Stewards' noticeboard - Meta-Wiki
Jump to content
From Meta, a Wikimedia project coordination wiki
(Redirected from
Steward's noticeboard
Latest comment:
4 days ago
by NguoiDungKhongDinhDanh in topic
Blacklisting usernames consisting of only non-spacing characters
Stewards
Stewards' noticeboard
Archives
Shortcut
SN
Welcome to the
stewards
' noticeboard. This message board is for discussing issues on Wikimedia projects that are related to steward work. Please post your messages at the bottom of the page and do not forget to sign it. Thank you.
This is not the place for stewards requests
. To make a new request, see
steward requests
and
requests and proposals
For illustration of
steward policies
and use, see the
steward handbook
See also:
Access to nonpublic personal data policy noticeboard
This page is automatically archived by
SpBot
. Threads older than 30 days will be moved to the archive.
Stewards
About stewards
Elections
History
Requests
CheckUser information
Global blocks & locks
Global rights
Local bot rights
Local rights
Account renaming
Miscellaneous requests
URL blacklisting
Title/username blacklisting
For stewards
Help
Policies
Bugs
Mailing list
#wikimedia-stewards
connect
Noticeboards
Access policy noticeboard
Stewards' noticeboard
SpBot
archives all sections tagged with
{{
Section resolved
|1=~~~~}}
after 2 days and sections whose most recent comment is older than 30 days.
Users with extended rights who were automatically demoted
edit
Latest comment:
30 days ago
1 comment
1 person in discussion
Due to the configuration of group restrictions, the following users have recently automatically lost membership in some of their groups. These are:
Karsten11@dewiki
lost: checkuser
Bináris@huwiki
lost: checkuser
Ustad abu gosok@idwiki
lost: checkuser
Penn Station@jawiki
lost: checkuser, suppress
Romanm@slwiki
lost: checkuser
None of the affected groups has exactly one member: checkuser@dewiki (4 members), checkuser@huwiki (5 members), checkuser@idwiki (3 members), checkuser@jawiki (5 members), suppress@jawiki (3 members), checkuser@slwiki (3 members).
Please act accordingly if these users should lose access to any related services. Regards,
MszBot
talk
12:47, 25 March 2026 (UTC)
Reply
Intrusive surveillance script at trwiki
edit
Latest comment:
11 days ago
7 comments
5 people in discussion
I talked about this in the Wikimedia Community Discord, and I was directed here by a steward (
AntiCompositeNumber
). Apparently 2 years ago the Turkish Wikipedia added a script to its common.js that monitors the browsers of every Wikipedia reader, logged in or otherwise, and publicly reports changes to the HTML using the "inspect element" tool of the browser. Here's the
script
, and here's the frankly way too short
discussion
in trwiki about its implementation.
I found out about this after another user tried to talk about this in the Turkish Wikipedia's village pump, but it was
reverted
as a "troll" just a few hours later. I tried it to see if it was true after reading about its reverted discussion. I was
threatened with a block
for this experiment, so I did not continue. Thanks for your attention.
Betseg
talk
23:07, 10 April 2026 (UTC)
Reply
To add a bit more context here, the script causes the user to make an edit on a report page if the user uses the console to edit their username specifically for the purposes of impersonating an administrator. Apparently there has been a problem with users using the console to change the username and then take screenshots for use off-wiki. Would appreciate someone a bit more technically minded confirming exactly how the script does that and if it is violating user privacy in doing so - at a glance I don't see anything myself. –
Ajraddatz
talk
23:49, 10 April 2026 (UTC)
Reply
The primary problem I see is that this script is causing automated revisions to be published under the logged-in user account without an intentional action to publish. As a result, a revision is attributed to that user and licensed under CC BY-SA, undermining the expectation of informed consent. This does not appear to require emergency intervention, as the script does not appear to capture or publish any sensitive information (such as browser or OS data). This seems like an inappropriate use of common.js and is trivial for bad actors to bypass. I suggest this project look into using AbuseFilter or other server-side mechanisms to log suspicious edits instead. —
xaosflux
Talk
00:40, 11 April 2026 (UTC)
Reply
I'm not sure that the abusefilter would work here, as there are no edits that could be flagged. I agree generally with the concern around forcing the user to publish an edit. However if WMF legal has already reviewed I'm not sure what else we would be able to do here, other than nudging the community to make changes or re-evaluate the need for the script. –
Ajraddatz
talk
03:21, 11 April 2026 (UTC)
Reply
Ah ok, so these are people that aren't even attempting to publish a revision - that are then being tricked in to publishing a revision without being show and agreeing to the TOU and Copyright notice - that seems like an issue itself. Not sure if that specific concern was brought up to legal. —
xaosflux
Talk
13:51, 11 April 2026 (UTC)
Reply
This is not a security problem. If interface admins want to do weird stuff they will. If the trwiki community is OK with what that script is doing I don't see a problem. I would personally avoid doing such things, but hey, some LTA are weird and dumb so maybe that works. I mean this should only work once.
Nux
talk
22:18, 12 April 2026 (UTC)
Reply
Read WMF Legal's comment here:
[1]
Nemoralis
talk
02:43, 11 April 2026 (UTC)
Reply
Blacklisting usernames consisting of only non-spacing characters
edit
Latest comment:
4 days ago
1 comment
1 person in discussion
There is currently
a global title blacklisting request
regarding usernames consisting of nothing but non-spacing characters, which might affect a small number of legitimate accounts. A comment from stewards would be appreciated.
NguoiDungKhongDinhDanh
00:50, 20 April 2026 (UTC)
Reply
Retrieved from "
Categories
Stewards
Noticeboards
Stewards' noticeboard
Add topic