User:Geo Swan/The Unlocked policy vulnerability

From Meta, a Wikimedia project coordination wiki
(English) This is an essay. It expresses the opinions and ideas of some Wikimedians but may not have wide support. This is not policy on Meta, but it may be a policy or guideline on other Wikimedia projects. Feel free to update this page as needed, or use the discussion page to propose major changes.
Translate

The Unlocked policy vulnerability[edit]

WMF projects all share having complicated sets of policies that are in a constant state of flux.

In my opinion a huge vulnerability affects every WMF project I have participated in. The wording of those policies are open to casual editing, by, well, anyone.

Some years ago a very unpleasant person thundered at me, paraphrasing from memory: "how dare you! Don't you know BLP says XYZ?"

No, I did not know it said that, but sure enough, when I checked, it did say "XYZ".

I was sure it hadn't said XYZ when I had first read through the entire thing, five years earlier, when BLP became a policy. I checked. It had not. It hadn't said it 2.5 years prior to that day either. Nor had it said it a year, or a bit more than a year previously. Maybe there is a tool that can figure out who first added a specific passage to an article or a policy? If so I don't know that tool.

There were over 1000 edits to BLP, between when it did not contain the XYZ passage, and when it did contain the passage. There was nothing on Talk:BLP, showing there had been a discussion to add that major revision. Well what about the edit summaries of those 1000 edits? Did any of them contain a clue that someone felt authorized to make that major revision? Nope.

What I found, when I looked at the edit summaries, and a couple dozen of the actual edits, is that they gave the surface appearance of a bunch of people discovering what they regarded relatively minor errors to the spelling, punctuation or sentence structure of the policy, who had gone in, on their sole judgment, to correct what they represented as errors. Sadly, some wikipedians are barely literate, and their notion of what is a error in grammar that needs correction is highly unreliable.

I had, by that time, realized that there were some deep vandals on en.wiki - individuals who were prepared to make thousands of innocuous policy compliant edits, so they could apply to be administrators, or just be trusted, so they could occasionally stick their oar in, cause chaos. I know of at least two en.wiki administrators who used sockpuppetry to apply for administratorships under two separate wiki-IDs. One got away with it, two wiki-IDs granted administratorships.

A small clique of POV pushers could plot out a policy change, and agree that each of them would make one of a series of tiny edits to BLP, each of which looked like someone making an apparently good faith tiny fix to what they saw as bad grammar, but which, taken as a whole, did make a significant change to policy. And, in a case like this, what you would get was a stealth policy change, from a small group of vandals, or a small group of zealots.

This vulnerability chills me, when I think about it.

This is a slight rewording of the last half of this comment from 2022-03-01. Geo Swan (talk) 01:25, 11 November 2022 (UTC)

Retrieved from "https://meta.wikimedia.org/w/index.php?title=User:Geo_Swan/The_Unlocked_policy_vulnerability&oldid=25074164"