Wikipedia:Arbitration Committee/CheckUser and Oversight/2011 CUOS appointments/CU/Keegan

Keegan

 * Nomination statement (250 words max.)

I would like to continue to serve the English Wikipedia as a CheckUser after the my term on the audit subcommittee expires. My work on Wikipedia always has been and always will be back-end maintenance and accountability- something that CheckUser continues to offer me. I've processed SPI cases with diligence to the substance, circumstance, and policy without issue to accept and process or decline requests. I am knowledgeable of the practice and application of the Wikimedia Foundation privacy policy, already serving as an OTRS administrator, English Wikipedia community elected administrator and oversighter, and one of three community selected members of the AUSC. I can be trusted to use the Checkuser tool in a knowledgeable and beneficial way to the English Wikipedia.

Standard questions for all candidates
Please describe any relevant on-Wiki experience you have for this role.
 * A: I've been registered and active on Wikipedia for six years now, and in routine editing, reverting and reviewing vandalism, comparing account behavior and other duties administration takes has seasoned me for processing SPI reports and private reports. I know how to work behavioral evidence and technical evidence to come to the proper conclusion in requests for CheckUser.

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.


 * A:None, really. On the job experience here.

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?
 * A: I am one of a handful of Volunteer Response Team leaders (OTRS admin), an English Wikipedia community elected oversighter and a bureaucrat on ten wiki. Ten doesn't count for much :)

Questions for this candidate
Being a checkuser, would you be willing to help with the Checkuser backlog at WP:ACC as there are usually up to 6 requests waiting about 5 days+? -- DQ  (t)   (e)  19:30, 26 September 2011 (UTC)
 * A: The ACC team does a fine job. Frankly, I'm unlikely to participate in this aspect of CheckUser.  I'm subscribed to unblock-l on an alternate email, and I see the volume it takes for ACC.  Unfortunately, I don't quite have the time in the day to fit in another interface between email, Wikipedia itself, and OTRS.

Would you be proactive in looking at the open cases at SPI to see if they could use a checkuser when your term with AUSC committee? -- DQ  (t)   (e)  19:30, 26 September 2011 (UTC)
 * A: This I have been proactive in and will continue to do so. Processing SPI requests is my primary interest, and particularly paying attention to the fact that all endorsements do not mean a check is warranted.  It is important read over the evidence and not hop through the hoop.

As a CheckUser, you will likely, from time to time, coordinate and communicate with the Stewards. What cross-wiki experience can you bring that can help out not only the Stewards, but editors, administrators, and CheckUsers on other wikis? –MuZemike 21:35, 26 September 2011 (UTC)
 * A: I've gained experience already on the AUSC, being subscribed to the CU mailing list and the CheckUser Wiki. I've familiar with whom to contact with local questions and how different projects interact.  Additionally, when I worked for the Wikimedia Foundation last year on Fundraising 2010 one of my jobs was community outreach, working with nearly a hundred different wikis assigned to me (including Commons and Wiktionary).

In your own words, what are the main differences between the WMF's CheckUser policy and the privacy policy? –MuZemike 21:35, 26 September 2011 (UTC)
 * A: The CheckUser policy outlines when it is appropriate to gather information. The Privacy Policy covers when and how non-public information can be disclosed.

Under what circumstances do the above policies give on the release of CheckUser data? –MuZemike 21:35, 26 September 2011 (UTC)
 * A: Pretty much just user consent- though I would still avoid actually releasing data- and legal compelment. In the case of the former, we don't use CheckUser to prove innocence (it can't).  For the latter, legal requests to me are properly referred to certified mail to the Wikimedia Foundation's registered agent.

Give some examples on when CheckUser requests of a sensitive nature or discovered CheckUser results of interest that would not be posted on-wiki. –MuZemike 21:35, 26 September 2011 (UTC)
 * A: Nothing beans related, such as discovering a virtual private network, TOR node, or other proxy that is hard to read and could be problematic. Administrators caught socking would be another example, as well as block/ban evasion that is best handled by the Arbitration Committee.

In April 2011, you were appointed to ArbCom's Audit Subcommittee. What experiences do you bring from there that would be an asset for you as a full CheckUser? Note that I am not looking for specifics, but more general experiences as a result of your time on the subcommittee. –MuZemike 21:35, 26 September 2011 (UTC)
 * A: Having the experience of already using the tool and how we process it on the English Wikipedia. Basically, it's like I've been to a training camp before coming to tryouts.

Checkuers are often relied on to determine whether someone is using anonymising proxies to perform their sockpuppetry. Please describe your general experience in this area. Please also describe, preferably with an example, how you (would have) suspected, identified, confirmed, and blocked a socking open proxy on Wikipedia. -- zzuuzz (talk) 17:19, 28 September 2011 (UTC)
 * A: I'm quite familiar with how proxies work and that they exist outside of TOR. I personally have never bothered to try to use a proxy, but know how they are set up and operate.  I'm not sure how to adequately explain general experience other than having checked for proxies in a non-checkuser capacity but as an admin of five years.
 * As for the second part, I'll be careful to not get too beansy. A great amount of misuse by proxies come from either Anonymous or long-term abusers.  UserAgent data (the information our computer sends to every website we visit) from a proxy contains additional data that can be used to match other information from the check when the IPs are vastly unrelated. For detecting open proxies, whatismyipaddress.com/proxy-check does a nice clean job of checking reverse DNS, TOR, and a few other methods.  I'm not computer smart enough to run Nmap and understand all of its data, but I do have a couple other bookmarks for online port scans.  Overall, open proxies are either quacking or are quite complex to get to the root.  Either way the response would be to block and if it's complicated, pass it along with pertinent information to a CU with deep experience in the field.  We have several and hopefully a more soon.

Comments

 * Comments may also be submitted to the Arbitration Committee privately by emailing 


 * Thanks Keegan for your work so far and your answers. Along with that I support your continuing support :) -- DQ  (t)   (e)  18:52, 3 October 2011 (UTC)
 * Yes. His record speaks for itself. sonia ♫ 05:22, 4 October 2011 (UTC)
 * Absolutely no concerns whatsoever. T. Canens (talk) 04:15, 5 October 2011 (UTC)
 * I trust Keegan and have full confidence in his abilities. -- &oelig; &trade; 15:07, 10 October 2011 (UTC)