→Future Perfect at Sunrise: does the hacker relate to any known users? |
→Future Perfect at Sunrise: not obviously |
||
Line 20: | Line 20: | ||
:A couple of the arbitrators have already checked, but seem not to have posted publicly. As far as I can tell, the person currently using the account is posting from the same PC as the person who was using the account last week. On September 16 '''only''', someone logged in from a different country and send 9 emails. Have you asked Fut Perf if he had private word from another checkuser? [[User talk:Thatcher|Thatcher]] 02:44, 19 September 2009 (UTC) |
:A couple of the arbitrators have already checked, but seem not to have posted publicly. As far as I can tell, the person currently using the account is posting from the same PC as the person who was using the account last week. On September 16 '''only''', someone logged in from a different country and send 9 emails. Have you asked Fut Perf if he had private word from another checkuser? [[User talk:Thatcher|Thatcher]] 02:44, 19 September 2009 (UTC) |
||
::His comments thus far seemed to indicate he did not. Presumably that Checkuser would have unblocked the account if they found the original user was back in charge. Thank you for confirming the apparent hacking incident, and that the original account user appears to have regained control. Does the hacker's IP address lead point to any known users? [[User:Jehochman|Jehochman]] <sup>[[User talk:Jehochman|Talk]]</sup> 02:50, 19 September 2009 (UTC) |
::His comments thus far seemed to indicate he did not. Presumably that Checkuser would have unblocked the account if they found the original user was back in charge. Thank you for confirming the apparent hacking incident, and that the original account user appears to have regained control. Does the hacker's IP address lead point to any known users? [[User:Jehochman|Jehochman]] <sup>[[User talk:Jehochman|Talk]]</sup> 02:50, 19 September 2009 (UTC) |
||
:::Not obviously. [[User talk:Thatcher|Thatcher]] 02:53, 19 September 2009 (UTC) |
|||
==On the use of the mailing list archive== |
==On the use of the mailing list archive== |
Revision as of 02:53, 19 September 2009
Wikipedia Arbitration |
---|
![]() |
|
Track related changes |
Wikipedia Arbitration |
---|
![]() |
|
Track related changes |
Proposed temporary injunctions
Proposals for injunctions have been placed on the proposed decision page for voting; and the discussion suggesting them has been moved to the talk page. — Coren (talk) 01:17, 19 September 2009 (UTC)
Future Perfect at Sunrise
Future Perfect at Sunrise (talk · contribs · blocks · protections · deletions · page moves · rights · RfA), a named party to this case, utilized sysop tools to unblock another party, Tymek (talk · contribs), over my objection. I had blocked Tymek as an apparently compromised account, or else as a disruptive account falsely claiming to be compromised. At the time I asked the Committee to consider the matter. Neither I nor FPaS has Checkuser access, whereas most members of the Committee do. In the block notice I specifically asked that the account not be unblocked without my consent, or else the consent of a Checkuser or ArbCom member. I consider FPaS action to be a serious violation of Wikipedia:Administrators. FPaS could have easily requested a clerk to perform the unblock if an unblock were needed. FPaS posted this message to my talk page upon performing the disputed sysop action. I request the FPaS be directed not to perform any further sysop actions on other parties to this case. I also request that the Committee respond to my message of September 16 so that I can understand whether you have looked into the matter of Tymek being a compromised account. FPaS seems to be concerned that you may have dropped the ball on that issue. I am also concerned. Jehochman Talk 01:57, 19 September 2009 (UTC)
- Comment. Jehochman, I have e-mailed you, asking for clarification on what is going on. Somebody has stolen my password, this is a serious offence. I was awaiting your response, but I never got one. Why? Tymek (talk) 02:02, 19 September 2009 (UTC)
- I received an email from a party unknown to me. I have no way to verify that the party who sent it to me is you. I also have no way to verify that you are the proper owner of the account, rather than the person who claims to have broken in to it. We need checkuser help. It's been nearly 48 hours since I emailed the Committee and two other Checkusers. The only response I received from any of them is "Thanks for letting us know Jonathan". Could somebody with Checkuser access please give us direction? Is Tymek back in control of his account, or not? Jehochman Talk 02:06, 19 September 2009 (UTC)
- Perhaps it would have been better to have written it to my e-mail, which is featured on my user page. I am in control of my account, but if somebody needs a checkuser, that would be good. Tymek (talk) 02:15, 19 September 2009 (UTC)
- When an account declares itself to be compromised, I am not trusting any information coming from that account until there is a technical evaluation of the logs to determine (1) whether the account appears to have been compromised, and (2) whether any evidence exists that the proper owner has regained control. Emailing you would have been useless if your email account was also compromised. Considering the circumstances that your account emailed me and proffered an archive of your private emails, it was not an unreasonable suspicion. I still have no idea whether you are the rightful owner of the account. Jehochman Talk 02:35, 19 September 2009 (UTC)
- A couple of the arbitrators have already checked, but seem not to have posted publicly. As far as I can tell, the person currently using the account is posting from the same PC as the person who was using the account last week. On September 16 only, someone logged in from a different country and send 9 emails. Have you asked Fut Perf if he had private word from another checkuser? Thatcher 02:44, 19 September 2009 (UTC)
- His comments thus far seemed to indicate he did not. Presumably that Checkuser would have unblocked the account if they found the original user was back in charge. Thank you for confirming the apparent hacking incident, and that the original account user appears to have regained control. Does the hacker's IP address lead point to any known users? Jehochman Talk 02:50, 19 September 2009 (UTC)
- Not obviously. Thatcher 02:53, 19 September 2009 (UTC)
- His comments thus far seemed to indicate he did not. Presumably that Checkuser would have unblocked the account if they found the original user was back in charge. Thank you for confirming the apparent hacking incident, and that the original account user appears to have regained control. Does the hacker's IP address lead point to any known users? Jehochman Talk 02:50, 19 September 2009 (UTC)
On the use of the mailing list archive
To make things clear, the Committee did — and will continue to — examine the list of email that has been received for potential serious violations of Wikipedia rules. In particular, hounding, meatpuppetry and disruptively gaming the rules are all activities that are forbidden and destructive and that can (and usually are) made possible by coordination off-wiki.
In doing so, we are proceeding under a number of (rebuttable) presumptions: that the mail archive has not been fabricated, that most email within the archive have not been altered or falsified, and that completeness of that archive is unknown. Insofar as information in the emails correctly matches verifiable events on-wiki, they can be presumed to be authentic. Evidence otherwise is welcome and solicited, in particular from the participants of the mailing list.
There have been objections to the use of the archive entirely based on the allegation that it has been acquired through illegal or unethical means. It is to be noted that [a link to] the archive has been received independently by a number of editors, none of whom are alleged to have stolen it, who then forwarded it to the Arbitration Committee. Claims that it has been obtained improperly by the original sender are unsubstantiated, and unverifiable by the committee. Other alternatives are equally likely (that it was transmitted willingly by a member of the list or that it was leaked accidentally then forwarded by an unknown third party for instance) and investigating the issue is neither possible, nor within the Committee's remit.
At any rate, even if one ignored the obvious fact that criminal rules of evidence do not apply to the Committee the original provenance of the email archive is entirely moot: the Committee is not bound by an exclusionary rule in the first place. Even if the allegations of the mailing list archive having been taken illegally by an outsider "hacking" were correct, they lie entirely outside the jurisdiction and reach of the Committee, and have no bearing on the propriety of using it.
— Coren (talk) 18:28, 18 September 2009 (UTC)
- I read your comment (above) with considerable interest. It is very well phrased and in most part almost self-explanatory, but would you please elaborate on it further? I’d like to see a link to a policy that explains how the Arbitration Committee is not, and will not be bound in its proceedings by unethical means of acquiring evidence against users? Unless a policy like that is already in place, wouldn’t such exemplary freedom be unethical in its own right? --Poeticbent talk 21:53, 18 September 2009 (UTC)
- The Foundations servers were used to send emails that notified the Committee and other Wikipedia users of emails alleged to indicated problematic editing on site. In order to administer the site and make a case ruling, we need to examine the emails in question. All arbitrators understand and are bound by the Foundation privacy policy and can handle private and sensitive information. FloNight♥♥♥ 22:05, 18 September 2009 (UTC)
- I read your comment (above) with considerable interest. It is very well phrased and in most part almost self-explanatory, but would you please elaborate on it further? I’d like to see a link to a policy that explains how the Arbitration Committee is not, and will not be bound in its proceedings by unethical means of acquiring evidence against users? Unless a policy like that is already in place, wouldn’t such exemplary freedom be unethical in its own right? --Poeticbent talk 21:53, 18 September 2009 (UTC)
- It's an interesting philosophical question. An important difference between ArbCom and criminal justice systems is that we are unable to compel production of evidence, and have no authority to seize it forcibly; making concerns of abuse of rights for the sake of expediency inapplicable.
A closer analog might be the example of an employee or agent that breaches an employment contract — or trespasses on their employer's computers — to get evidence of their wrongdoing to give the authorities. It's worth noting that many jurisdictions have in fact put in place laws to protect employees or agents behaving in that way (the so-called "Whistleblower" protection acts); because it was judged that, in the end, the objective of curtailing improper behavior from the employer was more important to the interests of justice than the breach of privacy.
In this case, ArbCom is in a good position to minimize the dangerous aspects of the breach (if breach there was) by maintaining privacy where it does not impact the just evaluation of the evidence.
Of course, that balancing act would topple entirely if ArbCom, or someone at our behest, were to obtain evidence by ethically dubious means. I'd be the first in line with a torch and pitchfork. — Coren (talk) 00:44, 19 September 2009 (UTC)
- It's an interesting philosophical question. An important difference between ArbCom and criminal justice systems is that we are unable to compel production of evidence, and have no authority to seize it forcibly; making concerns of abuse of rights for the sake of expediency inapplicable.