Page MenuHomePhabricator

ST47
User

Projects

User does not belong to any projects.

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Friday

  • Clear sailing ahead.

User Details

User Since
Apr 30 2019, 3:34 AM (48 w, 1 d)
Availability
Available
LDAP User
Unknown
MediaWiki User
ST47 [ Global Accounts ]

Recent Activity

Mon, Mar 9

ST47 added a comment to T246261: Allow check user to specify time range for Special:Investigate.

@Prtksxna True, but we don't use the time limit for that purpose. The only reason we would use a shorter time limit in the current tool is if we run a check on an IP address or range, and get the error that there were more than 5000 edits within the 90 day window. (In fact, the current log doesn't even show what time limit we chose.)

Mon, Mar 9, 3:24 AM · CheckUser, Anti-Harassment

Wed, Mar 4

ST47 added a comment to T246353: Investigate and mitigate trivial bypass to AntiSpoof.

Thanks for the discussion. I unfortunately am not able to log in to Gerrit, due to an issue with my account. My understanding is that it isn't possible to fix. Please email me privately with any other questions about that.

Wed, Mar 4, 5:37 PM · Patch-For-Review, Anti-Harassment, Security-Team, Security, AbuseFilter, AntiSpoof

Feb 28 2020

ST47 added a comment to T246353: Investigate and mitigate trivial bypass to AntiSpoof.

Ah, I see, thanks. New patch 0001 is the same as the above, but with the dist/ files updates. New patch 0002 also collapses multiple level equivalences, which I don't know if it's required but it might be clearer for reviewers.

Feb 28 2020, 3:34 AM · Patch-For-Review, Anti-Harassment, Security-Team, Security, AbuseFilter, AntiSpoof

Feb 27 2020

ST47 added a comment to T246353: Investigate and mitigate trivial bypass to AntiSpoof.

Good point. I have attached a patch which uses a python script to collect the confusables.txt data and add it in to the equivset database. The patch is against https://phabricator.wikimedia.org/source/Equivset/repository/master/. Several notes:

Feb 27 2020, 9:00 PM · Patch-For-Review, Anti-Harassment, Security-Team, Security, AbuseFilter, AntiSpoof
ST47 added projects to T246353: Investigate and mitigate trivial bypass to AntiSpoof: AntiSpoof, AbuseFilter.
Feb 27 2020, 3:55 PM · Patch-For-Review, Anti-Harassment, Security-Team, Security, AbuseFilter, AntiSpoof
ST47 created T246353: Investigate and mitigate trivial bypass to AntiSpoof.
Feb 27 2020, 3:50 PM · Patch-For-Review, Anti-Harassment, Security-Team, Security, AbuseFilter, AntiSpoof

Feb 21 2020

ST47 added a comment to T245499: Improve performance of Compare query for Special:Investigate.

I don't know if you have any data on how often the 5000 result limit in the current tool is hit, my personal experience is that it's fairly common particularly for mobile IP ranges. If that limit was brought even lower per IP range, e.g. if only the last 1000 edits from an IP range were considered, I think that would be a significant degradation.

Feb 21 2020, 10:33 PM · MW-1.35-notes (1.35.0-wmf.25; 2020-03-24), Anti-Harassment (The Letter Song), Performance Issue, CheckUser

Feb 17 2020

ST47 created T245379: "Script" unicode characters not included in equivset, and therefore can be used to spoof AbuseFilter.
Feb 17 2020, 12:35 AM · Equivset, Security

Feb 6 2020

ST47 updated the event description for E1140: Test event.
Feb 6 2020, 11:03 PM · events
ST47 cancelled E1140: Test event.
Feb 6 2020, 11:02 PM · events
ST47 updated the event description for E1140: Test event.
Feb 6 2020, 11:02 PM · events
ST47 updated the event description for E1140: Test event.
Feb 6 2020, 11:02 PM · events
ST47 updated the event description for E1140: Test event.
Feb 6 2020, 11:01 PM · events
ST47 added a comment to E1140: Test event.

Test comment, had notifications off...

Feb 6 2020, 11:00 PM · events
ST47 created E1140: Test event.
Feb 6 2020, 11:00 PM · events

Jan 4 2020

ST47 created T241891: Log and display in CheckUser when a user trips a cookie block.
Jan 4 2020, 5:55 PM · CheckUser

Dec 31 2019

ST47 created T241652: Allow overriding a range block with a more specific block with different settings.
Dec 31 2019, 5:32 PM · MediaWiki-User-management, Anti-Harassment

Dec 29 2019

ST47 added a watcher for CheckUser: ST47.
Dec 29 2019, 7:16 AM
ST47 added a watcher for acl*security: ST47.
Dec 29 2019, 7:16 AM

Dec 22 2019

ST47 added a comment to T203083: "Administrator" is hardcoded in various permission error messages.

I'm told in T241318 that administrators cannot view the content of deleted css/js pages. So, is it a bug that I can see those edits in Special:DeletedContributions and Special:RevisionDelete?

Dec 22 2019, 1:03 PM · MediaWiki-Authentication-and-authorization, MediaWiki-Interface
ST47 created T241318: Unable to access deleted revisions of a page.
Dec 22 2019, 11:19 AM

Dec 16 2019

ST47 added a comment to T240805: Link to view RevDelete/Suppressed revision is missing if only the username or edit summary was hidden.

Huh? I just tested this with an edit where the username was suppressed. Without &unhide=1, I see "(Username or IP removed)". With &unhide=1, I see the IP address. Adding the link would not be redundant, it would be the only way to get to the diff view or revision view with the suppressed content revealed.

Dec 16 2019, 11:20 PM · MediaWiki-Revision-deletion
ST47 created T240805: Link to view RevDelete/Suppressed revision is missing if only the username or edit summary was hidden.
Dec 16 2019, 1:49 AM · MediaWiki-Revision-deletion

Nov 23 2019

ST47 added a comment to T238995: AbuseFilter (and AntiSpoof?) not catching certain Unicode equivalencies.

Some more digging: wmf is on version 1.3.0 of https://packagist.org/packages/wikimedia/equivset#1.3.0 . So I guess this is a request to deploy equivset 1.4.0.

Nov 23 2019, 7:45 PM · Security, AntiSpoof, AbuseFilter
ST47 updated subscribers of T238995: AbuseFilter (and AntiSpoof?) not catching certain Unicode equivalencies.
Nov 23 2019, 7:38 PM · Security, AntiSpoof, AbuseFilter
ST47 created T238995: AbuseFilter (and AntiSpoof?) not catching certain Unicode equivalencies.
Nov 23 2019, 7:37 PM · Security, AntiSpoof, AbuseFilter

Jun 26 2019

ST47 created T226594: Wiki pages are very wide in Monobook for logged in users.
Jun 26 2019, 2:22 AM · MW-1.34-notes (1.34.0-wmf.11; 2019-06-26), Regression, MonoBook