Wikipedia:Village pump (idea lab)

From Wikipedia, the free encyclopedia
  (Redirected from Wikipedia:VPD)
Jump to: navigation, search
  Policy   Technical   Proposals   Idea lab   Miscellaneous  
Shortcuts:
The idea lab section of the village pump is a place where new ideas or suggestions on general Wikipedia issues can be incubated, for later submission for consensus discussion at Village pump (proposals). Try to be creative and positive when commenting on ideas.
Before creating a new section, please note:

Before commenting, note:

« Older discussions, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15


Centralized discussion
Proposals: policy other Discussions Ideas

Note: inactive discussions, closed or not, should be archived.


Twin towns add to infobox[edit]

Dear Wikipedians, should we add twin towns to infoboxes? This would create a common format for recording these connections. I imagine this would take some consensus building among editors? I'm scraping all the twin town data - trying to cover all the different formatting rules, so could provide dataset for scripted update to infoboxes. Anyway, something to think about/discuss...Reviewing the various lists for twins shows different countries and areas have used different formatting rules. Some use tables, some more free form lists. Within the town/city main articles there are also different section titles and ways to describe twin towns. If this info is in the infobox it will be picked up more readily by dbpedia and wikidata allowing more interesting data analysis such as this https://www.flickr.com/photos/29266908@N02/15846030356/ just an idea...I've never discussed an issue here and not an experienced editor so positive comments much appreciated, thank you --Fozy81 (talk) 20:16, 26 November 2014 (UTC)

Interesting idea. I'll tell Wikipedia talk:WikiProject Cities. Oiyarbepsy (talk) 15:28, 5 December 2014 (UTC)
Please! No! "Twin towns" is fairly nonsensical at the level that they are made. "Podunk, Iowa is "sister" with Lop Peng, China." Pretty much as far as it goes. Somebody from one place visits someone from the other from time to time. This may "sound pretty" to someone, but means absolutely nothing. Which is why it shouldn't go into the info box which does have some actual significant facts in there that actually mean something. The intent of "population", "area", etc. are not to beautify or make someone feel good, but to inform.
Would be much more informative to totally discard useless information like this in order to emphasize the useful information that remains. Student7 (talk) 18:19, 11 December 2014 (UTC)

Paying admins[edit]

I propose that we set aside a section of Wikimedia Foundation money to pay admins to recognize their highly significant and beneficial contributions to Wikipedia. Jinkinson talk to me 19:16, 30 October 2014 (UTC)

This makes sense, in my opinion, because I think those who help Wikipedia be the wonderful repository of information it is today should be rewarded. It also fits in with the extremely close scrutiny people must face to become an admin already, which makes it somewhat like applying for a job anyway. Jinkinson talk to me 19:18, 30 October 2014 (UTC)
That will only lead to corruption. Being an admin is already a privilege exploited by many. Real life politics should set a pretty bad example. FunkMonk (talk) 19:24, 30 October 2014 (UTC)
You do realize that there are approximately 6000 admins on the Wikimedia projects, right? This would cost quite a lot of money, and would have substantial effects on what kind of people try to become administrators. --Yair rand (talk) 19:25, 30 October 2014 (UTC)
How would you set the pay scales? Is it to be an hourly rate - or a set amount per admin action? Both are open to corruption - I could spend twenty minutes weighing up the arguments for and against at an AFD, and then claim that it took two hours; or I could spend a happy half-hour in wanton protection, deletion, or blocking, just to pad the invoice.
Then there is the issue of currency: assume that everybody is paid in Uncle Sam's Bucks. In some countries, one USD buys a lot more than one dollar would get in NYC or LA. There are a lot of admins not in the USA; do these get the same rate as somebody who is living in the USA? Alternatively, people could be paid in their local currency; there is then the exchange rate to consider, and these fluctuate. Let's say that I'm in Britain, and am paid in pounds sterling at a level set when there are 1.60 dollars to the pound. If the pound later strengthens to $1.76, Wikimedia need to pay me 10% more on their own scale so that I get the same amount on my scale. --Redrose64 (talk) 20:41, 30 October 2014 (UTC)

I'll take the bait. Admins aren't the only users who make 'highly significant and beneficial contributions' to Wikipedia. Plus, I'm an admin but my most important contributions were not through my admin actions, and by far. There's also that it's unfeasible, but it's already been stated. There's certainly a need of recognition, but not just for admins. A 'featured editor' in the Signpost would be a better idea, but it's not without issues either. Cenarium (talk) 22:31, 30 October 2014 (UTC)

Even poor Stewards don't get money of their hard work... --Stryn (talk) 22:03, 4 November 2014 (UTC)

  • What about paying people for successful FA nominations if they contributed to a significant portion of the article? Everymorning talk to me 16:52, 14 November 2014 (UTC)
Wikipedia was created to provide free access to knowledge to everyone in the world. It is a volunteer service. No one is, can be, or will be paid for their contributions. See Wikipedia:Wikipedia is a volunteer service for more on this. TheGeneralUser (talk) 16:58, 16 November 2014 (UTC)
With all due respect, that's an essay, not a policy page, so it's not set in stone. Everymorning talk to me 16:36, 17 November 2014 (UTC)
I already get money for doing things I quite enjoy doing, but I would oppose this idea. Too many potential problems. Pay for time is unworkable, and pay per edit - well, just remember the comments at a very recent RfA about someone's editing history... Too expensive if a pay scale was adopted that actually benefited the recipients, and a waste of money if it didn't (because there would still be accounts staff working to distribute the peanuts and washers...). Peridon (talk) 22:14, 30 November 2014 (UTC)
Is there a problem finding people who want to be admins? Seems to me the problem is with people saying no to them, which this payment won't change. Maybe someone will hit on the idea of paying people for yes votes..... :) Wnt (talk) 02:41, 8 December 2014 (UTC)

Alternate idea: What about a one-time bonus upon being promoted to admin? Oiyarbepsy (talk) 02:45, 8 December 2014 (UTC)

Hmmmm, how about paying Lua coders? Or paying vandalism patrollers? Or paying vandals? (To "count coup" on vulnerable pages with silent tagging that people can fix rather than doing something visible, that is) Paying any of these other groups could actually get more useful work done, but paying admins doesn't mean more will promoted, nor that there is more admin work that should actually be done. Wnt (talk) 15:57, 8 December 2014 (UTC)
  • Oiyarbepsy, how about not having a bonus for passing RfA, and instead just making sure that admin candidates are mature individuals, have a sound sense of judgement, and plenty of experience, and giving them a decent hearing at RfA ? Kudpung กุดผึ้ง (talk) 16:34, 10 December 2014 (UTC)

Alternative COI template[edit]

In 2012 a German court ruling found that it was deceptive for someone with a financial connection to add promotional content to Wikipedia, because readers presume the information is crowd-sourced and independent, not a medium for covert advertising. Similar anti-astroturfing laws exist in the US that require readers know when they are reading information provided by someone affiliated with the company, as oppose to a crowd-sourced online participant.

I contribute quite a bit to articles where I have a financial connection, usually bringing them up to GA status and following COI best practices. I'm attending a conference right now that has a bit of a focus on the Federal Trade Commission's disclosure laws and I'm thinking about how there is still no way to provide a legally-required disclosure of my financial connection to readers on a page that doesn't have any actual problems that would require a COI template[1] (GA-ranked).

I'm not advocating for or against it, but wondering what the community reception is towards a small, tasteful disclosure to readers on articles that do not necessarily have any major content problems. A template that I might add myself to be legally compliant, as oppose to something contentious used to shame someone that contributed poorly.

CorporateM (Talk) 13:42, 17 November 2014 (UTC)

Hello, CorporateM. The conflict of interest policy states that "paid advocates are very strongly discouraged from direct article editing, and should instead propose changes on the talk page of the article in question." Please follow our rules. --NaBUru38 (talk) 17:42, 28 November 2014 (UTC)
Notice the difference between "discouraged" and "prohibited" and please don't imply that users are breaking the rules by something they are clearly allowed to do. – Philosopher Let us reason together. 23:34, 1 December 2014 (UTC)
The flip side here is that we get a lot of up-to-date material from people with pov. What I like to see, is them adding the material with a WP:RS as short as possible (okay have a problem with that last one). And then leave off editing til the rest of us have had a chance to edit it, leaving comments about our edits on the discussion page, if they don't like them. Even more than the rest of us, should they avoid edit wars. But a tired article can really get a boost from someone with a commercial interest IMO. Student7 (talk) 18:47, 4 December 2014 (UTC)
I think, it would destroy what Wiki about. See it here. Ochilov (talk) 11:24, 6 December 2014 (UTC)
This sounds way too close to a "this program was sponsored by..." TV ad. Wikipedia articles should not be slanted by corporations to the point where disclosure is required, and the fix for that is in the first part, not the second. Wnt (talk) 02:43, 8 December 2014 (UTC)

Using the NSA wayback machine[edit]

As the NSA stores the entire internet the proposal is to use WMF employee name removed contacts with the NSA (about the backdoors in the Wikimedia software) to fix the Wikipedia problem with link rot. It would be handy to have a sort of NSA extension for direct linking into the NSA database to saved versions of webpages. A sort of state funded wayback machine, similar to Wayback Machine - Internet Archive[2]. For Wikipedia the advantage would be to have a plan B if the current wayback machine would default, for the NSA there would be a gain too, running a public service that is usefull to common people, best cover you can imagine. Mion (talk) 17:44, 17 November 2014 (UTC)

{{smiley}} -- llywrch (talk) 01:12, 18 November 2014 (UTC)
We have backdoors? Darnit, nobody tells me anything interesting these days. Ironholds (talk) 17:26, 18 November 2014 (UTC)
NSA isn't able to store the entire Internet. Even if it could, the archive and this "proposal" have nothing to do with the so-called "backdoors" in our servers. Also, why is it WMF employee name removed, who was involved in several dramas recently, but not Jimbo Wales or other people at WMF? Sorry, but the wording and timing of this proposal make me question the OP's intention. Zhaofeng Li [talk... contribs...] 11:54, 20 November 2014 (UTC)
If you deploy around 100,000 people to work on your NSA system the storage costs for the internet is just a small part of the annual costs and storage costs are still declining at a fast rate. :) You can check my history if you want to question my intention or ask me.Mion (talk) 02:14, 22 November 2014 (UTC)
Okay; what leads you to (to my knowledge, falsely) believe that there are backdoors in Wikimedia software or that WMF employee name removed is in any way involved in our software development process directly? ;p. Ironholds (talk) 17:57, 24 November 2014 (UTC)
For in case you lived in a cage recently you can read Edward Snowden every big USA internet company is forced under secresy laws to comply, if Microsoft, Google, Apple, Facebook, Twitter are all in court to fight the laws layed upon them why would you think that a company the size of Wikipedia is not in that group ? As for who has the contacts, its prob someone who can send all personal on a teambuilding daytrip and hand the server room keys to some subcontractors. The problem you would face is that the person in question is not allowed under law to admit it, so make an A4 about the Wikipedia NSA waybackmachine extension, put it on all walls in the office and hope that the person in question will relay the request and it will all end in a positive outcome :) Mion (talk) 18:53, 24 November 2014 (UTC)
Okay... Here's the problem: how would a backdoor to Wikipedia benefit the NSA? They want to know when someone edits a file on the Wiki? They consult user > contributions. They want to know when a given person looks at a page? Well, the server logs will tell them the IP address the request came from -- but I doubt they can get access to the logs of the Wikimedia servers in Amsterdam that easily -- but these logs aren't kept for more than a few weeks, so the NSA needs to be collecting them on a regular basis, & if they've done so over the years, they have a mountain of hay to find a needle in. They want to know what people say on the public Wikimedia-related mailing lists? Those are over there --> They want to know what people say on the non-public mailing lists? (Yes, these do exist.) Well, if they know where the host is for the specific mailing list is, they could purloin it from there. In short, they don't need backdoors to Wikipedia: lots of information is there for the casual perusing -- as long as they can pair usernames & IP numbers to specific persons of interest. (And anyone with more than a casual knowledge of how the Internet can tell you that reliably pairing that data with specific people is not as easy as they make it seem on shows like The Blacklist. -- llywrch (talk) 22:02, 25 November 2014 (UTC)
In seriousness, I don't think they have that much power. LorChat 22:29, 25 November 2014 (UTC)
Yes, the login name of the editor is in the History tab from the database, and whats more handy than to have realtime access to the login logfiles to see which IP logged in under that name ? The login logfiles are not big , names, day and time stamp and IP, perfect for fast search. Section 215 of the US Patriot Act[3] back-doors are not only applied to US firms in the USA but also to assets they own in foreign countries (like Amsterdam). As it nicely states on Wikipedia:Why_create_an_account? "Edit without revealing your IP address (which can be used to trace your physical location) to the public." read that as we reveal your IP to all authorities. In 2007 the text about who could see your IP number was different.[4] Lets get these A4 posters printed :) Mion (talk) 14:47, 27 November 2014 (UTC)
That's a nice theory that only has four flaws. Flaw #1: the login logfiles don't actually link username to IP. Flaw #2: our entire codebase is open source. Flaw #3: the point the login message makes is that non-logged-in IPs are public. And, Flaw #4: I do IP-based geolocation for a living, and it's about as accurate as getting a map of the world and drunkenly flinging a dart at where some bloke in a pub said the user lived. Source: I'm the WMF traffic researcher and spend all day dealing with (1) our request logs and (2) the IP addresses within them. Ironholds (talk) 16:42, 27 November 2014 (UTC)
Flaw 1# lets keep it with the 2007 version Your IP address is still saved and accessible to users with Checkuser permission Flaw 2# Yes, the NSA has its own hard and software to zap databases and logfiles, declaring something about our own says nothing. Flaw 3. This discussion is not about non-logged in users. Flaw 4. I did some writing on geolocation in 2006, i think the flaw in it is that you relate your own experience with the experience at the NSA. Mion (talk) 01:29, 28 November 2014 (UTC)
As far as I know (read: from working with this data) that applies to edit and log actions, not to log-in actions. And I think your problem is that you assume anything possible, even the implausible, is plausible when done by the NSA. That's not how it works. Okeyes (WMF) (talk) 13:11, 1 December 2014 (UTC)
Although I think this in particular is far fetched, I should point out that what lots of people thought implausible for the NSA to do a few years ago, actually turned out to be true. Cenarium (talk) 13:37, 1 December 2014 (UTC)
  • "Flaw #2: our entire codebase is open source."
Is it? MediaWiki is (and yes, I've read it). I have no idea what WP runs on. It might be MediaWiki, it might be NSAWiki. It might even (trivially) be MediaWiki with the NSA_Snooper extension added dynamically. Andy Dingley (talk) 19:28, 5 December 2014 (UTC)

What is the point in this discussion? The direction it appears to be headed in is kind of confusing me. You think the National Security Agency stores the internet? What does that have to do with IP logs and whatnot? Dustin (talk) 01:37, 28 November 2014 (UTC)

You are right, the WMF could contact In-Q-Tel[5]] and ask them to provide help for the [wayback machine]-extension for direct linking into the NSA database to saved versions of webpages. The proposed fallback wayback machine. Mion (talk) 02:04, 28 November 2014 (UTC)
Let's get this straight.
  • NSA stores the whole Internet No, they can't.
  • Even if they could and had a "wayback machine", they wouldn't want the public to know, and of course they wouldn't allow the public to access it (Do they really want to cause another public outrage?)
  • Even if they allowed the public to access it, access would still be limited to public-visible parts of the archive (It would be illegal for us to access the private portions of the websites), which makes it no different from the existing archives. Anyway, it doesn't make sense for us to collaborate with a organisation that has a negative public image and (according to your "backdoor" claim) does harm to the security of our infrastructure.
  • Even if all above were true, the entire stuff has nothing to do with WMF employee name removed and the "backdoors" in our software. And how can you know WMF employee name removed has a relationship with NSA? I take your statement as an attempt to attack and defame WMF employee name removed.
  • After all, they have far better ways to access our users' data apart from injecting "backdoors". They are already tapping the wires, and can grab a SSL certificate of ours by simply asking our CA.
Zhaofeng Li [talk... contribs...] 03:24, 28 November 2014 (UTC)

Well, we could attempt asking for help, like this :D --NaBUru38 (talk) 17:45, 28 November 2014 (UTC)

I removed the groundless accusations that a WMF employee has connections with the NSA. This behavior is unacceptable. Oiyarbepsy (talk) 16:36, 5 December 2014 (UTC)
Also, see Wikipedia:Administrators' noticeboard/IncidentArchive865#Groundless accusation against WMF employee. Oiyarbepsy (talk) 16:41, 5 December 2014 (UTC)

New Wikipedia[edit]

How about English Fanon Wikipedia? There have been plenty of vandalisers adding made up content into articles, so if they could make this information up themselves in this Wikipedia, it might get rid of some.

Every image and template from this Wikipedia could be copied over so no re-uploading is required. 89.240.248.49 (talk) 21:47, 21 November 2014 (UTC)

Fanon? I might be from the wrong culture, but that's meaningless to me (and my spellchecker). HiLo48 (talk) 22:22, 21 November 2014 (UTC)
If only there was a place to look up the meaning of Fanon ;-) I didn't know it either but I assume it's about the meaning in
  • Fan-based fictional canon
The Internet already has plenty of places to post fiction. The attraction to vandals is to mess with the real Wikipedia. I don't think this would have any noticeable effect, apart from creating more places to patrol for legal issues like libel and copyright violations. PrimeHunter (talk) 02:05, 22 November 2014 (UTC)
Just an idea. 89.240.248.49 (talk) 21:01, 22 November 2014 (UTC)
Erm! a Wikipedia specifically designed for vandals to wreck? Is that a wise idea? I know, why doesn't a vandal create a whole new website called Vandalpedia, and then they'd have the playground they have always dreamed of. Wes Mouse | T@lk 21:20, 22 November 2014 (UTC)
One wikia is enough I guess. Internet is a place of knowledge and creativity not vandalism. Oh, Vandalpedia is hilarious-total mess. zlouiemark [ Talk | Contribs ] 02:59, 28 November 2014 (UTC)

Wikifiction - a new wiki where editors could write and collaborate on works of fiction. Is that the idea here? Oiyarbepsy (talk)

Log in with SSL and Textsecure[edit]

As the security of SSL (https://) is broken[6], see Bullrun [7] and BREACH [8] its time to wrap SSL into TextSecure against MITMA and SSL key snooping.
Secure.Login.SSL.Textsecure.WP.jpg

For the time beeing, next to normal login with SSL, the option Login with TextSecure depends on using a browser plugin.See [9]. Aldo Wikipedia is not Wikileaks and each contributed statement must be verifiable, see WP:VER, even contributing to a WP article in which you point to certain source may have consequences in certain countries and results in a timely visit from the state and in the best case, they just search your house. If for example WP would have an article on this [10] every editor would be of interest to lay consequenses upon. The proposal is for a start to enhance Login and Wikipedia:Flow with TextSecure and see where it goes from there. Whatsapp finished their end-to-end encryption implementation within a few months. Mion (talk) 03:54, 27 November 2014 (UTC)

We cannot rely on thrird-party plugins to be installed on an editor's computer. -- [[User:Edokter]] {{talk}} 09:16, 27 November 2014 (UTC)
Solution, make a WikipediaTextSecure plugin for the 3 major browsers, or have the 3 major browsers integrate basic support for the textsecure protocol. Mion (talk) 09:34, 27 November 2014 (UTC)
For a start without plugin, make a securetext login for CyanogenMod (android) as that seems the first to include the protocol, it seems Firefox OS and Linux will follow.[11]. Mion (talk) 09:46, 27 November 2014 (UTC)
Your solution for Wikipedia becoming more secure is for us to build and maintain security-based browser extensions? That's never going to happen. More importantly, the TS protocol is new enough that "not broken" doesn't mean "secure": it'd be a ton of effort for not necessarily any gain. Ironholds (talk) 16:59, 27 November 2014 (UTC)
No. SSL isn't broken; rather, some of its implementations are broken, and there's no guarantee that TextSecure isn't broken just as much, if not more. Jackmcbarn (talk) 23:14, 27 November 2014 (UTC)
There are no guarantees in life but TextSecure is open source and reviewed by the top of encrypto and the software stack itself is the best you can get at the moment in the public market (and for free) and yes security depends on more elements. SSL/TLS faces a similar problem as the email protocol it cant handle or protect against the current methods available on the internet. Even if you make the best implementation of a TLS its approach is based on the internet in 1994, (yes, that was 20 years ago) and as such it is not secure at all.Mion (talk) 01:07, 28 November 2014 (UTC)
Yes, it's sighted by security experts, but that doesn't mean it's proven. SSL is. Zhaofeng Li [talk... contribs...] 03:28, 28 November 2014 (UTC)
I suppose you mean the SSL interception business is a proven technology ? [12], ProxySG, [13], [14], for another example read kwalliso.Mion (talk) 23:09, 28 November 2014 (UTC)
They all require injecting a trusted certificate into the client, which has been done for ages in offices, schools and the like. It does not mean SSL itself is insecure. Moreover, the same thing can be done to TextSecure. Zhaofeng Li [talk... contribs...] 00:17, 29 November 2014 (UTC)
Sure, certificates can be an issue, but on state level it might be enough to intercept the first packages and make the WP servers believe they communicate with IE8/XP, the result would be No FS No SNI TLS 1.0 TLS_RSA_WITH_RC4_128_SHA (0x5) RC4 128, (the current response from the WP server, RC4 is known from WEP) anyway, to get back to end-to-end encryption maybe an idea to include Surespot [15] to WP Mobile editing ? Considder seeing an edit as an internet message (like chat) :) Mion (talk) 02:48, 29 November 2014 (UTC)
Some points:
  1. Text secure in browser's own authors state: "This is very early stuff and exists primarily to get the crypto in place. This does not currently work, dont bother trying to use it seriously yet". That's the polar opposite of tried and true security.
  2. Given its a browser plugin, that means we'd have to still support clients that don't have it, in which case one would (probably) have to rely on TLS to get it to the browser, so if TLS is broken than an adversary could just intercept the connection and remove the plugin, and thus having it doesn't actually prevent a TLS is broken attack (Maybe? I'm a little unclear on how precisely its proposed such a thing would be used, or how precisely the plugin works).
  3. Contrary to popular belief, TLS is not (as far as we know) broken when used properly. Its had it slightly rough recently, but that's not entirely a bad thing, it means people are checking it carefully.
  4. The cardinal rule of cryptography are generally: Never roll your own (including avoid using existing solutions in novel ways) and only use things with long-term proven track records. This doesn't really have the track record (yet)
  5. "but on state level it might be enough to intercept the first packages and make the WP servers believe they communicate with IE8/XP" - no. TLS has protection against cipher downgrade attacks. In order to pull that off, you not only have to intercept but you would have to be able to break 2048 bit RSA in real time [I believe, based on skimming RFC 2246, since in the case of TLS 1.0 TLS_RSA_WITH_RC4_128_SHA the pre-master secret would be chosen by client, encrypted with server pub key, sent over - and then hashed with what the client said the ok protocols were to form the master secret. Thus for an adversary to downgrade to RC4 by actively intercepting packets, they would need to be able to go in the middle of the connection since the client and server would calculate different master secrets. To do that, they need the pre-master secret (which is encrypted with the server's public key), which they can only do if they can break rsa-2048 in real time, or if they have a fake certificate that the client finds acceptable. If they could do either of these two things, then they could just do a standard MITM.] (As an aside that's not really relavent, it should be noted out that our sites do not work without SNI (AFAIK, haven't tested))
  6. Surespot: Reading [16] doesn't exactly inspire confidence (Seems like there's quite a bit of trust in the central server. Although that could just be that their technical details are not being precise enough). I'm also not sure how it really applies here.
  7. If the adversary you are concerned about is the secret police of some facist government, then end to end encryption is not the right solution. Encryption hides the contents of the message, not that there was a message. This is especially problematic in the case of wikipedia where the timestamp of every edit is available. All the secret police have to do (assuming they can passively monitor your connection. Probably the case) is get a list of all the times of all the edits made by the pseudonym, check to see who sent a message to Wikipedia at those times. This is probably enough to uniquely identify you. If it isn't, then also factor in the size of the requests to wikipedia (Because page sizes are easily discoverable), and it definitely enough to track you down. If you want to defend against this type of adversary, convince the Wikipedia powers that be to allow TOR (There's even systems that take in account the potential for vandalistic abuse! [17])
  8. If you're more worried about password security and someone compromising your account, an approach that is more likely to yield better effective security, would be to convince people to (optionally) allow two-factor auth and client TLS certificates

Bawolff (talk) 05:11, 30 November 2014 (UTC)

I think they need to update their websites as both Open WhisperSystems and Snapchat have a downloadable implementation which is not browser based but for Android and IOS for now. Wrapping up TLS in Textsecure has another advantage, beeing that for every edit/message a new key is generated, you can break one message, but have to do it for every next message/edit too, instead of breaking it once and reading it all. When it comes to security one should not assume it is not broken. 3. As OS and browser are spoofed the WP server has no knowledge about cipher downgrade, it will communicate on the highest standard possible for that combination IE8/XP and that is RC4, the weakest spot. A better solution would be to prevent login and point to a browser choice that supports better standards. As for FS and SNI you can see that here.[18]. As for not rolling our own, see TextSecure#Architecture OTR and Curve25519, AES-256, and HMAC-SHA256 are well tested over time. Mion (talk) 10:08, 30 November 2014 (UTC)
the highest combination possible is secured with the authentication algorithm (RSA 2048 in the ie8 case you mentioned) not the chosen cipher algorithm. You can only fake being ie8 if you can do a MITM for any connection type. Most browsers support forward secrecy, so im not sure what you mean when suggesting forward secrecy is a benefit of text secure, we already have that (except for IE8). The text secure primitives are definitely time tested (after all aes, hmac-sha256 are the same primitives TLS uses) however using text secure in a new environment (to secure web pages instead of text messages) could cause new issues, and that is what has not been well tested.Bawolff (talk) 17:45, 30 November 2014 (UTC)
Well we have a very experienced crew in testing, see m:VisualEditor and m:Wikimedia Labs, as for why it is so interesting to be the one in the middle, just read about X.509, WebRTC, AJAX and Intel AMT[19] and how the internet is broken [20], and how an edit can end you up in psikhushka. Now, if we imagine a world where it is better not to login or make edits on the internet it would directly hurt Wikipedia as more and more editors would drop out and WP is no longer based on the wisdom of the crowd, there is no more NPOV as making edits with an opposing (or just contradicting) view are not made. With storage space and internet speed rising fast see 5G and Fiber to the x it might be possible that readers will go for a one time download of a single WP language version in a prepped sandbox to achieve security. And that is exactly the opposite from what we wanted to achieve with the VisualEditor. All in all implementing Textsecure is just a small part of the solution, if we want to keep our editors the next step would be to follow Facebook and give access over the Tor network.[21]. No worries ClueBot NG will help us with Tor, so hopefully we will remain in charge of the technology for a decently long time.[22] Mion (talk) 16:35, 3 December 2014 (UTC)
I don't even understand this comment. Bawolff (talk) 21:23, 7 December 2014 (UTC)

Memo Application[edit]

Greetings Wikipedians,

Down below, please find a proposal brief re: a digital memo application.

           General function of the application:

- Enable readers to create digital memos that can be stored and later retrieved on the Wikipedia’s platform; where the application can be found on the < top right bar > next to the user’s profile page.

            Overview: 

Currently, English Wikipedia includes 4,658,450 articles and it’s increased every day with over 800 new articles.

Today, roughly 40% of the world has an internet connection, which presents a tremendous need for people in developing countries to be able to access web pages in their native language, and tools to assist with their information and gathering purposes.

            Use Case: 

Take for example, a teacher in Kenya may be researching various topics using Wikipedia. Today, if he or she wants to remember the information for a later time, he or she may copy the information onto 3rd party software to retrieve later.

But could there be a more convenient way for the reader? Where instead of taking the content onto another platform, the notes from the reader, can be saved onto the Wikipedia platform.

             The Proposal

One-click digital memo application that enables the reader to:

- Create a private digital memo ( visual reference: yellow mini note found on the top right hand side of the user’s page ) - Bookmarks the web page where the memo is created and saved onto the reader’s profile page. ( visual reference: paper-clip )

             The Benefits:

- Useful application that would make a great addition to the Wiki tool set - Easy to use ( 1 click process to creating note ) - Memos are private and non intrusive - Bookmarks the Wikipedia page

             Application Considerations:

- Once a memo is placed on the Wikipedia page, it may cover the top right hand section of the page. To mitigate this, the top memo bar can collapse once the notes are made.

- Too many memos can get confusing and disorganized.To trouble shoot this issue, colored folders can be created by the user and tagged.

These are the two main considerations, if there are others, we can add them to the bug fix and development list.

Welcome your feedback. CitynSea (talk) 02:15, 1 December 2014 (UTC)CitynSeaCitynSea (talk) 02:15, 1 December 2014 (UTC)

Actually, I made a tool called Scratchpad a while ago, which is simply a wiki sandbox that resides entirely in the browser. This way, users can take memos privately, without polluting the wiki. Zhaofeng Li [talk... contribs...] 13:22, 1 December 2014 (UTC)
You point out the main problem exactly: 3rd party software for this already exists. Adding a memo program to an encyclopedia makes about as much sense as adding an encyclopedia to a memo program. It's feature creep. It's one more feature for new users to learn, increasing the learning curve. And it's one more feature for the limited development staff to design and maintain. Mr.Z-man 13:41, 1 December 2014 (UTC)
If you really wanted this, you could write it as a user script. As others have said above, though, there doesn't seem to be a very wide use case for it. Jackmcbarn (talk) 21:07, 1 December 2014 (UTC)
People who want to take notes for future reference can also create WP:user subpages and link to it from their user page. – Philosopher Let us reason together. 23:08, 1 December 2014 (UTC)

< Response > Thank you for the feedback! Will review the links in your comment thread. Cheers CitynSea (talk) 01:25, 10 December 2014 (UTC)

Require non-deleted non-talk edits for autoconfirmed check and reset after a block[edit]

First, this isn't for experienced vandals and socks, it would be a pointless exercise. It's for inexperienced ones, and not really for the classic semi-protection or move rights that autoconfirmed gives, but for the edit filter. The edits filters very often check only edits by non-autoconfirmed users, so it makes sense to require ten non-deleted non-talk edits if we want to keep detecting newly created 'bad' articles, spam and vandalism from those new accounts when they didn't get indef-blocked (yet) so risk becoming autoconfirmed. Requiring non-deleted edits means we'll still be able to check for persistent (re)creations of problematic articles, and talk edits wouldn't be counted because they could easily achieve that just using their talk page. And in case of a temp block, the check should reset : 4 days and 10 non-deleted non-talk edits since the end of the block. This would prevent many of them from passing through the loopholes of this system. This is sufficiently targeted so as not to make auto-confirmation harder for good faith contributors. I'm not including userspace edits for example so that edits to user drafts are still counted. Cenarium (talk) 08:24, 1 December 2014 (UTC)

So, just to understand - autoconfirmed is only granted to users with 10 non-deleted edits. And when an editor is blocked, autoconfirmed is blocked, and the edit counter resets to zero? Is that the suggestion? What about editors who make 15 edits, but then the page gets deleted, would autoconfirmed by revoked? Oiyarbepsy (talk) 16:51, 5 December 2014 (UTC)
Yes, it's pretty much it. In the current config, autoconfirmed is checked every time a user makes an edit, and you have a point that in that case, the user may no longer be autoconfirmed after a page deletion, a behavior that should be avoided. If we do as suggested, autoconfirmed would be turned from an implicit usergroup to an autopromoted usergroup, the software would grant this usergroup when the conditions are first met and would no longer check afterwards. It would have some advantages besides that, for example we would have a list of autoconfirmed users, see T17702 for a long standing bug request on this possibility. It would need broader community support to move on this.
Another possibility is to implement those checks in the edit filter directly, i.e. have variables such as timesincelastblock or numberofnondeletednontalkedits. Cenarium (talk) 18:55, 7 December 2014 (UTC)
And the user-right would be automatically revoked when the user is blocked. What about blocks in error? Admins need the right to immediately restore confirmed status with the unblock. Oiyarbepsy (talk) 02:39, 8 December 2014 (UTC)
They can grant wp:confirmed usergroup. Cenarium (talk) 10:37, 13 December 2014 (UTC)

List of Pulitzer Prize winners[edit]

Help me with List of Pulitzer Prize Winners. ``SonictheHedgehog99 (talk) 00:30, 2 December 2014 (UTC)

The only content of the deleted page was "help make this". Don't create articles without real content. If you don't want to write an article yourself then you can request it at Wikipedia:Requested articles. {{Pulitzer}} already links to 21 articles with lists of winners of the 21 different Pulitzer Prizes. If your idea is to list all of them together then it sounds too long for me. PrimeHunter (talk) 03:10, 2 December 2014 (UTC)
How can this list be auto-generated? I.e. it seems like a semantic web query. Implicit in the idea of winning a specific Pulitzer Prize is the general assumption that one has won the Pulitzer Prize. --Brylie Christopher Oxley (talk) 08:43, 3 December 2014 (UTC)
Technically speaking, it would be very easy to just WP:TRANSCLUDE] the various lists together - but that really has no benefit to leaving the lists separate. If a general list is going to be beneficial, it will probably need more than just that. For now, though, I've created a redirect at List of Pulitzer Prize winners for the benefit of those who don't know about the separate lists. – Philosopher Let us reason together. 19:41, 5 December 2014 (UTC)

Proposing function to substitute user talk page vandalism with a wiki-love message[edit]

Because it seems to me to be maybe one of the most effective way to stop people seriously misusing user talk pages. John Carter (talk) 23:20, 3 December 2014 (UTC)

I support this, but I think you can just go ahead and do it if you want to. Be mindful that refactoring an angry person's comment is likely to be taken poorly, and be careful you don't end up with a catsplosion on frequently vandalized pages. Ivanvector (talk) 02:55, 4 December 2014 (UTC)
  • Ivan, I'm guessing that John is proposing a bot or an edit filter or some automated way of having this done. Not asking if it is okay for users to make the change manually. Either way, if a method can be devised to accurately identify edits as vandalism on a consistent basis, then I could support this. — {{U|Technical 13}} (etc) 03:15, 4 December 2014 (UTC)
Well, ClueBot does an alright job of it. Perhaps adapt the code to detect vandalism in talk spaces only, or make it an opt-in thing for user talk pages? Ivanvector (talk) 04:28, 4 December 2014 (UTC)
Thank you for noticing, John Carter. Bearian (talk) 16:15, 4 December 2014 (UTC)
Basically, I guess I was thinking if there might be some way to add something to the "rollback" or "rollback (vandal)" functions on edit history reviews which might automatically take you to the wiki-love app for adding a kitten or beer or something. I should note that yesterday I gave User:Nishidani two beers, and may be potentially starting him on the road to alcoholism, doing this, and Bishonen a troll-munching kitty. John Carter (talk) 17:27, 4 December 2014 (UTC)
  • Ohh! I see. In that case, since those options are added by Twinkle, I suggest posting a "please see" on Twinkle's talk page and pinging TTO or AzaToth to this discussion. — {{U|Technical 13}} (etc) 17:44, 6 December 2014 (UTC)
    • Twinkle doesn't do WikiLove :) WikiLove is a MediaWiki extension, mw:Extension:WikiLove, developed as a WMF initiative a few years ago, although the concept of wikilove long predates the extension. — This, that and the other (talk) 09:22, 7 December 2014 (UTC)

So, what users are being targeted, user that abuse their own user talk pages, or users whose talk pages get vandalised? The initial comment sounds like it targets those who misuse their own pages, but all the responses assume the opposite. If someone vandalizes my talk page, I don't want it replaced by a wikilove message, I want the vandal reverted like it never happened. Oiyarbepsy (talk) 16:32, 6 December 2014 (UTC)

Users who are targeted. The major question to my eyes seems to be maybe figuring out how to do it. First, like I said, I would think this might be started by individuals using "rollback" to remove the vandalism. Then, perhaps, as a second step, maybe limited only to user talk pages, have a visible option to the wiki-love function to add a kitty or beer or whatever as a second step. Of course, the second step would be optional, but I tend to think that those who vandalize userpages regularly probably target a few editors more than others, and it might serve as a bit of a deterrent to someone who looks to add inappropriate content to a user talk page to see a few kittys or beers or baklava or whatever, as it indicates that the receiver is well liked. Also, I suppose, for the really frequently vandalized user talk pages, the kittys can keep a sort of record for instances of vandalism, which might be easier to track that way if for whatever reason it becomes useful to know that history later on. John Carter (talk) 16:38, 6 December 2014 (UTC)
I'm not sure that would reduce vandalism. The Wikilove message would kind of be a permanent record and a badge of honor for the vandal. Either that, or the vandal simply wouldn't give a damn. That said, no technical solution is required here, just make the template and start using it. I can't imagine that anyone would seriously object. Oiyarbepsy (talk) 02:37, 8 December 2014 (UTC)

Templates for Mobile Broadband/Phone Users[edit]

Since that unless working for IPv6, which can be used to uniquely assign address per SIM card/CDMA Phone to unique IP address, IP address of Mobile connections will be always almost the same. Additionally, vandalizers take advantage of this arrangement, forcing editors, like myself, to take additional precautions to prevent false linkage by Checkusers to another user or IP vandalizers. The template will show the following:

  • The username
  • Their affiliate mobile network carrier/ISP
  • The IP address/address range of the mobile network (optional)

Any comments are helpful. - gacelperfinian(talk in - error? Start a new topic) 06:44, 5 December 2014 (UTC)

Do you mean for user pages? We already have Template:Mobile IP for IP pages. Sam Walton (talk) 10:31, 5 December 2014 (UTC)
Yes, but I mean is for registered users, not for IP address itself (please read the idea again above, if you have time). - gacelperfinian(talk in - error? Start a new topic) 01:28, 6 December 2014 (UTC)
As you have said, every SIM card/phone will have its own unique IP address. This actually makes it harder for vandals to impersonate you, as they will have to get hold of your phone to use your IP. Since this is very difficult, I suggest the opposite: CheckUsers can treat such IPs as a strong evidence of sockpuppeting. Zhaofeng Li [talk... contribs...] 02:06, 6 December 2014 (UTC)
I don't think that's actually true. A lot of providers throw everybody on the same two or three IPs. And they hop a lot more than desktop connections. Oiyarbepsy (talk) 02:29, 6 December 2014 (UTC)
Clarification. You have a different address only on IPv6, which is naturally not deployed on most of the mobile world. IPv4, which is still stuck upon despite a recommended change to IPv6 will simply invoke minor disruptions on everyone's part, is extinguished and the users are pooled only to one, sometimes 10, and sometimes, like on my network, a /24 (256-address)-pool network. Actually, I've experience a hard block because of unrelated vandalism for one month due to my mobile connection. - gacelperfinian(talk in - error? Start a new topic) 03:41, 6 December 2014 (UTC)
I believe you can request an exemption from such blocks. Oiyarbepsy (talk) 03:49, 6 December 2014 (UTC)
Yes, but what if you are accused with a rogue account that you don't know then, of course, you can be accused falsely even if you never do such thing, because of the plain reason that sockpuppets never interact with their masters to hide their tracks. - gacelperfinian(talk in - error? Start a new topic) 04:01, 6 December 2014 (UTC)
Our check users are smarter than that and would know to call it inconclusive. Getting the IP-block exemption would help your case further, so I suggest you request that. Oiyarbepsy (talk) 17:37, 6 December 2014 (UTC)

So, are you proposing a template that says something like "This user edits on mobile devices, and may be unintentionally blocked when other users abuse editing privileges"? If so, just make it and put it on your page. Oiyarbepsy (talk) 17:35, 6 December 2014 (UTC)

Possible tightening of BLP criteria[edit]

I have been musing about this for a while and am trying to come up with something objective - BLP issues have been the subject of much discussion over the past 6 years or so, and WP:BLP1E was one development, as was the deletion of pages that were marginally notable if the subjects wanted their deletion.

I am not thrilled about the idea of someone influencing content in a big way, but am mindful that maybe we could be tighter with criteria in an objective way that allows us to remove some more marginal people.

My idea is something like this - A BLP subject may be considered not to warrant inclusion if they are not able to be mentioned in detail on an existing article (but otherwise have appeared in tabloids i.e. famous for being famous). Thus they need to have won something, played a role in a film, been elected, invented something, something "encyclopedic" as it were.

This might resolve issues like the following:

Some years ago. Jimbo nominated Mimi Macpherson for deletion (see Wikipedia:Articles for deletion/Mimi Macpherson). Now us Aussie editors know this person as Elle's sister and she has fulfilled notability quite easily with mentions in media etc. However, if you look at what articles might mention her they are only very minimal mentions, so if we had a criterion something like

"must be notable enough to warrant a significant mention on a nonbiographical article"

as an extra criterion for notability, it might be that she would not pass this and hence her article be deleted.

Apologies to Mimi for using her as an example (if she ever comes across this), but I felt that it illustrated the point of a person who fulfils generic notability criteria but some might argue in unencyclopedic.

Anyway, what do folks think? Cas Liber (talk · contribs) 05:33, 6 December 2014 (UTC)

While I'd certainly agree that existing notability criteria for biographies could do with tightening up, I'm not sure that linking notability to inclusion in other articles is at all appropriate - existing notability criteria are based on coverage in external reliable sources, and not on Wikipedia content. And as a practical matter, I can see this creating more problems than it solves, as it will give an incentive to include marginally-notable people in articles that wouldn't otherwise include them and thus possibly detract from encyclopaedic content, as well as creating a further locus for disputes. AndyTheGrump (talk) 06:26, 6 December 2014 (UTC)
It's about assessing the sources for the person's includability in other nonbiographical articles, I thought it was quite simple really - the person has to be linked to doing or being significant in something notable. Other articles can be judged and edited, just like they are for content for anything really. Some will be easy to judge either way and some will be tricky. Cas Liber (talk · contribs) 07:35, 6 December 2014 (UTC)
I'm with AndyTheGrump on this, it could cause problems with articles just being created and altered to try to stop deletion of BLPs of people, who may well hold considerable public interest, despite not fulfilling this requirement; it also goes against assessment for notability for all other subjects. Also, it assumes that WP has comprehensive articles covering all notable topics in sufficient detail. In that case, no further articles would be needed, and no article would need to be expanded; but this is clearly not the case. Also, what happens to BLPs that fulfill other criteria for notability, but do not fulfill this proposed rule? Would this proposed rule overrule all other criteria? Surely notability should be assessed on more than one criterion? Again it goes against all other assessments of notability, which are multi-factorial. --Mrjulesd (talk) 12:38, 6 December 2014 (UTC)
It doesn't assume wikipedia is comprehensive or complete - if sources indicate material that either could go in an article that doesn't exist yet, or be placed in an existing article, then that can be discussed as well. Examining the target article is not a huge deal, especially if there are some benchmarks of significant mention - e.g. not just a minor role in one episode of a TV series or someone who happens to be a property developer or live in a certain town, The idea is that it does trump generic notability - so that someone who is mentioned in more than two sources but has done nothing that would warrant a mention on any nonbiographical article could be deleted. It is not one criterion but comes into play when a subject does not fit into any category - some people who were only notable for being mentioned in press but had done nothing to indicate encyclopedic notability might not warrant an entry - this would not come into play for scientists, elected politicians, sportspeople, actors etc. unless they'd only done something not notable. Cas Liber (talk · contribs) 13:04, 6 December 2014 (UTC)
I still don't understand why the criteria for notability of BLPs should be radically different from the notability of all other subjects. I can't see anything wrong with the present multifactorial assessment. To have a single overriding rule seems to me to be retrograde step; and this will likely be the case, as the way it is phrased will likely be interpreted as "only a significant non-biographical article mention = notability". I foresee editors putting subjects into non-biographical articles just to protect them. Also the point raised by NeilN about the deletion of many athletes under this rule is concerning. Also a lot of actors may be deleted, as many will only be listed in many articles on productions only in the cast, and may not be deemed significant, and the same thing may be true of many academics. It will all rest on the meaning of "significant" in many cases, and that may rest on how much particular articles have been expanded. This may not be the intention, but there is a strong history of unintended consequences. ----Mrjulesd (talk) 17:26, 6 December 2014 (UTC)
  • Comment: I'm not sure Mimi is a good example. She is mentioned quite legitimately on 5 other articles, which is pretty good for a BLP, and in my mind assures notability. Given that as just a random example, and as well-intentioned as this proposal was, I think it would probably create more problems than it would solve. Endless arguments over what might be are only going to be sheer speculation, and we all know how well that works on WP. *sigh* Softlavender (talk) 11:02, 6 December 2014 (UTC)
Yeah, but how many of those articles are significant mentions? A contestant on a game show? Maybe maybe not. Which others..? Cas Liber (talk · contribs) 13:04, 6 December 2014 (UTC)
She's a television and radio presenter, was on a singing talent contest show for several months and came in third, judged the Miss Earth Australia competition, and is parodied in a song; other mentions are for her relations and show-biz partnerings. There are at least half a dozen more articles she could be mentioned on just via the blue-links on her own article. Softlavender (talk) 10:13, 7 December 2014 (UTC)
This would probably nuke a significant number of athlete biographies as many of them will not have significant mention in a nonbiographical article. --NeilN talk to me 16:11, 6 December 2014 (UTC)

Everyone seems to be missing the point. The test is not whether they are mentioned in a non-biography, but whether they should be. That means mentioning your person in a whole bunch of irrelevant articles would not save your biography. It also means that the good biographies would not be deleted because the non-biography about their actions hasn't been written yet. And the original proposal was "…to warrant a significant mention…" which has nothing to do with whether that mention is actually in the article right now. Oiyarbepsy (talk) 16:25, 6 December 2014 (UTC)

Well, no, not everyone. What significant mention would a soccer player appearing in one or two professional games receive in other articles? --NeilN talk to me 16:41, 6 December 2014 (UTC)
Well, potentially in an article about the team's season. But, yeah, you got a point. Mention in a non-biography certainly is something to consider, but clearly can't be everything. Oiyarbepsy (talk) 17:06, 6 December 2014 (UTC)
The effect would be to greatly expand the articles on the team season, to make sure we gave a paragraph to everyone who played in an individual game, and thus cover everything twice over.
Otherwise, the results would reduce the number of athletes to about 5% of the present, the numbers of politicians to about 10%, the number of scientists to about 20%. It would however keep all the articles on actors and musicians and authors, because we would cover their works also. It would keep all the businessman-they'd be also in the articles on their companies. Is this the balance we want? Looking at one part of this in more detail, we would keep all the descriptive botanists and zoologists, because they'd be covered significantly in the articles on the species they discover; we would lose most of the experimental biologists, because their work would have been incorporated into later work, and the earlier work would not normally be mentioned in the subject articles. Is this the balance we want? All non-human subjects that meet the GNG, and a very narrow and erratic coverage of humans? DGG ( talk ) 17:12, 6 December 2014 (UTC)
BLPs with existing guidelines designating inclusion/exclusion come into play and trump this - scientists, professors and sportspeople all have notability guidelines of some sort. It works by exclusion for people who fall outside those categories. Cas Liber (talk · contribs) — Preceding undated comment added 19:36, 6 December 2014 (UTC)
I don't understand how to apply this. The basic GNG criterion is that a person is mentioned in multiple reliable sources independent of him. Any of these might be mentioned in regard to anything that person is known for. If you don't demand that the person actually be wikilinked in an existing article, how do you settle if it might be / ought to be? And if you do, how do you keep that from becoming a surrogate battleground? I like a minimalist GNG criterion and would prefer to avoid all the specialty policies. Wnt (talk) 17:53, 6 December 2014 (UTC)
It might be complicated in some cases, but I keep thinking that limiting argument strictly to an article in question is arbitrary. If we are discussing the merits of a person at AfD, we can discuss the merits of their inclusion elsewhere and a conclusion reached. Cas Liber (talk · contribs) 19:36, 6 December 2014 (UTC)
A change along these lines could have the effect of exacerbating Wikipedia's systemic bias. We already have a paucity of articles on foreign subjects and if BLP was amended to require significant mentions in non-biographical articles, it would be much harder to keep BLPs of foreigners. Altamel (talk) 19:48, 6 December 2014 (UTC)
It would also have a negative impact in the case of academics, the current list for notability for academics is listed here. Several of the points on the list would not be met under this change e.g. The person's academic work has made a significant impact in the area of higher education, affecting a substantial number of academic institutions. There may be no wikilink to demonstrate the significant impact that they have had. --The Vintage Feminist (talk) 22:01, 6 December 2014 (UTC)
Not only would it tend to exclude many academics and others who's significance is best demonstrated in a biography, but it would fail to tackle an endemic problem concerning the questionable notability of many 'popular culture' related biographical entries. Our inevitable article on Facile 'Reality' TV Show IIV will undoubtedly include all the contestants' names, thus ensuring that we'll still have to argue against a biography for round-one-eliminated contestant Bob Nobodyknowshimfromadam on existing grounds - against the cruft-pushers who will cite the revised BLP policy as grounds for inclusion. AndyTheGrump (talk) 22:14, 6 December 2014 (UTC)
My initial idea was that it would be significant mention on another page, so a contestant eliminated early on would lose out on that....yes could get murky. Cas Liber (talk · contribs) 22:34, 6 December 2014 (UTC)
I'm also with Andy on this. Anyone who has done NPP for years will know that nowadays, with all the traditional encyclopedia articles already written, 50% of new pages are BLPs. And what a load of crap most of it is. Most of them could be summarily deleted by an admin, but no, we have to follow protocol and go through the motions of our complex deletion systems - which often allow fans to win the day with their peanut gallery votes at AfD or removing BLPRODs by just adding a link to their school newspaper. Why does every failed X-Factor or 'Got Talent' contestant or B team reserve squad player have to have a page or even be listed anywhere else on Wikipedia? Just look at the typical request on my tp yesterday. Kudpung กุดผึ้ง (talk) 22:33, 6 December 2014 (UTC)
The thing I like about the GNG standard is that it has a reason. Any article needs reliable sources, so if you don't have some reliable sources about something you can't write an article about it. You could almost put a Q.E.D. after that. But when we start getting into philosophy, that oh so and so has "enduring notability", but so and so other is just "cruft" with "fans", well that's just one big bias sandwich and everybody wants a bite out of it. You can't keep such distinctions without continually grinding down editors in admin and arbcom processes, because they're all just a matter of warring tastes. Wnt (talk) 19:36, 7 December 2014 (UTC)

The problem you would hit fairly quickly is royalty. While his mother would be safe enough Charles, Prince of Wales would be borderline and his sons more so. Can't see his second wife doing much better. For the militant republicans I'd point out that most UK sitting MPs would also fail . EMPs would do even worse.©Geni (talk) 23:47, 6 December 2014 (UTC)

I don't think that would be a problem. Actually, I don't think that most of these would be a problem.
  • Royalty: Charles, Prince of Wales is linked in almost 2,500 articles. I bet that one or two of those mentions runs to more than a sentence.
  • Politicians: Pretty much every elected politician will deserve a significant mention in an election article.
  • Athletes: If they did anything, then we'd have no trouble mentioning it in a "season" type article... and I realize that this is practically heresy, but if they didn't actually do anything, then maybe we shouldn't have an entire article that says, in effect, "here's another doomed permastub about an athlete who did basically nothing". Maybe merging those stubs to a detailed list of team members would be better for readers.
  • Academics: If "The person's academic work has made a significant impact in the area of higher education", then you ought to be able to write a couple of sentences about that in an article about their work, right? "Alice Expert made a significant impact in the way that academic freedom is understood, but, frankly, her work wasn't so significant as to be worth mentioning in the article about academic freedom" kind of makes one wonder whether Alice's work actually met the PROF guideline after all.
I support this idea for living people. It's a good defense against spammy self-promotion, like all those cosmetic surgeons that had articles created here some years back. It should also reduce the number of orphaned BLPs that we see, even if actually linking them isn't a requirement (and IMO it shouldn't be). WhatamIdoing (talk) 23:02, 8 December 2014 (UTC)
The problem is that you're going to end up arguing whether articles should exist which haven't even been written, which is going to put maximum weight on personal bias and minimum weight on actual sourcing. Why is the commercial program of a cartel of sports companies like the NFL or WWE worth running through in excruciating detail, while the invention of a specific method of plastic surgery might be judged only worth a sentence? Will that be based on sourcing, or relative PR expenditures? Sometimes in arguments about article splits and merges we already have hypothetical discussions about articles not yet written, and they're usually the worst kind of notability arguments on Wikipedia. Wnt (talk) 03:22, 9 December 2014 (UTC)
If those plastic surgeons had done anything nearly as important as inventing a surgical technique, then I wouldn't mind them having articles here. Instead, their "achievements" were simply being a member of a particular profession. (I believe they've all been deleted since then.)
I don't expect this rule to create many disputes. We already know how to decide whether an article should exist (see WP:N), we already have hypothetical discussions about articles not yet written, and whether something is worth one sentence or one paragraph or one section or one article is always ultimately determined by WP:DUE weight as seen in the reliable sources. "Maximum weight on actual sourcing" is already how we do this. WhatamIdoing (talk) 03:30, 10 December 2014 (UTC)
  • "The effect would be to greatly expand the articles on the team season, to make sure we gave a paragraph to everyone who played in an individual game, and thus cover everything twice over. Otherwise, the results would reduce the number of athletes to about 5% of the present, the numbers of politicians to about 10%, the number of scientists to about 20%. It would however keep all the articles on actors and musicians and authors, because we would cover their works also. It would keep all the businessman-they'd be also in the articles on their companies. Is this the balance we want?" DGG really took the point. Cavarrone 12:05, 14 December 2014 (UTC)
  • I suppose it depends what readers, rather than editors, want of Wikipedia – what they think Wikipedia is for (as compared to what Wikipedia is not). In my anecdotal experience most readers want Wikipedia to be somewhere they can look up (fairly) reliable information on a notable thing or concept or person: in the example, to answer the question "Who is Mimi Macpherson?"[*] I don't think WP is intended to be a network connecting things that are mentioned elsewhere in WP. In principle, an article could usefully qualify for inclusion even if it has no links to it at all!
    [*] I gather that if you ask an Aussie "Who is Mimi Macpherson?" they'd look at you as if you pointed to the moon and asked what's that white thing in the sky; but as a mere Brit I'd never heard of Mimi before today! Stanning (talk) 09:26, 15 December 2014 (UTC)

Anti-copypaste bot[edit]

I think we should run bot and script, which would search information from new articles in Internet and compare with search results. If bot see copipaste, he will nominate this article for fast deleting. Ochilov (talk) 11:28, 6 December 2014 (UTC)

That sounds exactly like what User:CorenSearchBot does :) Sam Walton (talk) 12:05, 6 December 2014 (UTC)
I definitely support such an idea - as long as the actual deletion/revdel-ing is done by a human being who actually makes sure it wqas done correctly. עוד מישהו Od Mishehu 19:29, 6 December 2014 (UTC)
We actually have TWO bot sdoing this for years already, and a couple of hundred highly clueful admins who manually do the actual deleting. Kudpung กุดผึ้ง (talk) 22:37, 6 December 2014 (UTC)
In the adding, I wanna say, that we also need instrument, where we could write the adress of website in one field, and the name of the Wikipedia article in other field. And it would show percentage of copypaste. How do you like this idea? I alreade wrote it in the contest of the best tools to improve or create. Ochilov (talk) 07:55, 7 December 2014 (UTC)
You are talking about this. --Fauzan✆ talk✉ mail 08:56, 7 December 2014 (UTC)
OMG all my ideas already done. I love wiki) Ochilov (talk) 08:59, 7 December 2014 (UTC)

Infoboxes of people[edit]

I have an Idea this may be a little bit of a mission and could result if implemented in a major overhaul of infoboxes which relate to people. I am getting increasingly confused and in some cases frustrated when I am trying to update infoboxes for people. This is because currently infoboxes are for one specific thing e.g. cricket player, politician, astronaut, criminal, writer and so on. I know there is a generic infobox, the person infobox but its parameters are while extensive only really in my opinion generi and useful when describing a person and not for talking about a person. I am also aware that there is the child template which can be used to add information to existing templates, but I am frustrated by the limited number of labels which can be added and that it has a limit on the amount of times it can be used in an infobox.
What I am suggesting is the ability for an infobox which can be created from scratch, which would allow for one infobox to contain all the notable information for an individual. Such as sports people who compete in multiple sports or people who are notable in multiple and highly distinct fields e.g individuals who have a notable career before for example becoming a notable politician. For some people this can be done using the child template but in most cases I have found this child template is too limited in what it allows and I have found it only really works when dealing with similar or the same discipline e.g. motor racing drivers who compete in different racing series or categories.
Thoughts and constructive suggestions please. Sport and politics (talk) 15:39, 7 December 2014 (UTC)

Have a look at {{Infobox ship begin}}. This starts with a wrapper template for the basics, and then a series of sub-template for the various eras of a ship's operation. Are you thinking of something like that? Oiyarbepsy (talk) 01:47, 8 December 2014 (UTC)
I m yes but a generic one where the entire llife of a notable person can be put in one infobox e.g. a person who in their life was a Lacrosse Player then a Politician or someone who Was a Rower, then a Cyclist, then an Actor, then a politician. I wan the freedom to be able to create an infobox which shows all of the persons life without having to use multiple different infoboxes or be restricted to using the limited child template. Sport and politics (talk) 10:29, 8 December 2014 (UTC)
{{Infobox person}} already serves that role and can take a number of other infoboxes (e.g. {{Infobox musical artist}}; for example on Beyoncé or Jennifer Lopez - note the "Musical career" subheader) as a "module" or sub-template (up to six of them at a time; currently). We need to better document this; and to make more of our biographical infoboxes work as modules, and to standardise parameter names (some work in this is ongoing) to make it easier for editors to switch between them. This will also be made easier as we merge or delete redundant infoboxes (i.e. forked or duplicate infoboxes with minor variations in parameters or aesthetic design). Andy Mabbett (Pigsonthewing); Talk to Andy; Andy's edits 23:53, 8 December 2014 (UTC)
To that end, I've just created Category:Biographical templates usable as a module, which waits population. Andy Mabbett (Pigsonthewing); Talk to Andy; Andy's edits 00:09, 9 December 2014 (UTC)

Infobox person is not flexible enough and is limited in what it can do. It only allows some other infoboxes to be added. I am asking for one where any infobox can be combined with another to create any combination of infoboxes for a person as their notability dictates. Sport and politics (talk) 13:10, 9 December 2014 (UTC)

It is perfectly flexible and allows any infobox to be added that has been written to allow that. As I said above, "We need... to make more of our biographical infoboxes work as modules". Sure, that's a chore, but it's much less work than what you're proposing. Andy Mabbett (Pigsonthewing); Talk to Andy; Andy's edits 15:28, 9 December 2014 (UTC)
There is the problem the other infoboxes "need to be written to allow that", what I am proposing is something you do once and it lasts in perpetuity and just need simple maintinanc, the add on proposal while simpler, is less fit for purpose and will need a new modular infobox creating for each new scenario not already covered, what I am proposing is a universal infobox for people which can be used as it is needed to be used for. Sport and politics (talk) 15:57, 9 December 2014 (UTC)
A universal infobox would require rewriting all the sub-infoboxes that go inside anyway, right? Oiyarbepsy (talk) 16:32, 9 December 2014 (UTC)
No a universal infobx would have no sub infoboxes. It would just be one infobox for everything. Sport and politics (talk) 15:07, 10 December 2014 (UTC)
Well, let me rephrase that. Such a universal infobox would require multiple templates. So, by revising the various template as Andy notes, you could have one infobox made of multiple templates, like the ships. Oiyarbepsy (talk) 15:26, 10 December 2014 (UTC)

Two-Step Login (Two Factor Authentication)[edit]

Since passwords are no longer very secure due to password reuse across websites (some of which are less secure than others) and keystroke logging by malicious software (especially on public computers), would it be a good idea to enable some kind of opt-in two factor authentication, such as by using the free Google Authenticator already used by many websites? Users who hold advanced technical rights or who for any other reason want to secure their accounts may find such a feature useful for security. Any thoughts? Tony Tan98 · talk 15:58, 7 December 2014 (UTC)

See Two factor authentication for the pro and cons of it, the websites using it are not doing it to increase security for the user but to retrieve more personal data about that user for contextual advertising (like Google), in a sense, if you make mobile edits you get Two Factor Authentication for free. There are multiple reasons for Wikipedia not to use it. If an account is compromised it can be detected by its behavior, blocked, unblocked, restored after different checks. From a user perspective, its better to stay away from user identity to reach the maximum type of NPOV so users can distribute knowledge without consequenses like losing their job or worse.Mion (talk) 17:14, 7 December 2014 (UTC)
@Mion: Could you please elaborate on the contextual advertising part? I know that on Google, enabling two-step verification requires a phone number. However, we do not have to do that on Wikipedia. If a phone number is not used, but instead we use the app-based Google Authenticator (or some other client implementations of TOTP), personal information should not be leaked in any way. In TOTP, the server provides the client with a shared secret key that is later used by the app to generate codes based on time. The codes cannot enable an attacker to calculate the key, and thus security is achieved. At no point is the user's information transmitted to the server because the client app on the phone never interacts with the server besides indirectly by scanning a QR code embedded with the key. Tony Tan98 · talk 18:27, 7 December 2014 (UTC)
And I think when dealing with the problem of compromised accounts it is better to prevent it beforehand. While a compromised user account may be blocked, it is often difficult for the user to prove that he/she has regained control of the account, making a clean start necessary. Moreover, a compromised sysop account can be even more dangerous. They could vandalize the main page and insert malicious code into site-wide JavaScript with the possibility of infecting readers' computers, and sometimes it takes time (more than 10 minutes) to desysop the account because Bureaucrats and Stewards are not immediately available. (It took 17 minutes to desysop rogue admin Robdurbar.) Tony Tan98 · talk 18:34, 7 December 2014 (UTC)
The likelihood of the WMF forcing Wikipedia editors to give their personal details to Google is minimal, and if such a policy did get implemented the likelihood of whoever implemented that change surviving the backlash is zero. There is no possibility this is going to happen. Mogism (talk) 18:40, 7 December 2014 (UTC)
@Mogism: I think you are misunderstanding two factor authentication. No personal details will be given to anyone. It is only called "Google Authenticator" because it is an app initially developed by Google. The app does not send any information and we do not need to use this specific app to enable two factor authentication. Other open source apps work, as well. It is the user's choice. I am just suggesting that we use an implementation of TOTP, which is an open standard. Tony Tan98 · talk 18:47, 7 December 2014 (UTC)
I am proposing it as an opt-in feature, too, meaning users have the choice of whether to use it or not, most likely in "Preferences". Tony Tan98 · talk 18:56, 7 December 2014 (UTC)
I agree with Mogism, the problem is, you add 2 possible attack places, one is on the WMF side where all the telephone numbers are stored in connection with the login name and on the other side when you have a keylogger/RAT on your mobile phone, i checked for a better page for it, targeted advertising is closer than contextual and keep in mind that Google knows the telephone numbers from Android phones already, i think it has to wait till all mobiles are fully encrypted, os memory etc.Mion (talk) 19:24, 7 December 2014 (UTC)
@Mion: Could you please elaborate? 1)Telephone numbers are not needed and thus are not provided to the WMF. 2)The mobile phone with the app installed does not need to know what the two-step authentication codes are for; the user chooses a name for the key. (The phone does not need to know that it is set up with Wikipedia, or what the user's username is.) 3)An Android phone is supported but not required. You can use an iPhone with the app as well. If a user is choosing to use the Android phone, they are already providing Google with the information so there is nothing more to be lost. Thanks, Tony Tan98 · talk 19:52, 7 December 2014 (UTC)
Google Authenticator:"The server provides a permanent shared secret key to the user over a secure channel, to be stored in the Authenticator app. This secret key , see Shared secret, will be used for all future logins to the site." You can name it a key or a telephone number its both ment as variations on uuid. Mion (talk) 20:55, 7 December 2014 (UTC)
Is this really true two-factor authentication? It appears to be a challenge-and-response system, but it appears that both items of authentication are "what you know". True two-factor authentication is the use of an ATM, which requires both "what you have" (debit card) and "what you know" (PIN), or logon to a work computer via badge and password. It is also true two-factor authentication if a fingerprint reader is used, which is "who you are". It appears that this is a more secure authentication, but not true two-factor. Robert McClenon (talk) 21:07, 7 December 2014 (UTC)
(edit conflict)It is a shared secret key, not an identifier, because the key is only used for generating the one time codes. The key is to be generated by the WMF server, and then the client app scans a barcode with the key and stores it so that it can generate one-time codes. In this process the key is not used for anything else, and no one else gets it. Unlike a phone number, a key cannot be used to identify the user, as the client app does not share/display the key to anyone, and no one knows who has the key besides the WMF, who can only associate the key with a username, not an actual person's identity. It is not like a cookie, either, because the key is secret and not sent anywhere. Maybe (ping) @Jackmcbarn: will understand what I am saying and help me explain this. Tony Tan98 · talk 21:18, 7 December 2014 (UTC)
True, it is not completely "two factor", but this is the best we can do without requiring the purchase of physical tokens, such as U2F tokens. Tony Tan98 · talk 21:18, 7 December 2014 (UTC)
But it is not completely "what you know" and "what you know", either, because the one time codes change every minute (or more frequently), and the key used to generate it is only stored on the server and your phone and transmitted once, thus mitigating the risks of keylogging and other password leaks. Tony Tan98 · talk 21:22, 7 December 2014 (UTC)
I see. It's somewhere between one-factor and two-factor, sort of 1.5-factor. An ATM really is two-factor. To be "classical" two-factor, we would have to distribute hardware tokens, which isn't practical. Robert McClenon (talk) 02:40, 8 December 2014 (UTC)
Tony Tan 98, have you read mw:User:MZMcBride/Attacks? Legoktm (talk) 21:37, 7 December 2014 (UTC)
@Legoktm: I have not but I am reading it now. Thanks, Tony Tan98 · talk 21:44, 7 December 2014 (UTC)
@Legoktm: That was a very interesting read. It seems like the attacks described further shows the importance of keeping admin and bureaucrat accounts secure, and I think two-factor authentication can be a very good way of achieving this. Tony Tan98 · talk 23:35, 7 December 2014 (UTC)

Dispelling myths[edit]

Okay, there's a bunch of misinformation in the above discussion. Here's some facts to help clear everything up:

  • This has nothing to do with your phone number.
  • The WMF would get no more information about you (at all, not even a little bit) with it.
  • Two-factor authentication is totally unrelated to mobile edits.
  • We would use TOTP.
  • Google isn't involved whatsoever. They were only mentioned because they make an app that supports TOTP.
  • This is two-factor authentication since the shared secret itself is never used to log in with; rather, a token generated from it is used (and you can't reuse the token or reverse-engineer the secret from it).

Jackmcbarn (talk) 21:33, 7 December 2014 (UTC)

I think Roberts questions are mostly answered, so the upfront Shared secret key is unique or not ? Mion (talk) 21:39, 7 December 2014 (UTC)
Every users key is unique, and a one time key is provided using that as a hash. "The service provider generates an 80-bit secret key for each user." I think that two step authentication is a cool idea, will provide some degree of added security for those who want it. I've done some research, and there are two media-wiki extensions already developed: https://www.mediawiki.org/wiki/Extension:OATHAuth provides basic manual HOTP implementation, and https://www.mediawiki.org/wiki/Extension:TwoFactorAuthentication allows, in addition, automatic implementation with programs such as Google Authenticator. There is also third party software for most platforms, meaning that automatic authentication is in reach on most platforms. All that is needed is for an extension to be installed in the WP software, and for the user to sign-up for it.
The only real complication is providing for lost secret keys. If the key generator is lost, e.g. a phone gets broken, then there has to be some method of disabling the authentication, which is I think provided by editing LocalSettings.php for a user. So there would need to be some mechanism for resetting users settings so the authentication can be turned off in these circumstances. But having the secret key on two devices would make this most unlikely, which presumably would be possible.
Implementation would mean that there would be no risk in using public computers with keyloggers installed. But in that case authentication could be over the net; apparently this is possible, but I'm not sure how available it is. But of course if you had your phone with you, you could generate a manual key, and then use the public computer without risk. So in a way a mobile phone or similar device is a requisite for use.
Two step authentication is becoming pretty popular. My bank demands this for online access, by giving me a little smart card device that works in exactly the same way. I think this is probably the same for most people here, so you're already using it probably. --Mrjulesd (talk) 23:07, 7 December 2014 (UTC)
@Mrjulesd: There are already MediaWiki Extensions for it? That's great news. Regarding having the same key on multiple devices, I am fairly certain that this is possible at setup, when the key is displayed as a QR code for scanning. One would simply scan the code with two devices before finishing up the process. Perhaps we need to think more about the account recovery process, though. Should we allow users to disable two-factor based on a verification email, or is that too risky? Tony Tan98 · talk 23:41, 7 December 2014 (UTC)
@Tony Tan 98: Actually, it's been enabled on wikitech: for a long time. You can give it a try there (Note that it's not integrated into SUL, so you'll need to create a separate account). Zhaofeng Li [talk... contribs...] 00:14, 8 December 2014 (UTC)
@Tony Tan 98:Well that's an interesting question. There is already a mechanism for resetting passwords at Help:Reset password. If the password reset also cancelled authentication then it would be a simple matter, but whether this could be the case I'm not sure. As Zhaofeng Li suggests you could test it at wikitech, and see how it works.
Whether this will be implemented probably depends in part to how much WMF and the WP community think that account hacking is a problem. If they don't see it as too bad a problem then they may not want to implement it. But this is the place to find out what the community thinks. ----Mrjulesd (talk) 00:53, 8 December 2014 (UTC)
@Zhaofeng Li:@Mrjulesd: I gave it a try, and it seems like 1) The two factor authentication set up and log in process are as easy as expected and pretty user friendly (for users who had previous experience on another service). 2) I cannot find a way to reset the token without being able to generate codes using the current token. (You cannot reset it if you lost your token.) However, I think a user can set it up on two devices to prevent a lock-out. It'd be better if the user is allowed to reset the token through email, though. Tony Tan98 · talk 02:09, 8 December 2014 (UTC)
2) Did you try https://wikitech.wikimedia.org/wiki/Special:PasswordReset ? ----Mrjulesd (talk) 02:16, 8 December 2014 (UTC)
@Mrjulesd: Yep. It resets my password, but keeps the token. Tony Tan98 · talk 02:23, 8 December 2014 (UTC)
@Mrjulesd: But I do remember that during initial setup, it provided me with a few one-time-use backup tokens that it advised me to store in a secure location. These tokens can be used to sign in if the actual token is lost. In that case, a token reset would then be possible. Tony Tan98 · talk 02:34, 8 December 2014 (UTC)

──────────────────────────────────────────────────────────────────────────────────────────────────── There's also WP:COMMITTED, but it's a pity that there isn't a formal way to regain access to an account with it (We don't even know if it's actually acceptable yet). Zhaofeng Li [talk... contribs...] 02:58, 8 December 2014 (UTC)

The main problem with wp:committed is that it is about regaining a hijacked a/c, rather than preventing an a/c from falling into another's hands. But nevertheless it is a good thing to do.
@Tony Tan 98: well that seems pretty good. But if the backup tokens are lost there would still be a problem, this would have to be addressed. Question: what does https://wikitech.wikimedia.org/wiki/Special:ResetTokens do? --Mrjulesd (talk) 11:41, 8 December 2014 (UTC)
I would agree that WP:COMMITTED is a good measure to prove that you have regained control of your account, but I don't think there is currently a way for users to request a password reset through it.
@Mrjulesd: It seems like unfortunately https://wikitech.wikimedia.org/wiki/Special:ResetTokens does not have to do with the two step authentication token. It gives me this:

You can reset tokens which allow access to certain private data associated with your account here.

You should do it if you accidentally shared them with someone or if your account has been compromised.

Tokens:

Token for the web feed (Atom/RSS) of changes to pages on your watchlist (current value: **value removed**)

I think it is for managing tokens used to access watchlist feeds. The link for resetting two factor credentials is here: https://wikitech.wikimedia.org/w/index.php?title=Special:OATH&action=reset&returnto=Special%3APreferences, and it requires me to have valid tokens (either generated or from backup list) to proceed. Tony Tan98 · talk 17:37, 8 December 2014 (UTC)
I don't think that the probability of someone losing both their phone and the backup codes is high, especially since this is supposed to be an opt-in feature, and the setup process requires that the user successfully generate at least one valid code before completion. (Most likely people who enable it would know to keep them safe.) Losing both methods of authentication would be equivalent to forgetting a password without an email attached to the account: loss of the account. Of course, one can always choose to be extra safe by storing the same token on two devices that are kept separately. Tony Tan98 · talk 17:43, 8 December 2014 (UTC)
@Tony Tan 98: it occurs me that wikitech must have some mechanism in place for when a person using two factor authentication loses the secret key, whatever they would do would probably be appropriate for WP as well. Maybe it is possible to find it out.
Well I'm not sure how to proceed from here. But I would imagine if you laid out all the details, and explained how it already worked at wikitech, then that might be a good continuation. --Mrjulesd (talk) 21:15, 8 December 2014 (UTC)
@Mrjulesd, Tony Tan 98: The password reset process on wikitech is quite informal, handled manually by WMF staffers on a case-by-case basis. I don't think that'll work on large communities like enwiki, though. Zhaofeng Li [talk... contribs...] 11:06, 10 December 2014 (UTC)
  • I'm in favour of two-factor authentication for admins (or higher), but if I ever became an admin I'd want a mechanism that doesn't involve my phone, e.g. a smart-card reader such as I already use for VPN-ing into my work network and for on-line banking. A phone is a convenient device but a lazy way of implementing security, because (a) it's too hackable and (b) having your phone number in multiple systems means that it'll leak sooner or later (probably sooner). I never use my mobile phone as an authentication device – I get too many nuisance calls and texts already. Stanning (talk) 09:44, 15 December 2014 (UTC)
@Stanning: You don't have to use a phone. Look at Google Authenticator there are implementations on most platforms, e.g. for Windows there is gauth4win, MOS Authenticator, WinAuth. But phones make the best choice. e.g.: you had to use a public computer. You would be unable to install the necessary software. But if you had a phone handy you could use that to get the authentication code, input that on the public computer, and then use the public computer to edit WP. Your account would be fully protected, as if a keylogger was installed on the public computer, the authentication code would be single use only. ----Mrjulesd (talk) 12:01, 17 December 2014 (UTC)

Creating Language-Comparison (Dictionary) Pages with Commentary/Analysis[edit]

Hi there, Wikipedia community experts,

Seasons Greetings,

I am multi-lingual & a linguist.

I have started my own Hebrew-Arabic language word comparison project (Excel format) which is FAR from being complete...yet, has many entries, already & which I would both like to share online with the general public/ community as well as require help/additions to (as, said project is alphabetically word-based). This, also in the hope of showing the world (particularly, in the war-torn iddle East!) how SIMILAR &RELATED the languages/cultures are!!!

I am NOT technically inclined (as far as web design/formats, etc...)-yet, can provide all academic knowledge pertaining to this field.

Would such a project be a Wikepedia materialization candidate? Could we make it happen?

Awaiting your earliest-possible feedback with much gratitude & blessings,

AK — Preceding unsigned comment added by AK63 (talkcontribs) 18:30, 8 December 2014 (UTC)

See Wikipedia:No original research - Wikipedia articles must be verifiable from published reliable sources, rather than contributor's own research. You could try making your proposal at Wikiversity. [23] AndyTheGrump (talk) 19:05, 8 December 2014 (UTC)
I agree that while this sounds like a very interesting project, it doesn't sound like something for Wikipedia. But surely it's not original research, except in so far as translation is original research almost by definition? In principle every word comparison could be verified by reference to Wiktionary or other published sources. Stanning (talk) 09:54, 15 December 2014 (UTC)

Actually, there might be a place for this kind of thing at Wiktionary. You could make the case there that they should add a section called cognates at every entry, for example. Oiyarbepsy (talk) 20:25, 8 December 2014 (UTC)

Or maybe at Wikidata. WhatamIdoing (talk) 23:07, 8 December 2014 (UTC)

Open Access Reader, tool to find missing academic citations[edit]

Open Access Reader Logo v1.png

Hi, I'm working on an IEG project to create a tool to find important academic citations missing from Wikipedia. It does this by taking a large repository of open access papers, removing the ones already cited in Wikipedia, and then ranking those left over by some significance metric (at the moment, number of citations). We've just completed our first proof of concept demo which looks quite promising, and are looking for ideas or feedback. Check it out: Open Access Reader.

EdSaperia (talk) 13:28, 9 December 2014 (UTC)

Making wikipedia more accessible[edit]

Hi

I have an idea which may help improve the pages on Wikipedia, specifically the ones about scientific subjects.

My idea would be to have a simple and advanced page for each thing on here. For example, if you type in "black hole", it comes up with loads of equations about quantum mechanics and space time, which most people wouldn't be able to understand and they'd just stop reading.

You could have a basic introductory version of the page that explains black holes in a way that is more accessible to people. If then you wanted to read more, you could click on the "advanced" tab.

This would make Wikipedia a much better resource for kids and students.

Foot note:- After speaking with a Wikipedia editor, I have been informed there is a simple version of Wikipedia that already exists:- https://simple.wikipedia.org/wiki/Main_Page

With this in mind, perhaps a specific icon could be inserted at the start of each article which would send users to the simpler version of the page.

What do you think?

David Wardle — Preceding unsigned comment added by 213.205.232.226 (talk) 13:38, 9 December 2014 (UTC)

We do have this already with some articles. For example, see Introduction to special relativity. I'll propose this idea at Talk:Black hole. Oiyarbepsy (talk) 15:41, 9 December 2014 (UTC)
Simple English Wikipedia [24] is the place to make a simple version, its better to move Introduction to special relativity out. Mion (talk) 23:18, 18 December 2014 (UTC)

Wikipedia suggestions[edit]

  1. Make all words in articles lead to new page related to the word, this can be done with programming when click on any word from article would lead to new articles but text would remain the same and standard wiki link to new article would override it or usual words or phrases.
  2. In each edit in history make report vandalism or spam with short explanation.
  3. Auto-sign when user begins with : but if edits inside between : an signature wouldn't sign it.
  4. Shortcuts for edit summary for example m minor edit.
  5. When signature is changed automatically change all signature of user (I have seen that in RPG Maker games you can type name of player and that name is displayed in whole game).
  6. TTS Text to Speech like Ekho I have read that it is possible to record ones own voice only vowels and consonants it is about one MB large and can read any text.And other languages as well.
  7. Also pop up translation for words from Wiktionary and how much times articles were visited.
  8. Input methods embedded in Wiki editor like Chinese.
  9. Also when make next word in new row in Wikipedia is displayed in same row this can be a problem for writhing many words one below other.
  10. Perhaps some translator like Google Translate which is online or for Android there are not much free quality translators today except Google Translate.
  11. When users edit is reverted or changed by different user would notify the user in special notifications, this would help if user has hundreds or thousands of edits so that he doesn't need to search all pages.Watch page is only for some pages it would be useful to have most although user can ignore it if he wants.
  12. Ancient Egyptian Babel for language knowledge. — Preceding unsigned comment added by Xand2 (talkcontribs) 11:28, 10 December 2014 (UTC)
  13. Wiki template that would make active count users edits and articles.
  14. Wikibot that would automatically translate via Google Translate articles from English Wikipedia and save them to other Wikipedia's that could save more time in writing articles but only for new articles links and files would be copied by Wikibot and then replaced after translation. Xand2 金日光旦照 (talk) 21:06, 9 December 2014 (UTC)
See Wikipedia:Wikipedia doesn't use Allwiki.—Wavelength (talk) 21:26, 9 December 2014 (UTC)

Hello, Xand2 金日光旦照. That's a long list of suggestions. I've numbered them for you so I can reply faster:

  1. Wavelength answered this. This has been suggested before, but most editors here don't want it.
  2. This would make the page history too big, by adding two new buttons and two short explanations to each line. Also, you can fix these problems yourself, instead of reporting it to someone else. There is a relevant button there for each line: "undo". Click that and then write 'spam' or 'vandalism' (or 'typo' or whatever else is appropriate) on the WP:Edit summary before saving.
  3. Auto-signing is difficult. User:SineBot does this for newer users. WP:Flow will eventually do this automatically for everyone.
  4. The list of Wikipedia:Keyboard shortcuts includes one for marking edits as minor.
  5. Signatures are automatically changed in page histories, but changing them in talk pages requires editing the pages. This can be done by bot. I believe that WP:Flow will do this.
  6. This is something that you would set up on your own computer.
  7. I don't think that there is a way to see translations for words as pop-ups, although you can see definitions from linked articles with either WP:Hovercards or WP:NAVPOPS. Article page view statistics are available in a link from the article's history page.
  8. I believe that input method editors are embedded for Chinese and other languages as part of mw:Universal language selector. I'm not sure that they are enabled here at the English Wikipedia, however. (Chinese should be enabled at the Chinese Wikipedia, etc.)
  9. I don't understand this suggestion. Is this especially a problem for writing in Chinese?
  10. Chrome has a built-in translator. The upcoming mw:Extension:ContentTranslation will provide some machine translation for people translating articles.
  11. WP:Echo notifies most users if their edits are reverted.
  12. There are several WP:Edit counters to find out how many edits you have made.

Thank you for taking the time to make your suggestions. Whatamidoing (WMF) (talk) 03:49, 10 December 2014 (UTC)

Wikibot that would automatically translate via Google Translate articles from English Wikipedia and save them to other Wikipedia's that could save more time in writing articles but only for new articles links and files would be copied by Wikibot and then replaced after translation.

As for next row text that is in English also for example if you look in my edit source and how it is displayed:

This is example This is example

Both short sentences are in next row but are displayed in same row.

This is example

This is example

Now is empty row between and is displayed correctly this can be problem in writing long list of words which are in Wikipedia displayed as single block of text so user needs to add empty row between each.

Also where can I post about Wikihiero it has only basic Egyptian hieroglyphs for example less than A100 and free OpenSource JSesh has about 3000 while some other hieroglyph editors have almost 7000 hieroglyphs it is written like this < hiero > r:a-ra:Z1 < /hiero > and rendered like this:
r
a
ra
Z1
Wikihiero has some errors for example < hiero > r:r < / hiero > should display r above r but it is in the same row
r&r
rr, or Ax&x & should display next character near sign but not above it like : isn't working < hiero > G25&x < /hiero >
G25 x
Ax power of soul.Some errors were already reported on Wikihiero talk page but still no response. — Preceding unsigned comment added by Xand2 (talkcontribs) 16:33, 10 December 2014 (UTC)

For edit count I was thinking on active user edit count as wiki template that could be on user main page like user-activenumberofedits. Xand2 金日光旦照 (talk) 07:37, 10 December 2014 (UTC)

Pop up translation from Wiktionary when mouse over word would translate it to English or other languages.English Wiktionary has millions of words (most are inflections) and you can use free OpenSource Kiwix for offline Wikipedia and Wiktionary (but Wiktionary is downloaded separately try using Google) and that offline Wiktionary could be programmed with pop up window to display articles (you can also find pop up code on Google like C++). Xand2 金日光旦照 (talk) 08:23, 11 December 2014 (UTC)
We have Navigation Popups and the newly-created Hovercards that display a pop-up for wikilinks, which are enough for casual readers. For other words, language learners can download various extensions that can achieve this effect for their browsers. I don't think forcing this on all users makes much sense. Zhaofeng Li [talk... contribs...] 10:22, 11 December 2014 (UTC)
I couldn't find display image from link to other website (not Wikipedia).For example I have on UESP wiki some images I would like to put on my user page but to display it from link. Xand2 金日光旦照 (talk) 09:13, 11 December 2014 (UTC)
You may want to read WP:HOTLINK. It's disabled for good reasons. Zhaofeng Li [talk... contribs...] 10:22, 11 December 2014 (UTC)

Donations to Wikipedia[edit]

For those of us that regularly contribute, it would be great if there was some way your team could TURN OFF the PLEASE DONATE pop up. Maybe there can be a little app that gets launched during the donation process that would turn off this annoying code.

thanks in advance,

Nancy — Preceding unsigned comment added by 24.5.9.40 (talk) 18:24, 11 December 2014 (UTC)

Doesn't the "Suppress display of the fundraiser banner" browsing gadget accomplish the same thing?--ukexpat (talk) 20:53, 11 December 2014 (UTC)
@Ukexpat:I think they mean for unregistered users. Even if this was supported, it would not be turned off. Though it getting slightly shortened may be a good idea, as I have mentioned at WP:VPT#Should the fundraiser banner, at the least. Be shortened? LorChat 22:18, 11 December 2014 (UTC)
As far as I know, if you click the X in the upper right corner (once for the bigger one, once again for the smaller one), then that should be the end of that (for a while). If you clear all your cookies, then it will come back. (If you dismissed it and want to make a donation, there's a link in the lefthand sidebar, just underneath "Donate to Wikipedia"). Nancy, if you see this, then it would be really helpful to know if you're changing computers a lot, clearing your cookies, or doing anything that might reset your browser, and also which web browser you're using. I'll go find someone in fundraising tech so they know about this report. Thanks, Whatamidoing (WMF) (talk) 19:27, 16 December 2014 (UTC)

Bot tagging of edits[edit]

I'm thinking of making a proposal to allow bots to tag edits, and request the implementation of such a feature. The edit filter and other extensions tag an edit immediately when it is saved, but a bot would tag it afterwards, it may take a few seconds due to API lag. There is already a request at phabricator, T3189, however this is for all users, not just bots, and it has stalled, a suggestion was made to have a community request for this to get it moving. But I am proposing for bots, and only for bots, for three reasons : more likely to gain strong consensus, much less likely to create issues that will have to be solved somehow, and no need for devs to create a user interface, since bots need only the API, so less dev work, meaning we'll get it implemented faster. The following are possible uses, and I would welcome more suggestions, I'd like to have as many examples as possible to incorporate them in the proposal before going ahead :

  1. edits identified as very likely to be vandalism, but not with a high enough likelihood for rollback - for ClueBot NG (talk · contribs)
  2. edits containing urls that are potentially suspicious, but with enough legitimate uses that rollback is inappropriate - for XLinkBot (talk · contribs)
  3. student edits (looks like that extension doesn't have much support so we can't expect it to tag on its own any time soon)
  4. probable cut and paste moves - for CorenSearchBot (talk · contribs)
  5. suspected copyright violations - for CorenSearchBot (talk · contribs)
  6. replacing some of the tag only edit filters, particularly those consuming too much of the condition limit or where a bot is superior

We would also need a mass untag functionality usable by admins. Cenarium (talk) 10:34, 13 December 2014 (UTC)

That is a very interesting idea! Do you know if the people running the bots would be interested in adding this functionality? – Philosopher Let us reason together. 19:17, 13 December 2014 (UTC)
  • It should be fairly simple to add the functionality and I'm fairly certain most of the bot maintainers would happily entertain a pull request to add the functionality to their bot if not implement it themselves. I will happily support this proposal when made. — {{U|Technical 13}} (etc) 22:25, 13 December 2014 (UTC)
  • Some other tags that may be added by a bot instead of the edit filter : speedy template removal 29 (hist · log), image template removal 59 (hist · log), copyvio tag removal 224 (hist · log), undoing antivandalism bot 323 (hist · log), very short new articles 98 (hist · log), large unwikified new article 180 (hist · log), 'autobiographies' 148 (hist · log), inappropriate redirects 151 (hist · log) (disabled for performance), interrogative pages 289 (hist · log) (disabled for performance). Cenarium (talk) 01:21, 15 December 2014 (UTC)

Slightly off-topic - why doesn't the edit filter log link to the diff or revision? Oiyarbepsy (talk) 15:49, 16 December 2014 (UTC)

Donating from mobile phone Suggestion[edit]

What if it would be function of donating via SMS? It would be easy and comfort for most of Wikipediands. Ochilov (talk) 18:45, 13 December 2014 (UTC)

Hi Ochilov, thank you for your question! Our team is currently looking into a few different SMS fundraising options, however it takes time to vet these payment methods, and even more time to implement them on our donation platform. We hope to have this option in future fundraisers, and welcome you to suggest your SMS payment method of choice for us to add to our list of possible gateways! Thank you for your feedback. --CCogdill (WMF) (talk) 19:42, 16 December 2014 (UTC)

Criteria of In the News[edit]

Since the posting of Sydney hostage situation, I wonder if there is an idea to improve In the News. Somehow, I worry about its being misused for profits. --George Ho (talk) 10:29, 16 December 2014 (UTC)

What gives you the idea that it's for profits? This is probably the last place on Wikipedia one would expect to find COI. Who profits from posting stories about crimes, sports championships, elections, and scientific discoveries? ITN very rarely posts any business news or links to corporations. I like your idea to improve the criteria, and welcome a discussion. Jehochman Talk 14:20, 16 December 2014 (UTC)
Since we are not running ads, there must be ways that Wikipedia is not some "non-profit" as it names itself. I don't have enough proof though. Portal:Current has links to articles by news corporations and contains stories that may not appear in ITN. Somehow, ITN has loopholes; it directs to articles that are dependent on sources by news businesses with certain reputations. Probably some editors here have shares of stocks of businesses, but I'm talking conspiracy theory. That aside, ITN should be dependent on existing rules and guidelines. ...I don't know why I'm talking to you. You posted the Sydney story, but that doesn't matter. The Pakistani shootings was huger than the Sydney one. At least I'm glad that resignation of the Thai princess shows up on Main Page, but I guess Sydney hostage situation is more serious than some princess's resignation. Id est ("That is" in Latin), if I bring up criteria ideas, I fear they would complicate ITN too much and have loopholes as well. --George Ho (talk) 21:29, 16 December 2014 (UTC)
You know what? I can't bring up ideas. I have no experience on the ITN, so I must learn to use ITN before I make any ideas again. --George Ho (talk) 22:05, 16 December 2014 (UTC)

Reducing USA cultural bias[edit]

I wanted to reduce cultural bias at Template:Authority control, where USA-related LCCN is listed before ISNI. Details at Template talk:Authority control#USA bias.

Now, two users drag the whole thing into a weird discussion. One reverts my edits, without any reasoning except for ~ "discuss", but he does not say what he wants to discuss. There should be some office in Wikipedia to properly treat such trouble making. John B. Sullivan (talk) 11:35, 17 December 2014 (UTC)

I am not sure what you want here. You made a bold edit to Template:Authority control/doc. You were reverted. Now it is time to discuss your reasons for the changes with the editors who reverted you or disagree, as is happening on the associated talk page. It is not proper to revert again]. -- GB fan 11:58, 17 December 2014 (UTC)
I wrote what I want here, and told that there is not discussion of what was changed. Andy Mabbett only started edit warring for sake of it. He made no reasoning for why the USA centric content should be before the international one. John B. Sullivan (talk) 15:44, 18 December 2014 (UTC)
This is forum shopping. Andy Mabbett (Pigsonthewing); Talk to Andy; Andy's edits 14:59, 17 December 2014 (UTC)
Can Andy Mabbett substantiate that claim? Where was that brought up before by me? John B. Sullivan (talk) 15:44, 18 December 2014 (UTC)
FWIW, I don't agree with John that listing LCCN before ISNI inherently creates a bias. However, it is rarely unhelpful to alert people to discussions taking place on lightly watched pages, even though it means that some of these private little fifedoms gain wider attention. Especially when there are thousands upon thousands of articles that could see a change - small as it might be - if this template were modified. Resolute 16:10, 18 December 2014 (UTC)

Premature editing[edit]

The editing of others' work is generally best done at some distance in time from the original edit (not within minutes, as too often happens), to prevent generating an unnecessary "Edit Conflict" that results in confusion, lost work, contributor frustration and alienation, lost substantive contributor content or editor revisions, and wasted editor time.

On 11:30, 17 December 2014‎, I made some edits to the Wikipedia article "Beechcraft Model 18," then saved them -- then continued editing, saving again at 11:57, 17 December 2014‎, and continuing further editing. Within 10 minutes, while I continued editing, another Wiki contributor jumped in and began editing my edits. Consequently, when I attempted a save a few minutes later, I got one of those ghastly "Edit Conflict" messages, and found it next to impossible to sort out the differences.

While I do NOT like to scrap others' edits without careful review, I simply could not do this again (this "trigger-happy," near-realtime editing has been a continuing problem with edits at Wikipedia, particularly in the aviation field, causing me and other contributors much lost time and effort). I scrapped all the editor's changes, and re-instated my version, with my current edits. That editor, of course, can re-edit my work, and no doubt will.

In the future, it would be considerate and respectful for editors to wait a day before jumping into someone else's edit, and revising it. That might prevent the current deterrence of substantial repeat contributors, over relatively negligible edit issues. And it might keep the editor from wasting his/her time, as well.

Zxtxtxz (talk) 13:14, 17 December 2014 (UTC)Zxtxtxz

If this arises again, then just save your own version (stamp on the other editor), then immediately undo your save from the history, then you can sort it all out at leisure. Once things are in the page history, they won't get lost.
This doesn't quite work for WP:ANI, as that's edited so frequently it's just hard to avoid new conflicts. Andy Dingley (talk) 13:22, 17 December 2014 (UTC)
  • If you often make a series of small edits (usually the best way to minimize the damage from edit conflicts), it is a good idea to put {{In use}} at the top of the page as part of your first edit; just don't forget to remove it when you are done and are making your last edit. :) — {{U|Technical 13}} (etc) 16:01, 17 December 2014 (UTC)
  • Not sure if this'll help but when I hit edit conflicts I simply copy all of the text in "Your text" box and paste it in the above box (wiping out the previous editors edit) then once saved I then add back the edits I wiped if they're legit .... It may piss those off who have added legit edits but if you quickly readd what you wiped it shouldn't be an issue (although it's not advisable to try this on ANI tho!). –Davey2010(talk) 23:59, 18 December 2014 (UTC)

size limit articles[edit]

hello everyone! I would like to propose an extension to the maximum size limit for AD. Now we have the parameter 190kb, but for some very complex articles that limit turns out to be a problem, forcing publishers or save the refs or text. none of this is ideal in editorial terms. I am aware of the possible difficulties of navigation for large pages, but note that this limit will very rarely exceeded. most of our featured nowhere near the limit, and do not believe that this change may cause any appreciable damage browsing, even more than the everyday technology improves and the systems become more agile, while will favor the deployment some good jobs that can not yet be so only by its excessive size. I do not know exactly what we could do if we simply eliminate the concept of maximum size or set a new value. I preferred to leave open, but maybe spend 250 kb would probably solve all cases.191.185.208.14 (talk) 12:22, 18 December 2014 (UTC)

Another idea is to limit my according to the number of simple text characters, not kb. 191.185.208.14 (talk) 12:22, 18 December 2014 (UTC)
as this discussion on the wiki en: Wikipédia:Esplanada/propostas/Mudança no limite de tamanho de artigos destacados (16nov2014) 191.185.208.14 (talk) 12:24, 18 December 2014 (UTC)
The hard limit is 2048kB. Even The Longest User Talk Page Ever™ can't make it close (still halfway to go). Zhaofeng Li [talk... contribs...] 12:38, 18 December 2014 (UTC)
Wikipedia languages make their own policies. This page is for the English Wikipedia. Your suggestion appears to be for the Portuguese Wikipedia so you should discuss it there. I don't know whether they have a policy about maximal article size and I haven't found a technical restriction below the default 2048kB. pt:Special:LongPages shows pages up to 695kB. PrimeHunter (talk) 14:11, 18 December 2014 (UTC)