[00:11:25] <PuppyKun>	 !m Sigyn 
[00:11:25] <[d__d]>	 You're doing good work, Sigyn!
[00:48:18] <labster>	 Good morning, #miraheze
[00:49:07] <JohnLewis>	  morning
[00:53:38] <labster>	 Now that I'm back, I'm getting the feeling that Miraheze needs to run a real fundraiser soon.
[00:54:25] <labster>	 I'm thinking of just running a banner that says "If everyone who reads this gave $1000, our fundraiser would be over in 1 minute"
[00:58:38] <labster>	 I've never actually run a fundraiser before, so I'm not really sure what's involved.  Should it just be us bugging people for money through banners, or should we try to cafepress some merch?
[01:15:29] <Wiki-1776>	 Hello labster :)
[01:35:31] <PuppyKun>	 labster: orain coffee cup when
[05:18:11] <MH-Discord>	 <sau226> Oops I did not know that when patreon approves a page it goes live automatically
[05:18:16] <MH-Discord>	 <sau226> and that approval is automatic
[05:58:17] <Not-d1e4>	 [02miraheze/ssl] 07MirahezeSSLBot pushed 031 commit to 03master [+0/-0/±1] 13https://git.io/fAqSl
[05:58:19] <Not-d1e4>	 [02miraheze/ssl] 07MirahezeSSLBot 036105e0c - Bot: Update SSL cert for wiki.gtsc.vn
[08:43:06] <Reception123>	 !log sudo -u www-data php /srv/mediawiki/w/maintenance/importDump.php --wiki=rottenwebsiteswiki /home/reception/rottenwebsites_pages_full.xml on mw3
[08:43:10] <MirahezeLogbot>	 Logged the message at https://meta.miraheze.org/wiki/Tech:Server_admin_log, Master
[15:34:42] <Wiki-1776>	 Hola!
[15:35:35] <Reception123>	 hola Wiki-1776 
[16:52:24] <PuppyKun>	 Hi Voidwalker 
[16:52:29] <Voidwalker>	 hi
[16:58:25] <Reception123>	 hi
[17:09:35] <Not-d1e4>	 [02miraheze/MatomoAnalytics] 07JohnFLewis pushed 031 commit to 03master [+0/-0/±1] 13https://git.io/fAmTI
[17:09:37] <Not-d1e4>	 [02miraheze/MatomoAnalytics] 07JohnFLewis 032bb49e9 - fix device->devices in case
[17:10:37] <Not-d1e4>	 [02miraheze/mediawiki] 07JohnFLewis pushed 031 commit to 03REL1_31 [+0/-0/±1] 13https://git.io/fAmTL
[17:10:38] <Not-d1e4>	 [02miraheze/mediawiki] 07JohnFLewis 038be35b3 - update MA
[17:48:24] <Reception123>	 Just telling everyone (even though this is a sitenotice), Special:Analytics is live!
[18:00:35] <JohnLewis>	 (and has been since August 8th :D)
[18:02:12] <Reception123>	 yeah, fun fact :P
[18:27:38] <AmandaCatherine>	 Hello
[18:28:35] <Wiki-1776>	 Hi
[18:29:24] <AmandaCatherine>	 Hmm.. labster is back
[18:29:32] <AmandaCatherine>	 Hi Wiki-1776
[18:30:56] <Reception123>	 AmandaCatherine: hi. Have you seen Special:Analytics?
[18:31:07] * AmandaCatherine looks
[18:32:12] <AmandaCatherine>	 Reception123: interesting
[18:32:25] <AmandaCatherine>	 Although, why are the fields titled “⧼-matomoanalytics-form-stat1⧽” and “⧼-matomoanalytics-form-stat2⧽”
[18:32:38] <Reception123>	 ask the creator, John :)
[18:33:01] <AmandaCatherine>	 Looks like there is supposed to be a real title there, like something that can be set with MediaWiki pages
[18:33:06] <AmandaCatherine>	 JohnLewis ^
[18:33:32] <JohnLewis>	 because I don't know
[18:33:41] <JohnLewis>	 there isn't supposed to be a -
[18:33:48] <JohnLewis>	 and I don't know why it is there
[18:34:05] <AmandaCatherine>	 It’s there because there is supposed to be a title for each form result
[18:34:07] <AmandaCatherine>	 That much I know
[18:34:24] <AmandaCatherine>	 But how to make it a real word (i.e “Stats form 1”)... ?
[18:34:24] <JohnLewis>	 no, I mean the -
[18:34:44] <AmandaCatherine>	 Oh, I was talking about the title in general
[18:35:06] <JohnLewis>	 I know, and I'm talking about the thing that is stopping the title showing
[18:35:17] <AmandaCatherine>	 It looks like erroneous output for something that should be set and isn’t set in MediaWiki pages
[18:38:35] <Not-d1e4>	 [02mw-config] 07Amanda-Catherine opened pull request 03#2395: Re-enable DSN on weatherwiki - 13https://git.io/fAmLI
[18:38:49] <AmandaCatherine>	 JohnLewis / Reception123 ^
[18:39:17] <Not-d1e4>	 [02mw-config] 07JohnFLewis closed pull request 03#2395: Re-enable DSN on weatherwiki - 13https://git.io/fAmLI
[18:39:18] <Not-d1e4>	 [02miraheze/mw-config] 07JohnFLewis pushed 032 commits to 03master [+0/-0/±2] 13https://git.io/fAmLL
[18:39:20] <Not-d1e4>	 [02miraheze/mw-config] 07Amanda-Catherine 0336b6138 - Re-enable DSN on weatherwiki I don’t like not being able to close the global site notice, and I haven’t needed to use a local sitenotice yet
[18:39:21] <Not-d1e4>	 [02miraheze/mw-config] 07JohnFLewis 038b01301 - Merge pull request #2395 from Amanda-Catherine/patch-3 Re-enable DSN on weatherwiki
[18:39:44] <AmandaCatherine>	 Shouldn’t DSN be on ManageWikiExtensions?
[18:40:25] <Reception123>	 not really, since the default is true, and it's a global extension pretty much
[18:41:04] <AmandaCatherine>	 Wouldn’t it be possible to have an extension on ManageWikiExtensions with the checkbox checked by default?
[18:41:41] <AmandaCatherine>	 In most cases dismissing the sitenotice is okay, but if I ever needed a local sitenotice, I wouldn’t want that being closed since I’d only use it for extremely important or urgent things
[18:48:15] <JohnLewis>	 moving global extensions to ManageWiki is part of the massive list of "things that should be done but aren't"
[18:48:43] <Reception123>	 and the way I see it, DismissableSiteNotice is to be used to dismiss a sitenotice *after reading* not to not read
[18:48:49] <Reception123>	 so presumably, people would see your sitenotice first
[18:49:56] <AmandaCatherine>	 It’s happened elsewhere - the sitenotice said something about scheduled downtime for maintenance, but nobody read it and therefore everyone started complaining about a crash
[18:50:11] <Reception123>	 was that because of DSN?
[18:50:28] <AmandaCatherine>	 Pretty sure it was
[18:50:40] <AmandaCatherine>	 Because if you can’t get rid of something, it’s harder to ignore
[18:50:53] <Wiki-1776>	 There were times when I couldn't see the Sitenotice
[18:52:57] <Reception123>	 AmandaCatherine: well if people do that, it's their problem really, the sitenotice was there
[18:53:07] <Reception123>	 and dismiss is a button you click after reading, not before
[18:54:02] <Reception123>	 and there's only a few global extensions that one might want to disable
[18:54:13] <Reception123>	 there's also some extensions which are not opt-out and must be enabled on all wikis
[18:54:21] <AmandaCatherine>	 Correction: and dismiss is a button you *should* click after reading, not before
[18:54:40] <AmandaCatherine>	 Reception123: extensions such as?
[18:58:57] <Reception123>	 AmandaCatherine: A whole list. CheckUser, AbuseFilter, ConfirmEdit, etc.
[18:59:58] <AmandaCatherine>	 IMHO stuff like CheckUser and AbuseFilter should be opt-outable. Things like ConfirmEdit which has multiple different versions should be up for discretion for individual wikis which CAPTCHA they want to use
[19:00:34] <Reception123>	 AmandaCatherine: I strongly disagree
[19:01:01] <Reception123>	 Especially CheckUser. Stewards must be able to investigate claims of abuse on any wiki
[19:01:42] <AmandaCatherine>	 But they shouldn’t be able to do so without a request (which I’ve seen a couple of times recently)
[19:02:14] <Reception123>	 AmandaCatherine: please provide examples. And a request by whom?
[19:02:17] <AmandaCatherine>	 If a wiki is private, spam and vandalism is going to be minimized to almost none, and therefore they won’t need things like AbuseFilter and CAPTCHA
[19:02:36] <Reception123>	 yes, but it is always possible that there is abuse, and that needs to be investigated throughout the farm
[19:02:47] <AmandaCatherine>	 Reception123: IMHO CheckUser should not be run on any wiki except Meta or loginwiki without a request from a local admin or crat
[19:02:48] <Reception123>	 AmandaCatherine: CAPTCHA is also definitely not going, due to login accros wikis
[19:03:03] <Reception123>	 if captcha doesn't work on one wiki, spammers and anyone can use that wiki to get into Miraheze
[19:03:12] <AmandaCatherine>	 I didn’t say CAPTCHA needs to go, I just said wikis should be able to choose which CAPTCHA they want to use
[19:03:16] <AmandaCatherine>	 There are like four different options
[19:03:34] <Reception123>	 I'd disagree with that, if there is a clear sign of abuse, it should be investigated
[19:04:02] <AmandaCatherine>	 But different communities will define “clear sign of abuse” differently
[19:04:06] <Reception123>	 AmandaCatherine: that could present a security issue
[19:04:12] <Reception123>	 having different CAPTCHA 
[19:04:38] <Reception123>	 AmandaCatherine: well, if they don't want it, they can request a policy change
[19:04:45] <Reception123>	 Stewards are community elected posts
[19:04:52] <Reception123>	 Stewards represent the communities interest
[19:05:25] <AmandaCatherine>	 So if a steward thinks that there is “clear sign of abuse” but the local community/admins/crats don’t agree, I’d assume that they be obligated to honor the local com
[19:05:35] <Reception123>	 AmandaCatherine: then of course there's also ManageWiki, MirahezeMagic, etc. which stay
[19:05:51] <AmandaCatherine>	 ManageWiki and MirahezeMagic etc definitely should stay
[19:06:00] <Reception123>	 AmandaCatherine: well if the community says "no, we don't want a CU" then yeah, I'd imagine a steward would not go ahead with it
[19:06:07] <Reception123>	 but as I am not one, I cannot speak for stewards
[19:06:38] <AmandaCatherine>	 But seriously, why would private wikis that won’t have any spam or vandalism need things like AbuseFilter, CAPTCHA, TorBlock, etc
[19:06:41] <Reception123>	 and I'd have reasons for AbuseFilter to stay too
[19:07:10] <Reception123>	 AmandaCatherine: CAPTCHA, I've explained, people can still log into private wikis
[19:07:29] <AmandaCatherine>	 But they can’t read them and therefore can’t spam them
[19:07:32] <Reception123>	 AbuseFilter meh I guess if it's a private wiki it could be disabled, but why bother? What does it do?
[19:07:39] <Reception123>	 It can have no negative effects on the wiki
[19:08:04] <AmandaCatherine>	 Doesn’t each extension take up server/database space?
[19:08:07] <Reception123>	 there's no point in doing all this, when AbuseFilter can just stay there and be unused 
[19:08:23] <Reception123>	 AmandaCatherine: database space is another question, JohnLewis needs to get SQL to be per-wiki
[19:08:33] <Reception123>	 and db space will already be significantly reduced 
[19:08:53] <Reception123>	 AmandaCatherine: server space other than db no, there's one file for each extension
[19:08:54] <AmandaCatherine>	 But doesn’t the more extensions you load, the more stress you put on the db?
[19:08:57] <Reception123>	 file = dir*
[19:09:20] <Reception123>	 AmandaCatherine: Yes, but it's nothing significant to remove one extension from a wiki
[19:09:31] <Reception123>	 and it's too much work for too little effect
[19:09:42] <Reception123>	 when there's way higher priorities for ManageWiki
[19:09:48] <AmandaCatherine>	 But it probably would be significant to remove it from the global and have it per-wiki enables
[19:09:56] <AmandaCatherine>	 Which just takes a GitHub commit
[19:10:09] <Reception123>	 That is definitely not happening
[19:10:18] <JohnLewis>	 Reception123: I need to what?
[19:10:20] <Reception123>	 Worst case scenario would be opt-out, but opt-in is definitely not going to happen
[19:10:22] <AmandaCatherine>	 Meh
[19:10:34] <Reception123>	 JohnLewis: https://phabricator.miraheze.org/T3322
[19:10:36] <ZppixBot>	 Title: [ ⚓ T3322 Extension installation on ManageWiki level ] - phabricator.miraheze.org
[19:10:45] <JohnLewis>	 ohhh that
[19:10:53] <AmandaCatherine>	 Going through https://github.com/miraheze/mw-config/blob/master/GlobalExtensions.php the vast majority of those IMHO don’t need to be global
[19:10:53] <ZppixBot>	 Title: [ mw-config/GlobalExtensions.php at master · miraheze/mw-config · GitHub ] - github.com
[19:10:54] <JohnLewis>	 what's the implication of that on this discussion though?
[19:11:09] <Reception123>	 JohnLewis: because it would reduce db space significantly 
[19:11:28] <Reception123>	 AmandaCatherine: some of them are global because they are just very requested
[19:11:34] <JohnLewis>	 well yeah but isn't this chat about the global nature of extensions and why some/some shouldn't be in ManageWiki?
[19:11:41] <Reception123>	 AmandaCatherine: if Parsoid could be enabled easier, VisualEditor would be global
[19:11:46] <JohnLewis>	 (which in my opinion, all non necessary to functioning should be)
[19:11:50] <AmandaCatherine>	 But I don’t want VE on my wiki
[19:11:55] <JohnLewis>	 Reception123: technically we can make it global now
[19:12:09] <JohnLewis>	 and 10 minutes after a wiki is made, it'll work
[19:12:16] <Reception123>	 JohnLewis: yeah, but then the bot would need to add wikis every time they are created
[19:12:31] <AmandaCatherine>	 JohnLewis: does that mean that in your opinion, all extensions that won’t break something if disabled should be optional in ManageWiki?
[19:12:36] <JohnLewis>	 as opposed to the bot adding and removing wikis everytime someone changes it :)
[19:12:37] <paladox>	 But then that would put huge issues on parsoid
[19:12:39] <Reception123>	 JohnLewis: well, there would definitely have to be a discussion on that. But personally, I'd strongly disagree to disabling CheckUser. AbuseFilter maybe..
[19:12:44] <paladox>	 (Memory)
[19:12:50] <paladox>	 If we enabled it for all wikis 
[19:13:01] <JohnLewis>	 Reception123: well... yeah... that's why I said "non-necessary"
[19:13:17] <Reception123>	 JohnLewis: well, Amanda believes AbuseFilter is non-necessary, so it depends on your definition :)
[19:13:29] <JohnLewis>	 anything used in a global perspective is necessary
[19:13:48] <Reception123>	 I'm perfectly fine with not forcing people to use stuff like Thanks, Poem, InputBox, Gadgets
[19:13:50] <JohnLewis>	 so AbuseFilter, CheckUser etc.
[19:13:53] <Reception123>	 those are really not necessary 
[19:14:06] <Reception123>	 but anything to combat spam/abuse or anything required (CA, etc.) stays IMO
[19:14:17] <JohnLewis>	 paladox: but that's basically what we're at now :P
[19:14:23] <Reception123>	 and CookieWarning, for legal reasons must stay too of course
[19:14:34] <JohnLewis>	 yes, again "non-necessary"
[19:14:46] <Reception123>	 JohnLewis: if we do globally enabled, I'm getting rid of IRC notifications for that repo :P
[19:14:47] <paladox>	 JohnLewis: what do you mean?
[19:14:49] <Reception123>	 *do get it
[19:14:54] <paladox>	 Misc3 looks ok 
[19:15:13] <JohnLewis>	 paladox: tomorrow, every wiki could have it
[19:15:20] <JohnLewis>	 if everyone enables it right now :)
[19:15:23] <paladox>	 JohnLewis: Lol
[19:16:15] <paladox>	 Reception123: lolololol
[19:16:21] <JohnLewis>	 AmandaCatherine: yes, we've been liberal in the past for moving stuff global
[19:16:28] <paladox>	 JohnLewis: too late :D
[19:16:29] <JohnLewis>	 well good timing there
[19:17:03] <Reception123>	 I hate it when that happens, I just send a message but one second later the person leaves
[19:17:07] <Reception123>	 it has happened many times 
[19:17:16] <paladox>	 Heh
[19:17:50] <paladox>	 I’m off to brewers fayre:D
[19:19:19] <JohnLewis>	 Reception123: but as many exts should be decentralised as possible
[19:23:52] <Reception123>	 yeah, when possible
[19:24:44] <AmandaCatherine>	 Sorry, VPN server crashed
[19:27:20] <AmandaCatherine>	 Anyway, my definition of “non-necessary” is “if not having this extension won’t break anything, it’s not necessary”
[19:28:10] <MH-Discord>	 <CnocBride> Did any of you system administrators see the Semantic Mediawiki RfC?
[19:28:17] <JohnLewis>	 yes
[19:28:31] <MH-Discord>	 <CnocBride> I presume it's still not feasible or has the situation changed?
[19:28:37] <AmandaCatherine>	 JohnLewis ^^^
[19:28:38] <JohnLewis>	 it's always been possible
[19:29:37] <MH-Discord>	 <CnocBride> "In T452#5946, @John wrote: SMW is not feasible (like Wikibase) and unless things have changed, we agreed not to approach the extension for use on wikis because of the complexity of configuration and how much it changes MediaWiki as a default."
[19:29:42] <MH-Discord>	 <CnocBride> Does this still stand in the way, do you think?
[19:29:59] <JohnLewis>	 we used that as the reason for why we won't
[19:30:11] <JohnLewis>	 but with ManageWiki, it's come possible and with work, always was
[19:30:25] <JohnLewis>	 but we had the issue that people request wikis and complex extensions, then don't use it
[19:30:47] <JohnLewis>	 and investing the hours into something people just won't use is unreasonable. Then when we grew, it just stuck as a reason.
[19:31:07] <AmandaCatherine>	 Anti-spam extensions being disabled on wikis where spam won’t happen (private) isn’t going to break anything
[19:31:31] <JohnLewis>	 ConfirmEdit will never be optional
[19:31:39] <JohnLewis>	 and ReCaptchaNoCaptcha will never be optional
[19:31:50] <AmandaCatherine>	 On the contrary, localizing things like CentralAuth and MirahezeMagic will break something
[19:32:11] <AmandaCatherine>	 There are some browsers where ReCaptchaNoCaptcha doesn’t work
[19:32:38] <AmandaCatherine>	 (i.e. it will always tell you the CAPTCHA is incorrect, even if it is correct)
[19:32:41] <JohnLewis>	 then we don't support that browser
[19:34:56] <AmandaCatherine>	 Been there done that - I’ve had to debug issues where sysadmins and webmasters got locked out of things because whatever anti-spam tool they were using conflicted with either the browser or the software
[19:37:20] <AmandaCatherine>	 And I’ve recently noticed that CU has being used for what appears to be checking every single VOA or SOA that pops up
[19:38:19] <AmandaCatherine>	 IMHO checks should only be used to stop disruptive sock puppetry, to check for possible compromised accounts, or to stop potential malware/viruses
[19:40:29] <JohnLewis>	 the checks are legitimate
[19:40:52] <JohnLewis>	 esp with the lack of an official CU policy, the standards we've adopted have this as appropriate use of the tool
[19:49:03] <AmandaCatherine>	 See, I don’t think that checking every single VOA/SOA that shows up at random is “legitimate” or “appropriate”
[19:49:39] <AmandaCatherine>	 I think we need a CU policy that restricts the use of the tool to highly suspected sock puppetry, primarily
[19:49:44] <JohnLewis>	 when it comes to preventing further vandalism, it is
[19:50:18] <JohnLewis>	 esp when we don't CU every account when it happens, we wait and in fact a few of the VOA/SOA lately are connected
[19:50:38] <AmandaCatherine>	 Frequently, vandals, especially semi-automated vandals will just change IPs each time
[19:50:47] <JohnLewis>	 and CU allows us to range block
[19:50:56] <AmandaCatherine>	 So blocking ranges isn’t stopping them
[19:51:18] <JohnLewis>	 if what we're doing wasn't effective, we wouldn't do it.
[19:51:25] <JohnLewis>	 because it would just waste our time
[19:52:12] <AmandaCatherine>	 One vandal shows up, gets blocked and their range blocked. 24 hours later, the same vandal returns under a completely different range
[19:52:29] <AmandaCatherine>	 Rangeblocking didn’t stop them
[19:52:33] <JohnLewis>	 because we didn't block that range
[19:52:44] <JohnLewis>	 it's really not difficult to keep cycling until you get an IP out of the range
[19:53:14] <AmandaCatherine>	 But some proxies etc will completely change ranges each time
[19:53:18] <AmandaCatherine>	 Not just IPs
[19:53:21] <JohnLewis>	 and if they're web hosts, we the and block the whole webhost
[19:53:24] <JohnLewis>	 *try and
[19:53:49] <JohnLewis>	 indeed. once we know the proxies, we'll block the whole porxies IP range if it's abused
[19:54:24] <AmandaCatherine>	 Some proxies have multiple ranges
[19:54:29] <AmandaCatherine>	 In fact, many do
[19:54:35] <JohnLewis>	 "whole porxies IP range"
[19:54:40] <JohnLewis>	 = ASN rnage
[19:54:42] <JohnLewis>	 *range
[19:55:38] <AmandaCatherine>	 The most sophisticated and high-tech proxies can have more than one ASN too
[19:55:49] <JohnLewis>	 so... then we block the other ASN they use
[19:56:30] <JohnLewis>	 but the only way a proxies will have another ASN is if it holds another block of IPs under a different name or entity
[19:57:01] <JohnLewis>	 or if it uses multiple web hosts/providers - then we know about the providers and can handle it appropriately
[19:57:26] <AmandaCatherine>	 The way I see it: one VOA shows up and trashed a few pages. They are blocked/locked, and CU should not be needed. If a different VOA then shows up and trashed the same or similar pages in the same or similar ways, they are likely to be sock puppets and therefore a CU is warranted
[19:57:38] <JohnLewis>	 yes
[19:57:42] <JohnLewis>	 we don't CU in the first case
[19:57:45] <JohnLewis>	 we never have afaik
[19:57:51] <AmandaCatherine>	 But if the second VOA isn’t like the first at all, the chance of them being socks is the same as them being different
[19:58:07] <AmandaCatherine>	 And therefore CU is not warranted
[19:58:19] <JohnLewis>	 besides preventing further cases
[19:58:48] <AmandaCatherine>	 CU shouldn’t be used as a prevention - it should be used as a reaction
[19:58:52] <AmandaCatherine>	 IMHO
[19:59:05] <JohnLewis>	 that wouldn't align with anything though
[19:59:11] <JohnLewis>	 you want to prevent not react
[19:59:36] <JohnLewis>	 prevention instead of reaction is even engrained in self defence law (which this is similar to, its self defence)
[19:59:50] <AmandaCatherine>	 But you can’t prevent socking. You can prevent vandalism in the first place, though
[19:59:59] <AmandaCatherine>	 With blacklists and filters
[20:00:10] <JohnLewis>	 and we do
[20:00:19] <JohnLewis>	 and when we get hits in AB, we also CU those accounts
[20:00:37] <AmandaCatherine>	 See, that’s where I have an issue
[20:00:37] <JohnLewis>	 so when we run a CU after 1 vandalism edit, we might not even be CUing that user
[20:01:10] <AmandaCatherine>	 If the filter disallowed something, there’s no reason to CU since the would-be vandalism was stopped anyway
[20:01:18] <JohnLewis>	 so we shouldn't try and prevent vandalism/abuse until it becomes too much to handle?
[20:01:32] <AmandaCatherine>	 Only the most sophisticated vandals can figure out how to bypass private filters
[20:01:45] <AmandaCatherine>	 The filters do an adequate job
[20:01:58] <JohnLewis>	 yes, but it's also intelligence gathering - they might be stopped now but learn how to bypass it. or we may get another user who does different spam from the same place
[20:02:47] <AmandaCatherine>	 Intelligence gathering is where I have an issue
[20:03:16] <AmandaCatherine>	 You can’t automatically assume that every single VOA or SOA is going to come back
[20:03:28] <AmandaCatherine>	 Or that every single VOA or SOA is a sock
[20:03:32] <JohnLewis>	 we're not assuming
[20:03:38] <JohnLewis>	 they've hit us, we want to prevent it.
[20:03:49] <JohnLewis>	 we never assume they are socks
[20:03:55] <JohnLewis>	 we're not CUing because theyre socks.
[20:04:09] <AmandaCatherine>	 See, that’s what CU should be used for
[20:04:12] <JohnLewis>	 We're CU to prevent because if they're using a method or a source, what is stopping others?
[20:04:13] <AmandaCatherine>	 Is stopping socks
[20:04:23] <JohnLewis>	 no, that's one purpose.
[20:04:27] <AmandaCatherine>	 Or meats, for that matter l
[20:05:18] <AmandaCatherine>	 If it’s just one single VOA or SOA, just RBI and move on
[20:05:33] <AmandaCatherine>	 Only if they come back with socks take further action
[20:05:56] <JohnLewis>	 until we get a massive hit and realise "oh, the user from last week used this IP"
[20:06:19] <AmandaCatherine>	 So the second used on the IP is a sock of the first
[20:06:25] <AmandaCatherine>	 Or is at least related
[20:06:31] <JohnLewis>	 not at all
[20:07:04] <AmandaCatherine>	 Two users on the exact same IP doing the exact same thing are likely socks
[20:07:24] <JohnLewis>	 if the IP is a webhost or a proxy, they are likely to look the same but aren't
[20:08:08] <AmandaCatherine>	 What are the chances that two totally unrelated users are going to decide to spam the exact same website from the exact same proxy?
[20:08:12] <AmandaCatherine>	 Not high
[20:08:19] <JohnLewis>	 You are free to have the opinion you do, but until you get a policy enacted that says "CheckUser can not be used to investigate spam or vandalism accounts", the practise won't change.
[20:08:29] <JohnLewis>	 you'd be surprised.
[20:08:58] <JohnLewis>	 and any steward or even active user you ask, will agree it is preventative behaviour
[20:10:36] <AmandaCatherine>	 I don’t want "CheckUser can not be used to investigate spam or vandalism accounts". I want “CheckUser CAN be used to investigate spam or vandalism accounts if it is likely that they are related to other blocked/locked accounts”
[20:11:29] <JohnLewis>	 that's fine, but then until that is enacted, behaviour won't change
[20:12:50] <AmandaCatherine>	 In general, behavioral evidence of a connection to previous accounts should be present before CU is used
[20:13:14] <JohnLewis>	 and when investigating the relevant claims we do
[20:13:33] <AmandaCatherine>	 ??
[20:13:34] <JohnLewis>	 someone saying User A = User B, CU won't be used unless the person doing the CU believes User A may = User B
[20:14:00] <JohnLewis>	 but when it comes to spam, we're not looking to prove the account is linked to anyone. We're wanting the source it is from
[20:14:49] <AmandaCatherine>	 But CU should not be used just because user B vandalized and therefore could be linked to users A, C, P, or V which were also VOAs
[20:15:03] <AmandaCatherine>	 But no behavioral evidence besides that
[20:15:05] <JohnLewis>	 we never use it for that
[20:15:38] <AmandaCatherine>	 Respectfully, both you and Voidwalker have
[20:15:46] <JohnLewis>	 evidence?
[20:16:58] <AmandaCatherine>	 “John changed group membership for John from bureaucrat, steward, and administrator to bureaucrat, check user, steward, and administrator (abuse)”
[20:17:06] <AmandaCatherine>	 Each time there is a vandal on Meta
[20:18:39] <JohnLewis>	 because there is suspicious it is related to on-going vandalism
[20:18:47] <AmandaCatherine>	 Even when there is no obvious behavioral evidence connecting said vandal on Meta to a previous vandal on Meta
[20:18:55] <AmandaCatherine>	 Not every vandal is related
[20:19:02] <JohnLewis>	 I don't CU every vandal
[20:19:25] <JohnLewis>	 I rarely CU vandals. I CU spam, LTAs and socking
[20:19:46] <AmandaCatherine>	 LTAs are vandals
[20:19:58] <AmandaCatherine>	 And how do you know they are LTAs
[20:20:11] <AmandaCatherine>	 Behavioral evidence should exit
[20:20:17] <JohnLewis>	 because they fit behavioural patterns
[20:20:21] <AmandaCatherine>	 s/exit/exist
[20:20:21] <ZppixBot>	 AmandaCatherine meant to say: Behavioral evidence should exist
[20:20:37] <AmandaCatherine>	 Such as?
[20:21:23] <JohnLewis>	 ask 開拓者 / The_Pioneer
[20:22:19] <AmandaCatherine>	 Many of the accounts they have locked are Japanese LTAs that didn’t even hit Meta
[20:22:45] <AmandaCatherine>	 The only two LTA patterns that I know of are LP and whoever has been attacking LP and myself
[20:22:51] <JohnLewis>	 not all of my CUs are on meta
[20:23:09] <AmandaCatherine>	 Other than that, all vandals just seem like drive-by incidents to me
[20:23:50] <JohnLewis>	 whether they are drive bys or not, if they are using proxies, then we block them
[20:24:20] <AmandaCatherine>	 But what behavioral evidence do you have to suggest that they are using proxies?
[20:24:39] <JohnLewis>	 I don't need behavioural evidence they are using proxies
[20:24:54] <JohnLewis>	 they are abusing our service and it is without our right to prevent their access
[20:24:59] <JohnLewis>	 if they are using a proxy, we hit it.
[20:25:08] <JohnLewis>	 if they're not, we hit what they're using
[20:25:21] <JohnLewis>	 but only if it's worth it.
[20:25:25] <AmandaCatherine>	 but you can’t just CU every single vandal/LTA to see if they happen to be using a proxy
[20:25:34] <JohnLewis>	 someone putting a few lines of text on an article and going, means nothing. We don't care.
[20:25:41] <JohnLewis>	 someone spamming, is worth it.
[20:25:56] <JohnLewis>	 we CU every LTA because we want to restrict their access.
[20:26:25] <AmandaCatherine>	 But what behavioral evidence do you have that one given vandal is the same as an LTA?
[20:26:48] <JohnLewis>	 I don't - if I don't then I lock as a vandal and leave.
[20:27:05] <AmandaCatherine>	 and someone who tried to spam but got blocked by the filter isn’t worth it
[20:27:10] <JohnLewis>	 anyone who locks anyone as a vandal, isn't CU'd
[20:27:20] <JohnLewis>	 it is
[20:29:03] <JohnLewis>	 Captcha stops a lot of the spam - so if they hit us past the captcha, then they're not some kid running a script. it's a fairly legit thing and we want to stop that.
[20:29:25] <JohnLewis>	 they get past barrier 1 but not barrier 2. So let's adding another barrier into it that they can't get past
[20:29:26] <AmandaCatherine>	 This isn’t an LTA for example https://meta.miraheze.org/wiki/Special:CentralAuth/Mushroom_cloud
[20:29:27] <ZppixBot>	 Title: [ Global account information for Mushroom cloud - Miraheze Meta ] - meta.miraheze.org
[20:29:41] <AmandaCatherine>	 That’s drive by vandalism
[20:31:29] <AmandaCatherine>	 This isn’t an LTA either https://meta.miraheze.org/m/uD
[20:31:31] <ZppixBot>	 Title: [ Global account information for I, Donald John Trump, do solemnly swear that I will faithfully execute the Office of President of the United States, and will to the best of my Ability, preserve, protec ] - meta.miraheze.org
[20:32:38] <JohnLewis>	 what people to lock is their choice
[20:32:46] <JohnLewis>	 *people use as a reason
[20:34:20] <AmandaCatherine>	 Meh, GTG now. It’s clear we’re not going to agree on this
[20:34:27] <JohnLewis>	 indeed
[20:34:46] <JohnLewis>	 we're doing nothing wrong in terms of policy, if you disagree - change the policy in the correct venues
[20:55:12] <Not-d1e4>	 [02miraheze/services] 07MirahezeSSLBot pushed 031 commit to 03master [+0/-0/±1] 13https://git.io/fAmY1
[20:55:13] <Not-d1e4>	 [02miraheze/services] 07MirahezeSSLBot 03f878cb6 - BOT: Updating services config for wikis
[21:22:19] <Voidwalker>	 looks like I forgot to set an away oops