Page MenuHomePhabricator

Editing Security Reccomendation
Closed, ResolvedPublic


This idea of mine is still in development, so please try and expand on it instead of simply approving or disapproving the idea. Thank you.

I am well aware of Wikipedia's anonymous editing security issue, and I think I may have a solution to possible increase security is certain articles. If an article seems to have a pattern of vandalism or other edits that are against policy, but the article does not need be locked (like if editing is not severe), then the article can be, as I put it, restricted. When an anonymous editor edits the article, instead of being directly applied to the article, the edit is submitted to a page (sort of like the discussion page, where the page can be accessed via the tabs at the top of the article) where it can be reviewed. In other words, if a shady user trys to edit an article, the edit is sent to be approved by a trustworthy member.

The loophole with this plan is that if the anonymous editor simply registers and approves the edit (or the editor just registers and makes the edit), then the edit will be approved. However, I have edited the system to work with the bug. Instead of the edit being approved by any user, it has to be approved by a user that has been voted into a posistion (such as Trustworthy User For "WhateverArticleItIs") by other users, making the system much harder to break. With this fix, the only way to bypass it is to get a whole team of vandalizers to vote a leader as a trusted user and then submit an edit (which is difficult seeing that by the time the edit is approved, somebody would have noticed their plan).

Here is how it breaks down: If an article, for any reason, must be restricted, this system is put into place. First, a user asks to become a Trusted User for the article. If enough registered users vote for him, he gets the posistion. When anybody (except for Trusted Users, they can edit at will) tries to make an edit to an article, the edit must be approved by the Trusted User, or the article does not accept the edit. The final exception is that any user can report if a Trusted User is abusing its powers. As I said, please read the edit through and try to make something of it, because I think it might help a lot. Keep in mind, only certain articles will be using the system, meaning other articles can still keep the normal editing system.

Version: unspecified
Severity: enhancement



Event Timeline

bzimport raised the priority of this task from to Low.Nov 21 2014, 9:48 PM
bzimport set Reference to bz11066.
bzimport added a subscriber: Unknown Object (MLST).

I don't think this whole procedure is really necessary. If an article is vandalized only occasionally, others will notice and revert it. If it's vandalized a lot, it'll be protected or semi-protected.

Yes, but there is no use protecting an article if the vandalizer has already been a registered user for a long time, which some vandalizers are. In addition, I know many articles that have frequent vandalism which still have not been locked, even after requests have been made to many people.

Per-page permissions isn't something we're planning to add at the moment.

Wouldn't this be essentially the same as FlaggedRevs, etc?

Closing as a duplicate of FlaggedRevs.