Commons:Administrators/Requests/Dschwen (interface administrator)

From Wikimedia Commons, the free media repository
Jump to navigation Jump to search
 Support = 32;  Oppose = 5;  Neutral = 2 – 88%. Result: successful.

Dschwen (interface administrator)

Vote

Dschwen (talk · contributions (views) · deleted user contributions · recent activity (talk · project · deletion requests) · logs · block log · global contribs · CentralAuth)

Scheduled to end: 23:29, 14 January 2021 (UTC)

Hey everyone, I'm Dschwen, former admin (became admin in 2007 and lost the bit due to inactivity end of 2019) and crat (became crat in 2012 and lost that bit in ... actually I cannot find a paper trail, but I'm sure it was warranted due to inactivity). Due to real life obligations (kids, family, board positions) I was pretty much inactive on commons for a while, only occasionally dropping in to fix some of my stuff that broke over time. I'd like to spend more time on commons tending to my bots and tools (like the Good Pictures Button) and am primarily interested in interface adminship. I think I have a pretty clean record from my time back then and would like to consider myself trustworthy :-) Dschwen (talk) 23:29, 7 January 2021 (UTC)[reply]

Votes

Comments

 Comment The paper trail started at Commons:Administrators/Inactivity section/Aug-Sep 2019 and continued at m:Steward requests/Permissions/2019-09#Dschwen@commonswiki, this log for Admin and Crat, and this other log for Interface Admin and GWToolset user.   — Jeff G. please ping or talk to me 04:08, 8 January 2021 (UTC)[reply]
 Comment I've highlighted above that I'm applying for interface admin rights. --Dschwen (talk) 00:38, 9 January 2021 (UTC)[reply]
  • I'm concerned about the comments with a tone of "oh, it's only interface adminship". IA is more dangerous than adminship from a security perspective (which is why I'm generally opposed to non-admin IAs). @Dschwen: can you confirm that you have two-factor authentication enabled already or will do so if granted access (as required by the WMF)? Please also summarize the other steps you have taken to keep your account secure. --AntiCompositeNumber (talk) 03:56, 14 January 2021 (UTC)[reply]
    @AntiCompositeNumber: As an interface-admin on Meta, I hope the candidate is already using 2FA.   — Jeff G. please ping or talk to me 04:19, 14 January 2021 (UTC)[reply]
    @Jeff G.: They must be having 2FA enabled, as WMF requires int-admins to have 2FA enabled at all times, failing which their access needs to be removed till they re-enabled. (i.e. 2FA isn't a good to have, is a must) The only people that can check is either T&S / Stewards though. Camouflaged Mirage (talk) 15:02, 14 January 2021 (UTC)[reply]
    @Jeff G.: the candidate indeed has 2FA enabled :-) --Dschwen (talk) 15:28, 14 January 2021 (UTC)[reply]
    @Dschwen: Thanks, I was trying to stay professional.   — Jeff G. please ping or talk to me 17:51, 14 January 2021 (UTC)[reply]
    @AntiCompositeNumber: There seems to be some disagreement on wiki whether the bar for IA should be higher or lower (or the same as regular Admin). Interface_administrators states "The same criteria as for normal admin requests apply." - which is why I didn't originally start this request with the distinction of only needing IA. On Commons:Bureaucrats'_noticeboard#User:Dschwen_requests_interfaceadmin_rights I was advised I should have explicitly made this an IA only request (which is when I highlighted that on this page). Later comments agree with ACN. I would also tend to agree that the ability to edit client side scripts that automatically get executed on tens of thousands of machines every day, hour, minute(?) has the potential of being far more disruptive than the abuse of admin tools. For one, the scripts would run with Admin privileges on every admin account, so IA implies the possibility to directly command every single active admin account. So, yeah, full agreement from me in that regard. Chose your IAs wisely! I would argue though that this doesn't mean people with more upload, categorization, or cleanup activity are more qualified. I'd say people with tool building experience are what you would want. --Dschwen (talk) 15:38, 14 January 2021 (UTC)[reply]
    Full disclosure here, I do have experience with the potentially harmful effects of editing on-wiki scripts. The WikiMiniAtlas client script lies on meta (where I am IA). A few (maybe 6 or 7) years ago I added a feature that issues an HTTP request to the (back then) "toolserver". Shortly after my script change I noticed the toolserver was offline and I was unable to log in. This was frustrating as I was in the middle of expanding said feature. I quickly realized that my script change had caused an accidental denial of service attack on the toolserver and immediately reverted my mistake. I guess everyone makes mistakes sometimes, but that's one I'm definitely not intending to repeat. --Dschwen (talk) 15:46, 14 January 2021 (UTC)[reply]
    One more (since it is apparently story time). This one is not directly related to IA privileges, but tangentially. In the early days of WikiMiniAtlas when I introduced the satellite layer I thought it might be a good idea to just directly have the client request tiles from NASA's Jet Propulsion Laboratory's map server. Their map server would re-project the satellite imagery to the correct coordinate system, and would produce tiles of the correct size. Very little work for me! Unfortunately after a few days this "solution" stopped working. So I found the contact person responsible for that server at NASA and shot him an email. He was very courteous and kindly let me know that their server melted, suffering from what looked like a distributed denial of service attack, and he had to block all publick access to that API... Anyhoo, we sorted things out, I changed my code to request unprojected raw satellite data, cache it on the toolserver, and do the projection myself (again caching the results), dialing back the load on the NASA server to practically zero. Hold these stories against me if you will :-), but rest assured that I learned from both incidents! --Dschwen (talk) 15:53, 14 January 2021 (UTC)[reply]
    @AntiCompositeNumber: I just realized I haven't given you a summary of my account security measures. I'm frankly a bit at a loss here. I have a strong unique password for my global account that is not shared with any other service online. I have 2FA. I don't log in in public places or computers I do not control (well.. what computer do you really control these days...). I practice basic computer hygene (I use up to date Linux and mac systems do not install random crap that might end up stealing my password etc.) I'm picky when authorizing account access via oauth and remove access when I'm done using a service (like the geo location tool on commons). --Dschwen (talk) 23:37, 14 January 2021 (UTC)[reply]
Retrieved from "https://commons.wikimedia.org/w/index.php?title=Commons:Administrators/Requests/Dschwen_(interface_administrator)&oldid=526013765"