2010/11/28 FastLizard4 <fastliza...@gmail.com>: > Here in the U.S., ISPs keep records of who used what IP address at what > time. So, let's say that I had a dynamic IP address that changed every > day. If I got arrested and the courts ordered my ISP to give them a > list of IP addresses I have used in the last month, they would do so, > complete with the times I used each IP address. so in russia. i say only about relative anonymousity, not against government, but against different people.
>At least here in the > U.S., dynamic IPs aren't used for anonymity, but simply because there > aren't enough IPv4 addresses left. but, maybe, not only for that? maybe, partially also for partial/relative anonymousity? > Besides, the aim with keeping IP addresses confidential is not to be > convenient to people who want access to server logs, but to take > reasonable measures to protect users' privacy. Why should we even take > the risk of putting lists of IP addresses from server logs out in the > public? maybe i do not understand this. how keeping ips which are part of logs can be called convenience to people who can see that logs fully? or you mean some government people who may request the logs? to wikipedia owners who want to loook at them? in these cases, also i do not say that not publishing them to all people is convenience to that government people or owners. you have mentioned that provider can give logs to government, probably also wikipedia must give its logs to government, if requested, is not it? >> FastLizard4 has said: >>> As for open proxies for editing, they are generally >>> disallowed from editing. >> i had not known about that. i want to check that. > > http://en.wikipedia.org/wiki/Wikipedia:PROXY (Other WMF wikis may have > different policies on the matter, but the English Wikipedia's is pretty > common, I believe.) ah it is wikipedia itself blocks them from editing! then like no problem! i had thought that proxies do not allow POST requests :) . >> ...or ask their provider to make anonymous ip for them? > > Some ISPs here in the U.S., such as AOL, do use anonymizing proxies > normally, but many (including AOL) have agreements with the WMF in which > the ISP will send X-Forwarded-For headers, which contain the original > user's IP address; XFF headers, if present and approved for use by the > WMF, are used instead of the external IP as seen by the servers. i think, ip from xff can be used only together with anonymouse-external-nat ip, because probably ip from xff is only unique inside providers internal network. and is that xff ip is logged by web server? i think that not logged. how it is used/saved/shown in mediawiki? if 2 ips are needed indeed, as ip pair? > And, > as far as I know, in the U.S., requesting an anonymous IP from your ISP > is not a request a user can make. users cannot request in provider's official web forum to make dynamic ip or nat? probably you mean that they cannot require/demand/claim/request(?) that as their right that is written in law. > And, besides, what are we going to do? Put up a banner on top of every > WMF website saying "Hey, we're releasing your IP address information to > people! If you don't like this, go call your ISP to get an anonymous IP > address!" Half the people visiting probably don't even know what an IP > address is, and in this case, not knowing about it doesn't make it any > less dangerous to your privacy. i do not think that to write "ask for anonymouse ip from your provider". may be this way: "your request, ip address, referer, user agent are published, read more >>". >> Huib Laurens has said: >>> there is >>> really no good reason given why people should see al the ip >>> information for all visitors on a wiki >> what about opening ips not of all wikipedias, but of only several >> language subdomains? > > But, what exactly would you do with the IP address logs > for a few subdomains, as opposed to the entire Wikimedia farm? i say this because probably tatar wikipedia for example mostly used by people whose provider is in russia and i think probably they are dynamic or under nat. as opposed to english wikipedia, that is usually used by almost all usa people, who, as you said, use one ip per family, and uk, australia, etc, about whose providers and ips i do not know. 2010/11/28 Domas Mituzas <midom.li...@gmail.com>: > Hello, > >> should not web server logs (of requests) be published? > > > which intelligence service are you representing? i am not from "intelligence service" :) . you mean something like spy? not, i am not. as i said, i ask this because i think that tatar people should be managers/adminstrators/controllers of texts they wrote, and that texts are read mostly by tatar people. if logs are not published, that mean that they can be read by wikipedia owners, by us government, but not by tatar people. > there are hourly page view statistics somewhere out there, so most of data is > already out, drilling in more would mean violating privacy. many sites open their statistics: countries and regions of ips, search engine query strings. for example, sites on ucoz.ru has that capability, and other sites that use counter of top.mail.ru , liveinternet.ru , and statcounter.com , histats.com etc. does that hourly statistics have search query strings? i have not seen that of wikipedia. publishing full/raw logs also is not much violence of privacy, i think. and wikipedia could say "if you do not want to publish your ip, then do not use this" but take in account that there is no problem with hiding ip and referer. and so there is no problem with anonymous reading. anonymous writing is already generally blocked by wikipedia itself. 2010/11/28 rupert THURNER <rupert.thur...@gmail.com>: > what would you like to read out of the logs? i would read, how much people are reading certain articles, maybe i would read what pages they browse, if i have analyser that can show that easily for me. from what search engine requests they come. not only me can do that then, all people can read that. and users who are "tracked" also will know that their browsing is published. and what do you think or can say, knowing what i would read out of the logs? _______________________________________________ foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
