Knowledge (XXG):Arbitration Committee/CheckUser and Oversight/2019 CUOS appointments

3232:

From November 2016 through April 2019, I was an active member of the OTRS team—I voluntarily relinquished my access in April because of changes in my real life situation which have now alleviated—so I would be readily able to handle requests to the OTRS queue. Being on the OTRS team exposed me to a more humbling side of Knowledge (XXG): the people whom we write about and the people whom we interact with are real people, and the things we do and say can have real, tangible effects. We cannot forget that. For these reasons, I think I am intimately familiar with the principles underlying the oversight policy. I am very active on IRC, and there I help handle revision deletion requests in the #wikipedia-en-revdel channel—I would be more than happy to respond to the oversight requests there as well. As I mentioned in my CU nomination statement, I find that I get along well with other Wikipedians, so I look forward to working with fellow oversighters if appointed.

1409:

just be another tool in the toolbox to help with the work I already do in that area. Apart from SPI, back in January of this year I joined the account creation team (ACC), which typically has a backlog of requests awaiting checkuser (the oldest request in that queue at the time I am writing this is from 7 months ago). I would be happy to help out on that front as well. As far as my personal background goes, I am familiar with networking principles and IPv4/IPv6 range blocks, and I consider myself a quick-learner. If there is a tricky or unfamiliar case, I would not hesitate to consult with a fellow checkuser. I am very active on IRC, and I find that I get along pretty well with others on Knowledge (XXG). I look forward to working with the team if appointed.

2190:

of blocking on Knowledge (XXG) in general, and IP addresses in particular, which as I mentioned above are a staple of CU work. I am not looking for large numbers of blocks, just enough to be able to identify quality and a level of experience. For example, it is one thing to know what an IP address range is - it is another to range block it and deal with all the collateral, complaints, block evasion, and other mess that comes with actually performing such a block. We all learn things from blocking IP addresses. Anyway, the decision is not mine, and I've probably had my say, so I'll step aside and wish you good luck. --

1739:

opening a case for somebody else to follow up on. As a CU, I could see for myself, which might well lead to more blocks. I imagine I'll also be servicing the SPI queue and/or responding to requests from other queues (arbcom, etc) so that would lead to more blocks. Massively? That would be speculation, so I can't really answer that part. Not to mention, that just like with edit-count-itis, I don't believe there's much value in comparing block counts. With the tools I have now, I could certainly be doing more blocking, but I tend to be conservative about blocks, and I don't expect that would change.

2821:

oversight policies. I'll be available to help with the oversight mailing list and to handle any requests e-mailed to me, and while patrolling userpages, the user creation log, and new articles I have encountered many instances calling for oversight; I have never had an oversight request denied, and being able to handle such cases on my own would allow me to better serve the community. I am of the age of majority where I live, and have read the policies on non-public information and the confidentiality agreement; if selected, I will sign the confidentiality agreement. Thank you for your consideration.

1729:

software, etc). At the network layer, a security gateway could mutate HTTP headers (including the user-agent string) on the fly. I would be surprised if our most sophisticated and well-funded users (government-backed disinformation agencies, high-priced PR firms with Fortune-500 clients, national political parties) were not already doing this. I think it less likely that garden-variety SEO spammers are using technology like that, but it's not beyond reach of a mid-sized company with more money than ethics.

1602:

Google, access to any personally-identifiable information was tightly controlled, on a "need to know" basis, and with strict requirements to limit access to the minimum amount of data required to do the job, for the minimum amount of time, and quarantined to a secure environment. As a CU, I would have access to similarly sensitive user information, and would exercise the same diligence. I'm being vague here, but please feel free to ask questions if I've glossed over anything that you want to know.

1153:

AFD, AN3, and ANI. I'm also an ACC Tool Administrator on WP:ACC, and assist with processing account creation requests, as well as helping tool users with difficult or complex cases. I'm also an SPI clerk and help with responding to evidence and accusations of sock puppetry. I'm also highly active on IRC and I respond to requests for assistance and input from other users, and I respond to emergencies such as LTA activity, threats, blocking requests, revision deletion and suppression requests.

1139:

been an administrator for three years, an oversighter for one year, and have been consistently active, available, and happy to help with requests and urgent matters on IRC and other communication methods. Having the checkuser tools will help me to be able to help more people, as well as help protect this project from sock puppetry and abuse, and put an end to harassment. If you have any questions, please do not hesitate to ask and I'll be happy to answer them.

1162:

Software Engineering Technology and a Minor in Applied Mathematics. I have extensive IPv4 and IPv6 experience that I actively use during my daily tasks at my current job, including networking, traffic routing, VPN, encryption, and security. I also have basic and advanced certification with Dell SonicWall firewalls and have written packet sniffing, ARP, and ICMP software GUIs and tools completely by myself using C++, Win32, and the WinPcap library.

78: 2490:, I apologize for the delay, it's been a busy week. By and large one of the primary concerns cited was a one-time issue shortly before CUOS2018. I won't rehash the debate, but I have read and re-read that discussion many times and have taken the feedback I received there to heart. I was too quick in that instance to use the tools, and should have proposed an action and solicited feedback before doing so. 786:. While I think it's great that you have returned, some might say that you should have been desysopped for inactivity. CU/OS are particularly sensitive permissions if put in the wrong hands, even more so than just administrator. If given the tools (and you are applying for both tools), do you think that you will be active enough over the next few years to put them to good use? -- 2226:

not be discussed there, but I think that for a good percentage of checks here might be one or two of the current checkusers who would disagree with it, and I know that I often see declines to check where I might have run one. to I think someone with Roy's experience on and off WP will have good judgment, and will especially know enough to go carefully at first.

4470: 2638:

noticing a dearth of activity from oversighters there at certain times of the day which is a hole I'm happy to help patch given I follow a European timezone. I'm experienced at handling private data, both through my work at ACC and as a current checkuser. I'm also familiar with the revdel tool having handled quite a number of revdel requests from IRC.

3810: 3533: 3321: 3154: 2903: 2715: 2523: 2177: 1484: 1244: 1021: 867: 589: 524: 1709:

connection (although, probably out of a limited-size pool). Mobile users (a large and growing segment, especially outside of North America) will get dynamic IP addresses. With all of those, the IP address won't change very quickly, so a user who logs out and logs in again as a sock will probably still have the same IP address.

1719:

be the same. On the other hand, in large centrally-managed environments, software is usually rolled out onto desktops via automated processes, so every computer may have the same user-agent string. Thus user-agent matches or mis-matches are just another hint, neither conclusively proving or disproving anything.

1887:

user's first edit is to AfD, that's something that raises suspicion. When several new users all comment on the same AfD, that's a (much) bigger suspicion. And, while I can't put into words exactly what I'm looking for, I've certainly read things that people have written and thought, "Hmmm, that sounds fishy".

3734:

responsible for making initial determinations on the use of CheckUser (endorsing or declining CU requests prior to CU review), evaluating evidence, and blocking users for sockpuppetry. I’ve made over 500 blocks in the ~1 year since my RfA, and many SPI-clerk recommendations for admin action before that.

945:

3762:

I have a technical background as a student of computer science at Stanford; although networking is not my area of research, I know the basics and I'm confident I can pick up relevant skills fairly quickly. As for experience dealing with private information, I have held a number of positions requiring

2253:

I'd also like to thank Roy for his detailed responses to my questions, and for totally not calling me out for kinda stretching the rules with 2 and 1/2 questions. Whatever else I may think, in both the past incident in question and here on this page Roy has been forthright and civil despite my rather

2225:

The written policy for CU is of course our basic rule, but in actual work it, like all policies, needs interpretation. Various CUs interpret it differently, because so much of this is judgment. In discussions on the CU list, there are frequently disagreements. Of course, most checks are not and need

2041:

This all happened a year ago, and I barely remember the details. But, I suspect that if, at the time, the magic CU fairy had come down and granted me three wishes, I probably would have used one of them to run a CU. But, that was a year ago. In the intervening time (and especially more recently as

1940:

The same cannot be said of accessing confidential information. Once I've seen something, I can't unsee it. There's no way to completely undo the disclosure, and you never know what you're going to see before you look. Behavior-based blocks should not be made willy-nilly, but the decision to breach

1718:

Corroborating evidence would be identical user-agent strings. For example, I take my laptop with me and use it on various networks, including public hotspots and on mobile networks via tethering to my phone. In those various locations, I'll have different IP addresses, but my user-agent string will

1408:

Hello, I'm Mz7, and I would like to apply for checkuser rights this year. I have a history of evaluating SPIs going back to when I became an administrator in January 2017, and I am experienced at identifying the behavioral peculiarities that may indicate that two accounts are related. CheckUser would

973:

825:

Now, if I'm wrong about all that, the activity requirements for CU and OS are also quite a bit more stringent than for sysop. I believe it is 5 logged actions (with the functionary tools) in a year, and of course ArbCom has the power to change that or otherwise manage the Checkuser or Oversight tools

821:

On point, I do believe I'm here to stay. I went inactive due to college; I now hold a stable full-time job. I've gained some maturity and life experience, and I'm returning with a fresh motivation to contribute to the project well into the future. I've learned the few new tools and processes that are

3072:

user. I'm a computer security researcher and a part time web admin, so I am very familiar with the uses - and limitations - of the tool. I am comfortable calculating IP ranges and issuing range blocks. My Recent Changes and AbuseFilter patrolling causes me to stumble upon likely sock puppet accounts

2820:

I am applying for the oversight permission to increase my participation on Knowledge (XXG), help protect the privacy of users, and keep defamatory content from proliferating. I have been an administrator for almost 8 years, active throughout that time, and am very familiar with both the deletion and

2105:

But, the real answer is that I expect that initially, I'll be seeking a lot of input, and go along with the advice I receive. It's quite clear that if I were to ask you, you would say not to run it. Given that AGK declined this a year ago, I expect they would say the same thing. So, yeah, if this

2014:

felt a CU investigation wasn't warranted. How do I feel about that? I'm fine with it. I made a request, and the CU declined. That's fine, that's their job to decide which ones are justified and which aren't. I'm not trying to be evasive, but I don't know what else you're looking for me to say.

1738:

As for, "Would you expect your blocking activity to massively change?", it's difficult to predict the future. Certainly, as a CU, I would have access to more information than I do now, which would help me make better block-or-no-block decisions. Sometimes I suspect a sock, but not enough to bother

1631:

I'm a little surprised to see, given your apparent technical experience, that you've only blocked 5 IP addresses in the last 10 years. The CU role requires a lot of work with IP addresses, such as blocking, analysing or classifying networks, and evaluating collateral. Could you elaborate on how your

1215:

Since last year, I was promoted to a full clerk on SPI. I've also extended my participation on Knowledge (XXG) by not only responding to suppression requests and suppressing content that required its use with the oversight tool, but also helped to remove missed content that needed supression. I also

1161:

My user page explains the extent of my background in a nutshell - I've grown up around computers and my IT-related experience goes very far back. I performed computer and network administration throughout my youth while in school, and held jobs in IT-related areas ever since. I have a BS in Computer

722:

3427:

on splitting oversight from ArbCom, to try to free up ArbCom for more dispute resolution activities – though it was a non-starter I still think that having non-arbcom oversighters is important so that the committee can focus on their core responsibilities. To that end, I'd like to think I have the

3278:

This is my first time applying for advanced permissions beyond sysop on any WMF project. From November 2016 to April 2019, I was an active member of the OTRS team with access to the info-en and permissions queues. I voluntarily requested that my access be removed in April 2019; although my activity

2189:

I'd like to thank RoySmith for their extensive reply to my question above. For the benefit of readers who are less technically minded, it's not to be faulted on technical grounds, ie it shows a fair general knowledge of some of the issues that we face. I remain a little concerned about inexperience

1592:

I've been active for the past few months opening SPI cases. I got into that when I started working on reviewing new drafts, which has a fair amount of socking involved. My role at this point has been gathering whatever evidence I could with the standard admin capabilities. Commonality of editing

1444:

1220:

to make it more clear, detailed, and easy to read for newcomers. I've also helped to improve the ACC process for users by increasing deflection. This was done by helping to create necessary pages in order for users to assist themselves and create their own accounts instead of making them wait up to

496:

Applicants must be aware that they are likely to receive considerable internal and external scrutiny. External scrutiny may include attempts to investigate on- and off-wiki activities; previous candidates have had personal details revealed and unwanted contact made with employers and family. We are

3418:

and I am applying for an oversighter appointment. I have been a Wikipedian since 2005, an administrator since 2006, and a bureaucrat since 2016. I currently function as an oversighter on the meta-wiki project and have previously completed the confidentiality agreement for nonpublic information. If

2851:

I work with disabled adults, and in my professional capacity I handle confidential information on a daily basis. Among many other responsibilities, this involves extensive case notes and writing about specific incidents. I must be able to describe client incidents in adequate detail without giving

2651:

I have been handling revdel requests from IRC for a number of years now, and I'm confident in the use of the tool. I also have extensive experience in handling private data here on-wiki, with more than a decade of ACC and a year of checkuser under my belt. I also do a lot of attack page deletions,

1152:

My time has been mostly spent in recent changes patrolling and attempting to mentor and help new users on Knowledge (XXG). I patrol recent changes and revert vandalism, respond to instances of long-term abuse, username violations, blatant sock puppetry, page protection requests, and (occasionally)

3231:

Hello, I'm Mz7, and I would like to apply for oversight rights this year. I have been involved in the "behind-the-scenes" work on Knowledge (XXG) for almost the entirety of the time that I have been active here, and this has exposed me to numerous situations where I have had to request oversight.

3094:

Through recent changes patrolling, I occasionally find oversightable material that I report to the oversight email queue. I also use the revdel IRC channel to respond to requests for revision deletion by non-admins. As an oversighter I would be able to provide a faster response to people visiting

1922:

If a block is made in error, it can be reversed with no lasting harm. Well, that's not quite true; if the act of blocking somebody ends up chasing away a potentially valuable new user, that's harm. From the point of view of the user's account on the site, however, they've been restored to their

1728:

And, of course, all of the above assumes a technically naive user. A more sophisticated user can intentionally mask their IP address using proxies. User-agent strings are likewise easy to spoof at the desktop (by installing multiple browsers, ua-switcher plugins, virtual machines, custom client

1684:

notation. For example, a small business I help out with their IT needs, has a /29. That means the top 29 bits are their network address, leaving the bottom 3 bits for internal addressing. Excluding 000 and 111 as reserved, that gives them 6 externally routable IP address, any of which might be

1647:

Every incoming HTTP request will have the remote IP address logged. For logged in users, there will be, in addition, a username. The IP addresses can be used as a clue to suggest that multiple requests may have come from the same place. For example, if I make a logged-in edit, then log out and

1601:

My last two positions (Senior Software Engineer at Google, and Director of Engineering at Songza) were both hands-on running web servers and applications. Much diagnostic work involved reading through server logs. In both positions I had access to confidential user information. Particularly at

1138:

I am applying for the CheckUser permissions in order to extend my participation on Knowledge (XXG) and help put a stop to sock puppetry, disruption, and abuse. I'll be available to help with processing requests that I see go unanswered on IRC, as well as help with the backlog at SPI and ACC. I've

3753:

My nomination statement describes a number of pertinent areas in which I've contributed; in particular, I've been an SPI clerk for nearly four years, an ArbCom clerk for over four and a half years, and an administrator for over a year. In these roles, I have worked closely with functionaries and

3733:

Greetings: I’m Kevin, and I’m applying for CheckUser and Oversight access to help with some of the backlogs we’ve seen, particularly at SPI. I’ve been an SPI clerk since December 2015, where I’ve been actively involved in sockpuppetry investigations. As a clerk and patrolling administrator, I am

964:

944:

745:

for cases that are ready for administration, either because a CheckUser has already commented or because no CheckUser is required, so I am familiar with investigating behavioral evidence of sockpuppetry as well as the procedures at SPI. I come across enough likely socks through patrolling Recent

3739:

I have an extensive track record as a thorough evaluator of behavioral evidence in SPI cases, and I have a technical background as a Stanford computer science student. I am regularly available and accessible on IRC, and I am glad to perform CU/OS functions on ACC, UTRS, and OTRS (all of which I

1886:

So, what we're really talking about is how I would make the judgement call to suspect socking when I see unusual behavior at AfD. I can't give you an exact answer. That's why we still employ humans to make judgement calls instead of relying on AI algorithms to do it for us. Certainly, when a

1435:

I have a technical background and am familiar with basic networking principles and IP address assignment. I consider myself a quick learner, and if there is any technical aspect of a case that I am unfamiliar with, I will not hesitate to ask a fellow checkuser for advice. I also have experience

950:

2834:

I have extensive experience with deletion and revdel across several namespaces. In particular, I regularly check userpages and subpages for various types of misuse, such as spam or NOTWEBHOST violations, and frequently find private information of various sorts. In addition, I frequently patrol

2637:

I am putting myself forward for Oversight. Having made quite a number of requests for oversight, mostly towards a small handful of oversighters, and as far as I'm aware and recall, (if not all) the vast majority have been actioned. I am quite active on IRC in the -revdel channel, and I've been

1958:

Should you expect that I'll automatically run a CU investigation on every new user that pops up at AfD? No, of course not. Will I look at brand new users who are commenting at AfD and wonder if they're legitimate? Yes. How will I decide that my initial suspicion is strong enough to justify

2199:

Inclined to say not right now - the concern isn't lack of technical expertise but expertise in when running a CU is allowed under policy, and issuing rangeblocks (that could be CU blocks as well). Would be happy to reconsider after serving as a SPI clerk, or more relevant experience (like at

2139:. The same concept applies here. Assuming I'm granted CU, I recognize that on day one, I'll be the least experienced and least knowledgeable of the entire CU cadre. My first job will be to learn as much as I can from those who have more experience than I do. It's one thing for me to read 1708:

On the other end of the spectrum, some users will come from multiple IP addresses. The most obvious case is somebody editing from both home and their office, or from public WiFi hotspots. Users with dial-up connections (increasingly rare these days) will get a different IP address on each

1788:

I generally work under the assumption that when a brand new account immediately heads for AfD, something's not right. It's simply not what you would expect a brand new user to be doing. There was a long AN thread (started by me) about this, which I've taken as an endorsement of this

1422:

As I mentioned in my nomination statement, I have commented on numerous sockpuppetry investigations in the past several years I've been an administrator. Specifically, I have experience spotting behavioral peculiarities that carry over between multiple accounts (which are the key in

1988:"(emphasis added) A Checkuser found one of the accused to be unconnected, and the other, the one whose block was the subject of the previous AN discussion, they declined to CU at all. Given your answer above, I'm curious as to how you feel about the CUs refusal to even run a check? 1685:

visible in the Wikimedia server logs for requests coming from this location. If it were decided that this location was overrun with miscreants and we wanted to block the entire lot of them, we would block the entire /29 range (I don't think I've ever actually used this feature).

530:. Each candidate will receive an application questionnaire to be completed and returned to the arbcom-en-c mailing list before the nomination period ends. This should include a nomination statement, to a maximum of 250 words, for inclusion on the candidate's nomination sub-page(s). 1770:, in which I undid one of your blocks because it was based solely on your assertion that any new user who shows up at AFD is a sock. At the end of that discussion you seemed to understand that that is not ok, and why it isn't ok. To my mind this isn't something that should have 3458:

I have lengthy off-wiki professional experience in the financial industry, information security, and computer security. My experience includes review and classifying information, maintaining technical and professional confidentiality, and information system auditing. —

3441:

Locally, I have years of experience with deletion, rev-del, and redaction as an administrator. I am currently an oversighter on the meta-wiki, so have direct experience both with the tools and its logs, as well as keeping open communications with other functionaries. —

3077:

and elsewhere. Similarly, I do occasionally run into oversightable things from recent changes or sockpuppets, and report them to the oversight team. I often have IRC and email open even while I'm not actively on wiki. So, I offer to take on either or both roles, as you

727:

2807: 3103:

I work in computer security, and I'm a developer/sysadmin for a small hobbyist website, so I regularly work with IP addresses and ranges, WHOIS and port scan data, user agent headers, and am responsible for protecting sensitive data relating to our

1814:

So my question is, if you were granted CU access, could we expect that anyone who was new and made a comment at AFD would be checkusered by you, to try and find evidence to back up this assumption that "new user at AFD = 100% certainty of socking"?

746:

Changes, abuse filters, and a few other venues, to be familiar with the common LTAs. I also issue my fair share of range blocks, balancing the size of the range and the duration against the level of disruption in order to minimize collateral damage.

4409: 2076:(and I'm sure that's what you're getting at). Credible just means "believable", and obviously at the time, I believed it. So, yeah, my reading of the policy is that this would be a legitimate check. And thus the answer to your first question, 4539: 4534: 4529: 4524: 4514: 4509: 4504: 4499: 4494: 4489: 4484: 4432: 2860:

Right now, my only advanced permissions are being an administrator here. I previously had OTRS access from 2012-2014, and handled a few tickets, but let it lapse; at the time I had decided to focus almost exclusively on content creation for a

1055:

A relatively new admin but combined with their ArbCom/SPI clerking experience I feel comfortable supporting both tools. Only hesitation would be increased workload, but these are in areas that generally overlap, so I'm not really concerned.

4555: 4437: 3245:

I have a lot of experience in the behind-the-scenes areas of Knowledge (XXG) that have exposed me to situations where I have needed to request oversight. I'm active on IRC, where I've handled numerous revision deletion requests in the

4442: 2664:

industry, where there are extensive regulatory requirements regarding the confidentiality of information and network security. Due to this, I'm very familiar with the data security requirements and how to handle that sort of data

1904:

Wielding more powerful tools implies the need for greater discretion when using them. The ability to access a user's confidential and personally-identifiable information is indeed a more powerful tool than the ability to block

2106:

were my first case, and I asked for advice, and the two people who came back were you and AGK, I expect I'd have two people advising me not to check, and I'd go along with that. So the answer to your second question,

1423:

investigations—checkuser is just complementary evidence in that sense), and I am familiar with the kind of information that checkuser would return and how it would factor into the outcome of an investigation. I joined

1593:

focus, correlations between users of editing timelines, similarities in usernames, editing style, etc. When there seemed to be enough behavioral evidence, I would open a SPI case for further investigation by a CU.

1698:

NAT is theoretically possible with IPv6, but the extremely large address space eliminates the main technical driver (i.e. address space exhaustion) which gave rise to NATv4. It is still used at IPv6-IPv4 traffic

834:

one of the mandatory users, I'd certainly look closely into using it if appointed, as another option to improve account security. (My password is already a long random string that is not used for any other site.)

2626: 803:

Hi Rschen, thanks for the question. I won't wade too far into topic of sysop inactivity except to say that I probably wouldn't have started back up if I would have had to go through RfA again. Aside from a

1869:

is a problem. We know socking at AfDs to prevent paid articles from being deleted is a problem. It's not a huge leap of logic to suspect that, when a new user's first edits are to AfD, maybe it's a sock.

2071:

I think it's clear that this example was potential disruption, since we're talking about (potentially) influencing the result of an AfD for illegitimate purposes. So, then we're down to whether this was

1670:

NAT is done on a much larger scale at universities, corporations, libraries, and the like. Even countries. Thus, indiscriminate blocking of IPs can deny service to a large number of users as collateral

1170:

I am an oversighter on the English Knowledge (XXG) here, a bureaucrat on the test protect, and a steward on the Wikimedia beta project. I have OTRS permissions and access to the oversight-en and info-en

299: 2957:

of "humor" and don't think this should disqualify him from being a functionary. But the Arbitration business, and doubling down with pride, is less than I would want to see from a functionary. Best,

4351: 4139: 3401: 1548: 336: 168: 1661:, making multiple computers on my WiFi all appear to have the same IP address. So, all you can really say about a request from that IP is that it was from some computer within range of my WiFi. 754:

I work in computer security, and I'm a developer/sysadmin for a small hobbyist website, so I regularly work with IP addresses and ranges, WHOIS and port scan data, user agent headers, and so on.

3768:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

3472:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

3275:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

3109:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

2857:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

2670:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

2419:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

1607:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

1441:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

1167:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

979:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

759:

Do you hold advanced permissions (checkuser, oversight, bureaucrat, steward) on this or other WMF projects? If so, please list them. Also, do you have OTRS permissions? If so, to which queues?

1127: 4395: 101: 21: 3720: 3051: 2735:

team. He has consistently acted with integrity as one of the ACC tool administrators, and has positively contributed to the collegial atmosphere that we have on the team and demonstrating

931: 701: 570:

Editors may comment on each candidate with a limit of 500 words, including replies to other editors. Discussion will be sectioned and monitored by the Arbitration Committee and the clerks;

560:

Nomination statements will be published and candidates invited to answer questions publicly. The community is invited to participate. Please note changes from previous consultation phases:

3862: 3218: 2321: 1395: 4457: 4452: 1977: 330: 1309:

Last year I was in favour of Oshwah becoming a CheckUser and that has not changed - it actually has strengthened. He has handled OS well and is an SPI clerk. I trust his judgement. --

4133: 2771: 2042:

I've considered applying), I've read a lot more about CU policy. I've also opened a bunch of SPI cases and gotten to observe how things get handled in real life. So, let's look at

2783: 4422: 4417: 3064:

I am volunteering for Checkuser and Oversight. I returned to Knowledge (XXG) early this year from a long inactivity - I originally edited from 2006 - 2009. I am familiar with

2976: 714:

I am volunteering for Checkuser and Oversight. I returned to Knowledge (XXG) early this year from a long inactivity - I originally edited from 2006 - 2009. I am familiar with

294: 2801: 2789: 1295:

Oshwah is well versed in policy and has perfomed over 62000 admin actions in over 3 years which has spot on and one of the most active admins in the Project.Clearly an asset.

326: 122: 114: 4382: 2777: 1657:

But, life is more complicated than that. For example, with my residential internet connection, I have a (mostly) static IP (v4) address. Inside my house, my router does

822:

relevant to my work, and I've found ways to apply my skills here that I enjoy and find productive. So yes, I do believe that I would be able to put the tools to good use.

2795: 3816:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 3539:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 3327:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 3160:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 2909:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 2721:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 2529:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 2183:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 1490:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 1250:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 1027:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 873:. Please note that the candidate will be provided the opportunity to respond to a paraphrased version of any emailed comments; the sender's name will not be provided. 268: 3424: 4157: 1865:

Under "Grounds for checking", it gives "double voting" as one of the disruptive behaviors we're trying to defend against. We know socking is a problem. We know

288: 133: 111: 4300: 610: 606: 550:

The committee will notify candidates going forward for community consultation and create the candidate subpages containing the submitted nomination statements.

321: 259: 178: 106: 427:

and related documents. They must have good communication and team-working skills. CheckUser candidates must be familiar with basic networking topics and with

4145: 3624:

I certainly trust his judgement as a Meta Oversighter colleague and would trust him to use his best judgement for the English Knowledge (XXG). — regards,

2979:, I made a more important point of not restoring it and reminded people who ran into controversy on April Fools jokes not to get into it with each other. 2954: 2852:

away any personally identifying information about other clients, sonI am very familiar with what is legally considered personally identifying information.

818:

is any indication, we should be working to retain and recover experienced editors, particularly those who have left under non-controversial circumstances.

264: 4127: 2984: 2765: 2535:

I have no concerns with SQL's judgement. He is a good administrator with sufficient technical knowledge to be of benefit to the project in this role. --

274: 254: 137: 4344: 4090: 3839: 3661: 3644: 3630: 3619: 3605: 3583: 3567: 3553: 3489: 3465: 3448: 3342: 2990: 2966: 2748: 2544: 2498: 2476: 2437: 2263: 2246: 2220: 2194: 2150: 2036: 2022: 1997: 1824: 1755: 1636: 1336: 1318: 1304: 1290: 1268: 1204: 1068: 1050: 844: 798: 279: 192: 173: 395: 3279:

level was still within the activity requirements of OTRS, I decided I wanted to focus my time more on content work and administrative work on-wiki.

1841:"New user at AFD = 100% certainty of socking" is overstating things. I'll certainly agree, however, that "new user at AFD = suspicion of socking". 1445:

level was still within the activity requirements of OTRS, I decided I wanted to focus my time more on content work and administrative work on-wiki.

313: 204: 4245: 1799:

and it was not a community endorsement of this approach, and I said so on your talk page, and you seemed to indicate again that you got the point.

237: 3754:

arbitrators, especially in sockpuppet investigations, and have developed experience in evaluating evidence and using the block and revdel tools.

2673:

I currently hold checkuser here on enwiki, and I have access to the OTRS queues info-en and checkuser-en-wp. I also have bureaucrat on testwiki.

1632:

experience has prepared you for IP addresses in the context of Knowledge (XXG)? Would you expect your blocking activity to massively change? --

965:

arbitrators, especially in sockpuppet investigations, and have developed experience in evaluating evidence and using the block and revdel tools.

4294: 428: 163: 92: 4188: 4122: 2980: 2760: 1689:

lists some particularly sensitive examples of this, along with cautions for use, and instructions for reporting to the WMF any such blocks.

1967:." And, obviously, I'll avail myself of (off-wiki) advice from other functionaries on close calls, especially as I'm getting up to speed. 2006:

Obviously, I felt what I was seeing was suspicious, for the reasons stated, and deserved greater scrutiny. Based on their SPI comments,

4278:

his CheckUser permission in May 2019, is reappointed as a CheckUser following a request to the committee for return of the permission.

4084: 2590: 2356: 459: 4392: 409: 229: 69: 17: 4368: 4041: 3894: 1963:. The deeper answer, however, will always be, "I'm human and I'll make human judgements based on my experience and intuition, plus 1648:

make another edit, both edits will be associated with the same IP address, and that's a pretty good clue they're by the same person.

814:, the learning curve hasn't been too steep, and I'm far from the only administrator to return from a long period of inactivity. If 215: 158: 3822:

Per my previous comment, I believe Kevin to be clueful and adept enough to deal with the tools if they are chosen for the same. --

3428:

trust of the community to both keep suppressed material secret, and to only suppress materials as supported by policy. Thank you.

2915:

I was reminded of April Fools Day on Knowledge (XXG) today which reminded me of something which happened last year. It wasn't his

4352:

Knowledge (XXG) talk:Arbitration Committee/Noticeboard/Archive 45#2019 CheckUser and Oversight appointments: Candidates appointed

4239: 3992: 3943: 3759:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

3657: 3579: 3455:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

3263:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

3100:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

2848:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

2657:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

2602: 2472: 2411:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

2216: 1598:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

1432:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

1300: 1264: 1200: 1158:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

1064: 970:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

794: 751:

Please outline, without breaching your personal privacy, what off-Wiki experience or technical expertise you have for this role.

489:

Active users of non-standard venues, such as IRC, the account creation interface, OTRS, and/or the Unblock Ticket Request System.

150: 3095:

that channel to request oversight, which can otherwise have a delay especially later in the evening when I am primarily active.

2620: 2608: 1427:

back in January 2019, where I have handled approximately 400 requests, about three dozen of which I had to refer to checkusers.

480:

Familiar with identification of factors that may change a result or block, such as ISP, location, activity, or type of network.

51: 3863:

Knowledge (XXG):Arbitration Committee/Noticeboard/Archive 12 § 2019 CheckUser and Oversight appointments: Candidates appointed

200: 98: 4318: 4182: 3365: 2596: 1512: 4375: 210: 128: 3333:

I have no problem with Mz7's judgement and believe that he would be of even greater benefit to the project in this role. --

2569:

Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

644:

Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

3849:

Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

3479:

I am an oversighter on the meta-wiki; a bureaucrat here, on testwiki, and on test2wiki. I am also an administrator on the

2614: 2554:

Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

2069:

to prevent or reduce potential or actual disruption, or to investigate credible, legitimate concerns of bad faith editing.

3073:

fairly often, and access to the Checkuser tools would allow me to properly resolve those cases and help with backlogs at

723:

fairly often, and access to the Checkuser tools would allow me to properly resolve those cases and help with backlogs at

613:

prior to receiving permissions. Oversighters and CheckUsers who intend to work the OTRS paid editing queue must sign the

4306: 3476: 3377: 2739:

to almost all users we deal with in the ACC queues. I strongly believe that he would be an asset to the oversight team.

1524: 1091: 470:

We welcome all applicants with suitable interest to apply, but this year we have particular need of applicants who are:

388: 4360: 2924: 3575: 3395: 3383: 1658: 1542: 1530: 1296: 1273:

Oshwah is an asset to SPI, has dealt with his bits well, and is also one of the most active administrators we have. --

4221:

The Committee thanks the community and all candidates for helping to bring this process to a successful conclusion.

4288: 4108: 4035: 3888: 3834: 3684: 3600: 3371: 3015: 1518: 1285: 1103: 1045: 895: 665: 249: 4330: 3986: 3937: 3574:

Fine candidate excellent knowledge of policy and technical expertise and has perfomed around 24500 admin actions.

3389: 3182: 2285: 1536: 1359: 1121: 1109: 2027:

I guess what I was getting at is if you think you would have run a CU or if you agree with the decision not to.

1793: 1767: 353: 4263: 4096: 3696: 3635:

I trust Xaosflux's judgement and believe that he would be even more of an asset to the project in this role. --

3027: 2402:

I mention in my nomination some of the various related tools I've written. I've contributed extensively at the

1959:

digging deeper? The simple answer is, "I'll make my determination is accordance with the policies outlined in

1330: 1097: 907: 677: 88: 2349:, a tool used by many functionaries daily to help determine if a given IP is a proxy / webhost / compromised. 3714: 3702: 3194: 3045: 3033: 2843:. I have submitted dozens of oversight requests related to all of these, and all of them have been actioned. 2297: 1371: 1115: 925: 913: 695: 683: 381: 1858: 4251: 4206: 4078: 3690: 3250:

channel. I have already signed the confidentiality agreement for Wikimedia projects as part of my work on

3212: 3200: 3021: 2744: 2584: 2414:

As I mentioned last year, I've had a lot of relevant jobs, NOC / internal support, and cable tech support.

2315: 2303: 1389: 1377: 901: 671: 3420: 417: 413: 4283: 3708: 3615: 3188: 3039: 2291: 1774:

to be explained to an admin with your level of experience, but since you seemed to get it that was that.

1680:

Commercial customers are more likely to publicly expose a range of IP addresses, commonly written using

1365: 1323:

Yes, I support Oshwah's request for CheckUser - I think he's well grasped at SPI and would be an asset.

919: 689: 595:. Editors are encouraged to include a detailed rationale, supported by relevant links where appropriate. 2461: 1189: 628:

To comment on candidates, please use section edit buttons to edit the appropriate candidate subpage(s).

31: 2143:

and think I understand it, but I know that there's nothing that can replace real-life experience. --

4275: 4233: 4194: 3654: 3206: 2840: 2469: 2362: 2309: 2259: 2213: 2032: 1993: 1820: 1383: 1261: 1197: 1061: 1033:

Anyone around SPI will know the good work Kevin does. Thoroughly vetted and clueful administrator. --

791: 2135:

I'll leave you with one last thought. In my career as a software engineer, I've learned to embrace

2962: 2136: 1325: 808: 805: 4340: 4176: 4059: 3912: 3636: 3563: 3359: 3334: 2536: 2426: 2235:

wide background in related technical issues, and we could certainly use his support on the team.

2147: 2019: 1976:

Thanks for your detailed reply. I've just realized I missed a whole other aspect of this, now at

1752: 1506: 1310: 2928: 2140: 2043: 1964: 1960: 423:

Prospective applicants must be familiar with (i) policies relevant to CU and/or OS and (ii) the

2953:

which outside of someone else having to tag as humor is well with-in norms). Now I have my own

784: 4073: 4010: 3961: 3068:

and investigate and resolve cases there regularly, and I have already signed the WMF NDA as a

2740: 2728: 2579: 718:

and investigate and resolve cases there regularly, and I have already signed the WMF NDA as a

424: 3870: 3255: 2383: 463: 436: 4047: 3900: 3611: 2007: 1085: 355: 3545:

Great attention to detail, command of policy, and technical expertise; a fine candidate. –

3251: 3074: 3069: 3065: 2936: 2836: 2736: 2732: 2403: 2387: 2379: 2352: 2201: 1866: 1576: 1424: 815: 742: 724: 719: 715: 432: 4228: 3998: 3949: 3651: 3267: 2487: 2466: 2255: 2210: 2028: 1989: 1816: 1258: 1194: 1058: 788: 3771:

I do not have other advanced permissions, but I do have OTRS access to the info-en queue.

1217: 982:

I do not have other advanced permissions, but I do have OTRS access to the info-en queue.

811: 609:, and publish the resulting appointments. Successful candidates are required to sign the 2365:, a tool used to resolve a given subnet (often helpful to identify webhosts or proxies). 358: 4029: 3882: 3828: 3678: 3594: 3551: 3009: 2958: 1279: 1039: 889: 840: 659: 540:

The committee will review applications and ask the functionary team for their feedback.

2931:

guidelines. No it was the fact that the candidate thought it good judgement to make a

1569:

Extensive unix DevOps experience, including managing web servers at Songza and Google.

583:

Comments may be posted on the candidates' subpages or submitted privately by email to

4171: 3980: 3931: 3559: 3484: 3460: 3443: 3415: 3354: 3176: 2496: 2435: 2279: 2242: 2144: 2016: 1749: 1686: 1501: 1353: 1256:

Inclined to support, he seems to have handled OS well and also became a SPI clerk. --

2975:

I wouldn't consider what I did doubling down. On both the thread on my talkpage and

452:

at least 18 years of age and have legal majority in their jurisdiction of residence;

3804: