IP編輯:增強隱私和解決濫用的措施/IP資訊功能

From Meta, a Wikimedia project coordination wiki
This page is a translated version of the page IP Editing: Privacy Enhancement and Abuse Mitigation/IP Info feature and the translation is 33% complete.
Outdated translations are marked like this.

我们的目标是使管理员和其他活跃于反破坏工作的用户及有权限的用户更轻松地获取有关IP地址的信息。

许多维基站内的反破坏工作流十分依赖IP地址所揭露的信息,而IP地址相关的信息又影响编者与未注册用户的互动方式。目前,获取并理解这些信息并不容易。

该项目是我们朝着改善站内反破坏工具的方向迈出的一步。我们希望它会在过渡到IP Masking项目的过程中充分发挥作用。

Problem and solution

When editors want to learn about an IP address, they sometimes need to refer to external, proprietary websites. They often consult more than one website to cross-check the data or to get all the different pieces of information they need to do their work. Often an editor would spend a lot of time and energy looking up the data they want to see. We heard about these issues when we asked users about their workflows.

The idea is to provide this data on the Wikimedia wikis, so that editors wouldn't need to go to external websites. This includes surfacing information like:

  • High-level location information about an IP address
  • Owner of the IP address
  • Whether the IP address is known to be behind a proxy or Tor node
  • Whether the IP address is considered malicious by other websites

状态更新

2022年5月24日

今天,IP信息功能作为测试功能部署到了所有维基

在测试维基上运行该工具之后,我们收到了很多反馈。总结如下:

  • 最重要的反馈是关于Maxmind的数据品质的,尤其是关于代理数据不佳的问题。我们就此联系了Maxmind,同时积极地与Spur沟通以取得他们的数据。一旦我们能够获得Spur的数据,我们就可以将其整合入该工具中,显示来自多个数据源的信息。
  • 我们收到反馈,指出界面存在哪些信息可用性表意不明的问题。我们正在改进标签,就信息本身提供更好的指引。
  • 我们收到一些建议,希望能在工具中包含全域信息,同时允许显示在本地没有编辑的IP的信息。我们会持续研究这两个请求。目前我们已经进行了一些关于显示全域信息的前期调查

我们希望获得更多反馈。在您使用此功能的过程中,请随时留下您的反馈。您的反馈会帮助我们改进它。

Previous updates

2022年4月1日

IP信息功能示例

IP信息功能已作为测试功能部署至测试维基。我们的计划是在测试维基上作初步测试至四月中。之后如果没有发现重大问题,此功能就会部署到所有计划。此功能将继续处于测试阶段。

你在试用此工具时应了解以下情况。

基本与进阶信息对比

IP信息功能有两个层级的权限。自动确认用户可以查看基础信息。具有高级权限(管理员、行政员和用户查核员)可以获取高级信息。高级信息包括城市、州、网络服务提供商(ISP)、所属组织以及基础信息。上方截图中的所有信息都是基础信息。

如果您想在测试维基上试用高级信息,请在讨论页请求临时管理员权限

获取使用权

要启用IP信息功能,用户需要同意免责声明,其内容为“所获取的信息只能用于反破坏的目的”。一旦启用,用户就可以使用IP信息框(日志、页面历史和最近更改)和IP信息弹窗(用户贡献页)。由于法律上的需要,获取IP信息的操作会被日志记录下来。目前只有维基媒体基金会的信任与安全职员可以查看日志。

弹出框 & 信息框

共有两个可以获取IP信息的地方——弹窗和信息框。弹窗方便快速获取指定IP的信息,有助于巡查最近更改、日志和页面历史。完整的信息框则在用户贡献页面。点击弹窗则会跳转到用户贡献页的信息框。

反馈

When the tool is available on all projects there will be a link to provide feedback directly through the feature itself. This will allow for structured feedback to be collected in multiple languages. In the meantime, please reach out to us on the talk page and provide feedback.

我们想了解您的意见,关于:

  • What did you like about this tool?
  • What did you find confusing or missing?
  • How else can we improve this feature?

未来

There are a couple of potential future feature improvements that we have in mind:

  • Identifying and incorporating new streams of information into the feature. This can include sources like Spur that we have discussed in the past. This will also help us get better coverage for IPs in different parts of the world.
  • Bringing this information into CheckUser. Checkusers will benefit from having this key information at their fingertips.

We don’t have a firm timeline for when we will be working on these. We want to ensure the tool is useful in its current state before adding new features. Our top priority is to build a feature that patrollers across different projects use and find helpful.

2021年9月23日

The Anti-Harassment Tools team has recently wrapped up its work on delivering key changes to SecurePoll and assisting with the Wikimedia Foundation Board of Trustees elections 2021. We are back to working on IP Info and hopefully this page will see many more updates in the near future. Since we were gone, here's the big updates on this project:

  • We received MaxMind access. It took longer than anticipated but we finally have access to all the key data we needed.
  • We are currently working on delivering on the mocks we referred to in our last update. One key addition to the data has been the inclusion of a data point indicating whether the IP address is v4 or v6.

2021年3月25日

IP Info product development is well underway. We wanted to take this opportunity to tell you about where we are at and get your feedback on the direction.

User interviews & task model

We conducted user interviews to understand how editors currently patrol IPs. This gave us a rough understanding of the IP patrolling process, information required and tools used. Based on this research we came up with a model of how the task of IP patrolling is usually conducted. After a few rounds of feedback from design, engineers, research and T&S folks here is what we came up with:

IP信息的任务模型的工作流
IP信息的任务模型的工作流

As we understand it now, the IP patrolling process usually starts from RecentChanges, an editor’s Watchlist or from a page that the editor knows gets vandalized often. When looking at the edits of such a page the patroller first looks for clear red flags like edit flooding, lack of edit summary, large deletions etc. They then look for more specific on-wiki information like if the IP has a talk page, if it has ever been blocked in the past, its global and local contributions, and in the case of English Wikipedia, if there is a mention of the IP on the LTA page.

Based on this initial research they decide if an IP is worth looking into further. If it is, they use external tools to find more information about the IP, like: location, proxy usage and organization that the IP might be linked to. This process is not completely accurate since different databases have different information on the same IP. Oftentimes, based on the location of the IP and the location of the IP tool, the information given might be very different.

Finally, based on the information collected they decide which action would be most appropriate. Again, this decision takes into account various factors like the policies of that wiki, the scale of the collateral damage caused by a range block, consistency in editing patterns etc.

Mock-ups

Based on feedback from the first round of user interviews, we have settled on the following product approach.

IP信息以及访问权限者
IP 信息 需要的最低用户权限
位置 管理员 / 用户查核员
互联网服务提供商/域名 管理员 / 用户查核员
自治系统编号 管理员 / 用户查核员
组织 管理员 / 用户查核员
连接方式 自动确认用户
用户类型 自动确认用户
代理信息 自动确认用户
静态 / 动态 自动确认用户
该IP上的用户数量 自动确认用户

Since the patrollers need on-wiki information about the IP before they decide to investigate it we are going to add a popup that shows block and contribution information. The popup would be accessible by clicking an information icon next to the IP address on pages like RecentChanges, Watchlist and History.

If the patroller decides to dig deeper into an IP address by going to their Contributions page, they'll be able to see a collapsible box that shows more IP related information.

Access to information and risk to anonymous editors

By making the IP information so readily available we hope to remove some of the barriers that our non-technical patrollers might be facing in reliably getting this information. At the same time, we hope this streamlines the process for users who are currently relying on external tools. We also recognize that easy access to this information might be putting our anonymous editors at risk, especially because some of the IP information, like location and organization, can easily help in identifying a person.

We need to balance the concerns of ease of use and risk to anonymous editors. To do this we plotted the different pieces of IP information on a graph with Risk on the Y axis and Usefulness to patrolling on the X axis:

Risk vs Usefulness of IP Information
Risk vs Usefulness of IP Information

This exercise wasn't completely scientific and was based on the learnings from research and estimates of the team (please see the questions below if you'd like to contribute). Two possible clusters appeared, the high risk one mostly containing information that could reveal an editor’s location.

We are planning to show all on-wiki information to all editors that are auto-confirmed and above. Auto-confirmed and above editors will also have access to IP information that doesn't reveal possibly personal information about anonymous editors. This would include things like proxy and static/dynamic-ness of the IP. Finally, Admins and Checkusers will have access to more IP information like location, organization and domain.

提问

  • Is there any other information you look at before deciding to investigate an IP?
  • When investigating an IP what kinds of information do you look for? Which page are you likely on when looking for this information?
  • What kinds of IP information do you find most useful?
  • What kinds of IP information when shared, do you think could put our anonymous editors at risk?

2020年11月17日

The project is currently under backend development as we are looking into sources to pull IP Information from and what kind of information we should display and to whom.

Here's a tentative mockup for the feature. We are currently planning to place the information box containing IP address information on the Contributions page of the IP address. We are also planning to break down the information that's visible to the users based on their permissions. All autoconfirmed users and above would be able to access this. This would mean more sensitive information would be accessible to users with advanced permissions like Admins, Checkusers etc.

As you look at this mockup, I'd invite you to think about the following:

  • When do you seek more information about IP addresses?
  • What information is important for you to know?
  • Where do you need to see this information?
  • How do you use this information? What actions do you take based on this information?

Please leave your thoughts on the talk page. It will be very valuable as we plan our work.

2020年5月10日

  • We have done an initial technical investigation into this project. Follow along on phab:T248525.
  • We are currently looking into the various services that provide information about IP addresses. Follow along on phab:T251933.

益处和风险

益处

  • Easier patrolling: Patrollers don't need to copy-paste IP addresses to external tools. They also don't need to extract the information. This means lesser manual work.
  • Faster patrolling: It saves patrollers' time by giving them the information they need readily in the interface.
  • Higher reliability: The Foundation can have contracts with providers of reliable datasets, which are translated and updated regularly. This feature may be more reliable than some websites users were dependent on.

Lower technical barriers: It is useful for new admins and checkusers. Now, they don't need to have a very good understanding of how to extract information from IP addresses.

風險

Privacy risk: Not everyone is aware of what an IP address string reveals. Many people don't know that unregistered editing leaves a fingerprint which can be used to track them. A lot of registered editors do not know this either. This leads to unintentional privacy for unregistered users (Security through obscurity). Depending on who gets to see the information exposed by this feature, there is a risk of more users seeing the data than before.

IP地址信息对社区有何作用?

反破坏相关

Single-address blocks bar a single IP address from editing. Administrators can also block IP ranges. This is helpful for dynamic IPs or covering a small range often used for vandalism. To assess collateral damage, administrators should check the coverage of ranges they intend to block.

How administrators handle certain IP blocks depends on the type of address. For example, they handle an edit from an IP address coming from a residential area differently to an edit from an IP registered to a government. If an IP address is registered to a school or a university, administrators apply dedicated templates. If the institution was blocked before, they instruct how to contact them. Then, they help the institution get around the block. These templates can also be used pre-emptively. The goal may be to clear up potential confusion at receiving messages not meant for the user. Another goal may be to point to features only available to registered users.

The IP blocking workflow relies on some IP information. This usually is the registered organization, geographic location, and autonomous system number. This information comes from third-party IP information providers, with no standard service. There are different degrees of accuracy and reliability.

IP addresses are also used in AbuseFilter to make very specific blocks. The goal is highlight some abuse without disrupting the experience of regular users.

IP information is also used by CheckUsers. In particular, they use it whe they deal with alternate account abuse (sockpuppeting). Their tools allow access to potentially-identifying information tied to accounts. These usually do not have their IP addresses exposed.

Anonymity and anonymous editing

Researchers have attempted to determine the effects of unregistered editing on the projects. They have focused on links between anonymity and vandalism. In principle, unregistered users make large portions of constructive edits. A 2013 study noted that about 100,000 anonymous editors made roughly a third of the edits counted in that month. A 2016 study showed that unregistered users "contribute substantially to overall productivity".

No project has disallowed all unregistered user edits. But unregistered users are restricted in what types of contributions they can make. For example, they cannot start new articles or upload files on most of our projects. What's more, there is no guarantee that the person behind a given IP address will be the same every time. This makes it difficult for unregistered users to communicate. It also prevents them from joining their wikis' communities.

研究

Researchers sometimes use IP addresses to learn about the editing practices of users in a given geographic area. Researchers generally only use aggregate information from IPs.