Misplaced Pages

Revision as of 05:33, 6 December 2014

• Table of contents
• First discussion
• End of page
• New post

• WP:VPI
• WP:VPIL
• WP:VPD

• Discussions of technical issues belong at Misplaced Pages:Village pump (technical).
• Discussions of policy belong at Misplaced Pages:Village pump (policy).
• If you're ready to make a concrete proposal and determine whether it has consensus, go to the Misplaced Pages:Village pump (proposals). Proposals worked out here can be brought there.

Before commenting, note:

• This page is not for consensus polling. Stalwart "Oppose" and "Support" comments generally have no place here. Instead, discuss ideas and suggest variations on them.
• Wondering whether someone already had this idea? Search the archives below, and look through Misplaced Pages:Perennial proposals, and Misplaced Pages:Village pump (proposals)/Persistent proposals.

Village pumps

policy

tech

proposals

idea lab

WMF

misc

• Refining the administrator elections process
• Blocks for promotional activity outside of mainspace
• Voluntary RfAs after resignation
• Proposed rewrite of WP:BITE
• LLM/chatbot comments in discussions

• view
• edit
• history
• watch
• archive
• talk
• purge

Twin towns add to infobox

Dear Wikipedians, should we add twin towns to infoboxes? This would create a common format for recording these connections. I imagine this would take some consensus building among editors? I'm scraping all the twin town data - trying to cover all the different formatting rules, so could provide dataset for scripted update to infoboxes. Anyway, something to think about/discuss...Reviewing the various lists for twins shows different countries and areas have used different formatting rules. Some use tables, some more free form lists. Within the town/city main articles there are also different section titles and ways to describe twin towns. If this info is in the infobox it will be picked up more readily by dbpedia and wikidata allowing more interesting data analysis such as this https://www.flickr.com/photos/29266908@N02/15846030356/ just an idea...I've never discussed an issue here and not an experienced editor so positive comments much appreciated, thank you --Fozy81 (talk) 20:16, 26 November 2014 (UTC)

Interesting idea. I'll tell Misplaced Pages talk:WikiProject Cities. Oiyarbepsy (talk) 15:28, 5 December 2014 (UTC)

Less intrusive video player icon

Previously, videos could function as stand alone illustrations in addition to being videos, which made them more useful, especially when a thumbnail was manually selected. See for example here, where it could show both a famous image, and a video of the event. But for some reason, the player icon has become big and dark, obscuring much of the thumb. I think the previous version was much more useful, for the reason mentioned above. See also here, where the icon pretty much destroys the thumbnail.

Perhaps the icon could be moved to one of the corners of the thumbs, instead of smack in the middle? And be smaller, too. Or maybe there could be a parameter for making the icon either dark or light, depending on the thumbnail, so where wouldn't have to be a huge, dark bar around it to make it discernible? Or maybe the play icon could be moved to the caption field? FunkMonk (talk) 13:37, 30 October 2014 (UTC)

Great suggestions. Videos are sometimes used as the lead image of articles on animal behaviour, but I have often replaced these because the play icon makes the still-image difficult to see, let alone be in any way informative.__DrChrissy (talk) 14:52, 30 October 2014 (UTC)

Thanks, another idea, maybe videos should have their own kind of window, like sounds have, see for example here. A player bar like that, and with the thumb over it, would be much more useful, I think it looked more like this initially, if I recall correctly... FunkMonk (talk) 15:02, 30 October 2014 (UTC)

• Anyone know where it would be best to propose this? FunkMonk (talk) 17:26, 1 November 2014 (UTC)

  Since AFAIK it's not something that can be locally configurable, it would need a change to the MediaWiki software, so file a change request at bugzilla: (in the left sidebar, click Enter a new bug, put it under MediaWiki, Interface); although you might like to ask WP:VPT if they have suggestions. Several VPT regulars are also bugzilla regulars. --Redrose64 (talk) 20:36, 1 November 2014 (UTC)

• For what it's worth, I think this is an excellent idea. Either a bar on the bottom or just moving the "play" icon into the bottom right hand corner seem like they would convey the same basic information (this is a video you can play), but in a much, much less intrusive way. 0x0077BE 15:02, 14 November 2014 (UTC)

@0x0077BE: This is now under discussion at Misplaced Pages:Village pump (technical)/Archive 132#Less intrusive video player icon, but FunkMonk didn't note that here when they started the new thread. Per WP:MULTI, please consider this one closed, and comment on the VPT thread. --Redrose64 (talk) 15:32, 14 November 2014 (UTC)

Paying admins

I propose that we set aside a section of Wikimedia Foundation money to pay admins to recognize their highly significant and beneficial contributions to Misplaced Pages. Jinkinson talk to me 19:16, 30 October 2014 (UTC)

This makes sense, in my opinion, because I think those who help Misplaced Pages be the wonderful repository of information it is today should be rewarded. It also fits in with the extremely close scrutiny people must face to become an admin already, which makes it somewhat like applying for a job anyway. Jinkinson talk to me 19:18, 30 October 2014 (UTC)

That will only lead to corruption. Being an admin is already a privilege exploited by many. Real life politics should set a pretty bad example. FunkMonk (talk) 19:24, 30 October 2014 (UTC)

You do realize that there are approximately 6000 admins on the Wikimedia projects, right? This would cost quite a lot of money, and would have substantial effects on what kind of people try to become administrators. --Yair rand (talk) 19:25, 30 October 2014 (UTC)

How would you set the pay scales? Is it to be an hourly rate - or a set amount per admin action? Both are open to corruption - I could spend twenty minutes weighing up the arguments for and against at an AFD, and then claim that it took two hours; or I could spend a happy half-hour in wanton protection, deletion, or blocking, just to pad the invoice.

Then there is the issue of currency: assume that everybody is paid in Uncle Sam's Bucks. In some countries, one USD buys a lot more than one dollar would get in NYC or LA. There are a lot of admins not in the USA; do these get the same rate as somebody who is living in the USA? Alternatively, people could be paid in their local currency; there is then the exchange rate to consider, and these fluctuate. Let's say that I'm in Britain, and am paid in pounds sterling at a level set when there are 1.60 dollars to the pound. If the pound later strengthens to $1.76, Wikimedia need to pay me 10% more on their own scale so that I get the same amount on my scale. --Redrose64 (talk) 20:41, 30 October 2014 (UTC)

I'll take the bait. Admins aren't the only users who make 'highly significant and beneficial contributions' to Misplaced Pages. Plus, I'm an admin but my most important contributions were not through my admin actions, and by far. There's also that it's unfeasible, but it's already been stated. There's certainly a need of recognition, but not just for admins. A 'featured editor' in the Signpost would be a better idea, but it's not without issues either. Cenarium (talk) 22:31, 30 October 2014 (UTC)

Even poor Stewards don't get money of their hard work... --Stryn (talk) 22:03, 4 November 2014 (UTC)

• What about paying people for successful FA nominations if they contributed to a significant portion of the article? Everymorning talk to me 16:52, 14 November 2014 (UTC)

Misplaced Pages was created to provide free access to knowledge to everyone in the world. It is a volunteer service. No one is, can be, or will be paid for their contributions. See Misplaced Pages:Misplaced Pages is a volunteer service for more on this. TheGeneralUser (talk) 16:58, 16 November 2014 (UTC)

With all due respect, that's an essay, not a policy page, so it's not set in stone. Everymorning talk to me 16:36, 17 November 2014 (UTC)

I already get money for doing things I quite enjoy doing, but I would oppose this idea. Too many potential problems. Pay for time is unworkable, and pay per edit - well, just remember the comments at a very recent RfA about someone's editing history... Too expensive if a pay scale was adopted that actually benefited the recipients, and a waste of money if it didn't (because there would still be accounts staff working to distribute the peanuts and washers...). Peridon (talk) 22:14, 30 November 2014 (UTC)

Alternative COI template

In 2012 a German court ruling found that it was deceptive for someone with a financial connection to add promotional content to Misplaced Pages, because readers presume the information is crowd-sourced and independent, not a medium for covert advertising. Similar anti-astroturfing laws exist in the US that require readers know when they are reading information provided by someone affiliated with the company, as oppose to a crowd-sourced online participant.

I contribute quite a bit to articles where I have a financial connection, usually bringing them up to GA status and following COI best practices. I'm attending a conference right now that has a bit of a focus on the Federal Trade Commission's disclosure laws and I'm thinking about how there is still no way to provide a legally-required disclosure of my financial connection to readers on a page that doesn't have any actual problems that would require a COI template (GA-ranked).

I'm not advocating for or against it, but wondering what the community reception is towards a small, tasteful disclosure to readers on articles that do not necessarily have any major content problems. A template that I might add myself to be legally compliant, as oppose to something contentious used to shame someone that contributed poorly.

A major contributor to this page was sponsored by _______.

CorporateM (Talk) 13:42, 17 November 2014 (UTC)

Hello, CorporateM. The conflict of interest policy states that "paid advocates are very strongly discouraged from direct article editing, and should instead propose changes on the talk page of the article in question." Please follow our rules. --NaBUru38 (talk) 17:42, 28 November 2014 (UTC)

Notice the difference between "discouraged" and "prohibited" and please don't imply that users are breaking the rules by something they are clearly allowed to do. – Philosopher  23:34, 1 December 2014 (UTC)

The flip side here is that we get a lot of up-to-date material from people with pov. What I like to see, is them adding the material with a WP:RS as short as possible (okay have a problem with that last one). And then leave off editing til the rest of us have had a chance to edit it, leaving comments about our edits on the discussion page, if they don't like them. Even more than the rest of us, should they avoid edit wars. But a tired article can really get a boost from someone with a commercial interest IMO. Student7 (talk) 18:47, 4 December 2014 (UTC)

Using the NSA wayback machine

As the NSA stores the entire internet the proposal is to use WMF employee name removed contacts with the NSA (about the backdoors in the Wikimedia software) to fix the Misplaced Pages problem with link rot. It would be handy to have a sort of NSA extension for direct linking into the NSA database to saved versions of webpages. A sort of state funded wayback machine, similar to Wayback Machine - Internet Archive. For Misplaced Pages the advantage would be to have a plan B if the current wayback machine would default, for the NSA there would be a gain too, running a public service that is usefull to common people, best cover you can imagine. Mion (talk) 17:44, 17 November 2014 (UTC)

{{smiley}} -- llywrch (talk) 01:12, 18 November 2014 (UTC)

We have backdoors? Darnit, nobody tells me anything interesting these days. Ironholds (talk) 17:26, 18 November 2014 (UTC)

NSA isn't able to store the entire Internet. Even if it could, the archive and this "proposal" have nothing to do with the so-called "backdoors" in our servers. Also, why is it WMF employee name removed, who was involved in several dramas recently, but not Jimbo Wales or other people at WMF? Sorry, but the wording and timing of this proposal make me question the OP's intention. Zhaofeng Li 11:54, 20 November 2014 (UTC)

If you deploy around 100,000 people to work on your NSA system the storage costs for the internet is just a small part of the annual costs and storage costs are still declining at a fast rate. :) You can check my history if you want to question my intention or ask me.Mion (talk) 02:14, 22 November 2014 (UTC)

Okay; what leads you to (to my knowledge, falsely) believe that there are backdoors in Wikimedia software or that WMF employee name removed is in any way involved in our software development process directly? ;p. Ironholds (talk) 17:57, 24 November 2014 (UTC)

For in case you lived in a cage recently you can read Edward Snowden every big USA internet company is forced under secresy laws to comply, if Microsoft, Google, Apple, Facebook, Twitter are all in court to fight the laws layed upon them why would you think that a company the size of Misplaced Pages is not in that group ? As for who has the contacts, its prob someone who can send all personal on a teambuilding daytrip and hand the server room keys to some subcontractors. The problem you would face is that the person in question is not allowed under law to admit it, so make an A4 about the Misplaced Pages NSA waybackmachine extension, put it on all walls in the office and hope that the person in question will relay the request and it will all end in a positive outcome :) Mion (talk) 18:53, 24 November 2014 (UTC)

Okay... Here's the problem: how would a backdoor to Misplaced Pages benefit the NSA? They want to know when someone edits a file on the Wiki? They consult user > contributions. They want to know when a given person looks at a page? Well, the server logs will tell them the IP address the request came from -- but I doubt they can get access to the logs of the Wikimedia servers in Amsterdam that easily -- but these logs aren't kept for more than a few weeks, so the NSA needs to be collecting them on a regular basis, & if they've done so over the years, they have a mountain of hay to find a needle in. They want to know what people say on the public Wikimedia-related mailing lists? Those are over there --> They want to know what people say on the non-public mailing lists? (Yes, these do exist.) Well, if they know where the host is for the specific mailing list is, they could purloin it from there. In short, they don't need backdoors to Misplaced Pages: lots of information is there for the casual perusing -- as long as they can pair usernames & IP numbers to specific persons of interest. (And anyone with more than a casual knowledge of how the Internet can tell you that reliably pairing that data with specific people is not as easy as they make it seem on shows like The Blacklist. -- llywrch (talk) 22:02, 25 November 2014 (UTC)

We own you Love, the NSA

In seriousness, I don't think they have that much power. Lor 22:29, 25 November 2014 (UTC)

Yes, the login name of the editor is in the History tab from the database, and whats more handy than to have realtime access to the login logfiles to see which IP logged in under that name ? The login logfiles are not big , names, day and time stamp and IP, perfect for fast search. Section 215 of the US Patriot Act back-doors are not only applied to US firms in the USA but also to assets they own in foreign countries (like Amsterdam). As it nicely states on Misplaced Pages:Why_create_an_account? "Edit without revealing your IP address (which can be used to trace your physical location) to the public." read that as we reveal your IP to all authorities. In 2007 the text about who could see your IP number was different. Lets get these A4 posters printed :) Mion (talk) 14:47, 27 November 2014 (UTC)

That's a nice theory that only has four flaws. Flaw #1: the login logfiles don't actually link username to IP. Flaw #2: our entire codebase is open source. Flaw #3: the point the login message makes is that non-logged-in IPs are public. And, Flaw #4: I do IP-based geolocation for a living, and it's about as accurate as getting a map of the world and drunkenly flinging a dart at where some bloke in a pub said the user lived. Source: I'm the WMF traffic researcher and spend all day dealing with (1) our request logs and (2) the IP addresses within them. Ironholds (talk) 16:42, 27 November 2014 (UTC)

Flaw 1# lets keep it with the 2007 version Your IP address is still saved and accessible to users with Checkuser permission Flaw 2# Yes, the NSA has its own hard and software to zap databases and logfiles, declaring something about our own says nothing. Flaw 3. This discussion is not about non-logged in users. Flaw 4. I did some writing on geolocation in 2006, i think the flaw in it is that you relate your own experience with the experience at the NSA. Mion (talk) 01:29, 28 November 2014 (UTC)

As far as I know (read: from working with this data) that applies to edit and log actions, not to log-in actions. And I think your problem is that you assume anything possible, even the implausible, is plausible when done by the NSA. That's not how it works. Okeyes (WMF) (talk) 13:11, 1 December 2014 (UTC)

Although I think this in particular is far fetched, I should point out that what lots of people thought implausible for the NSA to do a few years ago, actually turned out to be true. Cenarium (talk) 13:37, 1 December 2014 (UTC)

• "Flaw #2: our entire codebase is open source."

Is it? MediaWiki is (and yes, I've read it). I have no idea what WP runs on. It might be MediaWiki, it might be NSAWiki. It might even (trivially) be MediaWiki with the NSA_Snooper extension added dynamically. Andy Dingley (talk) 19:28, 5 December 2014 (UTC)

What is the point in this discussion? The direction it appears to be headed in is kind of confusing me. You think the National Security Agency stores the internet? What does that have to do with IP logs and whatnot? Dustin (talk) 01:37, 28 November 2014 (UTC)

You are right, the WMF could contact In-Q-Tel] and ask them to provide help for the -extension for direct linking into the NSA database to saved versions of webpages. The proposed fallback wayback machine. Mion (talk) 02:04, 28 November 2014 (UTC)

Let's get this straight.

• NSA stores the whole Internet No, they can't.
• Even if they could and had a "wayback machine", they wouldn't want the public to know, and of course they wouldn't allow the public to access it (Do they really want to cause another public outrage?)
• Even if they allowed the public to access it, access would still be limited to public-visible parts of the archive (It would be illegal for us to access the private portions of the websites), which makes it no different from the existing archives. Anyway, it doesn't make sense for us to collaborate with a organisation that has a negative public image and (according to your "backdoor" claim) does harm to the security of our infrastructure.
• Even if all above were true, the entire stuff has nothing to do with WMF employee name removed and the "backdoors" in our software. And how can you know WMF employee name removed has a relationship with NSA? I take your statement as an attempt to attack and defame WMF employee name removed.
• After all, they have far better ways to access our users' data apart from injecting "backdoors". They are already tapping the wires, and can grab a SSL certificate of ours by simply asking our CA.

Zhaofeng Li 03:24, 28 November 2014 (UTC)

Well, we could attempt asking for help, like this :D --NaBUru38 (talk) 17:45, 28 November 2014 (UTC)

I removed the groundless accusations that a WMF employee has connections with the NSA. This behavior is unacceptable. Oiyarbepsy (talk) 16:36, 5 December 2014 (UTC)

Also, see Misplaced Pages:Administrators' noticeboard/Incidents#Groundless accusation against WMF employee. Oiyarbepsy (talk) 16:41, 5 December 2014 (UTC)

Draft version

I think each Misplaced Pages article should have a draft version whose title is "Draft:" followed by the name of the article and the link for it should be between the link titled "Article" and the link titles "Talk". The draft version should exist so that people will feel free to add in information they can't find a source for that they're not all that sure is true, then an experience person will add that information to the article itself if it turns out it belongs and a source exists for it. A draft version would be so much faster for people to go through to figure out the best way to improve the article than the talk page. For example, it would have allowed me to add in the information I figured out in Talk:Freeze-drying#How freeze drying works. Blackbombchu (talk) 01:15, 20 November 2014 (UTC)

The danger is that parallel versions of an article may develop, and it will not be as easy to attribute each edit when it comes to merging them. However your suggestion might work well when an article becomes fully protected because of disputes, as it would be easier for editors to discuss changes when they can see what they look like in the article. If this idea gains any support, I may ask at WP:VPT whether there is any technical reason if a tab for "Draft" cannot be placed in the position you suggested. — Martin (MSGJ · talk) 11:32, 20 November 2014 (UTC)

Interesting how some good ideas can get lost on this page. What do other people think of adding a link somewhere to a draft version, if an article is fully protected? — Martin (MSGJ · talk) 20:35, 26 November 2014 (UTC)

I believe that there is a limited de facto tradition of using the Talk: namespace for this purpose already; see WP:SUBPAGE. As noted, there can be issues with appropriately attributing edits if content is copied from a draft page (in any namespace) to the article. In general, I would be concerned that such pages will become a storage and dumping ground for the worst POV-pushing detritus that has been excised from (or which fringe proponents can't quite force into) the main article. TenOfAllTrades(talk) 20:52, 26 November 2014 (UTC)

For the aforementioned reasons, I would say that the use should likely be restricted to fully protected articles (for dispute or another reason). I saw this being done already at Draft:Gamergate controversy, but, pathetically, there has been some edit warring on the draft itself. It wasn't that bad though and there has been some good work. So I think it's worth mentioning this possible usage at WP:Drafts, it's less cumbersome than a talk subpage. We just need to make a talk page template, as was done at Talk:Gamergate controversy, and a template on the draft itself too, which will allow to track those and limit misuse. I don't think that a tab is required. Cenarium (talk) 21:13, 26 November 2014 (UTC)

How about a link to the draft version in {{pp-dispute}} or {{pp-vandalism}}? I certainly agree that the draft namespace is far preferable to the talk page draft, and I have left a suggestion on Help talk:Talkspace draft that the practice now be discontinued. — Martin (MSGJ · talk) 11:08, 27 November 2014 (UTC)

• I oppose the idea of putting sandboxes for any article, fully protected or not, in the Draft: namespace. I support putting sandbox pages on a new article named name of article/sandbox. While I entirely understand that "subpages" are disabled in the article mainspace, that doesn't really mean anything for this purpose. The only technical reason that this isn't done, "you may land on a sandbox page from Special:Random, can easily be fixed with a little javascript (which I would suggest go directly into common.js or at very least be an on-by-default gadget). I'll develop that script later today and test on testwiki. I'll be back in a couple days for an update or as soon as it is done. — {{U|Technical 13}} 17:35, 1 December 2014 (UTC)

New Misplaced Pages

How about English Fanon Misplaced Pages? There have been plenty of vandalisers adding made up content into articles, so if they could make this information up themselves in this Misplaced Pages, it might get rid of some.

Every image and template from this Misplaced Pages could be copied over so no re-uploading is required. 89.240.248.49 (talk) 21:47, 21 November 2014 (UTC)

Fanon? I might be from the wrong culture, but that's meaningless to me (and my spellchecker). HiLo48 (talk) 22:22, 21 November 2014 (UTC)

If only there was a place to look up the meaning of Fanon ;-) I didn't know it either but I assume it's about the meaning in

• Fan-based fictional canon

The Internet already has plenty of places to post fiction. The attraction to vandals is to mess with the real Misplaced Pages. I don't think this would have any noticeable effect, apart from creating more places to patrol for legal issues like libel and copyright violations. PrimeHunter (talk) 02:05, 22 November 2014 (UTC)

Just an idea. 89.240.248.49 (talk) 21:01, 22 November 2014 (UTC)

Erm! a Misplaced Pages specifically designed for vandals to wreck? Is that a wise idea? I know, why doesn't a vandal create a whole new website called Vandalpedia, and then they'd have the playground they have always dreamed of. Wes Mouse |  21:20, 22 November 2014 (UTC)

One wikia is enough I guess. Internet is a place of knowledge and creativity not vandalism. Oh, Vandalpedia is hilarious-total mess. zlouiemark 02:59, 28 November 2014 (UTC)

ExpertIdeasBot

We are a group of researchers at the University of Michigan, Carnegie Mellon University and the University of Pittsburgh. Our research aims at discovering ways to motivate academic researchers who can be considered domain experts to provide feedback about Misplaced Pages articles in their area of expertise. The goal of the bot is to make the process of posting comments on article talk pages easy for users who are not familiar with Misplaced Pages markup language. The users who have access to this bot are experts in different scientific fields such as psychology and Economics and the purpose of the comments left on the article talk pages are providing information on how the article can be improved. We have designed and implemented the bot, and already passed the trial period. We will appreciate it if you take a look at our bot proposal at Misplaced Pages:Bots/Requests_for_approval/ExpertIdeasBot, and help us to expedite the approval procedure. I.yeckehzaare (talk) 04:27, 22 November 2014 (UTC)

I.yeckehzaare, I think you'll want to look at WP:Flow for long-term planning. WhatamIdoing (talk) 16:51, 30 November 2014 (UTC)

Deferred changes

This is a new draft proposal, available at Misplaced Pages:Deferred changes, combining Misplaced Pages:Deferred revisions and Misplaced Pages:Pending changes blocks, and superseding both. Comments are welcome. Cenarium (talk) 11:27, 23 November 2014 (UTC)

Log in with SSL and Textsecure

As the security of SSL (https://) is broken, see Bullrun and BREACH its time to wrap SSL into TextSecure against MITMA and SSL key snooping.

For the time beeing, next to normal login with SSL, the option Login with TextSecure depends on using a browser plugin.See . Aldo Misplaced Pages is not Wikileaks and each contributed statement must be verifiable, see WP:VER, even contributing to a WP article in which you point to certain source may have consequences in certain countries and results in a timely visit from the state and in the best case, they just search your house. If for example WP would have an article on this every editor would be of interest to lay consequenses upon. The proposal is for a start to enhance Login and Misplaced Pages:Flow with TextSecure and see where it goes from there. Whatsapp finished their end-to-end encryption implementation within a few months. Mion (talk) 03:54, 27 November 2014 (UTC)

We cannot rely on thrird-party plugins to be installed on an editor's computer. -- ] {{talk}} 09:16, 27 November 2014 (UTC)

Solution, make a WikipediaTextSecure plugin for the 3 major browsers, or have the 3 major browsers integrate basic support for the textsecure protocol. Mion (talk) 09:34, 27 November 2014 (UTC)

For a start without plugin, make a securetext login for CyanogenMod (android) as that seems the first to include the protocol, it seems Firefox OS and Linux will follow.. Mion (talk) 09:46, 27 November 2014 (UTC)

Your solution for Misplaced Pages becoming more secure is for us to build and maintain security-based browser extensions? That's never going to happen. More importantly, the TS protocol is new enough that "not broken" doesn't mean "secure": it'd be a ton of effort for not necessarily any gain. Ironholds (talk) 16:59, 27 November 2014 (UTC)

No. SSL isn't broken; rather, some of its implementations are broken, and there's no guarantee that TextSecure isn't broken just as much, if not more. Jackmcbarn (talk) 23:14, 27 November 2014 (UTC)

There are no guarantees in life but TextSecure is open source and reviewed by the top of encrypto and the software stack itself is the best you can get at the moment in the public market (and for free) and yes security depends on more elements. SSL/TLS faces a similar problem as the email protocol it cant handle or protect against the current methods available on the internet. Even if you make the best implementation of a TLS its approach is based on the internet in 1994, (yes, that was 20 years ago) and as such it is not secure at all.Mion (talk) 01:07, 28 November 2014 (UTC)

Yes, it's sighted by security experts, but that doesn't mean it's proven. SSL is. Zhaofeng Li 03:28, 28 November 2014 (UTC)

I suppose you mean the SSL interception business is a proven technology ? , ProxySG, , , for another example read kwalliso.Mion (talk) 23:09, 28 November 2014 (UTC)

They all require injecting a trusted certificate into the client, which has been done for ages in offices, schools and the like. It does not mean SSL itself is insecure. Moreover, the same thing can be done to TextSecure. Zhaofeng Li 00:17, 29 November 2014 (UTC)

Sure, certificates can be an issue, but on state level it might be enough to intercept the first packages and make the WP servers believe they communicate with IE8/XP, the result would be No FS No SNI TLS 1.0 TLS_RSA_WITH_RC4_128_SHA (0x5) RC4 128, (the current response from the WP server, RC4 is known from WEP) anyway, to get back to end-to-end encryption maybe an idea to include Surespot to WP Mobile editing ? Considder seeing an edit as an internet message (like chat) :) Mion (talk) 02:48, 29 November 2014 (UTC)

Some points:

1. Text secure in browser's own authors state: "This is very early stuff and exists primarily to get the crypto in place. This does not currently work, dont bother trying to use it seriously yet". That's the polar opposite of tried and true security.
2. Given its a browser plugin, that means we'd have to still support clients that don't have it, in which case one would (probably) have to rely on TLS to get it to the browser, so if TLS is broken than an adversary could just intercept the connection and remove the plugin, and thus having it doesn't actually prevent a TLS is broken attack (Maybe? I'm a little unclear on how precisely its proposed such a thing would be used, or how precisely the plugin works).
3. Contrary to popular belief, TLS is not (as far as we know) broken when used properly. Its had it slightly rough recently, but that's not entirely a bad thing, it means people are checking it carefully.
4. The cardinal rule of cryptography are generally: Never roll your own (including avoid using existing solutions in novel ways) and only use things with long-term proven track records. This doesn't really have the track record (yet)
5. "but on state level it might be enough to intercept the first packages and make the WP servers believe they communicate with IE8/XP" - no. TLS has protection against cipher downgrade attacks. In order to pull that off, you not only have to intercept but you would have to be able to break 2048 bit RSA in real time (As an aside that's not really relavent, it should be noted out that our sites do not work without SNI (AFAIK, haven't tested))
6. Surespot: Reading doesn't exactly inspire confidence (Seems like there's quite a bit of trust in the central server. Although that could just be that their technical details are not being precise enough). I'm also not sure how it really applies here.
7. If the adversary you are concerned about is the secret police of some facist government, then end to end encryption is not the right solution. Encryption hides the contents of the message, not that there was a message. This is especially problematic in the case of wikipedia where the timestamp of every edit is available. All the secret police have to do (assuming they can passively monitor your connection. Probably the case) is get a list of all the times of all the edits made by the pseudonym, check to see who sent a message to Misplaced Pages at those times. This is probably enough to uniquely identify you. If it isn't, then also factor in the size of the requests to wikipedia (Because page sizes are easily discoverable), and it definitely enough to track you down. If you want to defend against this type of adversary, convince the Misplaced Pages powers that be to allow TOR (There's even systems that take in account the potential for vandalistic abuse! )
8. If you're more worried about password security and someone compromising your account, an approach that is more likely to yield better effective security, would be to convince people to (optionally) allow two-factor auth and client TLS certificates

Bawolff (talk) 05:11, 30 November 2014 (UTC)

I think they need to update their websites as both Open WhisperSystems and Snapchat have a downloadable implementation which is not browser based but for Android and IOS for now. Wrapping up TLS in Textsecure has another advantage, beeing that for every edit/message a new key is generated, you can break one message, but have to do it for every next message/edit too, instead of breaking it once and reading it all. When it comes to security one should not assume it is not broken. 3. As OS and browser are spoofed the WP server has no knowledge about cipher downgrade, it will communicate on the highest standard possible for that combination IE8/XP and that is RC4, the weakest spot. A better solution would be to prevent login and point to a browser choice that supports better standards. As for FS and SNI you can see that here.. As for not rolling our own, see TextSecure#Architecture OTR and Curve25519, AES-256, and HMAC-SHA256 are well tested over time. Mion (talk) 10:08, 30 November 2014 (UTC)

the highest combination possible is secured with the authentication algorithm (RSA 2048 in the ie8 case you mentioned) not the chosen cipher algorithm. You can only fake being ie8 if you can do a MITM for any connection type. Most browsers support forward secrecy, so im not sure what you mean when suggesting forward secrecy is a benefit of text secure, we already have that (except for IE8). The text secure primitives are definitely time tested (after all aes, hmac-sha256 are the same primitives TLS uses) however using text secure in a new environment (to secure web pages instead of text messages) could cause new issues, and that is what has not been well tested.Bawolff (talk) 17:45, 30 November 2014 (UTC)

Well we have a very experienced crew in testing, see m:VisualEditor and m:Wikimedia Labs, as for why it is so interesting to be the one in the middle, just read about X.509, WebRTC, AJAX and Intel AMT and how the internet is broken , and how an edit can end you up in psikhushka. Now, if we imagine a world where it is better not to login or make edits on the internet it would directly hurt Misplaced Pages as more and more editors would drop out and WP is no longer based on the wisdom of the crowd, there is no more NPOV as making edits with an opposing (or just contradicting) view are not made. With storage space and internet speed rising fast see 5G and Fiber to the x it might be possible that readers will go for a one time download of a single WP language version in a prepped sandbox to achieve security. And that is exactly the opposite from what we wanted to achieve with the VisualEditor. All in all implementing Textsecure is just a small part of the solution, if we want to keep our editors the next step would be to follow Facebook and give access over the Tor network.. No worries ClueBot NG will help us with Tor, so hopefully we will remain in charge of the technology for a decently long time. Mion (talk) 16:35, 3 December 2014 (UTC)

Create a "Questions and Answers" portal to Misplaced Pages content

I would like to see creation of a new portal into the Misplaced Pages content organized around questions and answers. The portal would be a structured set of questions that have factual, but complex answers. For example:

• Why does matter have volume?
• How did the 40-hour work week become widespread?
• Why does the sky appear blue? --Lbeaumont (talk) 23:00, 29 November 2014 (UTC)
• What, if any, causal relationship exists between the unemployment rate and the inflation rate? --Lbeaumont (talk) 23:00, 29 November 2014 (UTC)
• How did the first kings gain their power and perceived legitimacy?

The answers would rely heavily on links into to existing Misplaced Pages articles, or a short narrative linking to several articles. Trivial questions that can be answered by reading a single existing Misplaced Pages article obviously related to the question (e.g. when was Bruce Springsteen born?) are excluded. Unanswerable questions, typically because it is a matter of opinion, or is unknowable such as: "Was the Judge correct in vacating Ray Rice's suspension" are similarly excluded. Perhaps we can refer people to Quora or similar sites for these questions.

Thanks! --Lbeaumont (talk) 21:19, 29 November 2014 (UTC)

• For the answers to most of those questions, Lbeaumont, possibly try the WP:RD. — {{U|Technical 13}} 00:12, 30 November 2014 (UTC)

  Thanks, that is helpful. Are there plans to arrange the existing material into structures that make it more accessible? Also, perhaps the reference desk deserves more visibility; this is the first I am learning of it and I have used Misplaced Pages often for several years.--Lbeaumont (talk) 01:07, 30 November 2014 (UTC)

• Wikiversity has some question-and-answer material, mostly for classroom purposes. WhatamIdoing (talk) 16:53, 30 November 2014 (UTC)

Memo Application

Greetings Wikipedians,

Down below, please find a proposal brief re: a digital memo application.

           General function of the application:

- Enable readers to create digital memos that can be stored and later retrieved on the Misplaced Pages’s platform; where the application can be found on the < top right bar > next to the user’s profile page.

            Overview: 

Currently, English Misplaced Pages includes 4,658,450 articles and it’s increased every day with over 800 new articles.

Today, roughly 40% of the world has an internet connection, which presents a tremendous need for people in developing countries to be able to access web pages in their native language, and tools to assist with their information and gathering purposes.

            Use Case: 

Take for example, a teacher in Kenya may be researching various topics using Misplaced Pages. Today, if he or she wants to remember the information for a later time, he or she may copy the information onto 3rd party software to retrieve later.

But could there be a more convenient way for the reader? Where instead of taking the content onto another platform, the notes from the reader, can be saved onto the Misplaced Pages platform.

             The Proposal

One-click digital memo application that enables the reader to:

- Create a private digital memo ( visual reference: yellow mini note found on the top right hand side of the user’s page ) - Bookmarks the web page where the memo is created and saved onto the reader’s profile page. ( visual reference: paper-clip )

             The Benefits:

- Useful application that would make a great addition to the Wiki tool set - Easy to use ( 1 click process to creating note ) - Memos are private and non intrusive - Bookmarks the Misplaced Pages page

             Application Considerations:

- Once a memo is placed on the Misplaced Pages page, it may cover the top right hand section of the page. To mitigate this, the top memo bar can collapse once the notes are made.

- Too many memos can get confusing and disorganized.To trouble shoot this issue, colored folders can be created by the user and tagged.

These are the two main considerations, if there are others, we can add them to the bug fix and development list.

Welcome your feedback. CitynSea (talk) 02:15, 1 December 2014 (UTC)CitynSeaCitynSea (talk) 02:15, 1 December 2014 (UTC)

Actually, I made a tool called Scratchpad a while ago, which is simply a wiki sandbox that resides entirely in the browser. This way, users can take memos privately, without polluting the wiki. Zhaofeng Li 13:22, 1 December 2014 (UTC)

You point out the main problem exactly: 3rd party software for this already exists. Adding a memo program to an encyclopedia makes about as much sense as adding an encyclopedia to a memo program. It's feature creep. It's one more feature for new users to learn, increasing the learning curve. And it's one more feature for the limited development staff to design and maintain. Mr.Z-man 13:41, 1 December 2014 (UTC)

If you really wanted this, you could write it as a user script. As others have said above, though, there doesn't seem to be a very wide use case for it. Jackmcbarn (talk) 21:07, 1 December 2014 (UTC)

People who want to take notes for future reference can also create WP:user subpages and link to it from their user page. – Philosopher  23:08, 1 December 2014 (UTC)

Require non-deleted non-talk edits for autoconfirmed check and reset after a block

First, this isn't for experienced vandals and socks, it would be a pointless exercise. It's for inexperienced ones, and not really for the classic semi-protection or move rights that autoconfirmed gives, but for the edit filter. The edits filters very often check only edits by non-autoconfirmed users, so it makes sense to require ten non-deleted non-talk edits if we want to keep detecting newly created 'bad' articles, spam and vandalism from those new accounts when they didn't get indef-blocked (yet) so risk becoming autoconfirmed. Requiring non-deleted edits means we'll still be able to check for persistent (re)creations of problematic articles, and talk edits wouldn't be counted because they could easily achieve that just using their talk page. And in case of a temp block, the check should reset : 4 days and 10 non-deleted non-talk edits since the end of the block. This would prevent many of them from passing through the loopholes of this system. This is sufficiently targeted so as not to make auto-confirmation harder for good faith contributors. I'm not including userspace edits for example so that edits to user drafts are still counted. Cenarium (talk) 08:24, 1 December 2014 (UTC)

So, just to understand - autoconfirmed is only granted to users with 10 non-deleted edits. And when an editor is blocked, autoconfirmed is blocked, and the edit counter resets to zero? Is that the suggestion? What about editors who make 15 edits, but then the page gets deleted, would autoconfirmed by revoked? Oiyarbepsy (talk) 16:51, 5 December 2014 (UTC)

biographies of deceased people: current age

I suggest a global content change for all biographies of deceased people. The information I would like is: If this person were alive today how old would they be?

Advantages: I think they are numerous as despite dates being listed, converting that information automatically to something more easily understood like age would be make the biography more personable and approachable. Just think of some historical figures and then think, oh, that’s how old they would be... It’s just as useful as the current age given now in biographies rather than expecting the visitor to do the math, and obviously well suited to the dynamic wiki format.

Disadvantages: It would need a short abbreviation and be easily explained to the visitor. — Preceding unsigned comment added by Wetbadger (talk • contribs) 20:29, 1 December 2014 (UTC)

I don't really see the value in this. I suspect the number of people wanting this information is low and for anyone who does want to know, taking two numbers away from each other is only a google search away. Sam Walton (talk) 20:54, 1 December 2014 (UTC)

List of Pulitzer Prize winners

Help me with List of Pulitzer Prize WinnersSonictheHedgehog99 (talk) 00:30, 2 December 2014 (UTC)

The only content of the deleted page was "help make this". Don't create articles without real content. If you don't want to write an article yourself then you can request it at Misplaced Pages:Requested articles. {{Pulitzer}} already links to 21 articles with lists of winners of the 21 different Pulitzer Prizes. If your idea is to list all of them together then it sounds too long for me. PrimeHunter (talk) 03:10, 2 December 2014 (UTC)

How can this list be auto-generated? I.e. it seems like a semantic web query. Implicit in the idea of winning a specific Pulitzer Prize is the general assumption that one has won the Pulitzer Prize. --Brylie Christopher Oxley (talk) 08:43, 3 December 2014 (UTC)

Technically speaking, it would be very easy to just WP:TRANSCLUDE] the various lists together - but that really has no benefit to leaving the lists separate. If a general list is going to be beneficial, it will probably need more than just that. For now, though, I've created a redirect at List of Pulitzer Prize winners for the benefit of those who don't know about the separate lists. – Philosopher  19:41, 5 December 2014 (UTC)

Auto-generate lists with filtering and sorting

Hi all,

I notice a lot of 'list of ...' pages on Misplaced Pages. What are some efforts to standardize formatting and/or create automatic lists with filtering capabilities? It seems like it is a lot of work to create these lists and keep them up to date, as well as duplicate data, where an automated solution might prove effective.

Thanks for your feedback,

--Brylie Christopher Oxley (talk) 08:33, 3 December 2014 (UTC)

The main effort "to standardize formatting and/or create automatic lists with filtering capabilities" is called Wikidata. WhatamIdoing (talk) 08:49, 3 December 2014 (UTC)

Proposing function to substitute user talk page vandalism with a wiki-love message

Because it seems to me to be maybe one of the most effective way to stop people seriously misusing user talk pages. John Carter (talk) 23:20, 3 December 2014 (UTC)

I support this, but I think you can just go ahead and do it if you want to. Be mindful that refactoring an angry person's comment is likely to be taken poorly, and be careful you don't end up with a catsplosion on frequently vandalized pages. Ivanvector (talk) 02:55, 4 December 2014 (UTC)

• Ivan, I'm guessing that John is proposing a bot or an edit filter or some automated way of having this done. Not asking if it is okay for users to make the change manually. Either way, if a method can be devised to accurately identify edits as vandalism on a consistent basis, then I could support this. — {{U|Technical 13}} 03:15, 4 December 2014 (UTC)

Well, ClueBot does an alright job of it. Perhaps adapt the code to detect vandalism in talk spaces only, or make it an opt-in thing for user talk pages? Ivanvector (talk) 04:28, 4 December 2014 (UTC)

Thank you for noticing, John Carter. Bearian (talk) 16:15, 4 December 2014 (UTC)

Basically, I guess I was thinking if there might be some way to add something to the "rollback" or "rollback (vandal)" functions on edit history reviews which might automatically take you to the wiki-love app for adding a kitten or beer or something. I should note that yesterday I gave User:Nishidani two beers, and may be potentially starting him on the road to alcoholism, doing this, and Bishonen a troll-munching kitty. John Carter (talk) 17:27, 4 December 2014 (UTC)

Templates for Mobile Broadband/Phone Users

Since that unless working for IPv6, which can be used to uniquely assign address per SIM card/CDMA Phone to unique IP address, IP address of Mobile connections will be always almost the same. Additionally, vandalizers take advantage of this arrangement, forcing editors, like myself, to take additional precautions to prevent false linkage by Checkusers to another user or IP vandalizers. The template will show the following:

• The username
• Their affiliate mobile network carrier/ISP
• The IP address/address range of the mobile network (optional)

Any comments are helpful. - gacelperfinian 06:44, 5 December 2014 (UTC)

Do you mean for user pages? We already have Template:Mobile IP for IP pages. Sam Walton (talk) 10:31, 5 December 2014 (UTC)

Yes, but I mean is for registered users, not for IP address itself (please read the idea again above, if you have time). - gacelperfinian 01:28, 6 December 2014 (UTC)

As you have said, every SIM card/phone will have its own unique IP address. This actually makes it harder for vandals to impersonate you, as they will have to get hold of your phone to use your IP. Since this is very difficult, I suggest the opposite: CheckUsers can treat such IPs as a strong evidence of sockpuppeting. Zhaofeng Li 02:06, 6 December 2014 (UTC)

I don't think that's actually true. A lot of providers throw everybody on the same two or three IPs. And they hop a lot more than desktop connections. Oiyarbepsy (talk) 02:29, 6 December 2014 (UTC)

Clarification. You have a different address only on IPv6, which is naturally not deployed on most of the mobile world. IPv4, which is still stuck upon despite a recommended change to IPv6 will simply invoke minor disruptions on everyone's part, is extinguished and the users are pooled only to one, sometimes 10, and sometimes, like on my network, a /24 (256-address)-pool network. Actually, I've experience a hard block because of unrelated vandalism for one month due to my mobile connection. - gacelperfinian 03:41, 6 December 2014 (UTC)

I believe you can request an exemption from such blocks. Oiyarbepsy (talk) 03:49, 6 December 2014 (UTC)

Yes, but what if you are accused with a rogue account that you don't know then, of course, you can be accused falsely even if you never do such thing, because of the plain reason that sockpuppets never interact with their masters to hide their tracks. - gacelperfinian 04:01, 6 December 2014 (UTC)

Possible tightening of BLP criteria

I have been musing about this for a while and am trying to come up with something objective - BLP issues have been the subject of much discussion over the past 6 years or so, and WP:BLP1E was one development, as was the deletion of pages that were marginally notable if the subjects wanted their deletion.

I am not thrilled about the idea of someone influencing content in a big way, but am mindful that maybe we could be tighter with criteria in an objective way that allows us to remove some more marginal people.

My idea is something like this - A BLP subject may be considered not to warrant inclusion if they are not able to be mentioned in detail on an existing article (but otherwise have appeared in tabloids i.e. famous for being famous). Thus they need to have won something, played a role in a film, been elected, invented something, something "encyclopedic" as it were.

This might resolve issues like the following:

Some years ago. Jimbo nominated Mimi Macpherson for deletion (see Misplaced Pages:Articles for deletion/Mimi Macpherson). Now us Aussie editors know this person as Elle's sister and she has fulfilled notability quite easily with mentions in media etc. However, if you look at what articles might mention her they are only very minimal mentions, so if we had a criterion something like

"must be notable enough to warrant a significant mention on a nonbiographical article"

as an extra criterion for notability, it might be that she would not pass this and hence her article be deleted.

Apologies to Mimi for using her as an example (if she ever comes across this), but I felt that it illustrated the point of a person who fulfils generic notability criteria but some might argue in unencyclopedic.

Anyway, what do folks think? Cas Liber (talk · contribs) 05:33, 6 December 2014 (UTC)

• Misplaced Pages noticeboards
• Misplaced Pages proposals
• Pages automatically checked for accidental language links