Wikipedia talk:Requests for adminship/Shoessss 3

Username: Shoessss User groups: rollbacker First edit: Nov 15, 2006 17:01:15 Unique articles edited: 5,566 Average edits per page: 2.16 Total edits (including deleted): 12,009 Deleted edits: 2,113 Live edits: 9,896

Namespace totals Article 3751 37.90% Talk 243 2.46% User 266 2.69% User talk 2953 29.84% Wikipedia 2561 25.88% Wikipedia talk 63 0.64% File 6 0.06% File talk 1 0.01% Template 10 0.10% Template talk 20 0.20% Help 1 0.01% Category 9 0.09% Category talk 2 0.02% Portal 8 0.08% Portal talk 1 0.01%

Month counts 2006/11 33 2006/12 748  2007/01 932  2007/02 31  2007/03 201  2007/04 212  2007/05 1173  2007/06 833  2007/07 439  2007/08 216  2007/09 12  2007/10 14  2007/11 60  2007/12 480  2008/01 718  2008/02 689  2008/03 608  2008/04 189  2008/05 288  2008/06 192  2008/07 71  2008/08 17  2008/09 30  2008/10 9  2008/11 211  2008/12 626  2009/01 69  2009/02 17  2009/03 3  2009/04 93  2009/05 59  2009/06 17  2009/07 35  2009/08 230  2009/09 300  2009/10 40

Logs Pages moved: 7 Pages patrolled: 4 Files uploaded: 8

Top edited articles Article 84 - Banishment_in_the_Bible 63 - List_of_Nazi_ideologues 56 - American_Sound_Studio 42 - Murders_of_Channon_Christian_and_Christopher_Newso... 39 - Parkwood,_Philadelphia,_Pennsylvania 23 - Julia_Allison 20 - Sophienkirche 20 - French_Revolution 17 - Modern_School,_Lucknow 15 - Pearl_Harbor

Talk 44 - Murders_of_Channon_Christian_and_Christopher_Newso... 35 - List_of_Nazi_ideologues 21 - Heather_Wilson 3 - Parkwood,_Philadelphia,_Pennsylvania 3 - Stanford_Memorial_Church 2 - DeAngelo_Hall 2 - Julia_Allison 2 - Taftville 2 - McGuire_Air_Force_Base 2 - Banishment_in_the_Bible

User 116 - Shoessss 42 - Shoessss/barnstars 9 - Shoessss/Status 9 - Shoessss/Matt_Windman 8 - Shoessss/Tuan_Nguyen 7 - Shoessss/Edit_Count 6 - Shoessss/User_Boxes 5 - Shoessss/sandbox/RFA 4 - Shoessss/Host.net 4 - DGG

User talk 372 - Shoessss 49 - DGG 15 - Shoessss/Archive_1(counter)d 9 - Edgar181/Archive8 8 - AniMate 7 - Simplemines 7 - ChildofMidnight 7 - Daniel 7 - Pedro 7 - Urdna

Wikipedia 565 - Suspected_copyright_violations 65 - Administrator_intervention_against_vandalism 30 - Articles_for_deletion/Todd_Bardwick 24 - Requests_for_adminship/Shoessss_2 15 - Editor_review/Shoessss 14 - Articles_for_deletion/Homer_E._Woodling 13 - Requests_for_adminship/Kakofonous 11 - Articles_for_deletion/Banishment_in_the_Bible 11 - Requests_for_adminship/Jouster 10 - Requests_for_adminship/TenPoundHammer_5

Wikipedia talk 19 - Articles_for_deletion 9 - Requests_for_adminship 7 - Requests_for_adminship/Kakofonous 3 - Requests_for_adminship/Shoessss_2 2 - Articles_for_deletion/Cupids_(club) 2 - Articles_for_deletion/Gregory_Oswald_Griffin 2 - Articles_for_deletion/RiceRokit 2 - Requests_for_adminship/Somno 1 - Editor_review/Shoessss 1 - Requests_for_adminship/Nwwaew_2

File 4 - American_Sound.jpg 1 - Ocean_Front_Hotel_Post_Card.jpg 1 - BadgerBaiting.jpg

File talk 1 - Hopkins-Nanjing_Center.jpg

Template 4 - AFDWarning 1 - !/doc 1 - A_Fire_Inside 1 - The_Holocaust 1 - X1 1 - Barack_Obama 1 - Homo

Template talk 20 - Did_you_know

Help 1 - Edit_summary

Category 4 - American_Episcopalians 1 - National_Geographic_Society 1 - Modern_Japanese_weapons 1 - Images_with_unknown_source 1 - Images_with_no_copyright_tag 1 - Images_with_no_fair_use_rationale

Category talk 2 - National_Geographic_Society

Portal 2 - Africa 1 - Current_events/2007_May_22 1 - Mathematics 1 - Geography/Articles 1 - Military_of_ancient_Rome/Selected_article 1 - Germany/New_article_announcements 1 - Germany/Did_you_know

Portal talk 1 - History

Executed in 0.33 seconds Taken 1.76 megabytes of memory to execute.

Discussion

 * Admins are people to 'look up to' now? So much for 'no hierarchy', then. — neuro  13:52, 4 October 2009 (UTC)
 * If someone has exercised questionable judgement, they should not be an admin. Yes, I look up to admins because they maintain this fine site and deal with the crazies. tommy   talk  13:57, 4 October 2009 (UTC)
 * I take it from the above statement that you believe no one should be an admin, since everyone has "exercised questionable judgement" in the past. IMO we should be evaluating how editors will use the tools in the future.  This isn't about, will they be perfect with the tools, but will they be a net positive to the project if given the tools.  Admins are not perfect and no one can ask them to be.   GB fan  talk 14:27, 4 October 2009 (UTC)
 * I don't appreciate the condescending & intimidating tone from you or neuro. I'll clarify: He has exercised considerable questionable judgement per Julian. Thanks. tommy   talk  14:46, 4 October 2009 (UTC)
 * I apologize if my tone came off condescending. It is so hard to get emotions on a typing interface. I just was clarifying what it appeared you were saying in your post.  Thank you for clarifying what you meant.   GB fan  talk 14:52, 4 October 2009 (UTC)
 * It was not my intention to come off condescending. — neuro  17:31, 5 October 2009 (UTC)

Regarding Question 5 and subsequent discussion

 * Question from  F ASTILY 
 * 5. Would you ever consider blocking a registered user without any prior notice or warning? If so, why?
 * A:Yes - If a report comes in that an account has been hijacked, which has actually happen just recently, a block to that particular account, until the situation is resolved, is warranted.  Does that constitute without warning or notice?  Probably depends if you are the reporter or reportee.


 * 1) Oppose Plenty of problems, but the answer to Q5 is particularly perplexing. —Emufarmers(T/C) 21:00, 3 October 2009 (UTC)
 * Hmm, I was thinking that was one of the better answers. What am I missing? Were you just referring to the awkward "reporter or reportee" comment, or are you saying that this is not a time for a no warning block?-- SPhilbrick  T  02:43, 4 October 2009 (UTC)
 * I can see that some may not like the candidate not mentioning blatant vandalism accounts (many registered accounts are solely used from vandalism). Doesn't bother me, but I can see why some may be bothered by it. And yes, the "reporter or reportee" comment is very awkward and confusing. — neuro  13:17, 4 October 2009 (UTC)
 * No, the main problem for me is the notion that a report of compromise is sufficient reason to block an account. In the absence of CheckUser data&mdash;and if such data were present I would expect a CU to make the block&mdash;or behavioral evidence, a block would be premature.  Given the fallout that typically accompanies blocks of established users, and given the reversability of the actions a compromised account could perform in the short term, the case against such an account ought to be well-established before an administrator takes action. —Emufarmers(T/C) 21:30, 4 October 2009 (UTC)
 * I assumed that was what he meant by 'report'. — neuro  00:23, 5 October 2009 (UTC)

Vandalism only account

Neuro noted the possibility that some may be bothered by the absence of an example - specifically a vandalism only account, but I don't see how this could be such an example. I accept that a person may register an account solely for the use of vandalism, but I wouldn't think one would know that this is the case prior to seeing any vandalism. If you see the vandalism, I think you are required to warn before blocking. If you don't see any vandalism, how do you know it is a vandalism only account? I'm missing why this could be a legitimate example where one would block without prior warning or notice.

Checkuser does the block

I just reread WP:CHECKUSER. Understandably, the focus is on sockpuppets, where a single IP may be using more than one account. That isn't the situation in this case, where presumably an IP address other than the normal one may be accessing an account (I'll also note it could be the same IP—I recall instances, or at least claimed instances of a relative hijacking an account, which could be the same IP). Emufarmers assumes that if the CU does the check, the CU will do the block. Is this obvious? One possibility is that the CU performs the check, the simply passes the result on to the requester for action. Another possibility is that CU does the check, and then blocks, if a block is warranted. If the guideline is clear on this point, I missed it. It is clear that a CU needs to understand block policy, but I don't see clear guidance on who does the block. Furthermore, while it may be logical in the case of a sockpuppet, I don't see the same logic applying here. In the case of a confirmed sockpuppet, the CU needs merely confirm that the account owner does not have the rights for multiple accounts (and specifically, the account in question) and a block is in order. In contrast, I don't see the same logic applying in this case. First, we don't even know that a second person has logged on to the account, we have a report that the account is compromised, which may simply mean someone realizes they accidentally left their password out in the open. This is out of my area of expertise, but I assume CU provides no useful information if the person with the password hasn't logged in. Second, even if CU confirms that a different IP has logged in, if that prima facie evidence a block is in order? I log in from home, at the office, and occasionally other places. I can imagine that the identity of the second IP may be sufficient information to prove that an account has been compromised, but only in combination with other information, such as the original account owner confirming that the IP is not theirs. I can easily imagine a CU report simply passing the information back to the admin to determine whether the account has been compromised. Or perhaps we treat the information with such confidentiality that we do not pass the information back to the admin, but ask the admin to supply the relevant information to the CU to determine whether a block is in order. I'd be fine with those rules, but I suggest that the current guideline does not explicitly say so.

What should happen?

If I login in at the library, then leave, and upon getting home realize I left a paper with my password on it, I would contact an admin, with a report that my account might be compromised. I'd be surprised if the answer was to wait to see if someone used it to vandalize, as vandalism can be reverted, and blocking me might create greater harm. The situation is somewhat different if the report comes in from a third party, and the admin ought to perform due diligence to ensure it isn't a prank. While vandalism can be reverted, if the report is credible, isn't the best course of action to block the account, and add a note to the users page indicating that a credible report of a possible hijacking was received, and explaining how to proceed?-- SPhilbrick  T  17:15, 5 October 2009 (UTC)
 * Two things:
 * "upon getting home realize I left a paper with my password on it" Why on earth would you write down your password? That's security 101.
 * Surely you should change your password ASAP, then inform someone?
 * — neuro  17:34, 5 October 2009 (UTC)
 * Hello Hello  SPhilbrick  regarding neuro’s  statement as it now stands, in my opinion, you are absolutely right.  A block should only be performed after there is clear evidence that that account is being used for vandalism.  This would require warnings to be placed on the user’s talk page.  However, I believe neuro was looking at a situation where those warning can be supplied in quick secession, if after a review of that editor contributions show a clear pattern of vandalism.  Does that constitute clear warning if those warnings are placed in rapid order.  Ahhh yes and no.  My example was more drawn on where an account was hijacked, the individual hijacking the account changed the password of the established User of that account, were the rightful owner could not take back control of the account.  He then reports it to a sysop with information that verifies the account, but that information needs confirmation.  In my opinion, blocking the account, with notification on the User’s page, hence my reporter vs. reportee comment, would be warranted.  Thanks. ShoesssS Talk 17:46, 5 October 2009 (UTC)
 * Your reply only confuses me more. — neuro  18:16, 5 October 2009 (UTC)
 * I don't write down passwords. I don't walk away from public computers while logged in. But some people do. In any event, in the hypothetical (which ShoesssS says is a real live example) an account is hijacked. If the information is credible, ShoesssS thinks the account can be blocked without prior notice, and I think so too. Emufarmers finds that decision perplexing. I've tried to explain why it isn't obvious to me that a CU is in order. I'm lead to understand that CU is a serious issue, not to be undertaken lightly. If someone informs an admin that an account may be compromised, I don't see it as obvious that the next step is a CU.--  SPhilbrick  T  18:39, 5 October 2009 (UTC)

There are many things about WP that sound odd on their face, but when one understands the policy, they make perfect sense. Maybe this is one, but I don't yet see it.
 * Who better to edit an article about a company than a company employee? Oops, bad idea, and the policy makes sense.
 * I'm uploading this image, it was taken by my father, so it's OK. Oops, bad idea, and the policy makes sense.
 * I'd like to release copyright for this work, but only within Wikipedia. Oops, bad idea, and the policy makes sense.
 * This account may have been compromised, so could you block it please? Oops, apparently a bad idea, but I have no idea why this is. Any admin should know the right answer, but I've yet to hear a coherent explanation. -- SPhilbrick  T  18:40, 5 October 2009 (UTC)
 * One of the misconceptions that many people believe is that policy and guidelines are written in stone and are gospel and cannot be deviated from.  However, policy and guidelines are just that, “Guidelines” on how a majority of situations or circumstances should be handled.  But, just like real life, there are always exceptions to the rules.  In fact Wikipedia has a policy  that states just that Ignore All the rules.  Just as an example let’s take your first two circumstances.  The first one, where an employee of a company that has an article here on Wikipedia starts to edit that company’s article,  The first knee jerk reaction is that this is a Conflict of Interest and should not be done.  However, if you read the policy on this situation, you see that this is not the case.  In fact, if that editor contributes in a  Non-POV point of view, that is perfectly acceptable.  In you second example regarding an image and a contested ownership of that image.  In fact you may use a copyrighted image in some circumstance as explained under a policy called  Wikipedia:Non-free content criteria.  So as you see, though policy and guidelines are useful to follow in a majority of situations they are not the end all and be all for every situation.  Each individual situation stands and falls on their own individual merits.  Hope that helps. ShoesssS Talk 20:13, 5 October 2009 (UTC)
 * I suspect in many cases, if a company employee edited a page about that company, it would not be contested if the edits were reasonable and NPOV. However, get into a dispute, and have one editor claim their edit should prevail because they are an employee, and watch how fast they get reverted. My advice to such people is to propose changes on the talk page and let uninvolved editors make the call. However, my point is that policies that sound counter-intuitive at first are often grounded in solid thinking. It does make sense to accept the edit of an uninvolved person over an employee in the case of a dispute. In the present case, you made an argument for blocking someone without prior notice. I thought your argument made sense. However, someone else calls the decision "perplexing". I'm trying to understand what rationale there is for that conclusion. I think the call was wrong, but I grant that there are other cases where one's first reaction isn't the right reaction, and I'm wondering if this is one of those cases. In short, I thought you made the right call, and I'm trying to understand why it might not be the right call.-- SPhilbrick  T  21:13, 5 October 2009 (UTC)
 * Ah, rational of each individual. If you ever figure that one out, let me know!  We’ll both make millions.  The one thing to remember, especially here on Wikipedia, is that you are dealing across not only multiple mind-sets of opinion, but also multiple lines of culture.  What one individual finds as a friendly gesture, such as shaking hands, another finds offense.  (see Muslim greetings). The only advise I can offer in situations is to be yourself. If you are right, you are right.  Even if it goes against popular opinion.  If you find you are wrong, admit it - apologize, and move on.  The most important part is to do is what; “…you think is right”, and let the chips fall as they may.  Good luck to you!  You are definitely on the right track….always question.  Take care. ShoesssS Talk 22:50, 5 October 2009 (UTC)

What I have blocked without warning: rogue robot, ip hopping vandals that had been warned on another IP (and confirmed behaviour), email harassers (who were clerly some kind of sock), and sockpuppets. Graeme Bartlett (talk) 23:19, 5 October 2009 (UTC)
 * LOL…That is what always amazes me about Wikipedia, for every situation I think have all the answers for (Yes Pun intended), someone finds a way to get around them :-) Seriously, thanks for the information, I will remember it! ShoesssS Talk 23:26, 5 October 2009 (UTC)
 * I see no pun. :| — neuro  12:58, 6 October 2009 (UTC)


 * Remark on password security Writing down your password and keeping it in your wallet (w/ only cryptic association to the site it's for) is an excellent idea if your memory is not good enough. It is definitely preferred to: writing down your password and sticking it on your monitor/leaving it on your computer, using a trivial easily guessed password, constantly forgetting your password and having to invoke the reset, or the worst and most common offender: re-using the same password across dozens of websites. The reason is simply that while your odds of having your pocket picked are pretty low in most modern countries, the odds that you will face electronic attack are relatively high. The odds that some site on which you have registered will be hacked are excellent. Password reuse, trivial passwords, and leaving passwords where they can be easily associated with your account, are the major no-nos. Ray  Talk 14:37, 6 October 2009 (UTC)