Page MenuHomePhabricator

Feature request: Hide IP address by unique encoding
Closed, DuplicatePublic

Description

Author: mediazilla

Description:
Summary: (?)
Hide IP address by unique encoding
I was new to WIKI and made some changes in a
controversial section of WIKI. My opponent and I were in
an another forum and he told everyone that he knows
my location and I was shocked. Later I knew WIKI keeps
the IP addresses of any user edit without a WIKI login.

Exposing an anonymous WIKI user's IP address and thus
location and possibly real identity for all to see is not
something a user would want. Often people want to
remain anonymous. The real IP address should only be
able to be accessed by special system administrators
and not any Sysop.

The WIKI system should allot unique identification
numbers to IP addresses, instead of giving the real IP
address. Technically, this would be simple to achieve:
Have a seperate column in the database Table for
Encoded IP address. Generate a random "Encoded IP" for
every real IP. Each real IP should have a unique Encoded
IP.

The aim is to protect the privacy of WIKI editors. I have
the right to keep my privacy.

Followups:
Comments


Date: 2004-09-22 00:31
Sender: klaus72
Logged In: YES
user_id=1126276

I still think this is a very good idea. I have this community
for
young people. Aged 11-20 . And I would like to give each
profile a link to their own wiki page,which everyone can edit.

But I don't want anyone to be able to see the IP adresses of
the contributers.
The reason for this, is that young people likes to play around,
and destroy things.. And scare others that they know the IP
and can take control, DoS and so on.

Maybe the IP adresse could be presented as an MD5 hash of
the IP? or maybe just the first 7 characters of the has. Only
sysop can see the real ip.


Date: 2004-07-08 11:10
Sender: nobody
Logged In: NO

vampwillow
You didnt give any reason as to why a fake Psuedo IP
should'nt replace the real IP address. The real IP address
should only be accessible to a select FEW super-ops or
administrators incase they want to report action to the ISP.
Currently, IP addresses are there for any hacker or malicious
person to exploit. They can be used to track location and find
out the identity (yes its possible if you know something about
the person and then you also got the location it helps a lot).

I see no one wants to do this because it didnt effect them so
they think I'm talking plain junk.

I was nearly EXPOSED on a controversial discussion forum.
My location was to be leaked out, perhaps its been done
already - all because of WIKI put put my IP address for
everyone to see. I could learn to program and get into WIKI
and make this feature myself and no one would stop me, I
can gaurantee you but I dont have time. I thought I'd just
give a suggestion.
Thats how is it. Your son dies from lung cancer, only then
you start an anti-smoking organization. Otherwise no one
gives a jack about it. If you were in my situation you would
understand the important of this.
Tell me another thing: Why do you think all discussion forums
hide the real IP from the public? They have a good reason to
hide it from the regular public, dont they? Should WIKI expose
the real IP too then?

Again, no one has offered ANY logical reason as to why the
real IP should not be hidden from the masses. If sysops want
to TRACK people down, like I said, you should use fake IPs.
Only for serious action, super-ops should be allowed to
access the real IP ONLY for *reporting* purposes.


Date: 2004-07-08 05:03
Sender: vampwillow
Logged In: YES
user_id=1071899

There is no obligation for you to create a user-id and log
in with it, but it provides you with this function. Yes,
there are times when you might not want people to realise it
was you who made the edit but that has to be balanced by the
nature of wikis being something that anyone can add to (or
destroy) thus needing a quick and simple way to track and
deal with problems.

If it is "special system administrators" who is to say how
long it might take someone to be able to assist ("not any
Sysop" means there is more likely to be a delay anyway) by
which time it could well be way too late. Wikis, like WP,
are self-healing only because there are enough people around
who care. Encoding would mean they still cared buyt couldn't
do anything about it!

I see no strong reason to create this option and stronger
reasons not to do so.


Date: 2004-06-24 10:55
Sender: nobody
Logged In: NO

vibber wrote:
"This is the norm on wikis."

Once it was norm for people to beleive the Earth was flat. It
doesnt matter if its a norm or not, you have to see whether it
makes sense or not.
If the edit was done by a malicious user and the meaning of
IP addresses is to give sysops clues as to whether they
should ban the whole IP range, then IP ranges e.g. 210.10.*
can be named as random numbers, still generated as a unique
IP and this is trackable in the same way as any real IP
address.
Again: IP addresses should be encoded as other number, just
like you have some organizations creating their own ID
numbers for employees rather than using their SS# and
creating security risks for indentity thefts. This is the same
principle being used over there.


Date: 2004-06-24 05:26
Sender: nobody
Logged In: NO

I agree to this feature.
Sometimes people forget to login. And then their IP is exposed.
I know you can allow only logged in users to edit. But it will
sometimes discourge users to give useful infomation.


Date: 2004-06-24 05:21
Sender: nobody
Logged In: NO

I agree to this feature.
Sometimes people forget to login. And then their IP is exposed.
I know you can allow only logged in users to edit. But it will
sometimes discourge users to give useful infomation.


Date: 2004-06-23 22:17
Sender: vibber
Logged In: YES
user_id=446709

This is the norm on wikis.


Date: 2004-06-23 21:47
Sender: nobody
Logged In: NO

I know I can create a useraccount. The fact remains: privacy
of anonymous users is being displayed publicly on a website
and this information can be used by malicious users to their
ends.
There is no need to display the real IP address. If the real IP
is being displayed, the location and possibly even the identity
of the user can be found out. I have been threatened myself
with such a threat just recently.
The best solution as I said, is to keep an encoded IP, or a
random number.


Date: 2004-06-23 21:27
Sender: vibber
Logged In: YES
user_id=446709

Create a user account then.

You do *not* have to provide an e-mail address (though if you
don't, you
won't be able to recover a lost password).


Version: unspecified
Severity: enhancement

Details

Reference
bz556

Event Timeline

bzimport raised the priority of this task from to Lowest.Nov 21 2014, 6:58 PM
bzimport set Reference to bz556.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Sep 22 2004, 8:32 AM

jeronim.mediazilla wrote:

One way to deal with the problem of people forgetting to log in, and then editing and
having their IP address exposed: Make it very obvious on the edit page that they are not
logged-in, e.g. by putting a message in big red letters with a warning.

inedible_bulk wrote:

(In reply to comment #1)

One way to deal with the problem of people forgetting to log in, and then

editing and

having their IP address exposed: Make it very obvious on the edit page that

they are not

logged-in, e.g. by putting a message in big red letters with a warning.

Was about to add this as a bug. Full agreement here. I've edited as IP and
been very upset afterward, because you can't remove that info.

Using an encrypted or hashed IP would mean that sysops would be unable to
identify proxy servers or dynamic IP pools. This information is vital when
tracking vandalism or blocking users.

hashar added a comment.Jul 6 2005, 2:26 PM

Closing as WONTFIX because:
_ there is clause to no way to figure out the identity of someone
given his ip address.
_ people can use an anonymizing service or create an account