Page MenuHomePhabricator
Create Task
Maniphest T309693

Remove rows about private filters from Special:AbuseFilter (and the API) if the user can't see private filters
Open, Needs TriagePublic
Actions

Description

Copying from T309665#7973433:

In T309665#7973433, @Daimona wrote:

I just realized that if you can view Special:AbuseFilter but not private filters, every private filter will still be on the list, and you'll be able to see its information (except for hit count). The filter's name is even clickable, although you get a permission error if you try to open it. [...]

I think a better approach would be to hide private filters *completely* from Special:AbuseFilter and the API. Otherwise, LTAs can see how many filters are there that target them, when they were last edited, what their actions are, etc. In fact, I think that the concept of "private filter" should refer to the whole filter, not just its rules.

Related Objects

Event Timeline

Daimona created this task.Jun 1 2022, 11:04 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 1 2022, 11:04 AM
Daimona mentioned this in T309665: Make it possible for everyone who can access Special:AbuseFilter to search rules.Jun 1 2022, 11:05 AM
Daimona updated the task description. (Show Details)
matej_suchanek subscribed.Jun 1 2022, 11:31 AM

This would probably help us solve several tasks around filter privacy (see the workboard on AbuseFilter). T174862: Special:AbuseLog should not show log entries of private filters is a similar proposal, but there were some concerns about transparency. I'm not sure myself, too.

Maybe the "hidden" flag should not be boolean, but support more states: public, private (indication of existence possible, but details hidden), hidden (no indication of existence), etc. This could be a path for T234155: Create CheckUser-level abuse filters.

Daimona added a comment.Jun 2 2022, 1:41 PM
In T309693#7973529, @matej_suchanek wrote:

Maybe the "hidden" flag should not be boolean, but support more states: public, private (indication of existence possible, but details hidden), hidden (no indication of existence), etc. This could be a path for T234155: Create CheckUser-level abuse filters.

Good idea, definitely worth exploring in the long term. But for now, I think removing private filters altogether (thus erring on the side of caution) would be better than the status quo.

Daimona added a project: User-notice.Jun 2 2022, 1:47 PM

This behaviour has always been the same since the creation of AF, so I think it's very important to collect feedback before implementing the change. A possible message for Tech News could be something like:

On [[Special:AbuseFilter]], every user who can see the list of filters can also see information about private filters (ID, consequences, status, last edit), even if they're not allowed to see the private filters themselves and their rules. This has always been the case since 2009. There is a proposal to remove all information about private filters for unprivileged users. You can read more and leave your feedback at [[phab:T309693|]].

Daimona moved this task from To Triage to Announce in next Tech/News on the User-notice board.Jun 2 2022, 1:47 PM
Quiddity subscribed.Jun 2 2022, 5:44 PM

Hi @Daimona Alternatively, I'd suggest this request for feedback could be best sent directly to the talkpages of the abusefilter documentation pages. That would lead to the correct people seeing it in-situ, and reduce the distraction (and potential misunderstanding or alarm, or BEANS) among the wider movement.
Specifically, you could use this tool https://tools.wmflabs.org/wdmm/
along with https://www.wikidata.org/wiki/Q4582485 to create a MassMessage target list.
The full documentation for it is here: https://meta.wikimedia.org/wiki/Wikidata_MassMessage_tool
Does that seem reasonable? If not, and you're certain it deserves an entry in Tech News, we can do that. Cheers.

Daimona added a comment.Jun 4 2022, 3:36 PM
In T309693#7977145, @Quiddity wrote:

Hi @Daimona Alternatively, I'd suggest this request for feedback could be best sent directly to the talkpages of the abusefilter documentation pages. That would lead to the correct people seeing it in-situ, and reduce the distraction (and potential misunderstanding or alarm, or BEANS) among the wider movement.

I think that could work, as long as enough people see it.

Quiddity removed a project: User-notice.EditedJun 9 2022, 5:21 PM

Ok, I'll leave it in your hands. :-)
I'll remove the tech-news tag for now. (But as before, feel free to say it ought to be sent via this method!)

GeneralNotability subscribed.Oct 21 2022, 9:04 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL