[07:59:13] [discord] https://testwiki.wiki/wiki/Special:Contributions/DisambiguousMonths [07:59:30] [discord] someone took out my advanced rights but not my filter permission πŸ’€ [07:59:39] [discord] @Stewards : any user removed you're crat's and sysop privileges πŸ₯Ί [08:00:04] [discord] you can do it since you are active [08:00:20] [discord] @codenamenoreste : This user is a clear vandaler and misuse oh his privileges [08:00:31] [discord] Just restore my rights please [08:00:36] [discord] I will block them [08:00:40] [discord] I'm NSS and IA only [08:00:55] [discord] At this time they remove my right also [08:02:40] [discord] πŸ₯ΊπŸ₯ΊπŸ˜­πŸ˜­ [08:02:40] [discord] https://cdn.discordapp.com/attachments/1120379200893890762/1328997771616981052/Screenshot_20250115_133217_Edge.jpg?ex=6788bd20&is=67876ba0&hm=5f09b609c97f27008d844d4837c2b086490ec891a7bb139a8e9fc3ee34da4581& [08:03:16] [discord] there's nothing I can do [08:04:58] [discord] @codenamenoreste : [08:04:58] [discord] https://testwiki.wiki/wiki/Special:Contributions/DisambiguousMonths [08:05:04] [discord] what about my rights? [08:05:13] [discord] I blocked them for indefinitely [08:06:48] [discord] they unblocked themselves again uh oh 😳 [08:08:15] [discord] do not grant them ANY right at the moment [08:09:25] [discord] @Stewards we have an emergency regarding a right removing vandal [08:12:26] [discord] @codenamenoreste : I blocked them again but they blocked me 😭😭 [08:13:28] [discord] @Stewards and @Moderators : This is critical emergency an vandaler removing all other user crat's and sysop and blocked πŸ₯ΊπŸ₯ΊπŸ˜­πŸ˜­πŸ˜­ [08:14:45] [discord] @justarandomamerican WE HAVE AN EMERGENCY REPEAT WE HAVE AN EMERGENCY ‼️ [08:20:27] [discord] Done more time I do not have now I will look again later in the day. [08:20:49] [discord] @drummingman : plz unblock me [08:20:50] [discord] https://testwiki.wiki/wiki/Special:Contributions/Bhairava7 [08:20:51] [discord] 😭 [08:20:52] [discord] I can re-assign the user rights to the affected users [08:21:07] [discord] OH DEAR LORD [08:21:24] [discord] @codenamenoreste : plz unblock me 😭 [08:21:29] [discord] https://testwiki.wiki/wiki/Special:Contributions/Bhairava7 [08:21:52] [discord] I don’t even have sysop and crat so there's nothing I can do ☠️ [08:22:45] [discord] unless @drummingman can restore my rights first [08:24:18] [discord] @drummingman : Need to supress his miususe of right changing log due to not need to view the general public? [08:29:02] [discord] I thought this would be a simple action, but was easily one of the worst decisions to make, and we should restrict giving bureaucrat rights to only stewards [08:32:06] [discord] @bhairava7 do you mind if I convert to a bureaucrat action from suppressor block? [08:35:31] [discord] Strong support [08:36:53] [discord] @codenamenoreste : I thought need to hide special log/useright changed by DisambiguousMonths? [08:37:05] [discord] @codenamenoreste : I thought need to hide from public view special log/useright changed by DisambiguousMonths? (edited) [08:37:24] [discord] @drummingman πŸ‘† [08:38:19] [discord] I will look later today [08:38:46] [discord] @justarandomamerican can you handle it? [08:38:49] [discord] Listen, I had to revoke their talk page and email access as another bureaucrat action because of their egregious vandalism to users [08:39:09] [discord] I wasn't awake, someone remove rights from massive amounts of people? [08:39:20] [discord] Indeed, [08:40:09] [discord] Can you cu do and further actions [08:43:33] [discord] @justarandomamerican : Need to supress useright log of more user that privileges changed by DisambiguousMonths. [08:45:26] [discord] Unnecessary [08:46:25] [discord] And https://testwiki.wiki/index.php?title=Special:Log&logid=58796 that was suppressed for some reason? [08:50:04] [discord] Unsupressed by justa! [09:16:28] [discord] No signs they were a vandal in the past. [10:15:57] [discord] looks to be a normal user simply gone rogue [11:12:51] [discord] wow sorry everyone [11:12:56] [discord] Just awoke to chaos [13:11:22] [discord] As a rule, do not suppress logs unless you absolutely need to [13:11:46] [discord] Doing so makes investigation and audit harder than it needs to be [13:12:36] [discord] I don't understand people hiding or suppressing stuff that isn't pii or highly extreme [15:17:54] [discord] Is a Wikimedia LTA [15:18:39] [discord] CU research has shown that [15:19:14] [discord] LTA = Long term abuse [15:20:58] [discord] How that They are LTA at WMF..πŸ€” [15:21:03] [discord] Yeah, in my opinion Wikimedia activity may count under LTA [15:21:12] [discord] For example Piccadilly [15:21:15] [discord] Of course! [15:21:48] [discord] Who by the way has now left the test Wiki Server, giving the implication that they refuse to elaborate on their ban [15:22:16] [discord] However I’ll leave that to the ongoing community vote regarding their appeal [15:22:17] [discord] It could be possible LTA at WMF..πŸ€” (edited) [15:24:44] [discord] They use open proxys and I see that IP addresses as LTA, s marked blocked on wikimedia sites. [15:24:56] [discord] I removed them. [15:25:10] [discord] oh okay [15:25:18] [discord] thanks for clarifying [15:25:59] [discord] also what do you guys think of adding securepoll to testwiki for community discussions? [15:26:09] [discord] there's already an active proposal at https://phabricator.testwiki.wiki/T117 [15:26:15] [discord] hmm [15:27:05] [discord] however i would recommend that usage of all extension features is restricted to stewards to control the "validity" of the discussions [15:30:00] [discord] We need to check first new user and its other wikimedia or miraheze central auth and it's activity then I'll need to thinking to grant advance permission for testing. [15:30:25] [discord] We need to check first newly user and its other wikimedia account or miraheze central auth and it's activity then I'll need to thinking to grant advance permission for testing. (edited) [15:31:51] [discord] To understanding They are not facing current block on the wmf other projects. [15:45:20] [discord] How I was misuse of our advanced privileges of mine? during making block of this user (DisambiguousMonths) is very hard without crat's but I was managing with Supressor tool for making their block. But They are questioning me and blocked me on the grounds that I misused my privileges, although I successfully blocked them again after they blocked me. [15:45:21] [discord] https://testwiki.wiki/index.php?title=Special:Log&logid=58754 [15:47:13] Hey everyone! Checking to see if me IRC connection works. [15:47:26] [discord] It does. [15:47:57] [discord] yea it works thankfully [15:48:03] [discord] No, that was not abuse, that was an emergency where you were allowed to intervene as far as you could. [15:48:42] you intervened to the best of your ability [15:52:43] [discord] it is important to distinguish usage of open proxies used by ltas from ip connections that are hallmarks of specific ltas [15:53:13] [discord] the former provides nothing useful while the latter may be effective in drawing conclusions like a specific vandal indeed being a wikimedia lta [15:55:06] justa has just proposed that only stewards have the right to remove bureaucrat rights [15:55:25] i think this is a good first step and has my support [15:55:51] [discord] that is a substantial inconvenience in operation for a rather rare incident [15:56:19] [discord] just as a rogue bureaucrat cannot remove other bureaucrats at that point, a rogue bureaucrat doing other actions could not be removed by a legitimate bureaucrat. So you're just deflecting the possible damage surface [15:56:44] i get where youre going with this [15:56:59] [discord] point taken [15:57:13] lets see how the proposal goes in the eyes of the community [15:57:13] [discord] I'll withdraw the proposal [15:57:16] [discord] I haven't registered on testwiki because I do not have testing business there but since I appear often enough to opine maybe I should just register anyway [15:57:23] we can always work on new solutions anytime [15:57:24] [discord] well, it's not a bad thing to discuss [15:57:32] [discord] alright then [15:57:34] [discord] it's just that the disadvantages should be taken serously [15:58:13] [discord] let me see where it's at since if it has no engagement/support then it could be withdrawn without consequence but if it already has support or interaction, it should be allowed to proceed [15:58:42] [discord] if vancity withdraws then it would make sense to pull it [15:58:45] while this solution of only allowing stewards to remove crats (per justa) makes sense now in the long run it could become an inconvenience [15:59:03] [discord] does it make sense now though? the issue applies now as it would later [15:59:09] fair enough [15:59:12] withdraw [15:59:15] [discord] it only makes sense to deter one specific form of abuse [16:00:52] point taken - withdrawn [16:01:09] [discord] the newly registered account is indeed me [16:03:10] [discord] Ok! [16:20:18] [discord] @raidarr can u unblock me so i can dm you [16:29:53] [discord] πŸ’€ [16:35:15] [discord] I will need to know what you are messaging about [16:35:33] [discord] the block was issued because you did not have boundaries and were prone to sending messages and deleting them, which I do not have patience for [16:36:16] [discord] there is something that was made about you that i wish to share in dms upon being unblocked i wont delete messages [16:36:27] [discord] not necessarily for the occasional abusive conduct which regular people would have probably blocked for as well [16:36:52] [discord] I will give one chance and take your message as a promise [16:38:56] i see that justa withdrew his request about the management of crat rights [16:41:31] [discord] i dont see a point in restricting it like Fandom [16:44:29] [discord] Or like the Miraheze Public Test Wiki [16:44:34] [discord] Simply unnecessary [16:45:20] [discord] for eamples if the group was givien to the wrong person it would need to be removed asap [16:49:23] and stewards aren't always available [16:51:56] [discord] technically miraheze is in between on the subject as it doesn't allow removing co bureaucrats by default, but that is extremely simple to change [16:52:15] [discord] either way stewards can intervene and generally any damage that may be done either way is easily reversible, though it might be tedious [16:52:40] [discord] but again, a rogue bureaucrat that can't be removed by others is equally capable of doing tedious to reverse damage as one that can remove others [16:52:59] [discord] this risk will come with the territory of any project that freely hands out rights like bureaucrat [16:53:25] yes wikis like the Miraheze PTW are probably also aware of the risks [16:53:55] "a rogue bureaucrat that can't be removed by others is equally capable of doing tedious to reverse damage as one that can remove others" this pretty much sums it up for me [17:04:54] Big thanks go out to everyone who helped recover Test Wiki during these raids [17:05:07] your help is greatly appreciated ;) [17:21:40] [discord] The stewards can almost always intervene, at worst, the rogue burocrats have a few hours of free time. You could give to the NSS the right to remove and grant burocrat right and be able to unblock themselves that way more people are able to intervene in the [17:23:45] [discord] The stewards can almost always intervene, at worst, the rogue burocrats have a few hours of free time. You could give to the NSS the right to remove and grant burocrat right and be able to unblock themselves that way more people are able to intervene (edited) [17:24:33] [discord] I reiterated my position in the portal discussion and offered another concept, which will add complexity but also reduce the extent of possible damage without complicating everyday business too much [17:24:51] raidarr dont forget to request rights in testwiki [17:25:06] thats if you would like them in the first place [17:27:25] [discord] After all, bureaucrats cannot revoke NSS user right [17:29:15] that too is a good idea [17:29:32] considering Non-Steward Supressors are trusted people appointed by consensus [17:31:11] [discord] @justarandomamerican What do you think of that idea? [17:32:42] [discord] I think there should be a separate group for such things; something like a Trusted Bureaucrat group with steward approval/ the consensus of at least 2 other Trusted Bureaucrats [17:32:53] [discord] I think there should be a separate group for such things; something like a Trusted Bureaucrat group with steward approval/ the consensus of at least 2 other Trusted Bureaucrats for appointment (edited) [17:33:15] or just give NSS holders the ability because they are more trusted (handling of confidential supression data) [17:33:26] [discord] the only right I am interested in is one that spares me the nonsense of hcaptcha [17:33:49] [discord] unless I come up with something specific to test I'm not sure any other would be needed [17:33:50] [discord] you need to Also Spacify what permissions this group will have [17:34:18] [discord] temporary confirmation seems close enough to what I'm thinking of [17:34:32] [discord] I can give you confirmed user for a day hang on [17:34:48] [discord] I feel that this recent issue is going to be a rarity and that this is again to rash of a decision and that this permission will pretty much go unused. [17:34:54] [discord] if I might request a week perhaps as I don't know if I will find enough things to do within that span [17:35:20] [discord] Alright [17:35:27] [discord] a 'trusted bureaucrat' type permission, which would work under stewards as autopatrolled does with admins on regular wikis, would not see a lot of use for sure [17:35:41] [discord] however it would be a safety net with little risk and potentially strong benefit in case of targeted abuse [17:35:48] [discord] so let me make this clear the idea is to make a new group called trusted Crate that can add and remove such said group? [17:35:50] [discord] yes, exactly [17:36:08] [discord] so let me make this clear the idea is to make a new group called trusted bureaucrat that can add and remove such said group? (edited) [17:36:15] [discord] writing up a summary - one sec [17:36:30] [discord] I am going to make a draft for such a group [17:36:32] [discord] now to be fair that autopatrol comparison doesn't mean a lot because it brings actual powers to the table [17:37:01] per stewards these are the 2 current proposals - we either give crat management to NSS-approved users (proposed by drummingman) OR a new "Trusted Bureaucrat" user group is created, in which peeople with steward approval or 2 existingt Trusted Bureaucrats are added. What do you all think would be the better option in the long term? [17:37:19] [discord] I don't like how autopatrolled is usually approached and when I have enough pull over wiki permissions I usually delegate it permissions which are commonly abused; on reception wikis this is move rights as inappropriate page moves are very common in that space [17:38:00] [discord] so the logic for testwiki would be to delegate a 'safety net' permission is assigned on steward trust very carefully, cannot be requested and hopefully will not be used often [17:38:45] i would also like to propose the SecurePoll extension is added into Test Wiki allowing Stewards to host controlled votes directly on Test Wiki. [17:38:47] [discord] there could be merit to having it not necessarily bound to bureaucrat in case there is a user with good security practices who is often inactive but could for example be reached on discord. Perhaps if doug's stewardship expired by inactivity, but the stars aligned and he happened to show up for an incident [17:39:01] [discord] To be completely honest, I feel this is unnecessary. This has been the first issue I’ve seen with the system in the multiple years I’ve been on the site. [17:39:33] (replying to globe) would you just leave the system the way it is? [17:39:57] [discord] unfortunately abuse ever evolves and innocence is broken on the first incident. There are multiple people with records of long term abuse who monitor both the wiki and probably the discord server, and they will know it is a viable avenue now. It's not something that needs a lot and not much will change if nothing does happen, but it is worth considering because of this factor. [17:39:58] [discord] If it was simply up to me, yes [17:40:26] " per stewards these are the 2 current proposals - we either give crat management to NSS-approved users (proposed by drummingman) OR a new "Trusted Bureaucrat" user group is created, in which peeople with steward approval or 2 existingt Trusted Bureaucrats are added. What do you all think would be the better option in the long term?" [17:40:37] the third option is simply to leave everything be as-is [17:41:11] [discord] why not add managewiki to testwiki? [17:41:17] [discord] yeah no [17:41:24] [discord] coco please stop [17:41:25] [discord] largest abuse vector you could possibly have [17:41:58] [discord] NSS is a bit of a strange right to have that sort of backdoor built into and a trusted bureaucrat group would be semantically correct, but globe is onto something that it would add complexity and not make too much of a difference. So people will have to weigh if that peace of mind means something or doesn't make much of a difference. [17:42:00] [discord] anyways why not just have admin and trusted bureaucrat [17:42:03] [discord] I'm fairly neutral about it [17:42:16] [discord] coco please stop interrupting the current conversation with random ideas that have been declined multiple times prior (edited) [17:42:31] [discord] bureaucrat is a silly right to assign lightly anyway, it doesn't test much beyond administrator access [17:42:49] [discord] remove bureaucrat) and decrease to trusted bureaucrat and admin [17:43:26] [discord] a test wiki cannot give bureaucrats the access worth testing and therefore its purpose is to be a slightly senior tester, which isn't how the current granting of access works. I have the same scruple with how miraheze ptw functions [17:43:41] [discord] If we were to do something, the NSS proposal would be my pick (second choice to doing nothing). It avoids creating another right but also provides a solution [17:43:59] [discord] so coco is onto something if it's modified and testwiki were to change its approach, which might be a bit much for this conversation [17:44:17] [discord] but it wouldn't make sense to remove bureaucrat and add trusted bureaucrat, it would just change the expectations of bureaucrat [17:44:48] [discord] if youare going to add a new group atleast one should be removed ) [17:44:55] [discord] being more discerning in granting bureaucrat would probably solve the problem and not require any other angle that's been discussed [17:44:59] [discord] no. Not how it works [17:45:36] [discord] i just counted 22 groups [17:46:15] [discord] no. (edited) [17:47:37] [discord] while its fine to have groups 22 is unnecessary when admin and crate already has majority of these permissions [17:48:21] [discord] the purpose of those groups is the thing here [17:48:41] [discord] if they all serve a clear purpose it is not responsible to ditch them, athough seeing if some can merge wouldn't be a bad idea [17:49:18] [discord] Translation admin is the only group that doesn't serve a clear purpose; all admins automatically have those permissions [17:49:30] [discord] nor does chat moderator [17:49:37] [discord] no one uses the chat [17:49:41] [discord] true. [17:50:15] [discord] not that nobody uses chat, that's not the point, admins already have the permissions of the chat moderator [17:50:42] [discord] patroller is already in admin/bureaucrat [17:51:23] [discord] Most of these permissions here are either granted automatically or included in Administrative eighths [17:51:29] [discord] Most of these permissions here are either granted automatically or included in Administrative rights (edited) [17:51:56] [discord] ^^ [17:52:30] [discord] someone should probably make a proposal to remove the following: auto checked user, patroller, chat moderator, and translation administrator [17:52:39] [discord] those are the 4 that serve no clear purpose [17:52:44] [discord] but we digress [17:53:22] [discord] i cn pob write it later [17:53:31] [discord] I'll go ahead and make the discussion for what we should do about this abuse. [18:10:38] [discord] note that for that rfc regarding that abuse I strongly object doing nothing [18:10:57] [discord] that can be expressed at launch time I'm sure [18:31:05] [discord] it's only when someone grants a rogue vandal crat rights then that becomes an emergency and then the damage will be done [18:32:33] [discord] the damage depends on other bureaucrats being capable of responding first, or if not, the ability of stewards to clean up the mess [18:33:39] [discord] but they took out everyone's single rights [18:33:56] [discord] I'm in favor of options 2 and 3 for that [18:34:00] [discord] either stewards will have less of a mess to clean up because other bureaucrats got in line first, or the rogue is still a bureaucrat and may potentially use solutions to make it difficult for legitimate bureaucrats to keep order. If the rogue bureaucrat tackles every other bureaucrat's rights, everything they do is *still* reversible, and there was a chance of someone else taking them out first. [18:34:21] [discord] it would be an inconvenience if it happened again doing nothing, but it would not be more than a temporary inconvenience [18:34:23] [discord] but no steward was active at the time they were at their peak [18:34:36] [discord] the issue is long long already resolved, steward response time is not horrible [18:34:52] [discord] and if that was an argument then one could argue there would still have been the chance of a legit bureaucrat wiping them out first [18:36:32] [discord] I do think it is preferable to have some safety net role for more people than just stewards to intervene if all other bureaucrats are indeed taken out, however if that is not enacted then any damage is still reversible in a reasonable period of time. [18:36:44] [discord] Perhaps at that point it will also be cause to reconsider granting bureaucrat so liberally in the future. [19:28:35] FWIW there was a similar incident on PTW fairly recently [19:30:35] err well Dec 10 so more like a month ago [19:30:53] with user:LocalSettings.php [19:31:28] they did some of the same stuff with demotion and blocking [19:34:49] [discord] @macfan4000 what do you think is the best thing to do? πŸ™‚ [19:38:46] Considering that this is the first incident of such a scale, I'm not sure we need to change anything at this point, if this were to start happening more, then maybe [19:49:42] [discord] ^ [19:58:56] [discord] Strong support per macadam [19:59:03] [discord] Strong support per MacFan (edited) [20:13:03] [discord] Just a note that any official !votes must be left on wiki [20:14:21] [discord] Hello guys, this is Username. [20:14:48] [discord] I was planning on faking this identity as another person [20:15:00] [discord] But now I don't really want to do that [20:15:27] [discord] But I did create this account to have another fresh start [20:16:04] [discord] Because of the system's problems that occurred on my old account, Amos [20:16:11] [discord] I hope that's okay [20:17:09] [discord] For now, I won't ask for admin permissions, because of time management [20:19:32] [discord] If you are blocked you are ban evdating I suggest you leave now to avoid trouble [20:19:59] [discord] But I blocked myself [20:20:03] [discord] Ah ok [20:20:10] [discord] Yeah [20:20:11] [discord] Welcome back [20:20:25] [discord] Thanks, I truly appreciate it! :) [20:20:34] [discord] You can request ur account to be unblocked [20:21:04] [discord] No, it's okay. Those former accounts of mine belong to the past now :P [20:22:14] [discord] As for Piccadilly, I noticed she was blocked [20:22:27] [discord] Anyhow, as for Piccadilly, I noticed she was blocked, again. (edited) [20:23:38] [discord] I wish I could help her, not to disrupt this project anymore. But ultimately, she and her free will decide what to do to this project.