Talk:Wikimedia Thailand/Digital Security

ขอเสนอให้มีส่วนที่ WM และ/หรือ WMTH มีการเสนอแนวทางว่าเมื่อเกิดกรณีคุกคามขึ้นจะสามารถดำเนินการ/ช่วยเหลือ ฯลฯ อย่างไรได้บ้างครับ ในเมื่อไหน ๆ ก็จะมีผู้เชี่ยวชาญมาร่วมงานอยู่แล้ว

อีกเรื่องคือคิดว่าน่าจะมี partner มาช่วยกระจายข่าวนี้ด้วยครับ ไม่แน่ใจว่าจะมีสื่อมาช่วยขยายเพื่อให้เกิดความตระหนักในประเด็นนี้ด้วยหรือไม่ Horus (talk) 10:01, 17 February 2023 (UTC)[reply]

@Horus, Geonuch, Tanapatjms, and Athikhun.suw: เพิ่งมาเห็นข้อความนะครับ

(1) มีการเสนอแนวทางว่าเมื่อเกิดกรณีคุกคามขึ้นจะสามารถดำเนินการ/ช่วยเหลือ ฯลฯ อย่างไรได้บ้างครับ เสนอถามเป็นคำถามในงานได้ครับ แต่จะมีคำตอบอย่างไร ก็อีกเรื่องหนึ่ง ก่อนหน้านี้ประชุมกันว่าจะไม่อัดเทปเพื่อให้พูดถามตอบได้สบายใจ

(2) น่าจะมี partner มาช่วยกระจายข่าวนี้ด้วยครับ ตอนนี้ยังไม่มีคนลงทะเบียนเลยสักคน จะใช้หน้าประกาศในวิกิพีเดียก็เกรงใจ ผมคงจะยิง talk page เป็นรายคนไปเลย ส่วนก่อนหน้านี้ผมเข้าใจว่า tanapatjms ได้ยิงช่องทาง social media (รวมถึง discord?) ไปแล้ว การจัดงานครั้งนี้ไม่ได้คิดว่าเป็นครั้งสุดท้ายหรือครั้งที่จะเกิด impact ที่สุด มีความคาดหมายว่าเป็นตัวเริ่มเปิด conversation ระหว่างภาคส่วนต่างๆ เท่านั้น ความคาดหมายของ WMF กับคนในชุมชนอาจจะต่างกันและถึงเวลาที่จะได้ลองให้เห็นมุมมองของกันและกันนะครับ ส่วนตัวกลางที่ร่วมการอบรม - Security Matters (SecM) - คือ "partner" ใหม่ที่เราจะได้รับความร่วมมือต่อไป (แม้ว่าทุกคนจะมองร่วมกันว่าสังคมจะได้อะไรบ้างเป็นส่วนหลักอยู่แล้วก็ตาม เพื่อความยั่งยืนของความร่วมมือ ขอให้มองด้วยว่าเราจะให้อะไรเขาได้บ้าง ไม่ใช่มองว่าเรารับอะไรจากเขาได้บ้างแต่ทางเดียว)

--Taweethaも (talk) 03:18, 24 February 2023 (UTC)[reply]

Answer to Question (summarized by G(x))[edit]

1. Affected user may request the content be oversighted if the doxing content is posted on Wikipedia. However, if the doxing is due to the content posted elsewhere, affected user should contact the place of origin itself. Nonetheless, Wikimedians are strongly encouraged not to supply information that may be linked with identities elsewhere. WMF will not entertain the rename request as a result of doxing due to the linking of identities happening elsewhere with Wikimedia identities.
2. Affected user may contact Human Rights Team, who will be able to liaise with organizations/attorneys representing the editors in the particular jurisdiction to provide necessary support.
3. Users are not required to provide personal information. It is strongly encouraged that the username is not linked to the identity elsewhere, and even email address is optional. Other than the username, it is user's responsibility to be mindful of the content posted.
4. A pop-up question during the seminar: For a site as large as Wikimedia, why 2FA is considered a beta feature that must be enrolled and approved, in contrast to the general availability by other websites?

   Answer: The 2FA is in Beta stage and cannot be fully implemented as it involves a complicated codebase in MediaWiki, and 2FA is not considered an issue of priority. There are multiple wishlist items (1 and RfC in 2017, 2 in 2019, and the rejection rationale in 2019), but so far the progress is stalled (see T166622).

Thank you, G(x). Unfortunately, this is 2017 and 2019 votes and we cannot cast our vote now. A reason appears to be human resource to support 2FA. (1) If the proposal are open for vote in the future, we should be able to bring concerned people from the Thai community to voice their support. (2) If anyone donates to WMF and be able to put a donor message, 2FA can be your message to WMF. --Taweethaも (talk) 07:42, 4 March 2023 (UTC)[reply]

I would like to note that 2FA has been brought again in 2021 wishlist, and one of its software engineer simply noted that it is "too daunting", then closed it while referring to 2019 rationale of rejection. Any attempt to have 2FA issues being considered is probably moot if it has been consistently discussed and rejected several times before due to its lack of viable implementation (strangely, WMF did require certain permissions to have 2FA enabled when 2FA itself is not considered a finished feature). Therefore, even with the large support of the community, if the team do not consider it a matter of priority, then it's probably safe to say that its progress will continue to stall for the foreseeable future. --G(x) (talk) 08:39, 4 March 2023 (UTC)[reply]

• คุณทราบเกี่ยวกับกิจกรรมนี้จากช่องทางใด How did you know about this event?
• คุณได้เรียนรู้อะไรจากกิจกรรมนี้ (หากมีคำถามคำตอบที่คุณถามหรือคิดว่าน่าสนใจกรุณาเขียนไว้เพื่อเป็นหลักฐานสาธารณะ) What did you learn from this event? (If you asked a questions or you are interested in any of the questions/answers, put it here for public record)
• คุณต้องการให้จัดกิจกรรมเช่นนี้อีกในอนาคตหรือไม่ Do you want this kind of event in the future?
• ข้อเสนอแนะนสำหรับการปรับปรุง Suggestions for improvement

1. แบบสอบถามชุมชนจาก Google Forms แจกก่อนเริ่มและหลังสิ้นสุดกิจกรรม / ปิดวันจันทร์เช้า

แบบสอบถามชุมชนจาก Google Forms - เสาร์

1. ทราบด้วยตัวเอง, ปกป้องความเป็นส่วนตัว, ใช่, ไม่มี
2. จากอาจารย์, How to protect your privacy like create a strong password., ใช่, -

แบบสอบถามชุมชนจาก Google Forms - อาทิตย์

1. Facebook Page, -, ใช่, -
2. Comment from G(x): Self-aware (promotion in WMTH's Discord Server) / WMF's stance on Protection of Individuals from Threats to Users (Question is posted on the Main Page and Summary Above) / Yes / These topics usually require more than an hour to get a full understanding and depiction of examples, so it should take much longer time (probably 2-3 hours).

2. แบบสอบถามจากชั้นเรียน ปิดวันศุกร์ในชั้นเรียน (นักศึกษารวม 34 คน ตอบแบบสอบถาม 25 คน)

• What did you learn from this event?

1. I learn about how to keep my internet save and the threat of it.
2. I learned about how Wiki corporation work and data security in Thailand and other countries' perspectives.
3. I arrived quite late, at the starting of Mr. Ivan's presentation, There's a lot of information about meta data involvement in the Wikimedians and how to utilized them. After the presentation, I can see the actual evidence and utilization of meta data in a real world. Which is useful in some application but also frightening. Perhaps, the only thing I want to know is "What's the most common form of meta-data exploitation? Especially, for common people (not a renowned people) as for me I'm just a typical students, what kind of exploitation would a person like me should be expected if my data is exposed?
4. I asked a question about privacy issues such as password manager if you were to get hack you would lose all your accounts since the password manager saved all your login information.
5. I enjoyed new information about wikimedia, which I have heard of it but don't really study. I feel excited that the encyclopedia will be more secure as P'Max mentioned and anonymity will be applied to protect the editors. / However, I have wondered a bit that is there how to check whether the information is trustworthy or not? Is there a way to check credibility of the author or are there measures to ensure the correct information.
6. I answer a question that the Wikimedia team asked like if we don't use the real name as the username, can others still identify us, I said yes by looking at the metadata.
7. The new things that I really learn from this is I always set my password as 1 passwords for all websites and all accounts and i also include my personal information in my password, after this event I immediately change my password!!!!
8. The event that I attended really help me understand more about the subject by the example that the presenter provide. The example the presenter explain to me on that help me be more aware using the internet and see show dangerous a simple click can do.
9. I just learned that there is a foundation (Wikimedia) for Wikipedia and the fact that there is an harassment happened to the volunteers.
10. I have learned a lot about how the digital world can be a threat to our lives. There are many ways that governments can access our digital data and ways that it can affect us. I think this kind of event is quite interesting and useful for the young generation that can easily access the internet, because if you use it in the wrong way or don't know what can go wrong for you by just using social media, it might be dangerous to you and others.
11. -
12. I have learnt more about how to protect my private data in online platform. For example, how to create password to br more stronger and how to solve the problem of call center.
13. From this particular event, I have learned numerous details about data security in Thailand and also some other countries. For instance; I have known many new aspects about whether how one country has freedom of speech on the internet or not.
14. -
15. I learned that there is various way our information can get leaked by using the internet. I did ask questions about how we know we might get tracked on our IP address or way to prevent it. The answer is quite hard to say that you would easily notice when your IP address is being tracked, but the best way is to use VPN to seal your real address or don't accept cookies that are suspicious.
16. The main thing I learned from the event is how hard Thailand is working on protecting citizen's data. Many people may think that Thailand is very behind when it comes to technology, and software when it comes to privacy, but they are making huge progresses which is important to acknowledge.
17. I learn about digital foot print and other information that can connect to my personal information. Also first time that realized that Thailand has no freedom of use internet
18. The main thing I learned from this event is the impact of the Wikimedia movement on information availability worldwide, together with the ease of accessing as well as sharing information on the platform in this regard. Given that information restriction as well as censorship have been highly debated topics in the global scene recently, this highlights the place of the Wikimedia movement in the sphere of information availability and transparency, and I think that the event covered this topic really well. / I think this event should definitely be hosted again in the future, as I feel it is a very useful and informative overview about the extents and limits of the freedom of information, especially considering the current era of technology both now and in the years to come."
19. I did not understand anything from the talk since it was in Thai.
20. I have learned the different level of how open each country's online environment is. This kind of event are definitely welcomed in the future.
21. I have learned many things about IP addresses. The topic I am interested in the most is the password part, because I always have real life problems in forgetting or changing my passwords.
22. Obviously, what I learned on Sunday was a wealth of useful knowledge. For example, when it comes to asserting oneself online, Thailand is not particularly welcoming. Knowing that nearby nations have the freedom to express themselves made me recognize this as well. Including different Wikipedia stories, material used, and so on.
23. I am learning about other countries' privacy issues, as well as the fact that even if we are anonymous online, everyone can identify us via our IP address, and I have learned about many interesting topics such as wiki data, personal data, and digital footprint.
24. I learned about Wikimedia and various types of digital threats.
25. I learn about many important factors about digital security privacy which I never known before

• Do you want this kind of event in the future?

1. Yes 23/25 and No 2/25

• Suggestions for improvement

1. -
2. My suggestions would be providing a game for participants, so that the lesson would be more fascinating and gaining more engagement from the participants.
3. In term of content, no. Due to the zoom meeting + class (audio system) it's quite hard to understand sometimes.
4. -
5. I think that tge voice of presenter is quite monotonic, so it will be great if the presenter can show his face and have more dynamic voice so that the audience can hear clearly and have the right mood.
6. I think if people in the room are suddenly silent or do not really participate, the speaker team can use like menti , quizlet something to make them participate more also for me the sound from the speaker is not really clear so it is hard for me to catch the detail like there is one speaker that speaks faster than other and I did not clear it that clearly (maybe it is technical problem and my English skill)
7. I think it’s can be better by use some game to engage the participants
8. Create a quizlet making more connection to the audience
9. Should not distance everyone in class because it makes the connection and relation slightly disappear.
10. My suggestion would be to improve the sound quality and have more time to discuss in class.
11. -
12. I suggest that the event should be on weekday after 16.00 .
13. ?
14. Quality of the audio, some time the network. 
15. I think the time for the seminar should be a little longer.
16. My suggestion would be that all the coordinators to be present in front of students and make it a more interactive fun class to keep students engaged.
17. Sometimes it was hard to listen to voice
18. I think that the event could be improved a bit by being slightly more engaging for the audience, such as providing some activities or exercises that could help the audience apply what they have learnt, so there is a bit of practical engagement alongside lecturing and discussion.
19. I would prefer hands-on activities in the future. It will be better if the talk was only in English since I had another exam on Sunday and I could not participate for the talk that was in English.
20. One thing for improvement is that the event is in Thai on the day I participated, I couldn't understand most of the lesson.
21. -
22. -
23. Personally, I want a separate day between the presentation day and event day because we tend to worry about presentations after.
24. -
25. I want the instructor to teach the student in person instead of using zoom, because it is harder to ask question and to understand.

1. มีอาสาสมัครจากชุมชนเข้าร่วมเพียง 4 ราย ไม่รวมผู้จัด 2 ราย ผู้ที่เข้าร่วมไม่ได้เป็นบุคคลกลุ่มเดียวกับที่ร้องขอความช่วยเหลืออันเนื่องมาจากการคุกคามเมื่อกลางปี 2565 / การจัดงานอาจไม่ทันท่วงทีหรือทันเหตุการณ์เท่าที่อาสาสมัครที่กำลังเดือดร้อนต้องการ / ผู้จัดการประกวดภาพถ่ายหรือการประกวดอื่นที่จำเป็นต้องดูแลข้อมูลส่วนบุคคลของอาสาสมัครไม่ได้เข้าร่วมกิจกรรม
2. นักศึกษาเข้าร่วม 34 ราย แต่ตอบแบบสอบถามเพียง 25 ราย สรุปว่าอยากให้จัดกิจกรรม (1) onsite (2) interactive และ (3) มีระยะเวลายาวนานขึ้น ในวันธรรมดาเช่น 16:00-18:00 น. / (เสียงในห้องวันเสาร์มีขาดหายไปช่วงหนึ่งเพราะว่าสายสัญญาณเสียงไม่แน่น นอกนั้นก็เรียบร้อยดี / ห้องเรียนจัดอยู่ในสภาพห้องสอบทำให้เก้าอี้วางอยู่ห่างกัน)
3. ความร่วมมือเพิ่มเติมกับวิทยากรมีสามประเด็นคือ
   1. Asia-Pacific Digital Rights Festival 2023 - จะเชิญอาสาสมัครที่เข้าร่วมกิจกรรมนี้หรือเคยเข้าร่วมกระบวนการอภิปรายในช่วงปี 2565 ไปร่วมโดยให้วิทยากรเป็น mentor - @Athikhun.suw: เป็นผู้ประสานงานหลัก
   2. Girls in ICT Day Thailand 2023 event / WikiCamp 2023 - ขอเชิญวิทยากรไปร่วม
   3. Grants:Programs/Wikimedia Research & Technology Fund/Wikimedia Research Fund และ https://diff.wikimedia.org/2021/10/25/launch-of-the-wikimedia-alliances-fund/ - ขอเชิญวิทยากรสมัครขอรับทุน
   4. Wikimania 2023 - จะเชิญวิทยากรไปร่วม - @Athikhun.suw: เป็นผู้ประสานงานหลัก

--Taweethaも (talk) 05:41, 4 March 2023 (UTC)[reply]