Requests for comment/Inactive Global bot accounts
The following request for comments is closed. RFC shows there's community support for global bot flags on inactive accounts being removed. The #Proposed closure is implemented. -- M\A
11:43, 8 January 2015 (UTC)[reply]
TL;DR; Majority of Global bots seems to be inactive from 2013. This rises security concerns as they are unmonitred by default on almost all Wikimedia projects. It is suggested to revoke Global bot flags from inactive accounts.
Preface
[edit]Before 2013 and Wikidata "era" each page on each wiki had interlanguage links to pages in other languages (interwiki links or simply interwikis). We needed bots to maintain those lists of links on hundreds of projects. And they were saving huge amount of time for wikmedians, liberating from dull and repetitive tasks.
As such bots would ideally need bot permission on every project to link any project to any project in 2008 community decided to create special global group - Global bot accounts. That saved hassle of requesting bot permissions on every project for bot keepers, and RfP-ing on them for rest of us.
Concerns
[edit]From early 2013 interwikis are handled centrally on Wikidata, those bots are not needed and are inactive for at least a year now. But we still have 92 Global bots which are almost never monitored by local communities. It also seems often bot masters are not active on projects. Unattended and unmonitored accounts rise security concerns here and there. If such account gets in wrong hands, it can do a lot of damage globally, which will remain unnoticed much longer then regular vandalism.
Issue was originally rised on hy:WP by User:6AND5. Consensus on revoking bot flags from inactive interwikibots on hy:WP was reached, but we noticed that majority of those bots are not local but Global ones. We've also noticed similar concerns about interwiki bots coming from other wiki-projects (see link above) and decided to rise this question here.
I've found one related RfC from past year on this, before Global bots became inactive.
I would also like to abuse this opportunity and say a huge Thank you to all Global bot keepers for their service to community for almost 5 years.--Xelgen (talk) 17:32, 13 October 2014 (UTC)[reply]
We suggest that Global bot flags be revoked from inactive accounts, (e.g. no edits for over 1 year).
I don't think it's a good idea to remove whole Global bots group, as they're still needed sometimes (e.g. recently User:Ladsgroup used his global bot Dexbot to remove FA/GA templates which functions also "moved" to Wikidata).
Please feel free to suggest other inactivity periods, or other ways to approach problem.--Xelgen (talk) 17:32, 13 October 2014 (UTC)[reply]
- I agree there is no problem with removing unused flags from global bots. Even in case a bot operator would need to resume a global bot task even after the flag was removed for inactivity, it could simply be reinstated by a steward after request. Vogone (talk) 17:47, 13 October 2014 (UTC)[reply]
- I support the suggested solution (revoke global bot status from inactive accounts with no edits for over 1 year).
- I would also support a shorter timeframe (6 months).
- I would also support revoking the global bot status not only from inactive accounts (= accounts with edits in the relevant timeframe on no Wikimedia project), but also from accounts that are just active locally and not (any more) active globally (= accounts with edits in the relevant timeframe just on Wikimedia projects where this account has a local bot flag anyway) - see for example toollabs:meta/crossactivity/SieBot: After 2011-01-25, this bot made edits on just two wikis: nl.wikipedia and commons. On both these wikis, this bot has the local bot flag anyway, so with respect to the global bot flag this bot can be regarded as inactive.
- --UV (talk) 19:06, 13 October 2014 (UTC)[reply]
- I also support 6 months period (that was on initial proposal, I "softened" later). And I strongly agree that if bot account is used on less then 5 (10?) projects, Global bot flag is not really needed - local bot flags will do the job, and in most cases there's already one. I initially wanted to add complete list of Global bots with their last edit dates, edit types and local flags, but it required much more time than I thought (and can allocate at the moment). --Xelgen (talk) 03:46, 14 October 2014 (UTC)[reply]
- Support I was thinking about proposing something similar as a rethink of the global bot group, but this is a good starting point. --Rschen7754 01:45, 14 October 2014 (UTC)[reply]
- The bots that are inactive since the wikidata change are very like not to becoming active again. So they lost their need for the global flag. Others may have found other needs. I'm a big fan to ask or notify the owners of the globalbots before removing the global flags. Because sometimes the owners have good reasons to keep those global flags. 77.175.28.126 07:26, 14 October 2014 (UTC)[reply]
- Comment. The authors of this proposal mistakenly think that inactive bots accounts are more dangerous that active ones. This is not true and has never been. In fact, any active account is much easier to compromise than inactive one (for instance, by eavesdropping on it). In addition, if any inactive account was compromised and suddenly became active it would immediately raise suspicious among other user, while a compromised active account would be able to continue malicious edits for quite a some time without being discovered (under the guise of normal edits). I am not necessary against removing inactive bot accounts, but, please, do not use justifications that have for long time been known to be false . Ruslik (talk) 15:15, 18 October 2014 (UTC)[reply]
- I think that inactive accounts with bot flag are definitely more dangerous than inactive accounts without bot flag. --UV (talk) 21:49, 18 October 2014 (UTC)[reply]
- Clarification. Dear Ruslik, I never stated that one is necessary more dangerous than the other. But with active ones this risk is justified by usefull contributions they make at the moment. And with inactive ones, there's just a risk without justification of usefull contributions coming now or in foreseeable future. That's the core justification, thinking and risk managment aproach behind this proposal. I had impression that we currently revoke flags from inactive "technically privileged" accounts based on very same concerns and thinking. Please correct me if I'm wrong. "If you don't need a feature (theoretically possessing risk), disable it" is rule of thumb in IT Sec world. And we don't need to maintain interwiki links anymore.
Some IT Sec risks are higher on active accounts (eavesdropping, keylogging, MiM), some on inactive with noone keeping an eye on (bot files with passwords in plaintext on old, abandoned, unpatched and unmaintained systems, brute-forcing/resetting password, mailbox getting to another person, old PCs donated to someone without proper cleanup, mass password leaks noone caring to act on). One can argue where risks are higher, and I'm not sure there's any simple and strong statement applicable here. And while I agree that it's easier to spot inactive account becoming suddenly active, in reality I don't see any kind of regular bot oversight on most of the projects, thus I think fishy activity will be noticed faster by active account holder, then by small/medium communities.
P.S. When I started this reply I wanted to say that risk is small, but today website/FB/twitter of one of friendly projects were hacked, and it IS a pain in the neck. Better safe than sorry. --Xelgen (talk) 20:49, 19 October 2014 (UTC)[reply]
- Support: Reducing permissions on inactive accounts sounds very sensible. Either 6 months or 1 year are both reasonable. Alsee (talk) 09:47, 24 October 2014 (UTC)[reply]
- Support: I'd rather suggest six months time-frame. Bot operators always have the chance to reinstate by asking stewards. ~ Nahid Talk 10:02, 24 October 2014 (UTC)[reply]
- Support -FASTILY 06:44, 1 November 2014 (UTC)[reply]
- I support the propositon. And 1 year of inactivity would be good limitation, while the 6 months period is too short. Currently we haven't too many work on interwiki and the bots can be launched more rarely than before. --Emaus (talk) 20:33, 1 November 2014 (UTC)[reply]
- Will be better 10 months.--6AND5 (talk) 19:41, 2 November 2014 (UTC)[reply]
- Support bonjour à tous, je suis bureaucrate sur frwikiquote et j'ai retirer le statut de bot à 7 comptes inactifs [1], personnellement, je crois 12 mois d'inactivitées serait suffisant pour le retrait du statut. Cordialement. merci de traduire mon anglais n'est pas très bon FrankyLeRoutier (talk) 22:07, 3 November 2014 (UTC)[reply]
- Translation by UV (talk): Support greetings to all, I am bureaucrat on frwikiquote and I have remooved bot status from 7 inactive accounts [2], personally, I believe 12 months of inactivities would be sufficient for the removal of status. Cordially. Thanks for translating my English is not very good
- Support and I would also suggest to each of the WMF projects due the same. If this is done, I also suggest that the applicable bots be removed from the Checkuser pages for AWB. Many use AWB and simply removing them from that list should be done as well. Especially Wikipedia, they have a large number of inactive bots that still have bot flags and or the AWB permission. Reguyla (talk) 18:23, 7 November 2014 (UTC)[reply]
- Support I see no reason for having inactive bots with these rights, since a compromised bot could easily mess up things on the project. Kevin Rutherford (talk) 23:46, 10 November 2014 (UTC)[reply]
- Support 12 months of inactivity is a good standard to remove a flag. 6 months is maybe too short, I have seen users and bots pauses of some months on many wikipedia, sometimes it's physiological. These bots are very delicate, it is in the interest of the project to keep them only if we are sure they perform regularly with continuous overview by active users.--Alexmar983 (talk) 15:11, 25 November 2014 (UTC)[reply]
- I support this brilliant proposal. However there should be a clarification what "inactive accounts, (e.g. no edits for over 1 year)" means. Inactivity on all projects? Or just on projects where the account isn't a local bot as well? --MF-W 01:50, 29 November 2014 (UTC)[reply]
- Support - Good proposal, but I suggest that operators are notified in advance (if they themselves are still active, of course). George.Edward.C (talk) 11:06, 30 November 2014 (UTC)[reply]
This RfC has been opened for a while and it seems there's community support to enact the proposed removal for inactivity provisions, so I suggest to close this RfC in 7 days for now as approved with the following text being added to the Bot policy (as sec.: 1.4):
=== Removal of global bot status ===
Global bot permissions will be removed:
- [...]
- [...]
- If the bot is found to be inactive, with the following provisions:
- Inactivity is deemed as any global bot account not performing any edits on any project where global bot flag is allowed for a whole year.
- Before removal of global bot flag for inactivity takes place, operators must be notified at least on their respective home wikis and at Meta-Wiki.
The section may also be completed with other removal clauses, such as operator's request or violation of the policy, but that's outside of this discussion. Please comment if you like the proposed closure and feel free to suggest ammendments to it. Thanks. -- M\A
11:17, 11 December 2014 (UTC)[reply]