This is an archive of past discussions with User:Nmajdan. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.
Following an RfC, an activity requirement is now in place for bots and bot operators.
Technical news
When performing some administrative actions the reason field briefly gave suggestions as text was typed. This change has since been reverted so that issues with the implementation can be addressed. (T34950)
Following the latest RfC concluding that Pending Changes 2 should not be used on the English Wikipedia, an RfC closed with consensus to remove the options for using it from the page protection interface, a change which has now been made. (T156448)
The Foundation has announced a new community health initiative to combat harassment. This should bring numerous improvements to tools for admins and CheckUsers in 2017.
JohnCD (John Cameron Deas) passed away on 30 December 2016. John began editing Wikipedia seriously during 2007 and became an administrator in November 2009.
A recent RfC has redefined how articles on schools are evaluated at AfD. Specifically, secondary schools are not presumed to be notable simply because they exist.
Cookie blocks should be deployed to the English Wikipedia soon. This will extend the current autoblock system by setting a cookie for each block, which will then autoblock the user after they switch accounts under a new IP.
A bot will now automatically place a protection template on protected pages when admins forget to do so.
Following a discussion on the backlog of unpatrolled files, consensus was found to create a new user right for autopatrolling file uploads. Implementation progress can be tracked on Phabricator.
The BLPPROD grandfather clause, which stated that unreferenced biographies of living persons were only eligible for proposed deletion if they were created after March 18, 2010, has been removed following an RfC.
An RfC has closed with consensus to allow proposed deletion of files. The implementation process is ongoing.
After an unsuccessful proposal to automatically grant IP block exemption, consensus was found to relax the criteria for granting the user right from needing it to wanting it.
Technical news
After a recent RfC, moved pages will soon be featured in a queue similar to Special:NewPagesFeed and require patrolling. Moves by administrators, page movers, and autopatrolled editors will be automatically marked as patrolled.
Cookie blocks have been deployed. This extends the current autoblock system by setting a cookie for each block, which will then autoblock the user if they switch accounts, even under a new IP.
An RfC has clarified that user categories should be emptied upon deletion, but redlinked user categories should not be removed if re-added by the user.
Discussions are ongoing regarding proposed changes to the COI policy. Changes so far have included clarification that adding a link on a Wikipedia forum to a job posting is not a violation of the harassment policy.
There is a new tool for adding archives to dead links. Administrators are able to restrict other user's ability to use the tool, and have additional permissions when changing URL and domain data.
Following an RfC, the editing restrictions page is now split into a list of active restrictions and an archive of those that are old or on inactive accounts. Make sure to check both pages if searching for a restriction.
An RfC proposing an off-wiki LTA database has been closed. The proposal was broadly supported, with further discussion required regarding what to do with the existing LTA database and defining access requirements. Such a tool/database formed part of the Community health initiative's successful grant proposal.
Some clarifications have been made to the community banning and unblocking policies that effectively sync them with current practice. Specifically, the community has reached a consensus that when blocking a user at WP:AN or WP:ANI, it is considered a "community sanction", and administrators cannot unblock unilaterally if the user has not successfully appealed the sanction to the community.
Fuzzy search will soon be added to Special:Undelete, allowing administrators to search for deleted page titles with results similar to the search query. You can test this by adding ?fuzzy=1 to the URL, as with Special:Undelete?fuzzy=1. Currently the search only finds pages that exactly match the search term.
A newly revamped database report can help identify users who may be eligible to be autopatrolled.
A potentially compromised account from 2001–2002 attempted to request resysop. Please practice appropriate account security by using a unique password for Wikipedia, and consider enabling two-factor authentication. Currently around 17% of admins have enabled 2FA, up from 16% in February 2017.
Did you know: On 29 June 2017, there were 1,261 administrators on the English Wikipedia – the exact number of administrators as there were ten years ago on 29 June 2007. Since that time, the English Wikipedia has grown from 1.85 million articles to over 5.43 million.
LoginNotify should soon be deployed to the English Wikipedia. This will notify users when there are suspicious login attempts on their account.
The new version of XTools is nearing an official release. This suite of tools includes administrator statistics, an improved edit counter, among other tools that may benefit administrators. You can report issues on Phabricator and provide general feedback at mw:Talk:XTools.
Following an RfC, WP:G13 speedy deletion criterion now applies to any page in the draftspace that has not been edited in six months. There is a bot-generated report, updated daily, to help identify potentially qualifying drafts that have not been submitted through articles for creation.
Technical news
You will now get a notification when someone tries to log in to your account and fails. If they try from a device that has logged into your account before, you will be notified after five failed attempts. You can also set in your preferences to get an email when someone logs in to your account from a new device or IP address, which may be encouraged for admins and accounts with sensitive permissions.
Syntax highlighting is now available as a beta feature (more info). This may assist administrators and template editors when dealing with intricate syntax of high-risk templates and system messages.
Applications for CheckUser and Oversight are being accepted by the Arbitration Committee until September 12. Community discussion of the candidates will begin on September 18.
Following a successful proposal to create it, a new user right called "edit filter helper" is now assignable and revocable by administrators. The right allows non-administrators to view the details of private edit filters, but not to edit them.
Following a discussion about mass-application of ECP and how the need for logging and other details of an evolving consensus may have been missed by some administrators, a rough guide to extended confirmed protection has been written. This information page describes how the extended-confirmed aspects of the protection policy are currently being applied by administrators.
A request for comment is open regarding the structure, rules, and procedures of the December 2017 Arbitration Committee election, and how to resolve any issues not covered by existing rules.
A new function is now available to edit filter managers that will make it easier to look for multiple strings containing spoofed text.
Arbitration
Eligible editors will be invited to submit candidate statements for the 2017 Arbitration Committee Elections starting on November 12 until November 21. Voting will begin on November 27 and last until December 10.
The Wikipedia community has recently learned that Allen3 (William Allen Peckham) passed away on December 30, 2016, the same day as JohnCD. Allen began editing in 2005 and became an administrator that same year.
Hello, Nmajdan. Voting in the 2017 Arbitration Committee elections is now open until 23.59 on Sunday, 10 December. All users who registered an account before Saturday, 28 October 2017, made at least 150 mainspace edits before Wednesday, 1 November 2017 and are not currently blocked are eligible to vote. Users with alternate accounts may only vote once.
The Arbitration Committee is the panel of editors responsible for conducting the Wikipedia arbitration process. It has the authority to impose binding solutions to disputes between editors, primarily for serious conduct disputes the community has been unable to resolve. This includes the authority to impose site bans, topic bans, editing restrictions, and other measures needed to maintain our editing environment. The arbitration policy describes the Committee's roles and responsibilities in greater detail.
Following a request for comment, a new section has been added to the username policy which disallows usernames containing emoji, emoticons or otherwise "decorative" usernames, and usernames that use any non-language symbols. Administrators should discuss issues related to these types of usernames before blocking.
Technical news
Wikimedians are now invited to vote on the proposals in the 2017 Community Wishlist Survey on Meta Wiki until 10 December 2017. In particular, there is a section of the survey regarding new tools for administrators and for anti-harassment.
A new function is available to edit filter managers which can be used to store matches from regular expressions.
Over the last few months, several users have reported backlogs that require administrator attention at WP:ANI, with the most common backlogs showing up on WP:SPI, WP:AIV and WP:RFPP. It is requested that all administrators take some time during this month to help clear backlogs wherever possible. It should be noted that AIV reports are not always valid; however, they still need to be cleared, which may include needing to remind users on what qualifies as vandalism.
The Wikimedia Foundation Community health initiative is conducting a survey for English Wikipedia contributors on their experience and satisfaction level with Administrator’s Noticeboard/Incidents. This survey will be integral to gathering information about how this noticeboard works (i.e. which problems it deals with well and which problems it struggles with). If you would like to take this survey, please sign up on this page, and a link for the survey will be emailed to you via Special:EmailUser.
A request for comment is in progress to determine whether the administrator policy should be amended to require disclosure of paid editing activity at WP:RFA and to prohibit the use of administrative tools as part of paid editing activity, with certain exceptions.
An RfC has closed with a consensus that candidates at WP:RFA must disclose whether they have ever edited for pay and that administrators may never use administrative tools as part of any paid editing activity, except when they are acting as a Wikipedian-in-Residence or when the payment is made by the Wikimedia Foundation or an affiliate of the WMF.
Editors responding to threats of harm can now contact the Wikimedia Foundation's emergency address by using Special:EmailUser/Emergency. If you don't have email enabled on Wikipedia, directly contacting the emergency address using your own email client remains an option.
Technical news
A tagwill now be automatically applied to edits that blank a page, turn a page into a redirect, remove/replace almost all content in a page, undo an edit, or rollback an edit. These edits were previously denoted solely by automatic edit summaries.
Arbitration
The Arbitration Committee has enacted a change to the discretionary sanctions procedure which requires administrators to add a standardizededitnotice when placing page restrictions. Editors cannot be sanctioned for violations of page restrictions if this editnotice was not in place at the time of the violation.
Community ban discussions must now stay open for at least 24 hours prior to being closed.
A change to the administrator inactivity policy has been proposed. Under the proposal, if an administrator has not used their admin tools for a period of five years and is subsequently desysopped for inactivity, the administrator would have to file a new RfA in order to regain the tools.
A change to the banning policy has been proposed which would specify conditions under which a repeat sockmaster may be considered de facto banned, reducing the need to start a community ban discussion for these users.
Technical news
CheckUsers are now able to view private data such as IP addresses from the edit filter log, e.g. when the filter prevents a user from creating an account. Previously, this information was unavailable to CheckUsers because access to it could not be logged.
The edit filter has a new featurecontains_all that edit filter managers may use to check if one or more strings are all contained in another given string.
Bhadani (Gangadhar Bhadani) passed away on 8 February 2018. Bhadani joined Wikipedia in March 2005 and became an administrator in September 2005. While he was active, Bhadani was regarded as one of the most prolific Wikipedians from India.
Administrators who have been desysopped due to inactivity are now required to have performed at least one (logged) administrative action in the past 5 years in order to qualify for a resysop without going through a new RfA.
Editors who have been found to have engaged in sockpuppetry on at least two occasions after an initial indefinite block, for whatever reason, are now automatically considered banned by the community without the need to start a ban discussion.
There will soon be a calendar widget at Special:Block, making it easier to set expiries for a specific date and time.
Arbitration
The Arbitration Committee is considering a change to the discretionary sanctions procedures which would require an editor to appeal a sanction to the community at WP:AE or WP:AN prior to appealing directly to the Arbitration Committee at WP:ARCA.
Miscellaneous
A discussion has closed which concluded that administrators are not required to enable email, though many editors suggested doing so as a matter of best practice.
The Foundations' Anti-Harassment Tools team has released the Interaction Timeline. This shows a chronologic history for two users on pages where they have both made edits, which may be helpful in identifying sockpuppetry and investigating editing disputes.
A proposal is being discussed which would create a new "event coordinator" right that would allow users to temporarily add the "confirmed" flag to new user accounts and to create many new user accounts without being hindered by a rate limit.
Technical news
AbuseFilter has received numerous improvements, including an OOUI overhaul, syntax highlighting, ability to search existing filters, and a few new functions. In particular, the search feature can be used to ensure there aren't existing filters for what you need, and the new equals_to_any function can be used when checking multiple namespaces. One major upcoming change is the ability to see which filters are the slowest. This information is currently only available to those with access to Logstash.
When blocking anonymous users, a cookie will be applied that reloads the block if the user changes their IP. This means in most cases, you may no longer need to do /64 range blocks on residential IPv6 addresses in order to effectively block the end user. It will also help combat abuse from IP hoppers in general. This currently only occurs when hard-blocking accounts.
The block notice shown on mobile will soon be more informative and point users to a help page on how to request an unblock, just as it currently does on desktop.
There will soon be a calendar widget at Special:Block, making it easier to set expiries for a specific date and time.
Lankiveil (Craig Franklin) passed away in mid-April. Lankiveil joined Wikipedia on 12 August 2004 and became an administrator on 31 August 2008. During his time with the Wikimedia community, Lankiveil served as an oversighter for the English Wikipedia and as president of Wikimedia Australia.
Following a successful request for comment, administrators are now able to add and remove editors to the "event coordinator" group. Users in the event coordinator group have the ability to temporarily add the "confirmed" flag to new user accounts and to create many new user accounts without being hindered by a rate limit. Users will no longer need to be in the "account creator" group if they are in the event coordinator group.
IP-based cookie blocks should be deployed to English Wikipedia in June. This will cause the block of a logged-out user to be reloaded if they change IPs. This means in most cases, you may no longer need to do /64 range blocks on residential IPv6 addresses in order to effectively block the end user. It will also help combat abuse from IP hoppers in general. For the time being, it only affects users of the desktop interface.
The Wikimedia Foundation's Anti-Harassment Tools team will build granular types of blocks in 2018 (e.g. a block from uploading or editing specific pages, categories, or namespaces, as opposed to a full-site block). Feedback on the concept may be left at the talk page.
It is now easier for blocked mobile users to see why they were blocked.
Arbitration
A recent technical issue with the Arbitration Committee's spam filter inadvertently caused all messages sent to the committee through Wikipedia (i.e. Special:EmailUser/Arbitration Committee) to be discarded. If you attempted to send an email to the Arbitration Committee via Wikipedia between May 16 and May 31, your message was not received and you are encouraged to resend it. Messages sent outside of these dates or directly to the Arbitration Committee email address were not affected by this issue.
An RfC about the deletion of drafts closed with a consensus to change the wording of WP:NMFD. Specifically, a draft that has been repeatedly resubmitted and declined at AfC without any substantial improvement may be deleted at MfD if consensus determines that it is unlikely to ever meet the requirements for mainspace and it otherwise meets one of the reasons for deletion outlined in the deletion policy.
Starting on July 9, the WMF Security team, Trust & Safety, and the broader technical community will be seeking input on an upcoming change that will restrict editing of site-wide JavaScript and CSS to a new technical administrators user group. Bureaucrats and stewards will be able to grant this right per a community-defined process. The intention is to reduce the number of accounts who can edit frontend code to those who actually need to, which in turn lessens the risk of malicious code being added that compromises the security and privacy of everyone who accesses Wikipedia. For more information, please review the FAQ.
Syntax highlighting has been graduated from a Beta feature on the English Wikipedia. To enable this feature, click the highlighter icon () in your editing toolbar (or under the hamburger menu in the 2017 wikitext editor). This feature can help prevent you from making mistakes when editing complex templates.
IP-based cookie blocks should be deployed to English Wikipedia in July (previously scheduled for June). This will cause the block of a logged-out user to be reloaded if they change IPs. This means in most cases, you may no longer need to do /64 range blocks on residential IPv6 addresses in order to effectively block the end user. It will also help combat abuse from IP hoppers in general. For the time being, it only affects users of the desktop interface.
Miscellaneous
Currently around 20% of admins have enabled two-factor authentication, up from 17% a year ago. If you haven't already enabled it, please consider doing so. Regardless if you use 2FA, please practice appropriate account security by ensuring your password is secure and unique to Wikimedia.
After a discussion at Meta, a new user group called "interface administrators" (formerly "technical administrator") has been created. Come the end of August, interface admins will be the only users able to edit site-wide JavaScript and CSS pages like MediaWiki:Common.js and MediaWiki:Common.css, or edit other user's personal JavaScript and CSS. The intention is to improve security and privacy by reducing the number of accounts which could be used to compromise the site or another user's account through malicious code. The new user group can be assigned and revoked by bureaucrats. Discussion is ongoing to establish details for implementing the group on the English Wikipedia.
Following a request for comment, the WP:SISTER style guideline now states that in the mainspace, interwiki links to Wikinews should only be made as per the external links guideline. This generally means that within the body of an article, you should not link to Wikinews about a particular event that is only a part of the larger topic. Wikinews links in "external links" sections can be used where helpful, but not automatically if an equivalent article from a reliable news outlet could be linked in the same manner.
Technical news
The WMF Anti-Harassment Tools team is seeking input on the second set of wireframes for the Special:Block redesign that will introduce partial blocks. The new functionality will allow you to block a user from editing a specific set of pages, pages in a category, a namespace, and for specific actions such as moving pages and uploading files.
Following a "stop-gap" discussion, six users have temporarily been made interface administrators while discussion is ongoing for a more permanent process for assigning the permission. Interface administrators are now the only editors allowed to edit sitewide CSS and JavaScript pages, as well as CSS/JS pages in another user's userspace. Previously, all administrators had this ability. The right can be granted and revoked by bureaucrats.
Technical news
Because of a data centre test you will be able to read but not edit the wikis for up to an hour on 12 September and 10 October. This will start at 14:00 (UTC). You might lose edits if you try to save during this time. The time when you can't edit might be shorter than an hour.
Some abuse filter variables have changed. They are now easier to understand for non-experts. The old variables will still work but filter editors are encouraged to replace them with the new ones. You can find the list of changed variables on mediawiki.org. They have a note which says Deprecated. Use ... instead. An example is article_text which is now page_title.
Abuse filters can now use how old a page is. The variable is page_age.
Arbitration
The Arbitration Committee has resolved to perform a round of Checkuser and Oversight appointments. The usernames of all applicants will be shared with the Functionaries team, and they will be requested to assist in the vetting process. The deadline to submit an application is 23:59 UTC, 12 September, and the candidates that move forward will be published on-wiki for community comments on 18 September.
There is an open request for comment on Meta regarding the creation a new user group for global edit filter management.
Technical news
Partial blocks should be available for testing in October on the Test Wikipedia and the Beta-Cluster. This new feature allows admins to block users from editing specific pages and in the near-future, namespaces and uploading files. You can expect more updates and an invitation to help with testing once it is available.
The Foundations' Anti-Harassment Tools team is currently looking for input on how to measure the effectiveness of blocks. This is in particular related to how they will measure the success of the aforementioned partial blocks.
Because of a data centre test, you will be able to read but not edit the Wikimedia projects for up to an hour on 10 October. This will start at 14:00 (UTC). You might lose edits if you try to save during this time.
Following a request for comment, the size of the Arbitration Committee will be decreased to 13 arbitrators, starting in 2019. Additionally, the minimum support percentage required to be appointed to a two-year term on ArbCom has been increased to 60%. ArbCom candidates who receive between 50% and 60% support will be appointed to one-year terms instead.
Nominations for the 2018 Arbitration Committee Electoral Commission are being accepted until 12 October. These are the editors who help run the ArbCom election smoothly. If you are interested in volunteering for this role, please consider nominating yourself.
Partial blocks is now available for testing on the Test Wikipedia. The new functionality allows you to block users from editing specific pages. Bugs may exist and can be reported on the local talk page or on Meta. A discussion regarding deployment to English Wikipedia will be started by community liaisons sometime in the near future.
A user script is now available to quickly review unblock requests.
The 2019 Community Wishlist Survey is now accepting new proposals until November 11, 2018. The results of this survey will determine what software the Wikimedia Foundation's Community Tech team will work on next year. Voting on the proposals will take place from November 16 to November 30, 2018. Specifically, there is a proposal category for admins and stewards that may be of interest.
Arbitration
Eligible editors will be invited to nominate themselves as candidates in the 2018 Arbitration Committee Elections starting on November 4 until November 13. Voting will begin on November 19 and last until December 2.
The Arbitration Committee's email address has changed to arbcom-enwikimedia.org. Other email lists, such as functionaries-en and clerks-l, remain unchanged.
Hello, Nmajdan. Voting in the 2018 Arbitration Committee elections is now open until 23.59 on Sunday, 3 December. All users who registered an account before Sunday, 28 October 2018, made at least 150 mainspace edits before Thursday, 1 November 2018 and are not currently blocked are eligible to vote. Users with alternate accounts may only vote once.
The Arbitration Committee is the panel of editors responsible for conducting the Wikipedia arbitration process. It has the authority to impose binding solutions to disputes between editors, primarily for serious conduct disputes the community has been unable to resolve. This includes the authority to impose site bans, topic bans, editing restrictions, and other measures needed to maintain our editing environment. The arbitration policy describes the Committee's roles and responsibilities in greater detail.
A request for comment is in progress to determine whether members of the Bot Approvals Group should satisfy activity requirements in order to remain in that role.
A request for comment is in progress regarding whether to change the administrator inactivity policy, such that administrators "who have made no logged administrative actions for at least 12 months may be desysopped". Currently, the policy states that administrators "who have made neither edits nor administrative actions for at least 12 months may be desysopped".
Administrators and bureaucrats can no longer unblock themselves unless they placed the block initially. This change has been implemented globally. See also this ongoing village pump discussion (permalink).
To complement the aforementioned change, blocked administrators will soon have the ability to block the administrator that placed their block to mitigate the possibility of a compromised administrator account blocking all other active administrators.
In late November, an attacker compromised multiple accounts, including at least four administrator accounts, and used them to vandalize Wikipedia. If you have ever used your current password on any other website, you should change it immediately. Sharing the same password across multiple websites makes your account vulnerable, especially if your password was used on a website that suffered a data breach. As these incidents have shown, these concerns are not pure fantasies.
Shock Brigade Harvester Boris (Raymond Arritt) passed away on 14 November 2018. Boris joined Wikipedia as Raymond arritt on 8 May 2006 and was an administrator from 30 July 2007 to 2 June 2008.
R4 (new): Redirects in the file namespace (and no file links) that have the same name as a file or redirect at Commons are now covered under the new R4 criterion (discussion). This is {{db-redircom}}; the text is unchanged.
G13 (expanded): Userspace drafts containing only the default Article Wizard text are now covered under G13 along with other drafts (discussion). Such blank drafts are now eligible after six months rather than one year, and taggers continue to use {{db-blankdraft}}.
Members of the Bot Approvals Group (BAG) are now subject to an activity requirement. After two years without any bot-related activity (e.g. operating a bot, posting on a bot-related talk page), BAG members will be retired from BAG following a one-week notice.
Technical news
Starting on December 13, the Wikimedia Foundation security team implemented new password policy and requirements. Privileged accounts (administrators, bureaucrats, checkusers, oversighters, interface administrators, bots, edit filter managers/helpers, template editors, et al.) must have a password at least 10 characters in length. All accounts must have a password:
User accounts not meeting these requirements will be prompted to update their password accordingly. More information is available on MediaWiki.org.
Blocked administrators may now block the administrator that blocked them. This was done to mitigate the possibility that a compromised administrator account would block all other active administrators, complementing the removal of the ability to unblock oneself outside of self-imposed blocks. A request for comment is currently in progress to determine whether the blocking policy should be updated regarding this change.
{{Copyvio-revdel}} now has a link to open the history with the RevDel checkboxes already filled in.
Accounts continue to be compromised on a regular basis. Evidence shows this is entirely due to the accounts having the same password that was used on another website that suffered a data breach. If you have ever used your current password on any other website, you should change it immediately.
Around 22% of admins have enabled two-factor authentication, up from 20% in June 2018. If you haven't already enabled it, please consider doing so. Regardless of whether you use 2FA, please practice appropriate account security by ensuring your password is secure and unique to Wikimedia.
Administrators who are blocked have the technical ability to block the administrator who blocked their own account. A recent request for comment has amended the blocking policy to clarify that this ability should only be used in exceptional circumstances, such as account compromises, where there is a clear and immediate need.
A request for comment closed with a consensus in favor of deprecating The Sun as a permissible reference, and creating an edit filter to warn users who attempt to cite it.
Technical news
A discussion regarding an overhaul of the format and appearance of Wikipedia:Requests for page protection is in progress (permalink). The proposed changes will make it easier to create requests for those who are not using Twinkle. The workflow for administrators at this venue will largely be unchanged. Additionally, there are plans to archive requests similar to how it is done at WP:PERM, where historical records are kept so that prior requests can more easily be searched for.
A new IRC bot is available that allows you to subscribe to notifications when specific filters are tripped. This requires that your IRC handle be identified.
You may prevent the proposed deletion by removing the {{proposed deletion/dated}} notice, but please explain why in your edit summary or on the article's talk page.
Following discussions at the Bureaucrats' noticeboard and Wikipedia talk:Administrators, an earlier change to the restoration of adminship policy was reverted. If requested, bureaucrats will not restore administrator permissions removed due to inactivity if there have been five years without a logged administrator action; this "five year rule" does not apply to permissions removed voluntarily.
Technical news
A new tool is available to help determine if a given IP is an open proxy/VPN/webhost/compromised host.
Arbitration
The Arbitration Committee announced two new OTRS queues. Both are meant solely for cases involving private information; other cases will continue to be handled at the appropriate venues (e.g., WP:COIN or WP:SPI).
paid-en-wpwikipedia.org has been set up to receive private evidence related to abusive paid editing.
checkuser-en-wpwikipedia.org has been set up to receive private requests for CheckUser. For instance, requests for IP block exemption for anonymous proxy editing should now be sent to this address instead of the functionaries-en list.
The Wikimedia Foundation's Community health initiative plans to design and build a new user reporting system to make it easier for people experiencing harassment and other forms of abuse to provide accurate information to the appropriate channel for action to be taken. Please see meta:Community health initiative/User reporting system consultation 2019 to provide your input on this idea.
Two more administrator accounts were compromised. Evidence has shown that these attacks, like previous incidents, were due to reusing a password that was used on another website that suffered a data breach. If you have ever used your current password on any other website, you should change it immediately. All admins are strongly encouraged to enable two-factor authentication, please consider doing so. Please always practice appropriate account security by ensuring your password is secure and unique to Wikimedia.
As a reminder, according to WP:NOQUORUM, administrators looking to close or relist an AfD should evaluate a nomination that has received few or no comments as if it were a proposed deletion (PROD) prior to determining whether it should be relisted.
Recently, several Wikipedia admin accounts were compromised. The admin accounts were desysopped on an emergency basis. In the past, the Committee often resysopped admin accounts as a matter of course once the admin was back in control of their account. The committee has updated its guidelines. Admins may now be required to undergo a fresh Request for Adminship (RfA) after losing control of their account.
What do I need to do?
Only to follow the instructions in this message.
Check that your password is unique (not reused across sites).
Check that your password is strong (not simple or guessable).
Enable Two-factor authentication (2FA), if you can, to create a second hurdle for attackers.
How can I find out more about two-factor authentication (2FA)?
Administrator account security (Correction to Arbcom 2019 special circular)
ArbCom would like to apologise and correct our previous mass message in light of the response from the community.
Since November 2018, six administrator accounts have been compromised and temporarily desysopped. In an effort to help improve account security, our intention was to remind administrators of existing policies on account security — that they are required to "have strong passwords and follow appropriate personal security practices." We have updated our procedures to ensure that we enforce these policies more strictly in the future. The policies themselves have not changed. In particular, two-factor authentication remains an optional means of adding extra security to your account. The choice not to enable 2FA will not be considered when deciding to restore sysop privileges to administrator accounts that were compromised.
We are sorry for the wording of our previous message, which did not accurately convey this, and deeply regret the tone in which it was delivered.
XTools Admin Stats, a tool to list admins by administrative actions, has been revamped to support more types of log entries such as AbuseFilter changes. Two additional tools have been integrated into it as well: Steward Stats and Patroller Stats.
Arbitration
In response to the continuing compromise of administrator accounts, the Arbitration Committee passed a motion amending the procedures for return of permissions (diff). In such cases, the committee will review all available information to determine whether the administrator followed "appropriate personal security practices" before restoring permissions; administrators found failing to have adequately done so will not be resysopped automatically. All current administrators have been notified of this change.
Following a formal ratification process, the arbitration policy has been amended (diff). Specifically, the two-thirds majority required to remove or suspend an arbitrator now excludes (1) the arbitrator facing suspension or removal, and (2) any inactive arbitrator who does not respond within 30 days to attempts to solicit their feedback on the resolution through all known methods of communication.
The CSD feature of Twinkle now allows admins to notify page creators of deletion if the page had not been tagged. The default behavior matches that of tagging notifications, and replaces the ability to open the user talk page upon deletion. You can customize which criteria receive notifications in your Twinkle preferences: look for Notify page creator when deleting under these criteria.
Twinkle's d-batch (batch delete) feature now supports deleting subpages (and related redirects and talk pages) of each page. The pages will be listed first but use with caution! The und-batch (batch undelete) option can now also restore talk pages.
Miscellaneous
The previously discussed unblocking of IP addresses indefinitely-blocked before 2009 was approved and has taken place.
In a related matter, the account throttle has been restored to six creations per day as the mitigation activity completed.
The scope of CSD criterion G8 has been tightened such that the only redirects that it now applies to are those which target non-existent pages.
The scope of CSD criterion G14 has been expanded slightly to include orphan "Foo (disambiguation)" redirects that target pages that are not disambiguation pages or pages that perform a disambiguation-like function (such as set index articles or lists).
The Wikimedia Foundation's Community health initiative plans to design and build a new user reporting system to make it easier for people experiencing harassment and other forms of abuse to provide accurate information to the appropriate channel for action to be taken. Community feedback is invited.
Miscellaneous
In February 2019, the Wikimedia Foundation (WMF) changed its office actions policy to include temporary and project-specific bans. The WMF exercised this new ability for the first time on the English Wikipedia on 10 June 2019 to temporarily ban and desysop Fram. This action has resulted in significant community discussion, a request for arbitration (permalink), and, either directly or indirectly, the resignations of numerous administrators and functionaries. The WMF Board of Trustees is aware of the situation, and discussions continue on a statement and a way forward. The Arbitration Committee has sent an open letter to the WMF Board.
Following a research project on masking IP addresses, the Foundation is starting a new project to improve the privacy of IP editors. The result of this project may significantly change administrative and counter-vandalism workflows. The project is in the very early stages of discussions and there is no concrete plan yet. Admins and the broader community are encouraged to leave feedback on the talk page.
Since the introduction of temporary user rights, it is becoming more usual to accord the New Page Reviewer right on a probationary period of 3 to 6 months in the first instance. This avoids rights removal for inactivity at a later stage and enables a review of their work before according the right on a permanent basis.
Photo Permissions Query / Phaidon Press
Hi Nmajdan,
I am currently working on behalf of publisher Phaidon Press on an upcoming architecture book.
Could you kindly contact me by email (igloopictureresearch@gmail.com), so that I can send you the project details?
We would also require a larger file size, if available.
Many thanks for your kind help with this project.
Best wishes,
Angelika
Angelika Pirkl, Freelance Picture Researcher, Igloo Picture Research, on behalf of Phaidon Press.
#/media/File:JPMorganChaseTower.png){kind=link}