear to be ready to repeat this argument indefinitely. I would also like to mention that while I personally believe that "vulture capitalist" is a specialized bit of vocabulary that is not particularly pejorative, the current wording does not use it in wikipedia's voice either, which many of the comments on this seem to assume. It says he has been called a vulture capitalist and provides no less than nine sources for the statement. I believe we should remove the weasel wording and explicitly quote one or more people. I would agree with the idea expressed at one point of balancing out concerns about due weight, assuming that is what they are, by adding other details of his business dealings. However as far as I can tell there are no such details; Singer seems to be a specialist in this type of transaction, and to have been for decades. Elinruby (talk) 20:07, 30 August 2016 (UTC)
- Explaining BLP policy is not off topic - however, long accusations of COI (without basis) and facts focused on Singer's details are very off topic to this particular RfC, as I've pointed out that many businessmen have similar, nigh identical press coverage concerning the "vulture" phrase. If you would like to start another RfC on a different nuance or topic, you are welcomed to. Yvarta (talk) 14:41, 4 September 2016 (UTC)
- Heh. The heart of my point is that Singer is a public figure and therefore under WP:PUBLICFIGURE it matters very much whether the statement is true. As for my COI concerns, well, normally we don't comment on editors but your actions do suggest one in my opinion, yes. You are very concerned, astonishingly concerned, with the PR of this billionaire, shrug. I didn't actually start with that assumption, mind; I just told you it was ok to be a paid editor if you declared yourself as such. But you say you are not, so. AGF. You *still* never ever answer any other editors questions, and dismiss them as irrelevant unless they support your desired outcome. Elinruby (talk) 12:39, 8 September 2016 (UTC)
- Explaining BLP policy is not off topic - however, long accusations of COI (without basis) and facts focused on Singer's details are very off topic to this particular RfC, as I've pointed out that many businessmen have similar, nigh identical press coverage concerning the "vulture" phrase. If you would like to start another RfC on a different nuance or topic, you are welcomed to. Yvarta (talk) 14:41, 4 September 2016 (UTC)
- Comment - Anyone look at the nominator's (i.e. Yvarta's) edit history? Yvarta, this looks like it was not your first account. Who were you editing as prior to this account? NickCT (talk) 14:30, 4 September 2016 (UTC)
- Comment - This RfC makes for a dramatic read. My perception of things, after also skimming the older RfCs linked about halfway through, is that the prior RfCs were imperfectly framed, and as a result conversations were bogged down by arguments over whether Singer himself was a vulture, not whether vulture should be a descriptor in any lead at all. The RfC certainly has broader implications than one biography, as the overall precedent on Wikipedia most definitely favors avoiding such descriptors in bio leads. Has anyone else been able to find a biography or corporation with an animal slur used in the intro? I tried with several creative search phrases, and have so far utterly failed. This RfC is far from perfect as well, but I do applaud its attempt to focus the issue away from Singer. Most constructive so far, in my opinion, is that the argument that excluding vulture from the lead equals censorship has been debunked several times. Leads are certainly not required to include every detail of a criticism section, and per prior arguments, any concept that could be carried across by "vulture" could also be carried across with an alternate explanation.
- Note to whoever closes this RfC: However long this discussion needs to continue, I would like to note that there is obviously not a clear consensus in favor of keeping vulture in the lead, even though the reverts apparently leading to this discussion were founded entirely on the argument that prior RfCs had reached consensus. As such, I would like to note that all three of those reverts have been proven to have been without basis, even if they were done in good faith. A number of contributors, several of obvious neutrality and experience, have agreed that a slur of denigration is inappropriate in a lead when applied to a person or company, especially since both the criticism and the neologism can be fully explained with neutral and more conservative words. As such, the argument that there is a violation of the neutral tone mandated by WP:BLPSTYLE is at the very least plausible, however this consensus concludes itself. Until that time, however, the assessment that biography leads must be treated with extra delicacy is absolutely correct, and I agree with Yvarta's bold action to remove "vulture" when he/she did, just like I would have agreed with a decision to remove "rat" or "loan shark" or "pig." Basically, until something is settled, there is currently no consensus', and I believe "vulture" should be again removed until consensus is reached and the barn is built.Bbmusicman (talk) 00:24, 15 September 2016 (UTC)
- Here are examples of why I answered as I did, if anyone is interested:
- My point is that when derogatory information *is true* then we are not required to pretend it's not there.
- - btw, for a dispassionate take on what a vulture capitalist actually is. I think people should read vulture fund and vulture capitalist -- nothing there about animals. Hope that helps. Elinruby (talk) 00:36, 8 October 2016 (UTC)
- I highly encourage you to take some good examples to the RfC, where contributors can see them (this discussion isn't linked on that talk page anymore, after archiving). I'm a bit confused by your examples, though? Shrimp isn't very deragatory, except perhaps to a very short and insecure person, and "dictator" is actually a relatively neutral, especially compared to synonyms such as "tyrant" or "monster" or "fiend." Other phrases, like "mass-murderer," also have negative connotation, but they are clinical and exact, without cartoonish connotation making the phrases more loaded than necessary. Perhaps other examples? Yvarta (talk) 22:41, 10 October 2016 (UTC)
- Note to whoever closes this RfC: However long this discussion needs to continue, I would like to note that there is obviously not a clear consensus in favor of keeping vulture in the lead, even though the reverts apparently leading to this discussion were founded entirely on the argument that prior RfCs had reached consensus. As such, I would like to note that all three of those reverts have been proven to have been without basis, even if they were done in good faith. A number of contributors, several of obvious neutrality and experience, have agreed that a slur of denigration is inappropriate in a lead when applied to a person or company, especially since both the criticism and the neologism can be fully explained with neutral and more conservative words. As such, the argument that there is a violation of the neutral tone mandated by WP:BLPSTYLE is at the very least plausible, however this consensus concludes itself. Until that time, however, the assessment that biography leads must be treated with extra delicacy is absolutely correct, and I agree with Yvarta's bold action to remove "vulture" when he/she did, just like I would have agreed with a decision to remove "rat" or "loan shark" or "pig." Basically, until something is settled, there is currently no consensus', and I believe "vulture" should be again removed until consensus is reached and the barn is built.Bbmusicman (talk) 00:24, 15 September 2016 (UTC)
- Observations: (1) SegataSanshiro1, who opened this AN thread and who has written more than double the amount of text of the article than any other editor [12], is Argentinian (as noted on his userpage) and has a very strong POV and agenda about the article, since Singer's most controversial debt-funds are Argentinian. (2) In my opinion FoCuSandLeArN should not have closed the previous WP:RfC (nor should he have made the edit[s] presumed to be "consensus" -- at the very least, another editor should have made any edits springing from the RfC), since he started the RfC and has also been involved in the contentious debate(s). One can withdraw an RfC one has started, but one cannot close it. Only an uninvolved editor can formally close an RfC. See WP:Requests for comment#Ending RfCs. (3) That said, SegataSanshiro1 has opened this AN thread in a very non-neutral, POV manner, and as Meatsgains commented above, SegataSanshiro1 had no problem with FoCuSandLeArN's 5-month-old close until now. (4) What seems to need to happen is for an uninvolved administrator to look at and close the current RfC that is now on the talk page awaiting closure. (5) I believe Collect, a neutral and highly experienced editor, has encapsulated the issue well in his three comments above. Softlavender (talk) 03:04, 9 October 2016 (UTC)
- {{Do not archive until}} added. Please remove the {{Do not archive until}} tag after the review is closed. (I am adding this because RfC closure reviews frequently have been archived prematurely without being resolved.) Cunard (talk) 06:24, 8 September 2016 (UTC)