Last modified: 2011-03-13 18:05:26 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 556 - Feature request: Hide IP address by unique encoding
Feature request: Hide IP address by unique encoding
Status: RESOLVED WONTFIX
Product: MediaWiki
Classification: Unclassified
Special pages (Other open bugs)
unspecified
All All
: Lowest enhancement with 1 vote (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-09-22 08:32 UTC by Klaus
Modified: 2011-03-13 18:05 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Klaus 2004-09-22 08:32:46 UTC
Summary: (?)
Hide IP address by unique encoding 
I was new to WIKI and made some changes in a 
controversial section of WIKI. My opponent and I were in 
an another forum and he told everyone that he knows 
my location and I was shocked. Later I knew WIKI keeps 
the IP addresses of any user edit without a WIKI login.

Exposing an anonymous WIKI user's IP address and thus 
location and possibly real identity for all to see is not 
something a user would want. Often people want to 
remain anonymous. The real IP address should only be 
able to be accessed by special system administrators 
and not any Sysop.

The WIKI system should allot unique identification 
numbers to IP addresses, instead of giving the real IP 
address. Technically, this would be simple to achieve: 
Have a seperate column in the database Table for 
Encoded IP address. Generate a random "Encoded IP" for 
every real IP. Each real IP should have a unique Encoded 
IP.

The aim is to protect the privacy of WIKI editors. I have 
the right to keep my privacy. 

Followups:
Comments 

--------------------------------------------------------------------------------

Date: 2004-09-22 00:31
Sender: klaus72
Logged In: YES 
user_id=1126276

I still think this is a very good idea. I have this community
for
young people. Aged 11-20  . And I would like to give each 
profile a link to their own wiki page,which everyone can edit.

But I don't want anyone to be able to see the IP adresses of 
the contributers. 
The reason for this, is that young people likes to play around, 
and destroy things.. And scare others that they know the IP 
and can take control, DoS and so on. 

Maybe the IP adresse could be presented as an MD5 hash of 
the IP? or maybe just the first 7 characters of the has. Only 
sysop can see the real ip.
 

--------------------------------------------------------------------------------

Date: 2004-07-08 11:10
Sender: nobody
Logged In: NO 

vampwillow
You didnt give any reason as to why a fake Psuedo IP 
should'nt replace the real IP address. The real IP address 
should only be accessible to a select FEW super-ops or 
administrators incase they want to report action to the ISP.
Currently, IP addresses are there for any hacker or malicious 
person to exploit. They can be used to track location and find 
out the identity (yes its possible if you know something about 
the person and then you also got the location it helps a lot).

I see no one wants to do this because it didnt effect them so 
they think I'm talking plain junk.

I was nearly EXPOSED on a controversial discussion forum. 
My location was to be leaked out, perhaps its been done 
already - all because of WIKI put put my IP address for 
everyone to see. I could learn to program and get into WIKI 
and make this feature myself and no one would stop me, I 
can gaurantee you but I dont have time. I thought I'd just 
give a suggestion.
Thats how is it. Your son dies from lung cancer, only then 
you start an anti-smoking organization. Otherwise no one 
gives a jack about it. If you were in my situation you would 
understand the important of this.
Tell me another thing: Why do you think all discussion forums 
hide the real IP from the public? They have a good reason to 
hide it from the regular public, dont they? Should WIKI expose 
the real IP too then?

Again, no one has offered ANY logical reason as to why the 
real IP should not be hidden from the masses. If sysops want 
to TRACK people down, like I said, you should use fake IPs. 
Only for serious action, super-ops should be allowed to 
access the real IP ONLY for *reporting* purposes.
 

--------------------------------------------------------------------------------

Date: 2004-07-08 05:03
Sender: vampwillow
Logged In: YES 
user_id=1071899

There is no obligation for you to create a user-id and log
in with it, but it provides you with this function. Yes,
there are times when you might not want people to realise it
was you who made the edit but that has to be balanced by the
nature of wikis being something that anyone can add to (or
destroy) thus needing a quick and simple way to track and
deal with problems.

If it is "special system administrators" who is to say how
long it might take someone to be able to assist ("not any
Sysop" means there is more likely to be a delay anyway) by
which time it could well be way too late. Wikis, like WP,
are self-healing only because there are enough people around
who care. Encoding would mean they still cared buyt couldn't
do anything about it!

I see no strong reason to create this option and stronger
reasons not to do so.
 

--------------------------------------------------------------------------------

Date: 2004-06-24 10:55
Sender: nobody
Logged In: NO 

vibber wrote:
"This is the norm on wikis."

Once it was norm for people to beleive the Earth was flat. It 
doesnt matter if its a norm or not, you have to see whether it 
makes sense or not. 
If the edit was done by a malicious user and the meaning of 
IP addresses is to give sysops clues as to whether they 
should ban the whole IP range, then IP ranges e.g. 210.10.* 
can be named as random numbers, still generated as a unique 
IP and this is trackable in the same way as any real IP 
address.
Again: IP addresses should be encoded as other number, just 
like you have some organizations creating their own ID 
numbers for employees rather than using their SS# and 
creating security risks for indentity thefts. This is the same 
principle being used over there.
 

--------------------------------------------------------------------------------

Date: 2004-06-24 05:26
Sender: nobody
Logged In: NO 

I agree to this feature. 
Sometimes people forget to login. And then their IP is exposed.
I know you can allow only logged in users to edit. But it will 
sometimes discourge users to give useful infomation.
 

--------------------------------------------------------------------------------

Date: 2004-06-24 05:21
Sender: nobody
Logged In: NO 

I agree to this feature. 
Sometimes people forget to login. And then their IP is exposed.
I know you can allow only logged in users to edit. But it will 
sometimes discourge users to give useful infomation.
 

--------------------------------------------------------------------------------

Date: 2004-06-23 22:17
Sender: vibber
Logged In: YES 
user_id=446709

This is the norm on wikis.

 

--------------------------------------------------------------------------------

Date: 2004-06-23 21:47
Sender: nobody
Logged In: NO 

I know I can create a useraccount. The fact remains: privacy 
of anonymous users is being displayed publicly on a website 
and this information can be used by malicious users to their 
ends.
There is no need to display the real IP address. If the real IP 
is being displayed, the location and possibly even the identity 
of the user can be found out. I have been threatened myself 
with such a threat just recently.
The best solution as I said, is to keep an encoded IP, or a 
random number.
 

--------------------------------------------------------------------------------

Date: 2004-06-23 21:27
Sender: vibber
Logged In: YES 
user_id=446709

Create a user account then.

You do *not* have to provide an e-mail address (though if you
don't, you
won't be able to recover a lost password).
Comment 1 Jerome Jamnicky 2004-09-22 08:51:49 UTC
One way to deal with the problem of people forgetting to log in, and then editing and 
having their IP address exposed: Make it very obvious on the edit page that they are not 
logged-in, e.g. by putting a message in big red letters with a warning.
Comment 2 Inedible Bulk 2004-10-29 02:25:59 UTC
(In reply to comment #1)
> One way to deal with the problem of people forgetting to log in, and then
editing and 
> having their IP address exposed: Make it very obvious on the edit page that
they are not 
> logged-in, e.g. by putting a message in big red letters with a warning.

Was about to add this as a bug.  Full agreement here.  I've edited as IP and
been very upset afterward, because you can't remove that info.
Comment 3 Tim Starling 2004-10-29 02:41:17 UTC
Using an encrypted or hashed IP would mean that sysops would be unable to
identify proxy servers or dynamic IP pools. This information is vital when
tracking vandalism or blocking users.
Comment 4 Antoine "hashar" Musso (WMF) 2005-07-06 14:26:24 UTC
Closing as WONTFIX because:
_ there is clause to no way to figure out the identity of someone
given his ip address.
_ people can use an anonymizing service or create an account

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links