Make non-CUs linking users and IPs when CUs use block forms in CheckUser harder
Closed, ResolvedPublicFeature
Actions

Assigned To

Authored By

	Dreamy_Jazz
	Jul 20 2022, 9:47 PM

Description

Feature summary (what you would like to be able to do and where):
Special:InvestigateBlock and Special:CheckUser in 'Get users' mode should be able to allow CUs to more easily separate the IPs and accounts they block. Currently the same reason, talk page content and user page content is used in blocking IPs and accounts. This means that a non-CU can look at the block log / contributions page of a CU and see that these IP / account blocks were made at the same time with the same reason and content for the user talk / user page which makes it clear that the users / IPs are related.

Use case(s) (list the steps that you performed to discover that problem, and describe the actual underlying problem which you want to solve. Do not describe only a solution):
Currently blocking both IPs and accounts at the same time in Special:InvestigateBlock and Special:CheckUser is not really possible without risking violating the disclosure agreements. This is especially the case if the reason or content added to the user talk / user page mentions a user or case, as this would directly link an IP to account(s).

With this a CheckUser could block IPs and accounts using the same form but through a variety of methods the connection could be made less clear.

Benefits (why should this be implemented?):
It would make blocking accounts and IPs easier as this could be done using the same form by the CU without connecting an IP and account.

Example
Lets say CU X wants to block account Y and IP Z because they are socks of A. They want to use a reason that says the account is a sock of A and tag the user page of the user as a sock of A (as shown below). However, doing so would also use the same reason and notice for the IP. Instead CUs have to use the form twice, once for the accounts and another time for the IPs:

Related Objects
Search...

Status	Subtype	Assigned	Task
Open		None	T139810 RFC: Overhaul the CheckUser extension
Open		None	T132892 CheckUser UI revamp
Open		None	T69811 CheckUsers "Get users" design needs improvements
Open	Feature	Dreamy_Jazz	T24120 Enhance Blocking and tagging from checkuser interface: add dropdowns
Resolved	Feature	Dreamy_Jazz	T313446 Make non-CUs linking users and IPs when CUs use block forms in CheckUser harder
Declined	Feature	None	T313448 Allow Special:InvestigateBlock to have seperate reasons for IPs and accounts
Declined	Feature	None	T313449 Allow Special:InvestigateBlock to have seperate notices for IPs and accounts
Declined	Feature	None	T313450 Separate out when the blocks are made for IPs and users in Special:InvestigateBlock
Declined	Feature	None	T313451 Separate out when the blocks are made for IPs and users in Special:CheckUser 'get users' mode
Resolved	Feature	Dreamy_Jazz	T329493 Replace Special:CheckUser's 'get users' block form with a usage of Special:InvestigateBlock
Resolved		Dreamy_Jazz	T339914 Remove CheckUserEnableSpecialInvestigate config
Resolved	Feature	Dreamy_Jazz	T318458 Add dropdown options for the reason in Special:InvestigateBlock (like Special:Block has)
Resolved		Dreamy_Jazz	T366265 Limit the number of blocks that can be performed in a single use of Special:InvestigateBlock to wgCheckUserMaxBlocks
Resolved		Dreamy_Jazz	T362548 Warn if blocking both IPs and accounts when using Special:InvestigateBlock
Resolved	Feature	Dreamy_Jazz	T362862 Provide two links from Special:Investigate to Special:InvestigateBlock (one for accounts and one for IPs)
Resolved		Dreamy_Jazz	T362152 Improve test coverage on Special:Investigate code
Resolved		Dreamy_Jazz	T362569 Test SpecialInvestigateBlock
Resolved		Dreamy_Jazz	T362914 Add qunit tests for investigate/blockform.js

Event Timeline

Dreamy_Jazz created this task.Jul 20 2022, 9:47 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 20 2022, 9:48 PM

Dreamy_Jazz triaged this task as Medium priority.Jul 20 2022, 9:48 PM

Dreamy_Jazz renamed this task from Seperate out the reason and tagging for IPs and users in CheckUser to Make non-CUs linking users and IPs when CUs use block forms in CheckUser harder.Jul 20 2022, 9:55 PM

Dreamy_Jazz added a subtask: T313448: Allow Special:InvestigateBlock to have seperate reasons for IPs and accounts.

Dreamy_Jazz updated the task description. (Show Details)Jul 20 2022, 10:01 PM

Dreamy_Jazz updated the task description. (Show Details)

LuchoCR subscribed.Jul 20 2022, 10:09 PM

Dreamy_Jazz updated the task description. (Show Details)Jul 20 2022, 10:14 PM

Vermont subscribed.Jul 20 2022, 10:14 PM

Dreamy_Jazz added a subtask: T313449: Allow Special:InvestigateBlock to have seperate notices for IPs and accounts.Jul 20 2022, 10:16 PM

Dreamy_Jazz added a subtask: T313450: Separate out when the blocks are made for IPs and users in Special:InvestigateBlock.Jul 20 2022, 10:22 PM

Dreamy_Jazz added a subtask: T18306: Allow user to specify block settings from CU form.Jul 20 2022, 10:26 PM

Dreamy_Jazz added a subtask: T313451: Separate out when the blocks are made for IPs and users in Special:CheckUser 'get users' mode.Jul 20 2022, 10:31 PM

Ameisenigel subscribed.Jul 21 2022, 6:17 AM

On enwiki, it's common for CUs to ask (typically on IRC), "Can somebody block this IP for me?" in order to obfuscate the connection between accounts and IPs blocked from the same case. Or, you just make yourself a note to execute the IP block later in the day. Either way, somebody perusing the public block logs won't see an obvious connection between the account(s) and the IP(s).

Perhaps that could be formalized, with a little help from the software. Imagine a work flow like this:

When you block an IP in CU, you get an option to either block it immediately, or to queue it for somebody else to block. If you select the later, it goes onto a queue which is only visible to other CUs. Then it could be part of the job of other CUs to watch that queue and perform the blocks. Or, maybe when you put the IP on the queue, you've got an option to select either "Automatically execute this block in my name after N hours" or "Queue this for quick attention by another CU". For most IP blocks, a delay of a few hours isn't going to be a problem, so I would expect setting up a delay would be the most common option.

As a related item, when CUs block IPs, they intentionally don't identify the related SPI case in the block comment. The problem with this is that another CU looking at the block log in the future will have no idea what the block was for. To solve that, I've taken to commenting CU IP blocks with an obfuscated link to the cuwiki page, i.e. https://en.wikipedia.org/w/index.php?title=Special:Log&logid=134015222. The queue idea could incorporate that. When the IP block is finally executed (either by another CU or after a delay), it could automatically include a link to the CU-only-visible queue entry, which in turn would indicate what case it was related to.

In T313446#8094343, @RoySmith wrote:

Perhaps that could be formalized, with a little help from the software. Imagine a work flow like this:

This may work on larger projects, but...not most of them. And the difficulty of setting up such a queue is a far larger scope than this ticket, and would likely require CU discussion and significant back-end work to get something like that functional. Email/IRC is much more efficient.

Faendalimas subscribed.Jul 22 2022, 8:23 AM

Dreamy_Jazz merged a task: T353938: Better safeguards against blocking IPs and user accounts together in the Special:CheckUser blocking interface.Apr 9 2024, 10:05 PM

Dreamy_Jazz added subscribers: Firefly, DannyS712, Jasper, Spicy.

In T353938#9702532, @DannyS712 wrote:

@Dreamy_Jazz any chance that this can be prioritized by T&S during your ongoing work of CU?

(copying along to this task from the duplicate that got merged in)

Dreamy_Jazz added a project: Trust and Safety Product Team.Apr 10 2024, 2:31 PM

The team will be taking a look at this next week.

Dreamy_Jazz added a project: Trust and Safety Product Sprint (Sprint Tabla (1st - 14th April)).Apr 10 2024, 3:26 PM

The proposed idea is to do the following:

On Special:Investigate provide two block buttons, one for accounts and one for IPs. This means that the CU can use two different forms to block users and IPs without having to manually remove either the users or IPs for a particular use of the form.
This would also be done for Special:CheckUser 'Get users', by replacing the form with links to Special:InvestigateBlock with one for all users and one for all IPs. This would implement T329493: Replace Special:CheckUser's 'get users' block form with a usage of Special:InvestigateBlock
1. Doing this means that we have one form for mass blocking users in CheckUser, which makes implementing feature requests related to it easier. Currently we have to modify two different forms (one for CheckUser and one for Investigate). This means that
2. The InvestigateBlock form has more features and is easier to use. There are several issues with the 'Get users' block form, such as T314700: Restore the bottom paging links on 'Get users' and that submitting the form causes the CU to need to re-load the 'Get users' request, which links to Special:InvestigateBlock that prefill the targets would not bring.
We may warn if the user attempts to use Special:InvestigateBlock for both IPs and users.