View unanswered posts | View active topics It is currently Fri Nov 15, 2019 10:46 am




Reply to topic  [ 34 posts ]  Go to page 1, 2, 3, 4  Next
How to be a sockpuppeteer 
Author Message
User avatar

Joined: Fri Sep 20, 2019 11:32 am
Posts: 10
Reply with quote
You learn that literally ANYONE can edit Wikipedia. You smirk to yourself that you can add whatever incomprehensible nonsense or bullshit you want to articles, compromising the reliability of Wikipedia. You create an account, find an article about a politician/celebrity/band/school you hate, and vandalize it. You receive a little red alert at the top of your screen, sending you to a message on your talk page notifying you that your edits are not constructive. Not wanting to let a trivial warning message get in the way of your mission to vandalize articles, you repeat the same process three or four more times. You receive several more warnings, each redder and bolder than the last one.

You are blocked indefinitely for abuse of editing privileges.

Fortunately, the big orange block template on your user talk page provides a way out of the conundrum. Simply use the "unblock" template to apologize for your actions, promise not to repeat them in the future, and hope for the best.

But your raison d'être is causing mischief and chaos, not acting like a dumb nerd and actually IMPROVING the articles. With this in mind, instead of applying any sort of effort to make a convincing unblock appeal, you instead spam nonsensical phrases such as "I hate you" and "you smell like poo poo" in your unblock request over and over again. The admins soon decline your request; they might be nice and give you another chance or two, but in the end, they will revoke your talk page access to prevent you from wasting more of their time.

So what do you do? CREATE MORE ACCOUNTS!

(Okay, maybe you ARE one of those nerds, and you just want a way to goof off on Wikipedia while still being able to improve articles. Or maybe you USED to be a vandal, but fear that CheckUsers will block you again for reasons related to your past. Well, this guide is still for you. Just read on.)

Tip #1: Make many accounts, but make sure to spread them out over a lot of IP addresses to evade detection. Like, you can have one account for home, one account for school, maybe a few on your phone, etc. Remember, the more static an IP is, the less accounts you should have on that IP. If you're a good-faith editor trying to get over a bad past, simply try using a new account at a new location. For example, if you did all your vandalism at home, make a new good account at the library and use it at the library only. It'll fool the CheckUsers. This is a particularly useful approach for editors who want a clean start from a bad-faith past, or for good-hand/bad-hand editors.

Tip #2: Don't make it obvious that your sockpuppets are sockpuppets. Something I see many sockpuppeteers do is editing with the same pattern across all of their accounts. If you want a higher chance of evading detection, give each of your accounts special and unique characteristics, so that nobody will know that the accounts are being operated by the same person. Account A can specialize in films from the Indian province of Gujarat, while Account B might be an Argentine football fan. If both accounts are adding the same bad words to the same articles, any keen observer would know that something's up. (A word of caution: you probably shouldn't try this on a static IP. You REALLY shouldn't try this on a static IP if you're going to have the accounts communicate with each other. Admins will see right through it.)

Tip #3: IP addresses remain in the CheckUser log for about 6 months, after which they disappear as required by Wikipedia's privacy policy. This means that if you don't want an account of yours to be identified by CheckUser as a sockpuppet of an older blocked/vandal account, simply avoid editing from the same IPs as them for 6 months. Once those 6 months are over, you're good to go.

Tip #4 (for bad-faith editors): There are loads of other sockpuppeteers on Wikipedia, and the SPI clerks can't possibly keep track of every single one of them. One way to confuse the shit out of the SPI staff is to impersonate SPI cases. Mimic the behavior of other sockpuppeteers using your own accounts. This technique is known as "joe-jobbing". It works best on cases where CheckUser is requested, or those marked as "more info req.". You can also create strawman sockpuppets; commit obvious vandalism with obviously related accounts, then use a good account to report your own sockpuppets to SPI. Works like a charm. (Caution: if you repeat this behavior too many times on the same IP, CheckUsers might apply WP:DENY by running checks on you OUTSIDE of SPI, then deleting the SPI pages you create outright by G6. As a general rule, your joe-jobs will be more likely to last if you file new reports for existing cases than if you create new ones.


Fri Sep 20, 2019 6:52 pm
Profile
Modsquad
User avatar

Joined: Sun Jul 07, 2019 12:27 pm
Posts: 553
Reply with quote
3. CheckUser data is retained for 90 days (ca. 3 months) to comply with EU regulations: "This information is only stored for a short period (currently 90 days)"
3a. CheckUsers save this data of users who are on their radar to the private checkuser wiki, that violates this regulation.


Sat Sep 21, 2019 1:49 am
Profile
User avatar

Joined: Sun Jun 11, 2017 8:20 am
Posts: 3705
Reply with quote
The problem is of course this complete out of the scope of any control and can be a danger for the privacy of persons. And it is illegal
But, a other problem is if you delete this it goes underground. Time for a system changing.

I think with all those strict regulations the time of not registration has finished. Or, follow the German system, only editing the talkpage without IP registration. In this time of misusing private date is not professional storing of IP date out of date.

Wikipedia has to transform to the internet of 2030, 2040, 2050 and so on and not become a internet fossil. With respect for the real good faith users out of the past.

_________________
Mijn blog. (In Dutch) of kom eens gezellig bij de Kolonel langs in Eerbeek.
En kijk eens hier, het "Verboden" lijstje van door mij aangemaakte artiklen.

. Image
.Winner of
The SanBan


Sat Sep 21, 2019 2:37 am
Profile
User avatar

Joined: Mon Feb 26, 2018 8:50 pm
Posts: 4422
Reply with quote
This advice is out of date.

Wikipedia primarily tracks socks using cookies now. So clear 'em.

I seriously doubt they ever really used IP addresses as the primary identifier. It's always been User Agent strings and behavioral cues.


Sat Sep 21, 2019 3:54 am
Profile
User avatar

Joined: Sun Jun 11, 2017 8:20 am
Posts: 3705
Reply with quote
Properly/ for sure you are right. The IP system worked in the beginning of the internet, not anymore.
It's in the field of experts on bot technics is my second thought.

_________________
Mijn blog. (In Dutch) of kom eens gezellig bij de Kolonel langs in Eerbeek.
En kijk eens hier, het "Verboden" lijstje van door mij aangemaakte artiklen.

. Image
.Winner of
The SanBan


Sat Sep 21, 2019 4:04 am
Profile
Modsquad
User avatar

Joined: Sun Jul 07, 2019 12:27 pm
Posts: 553
Reply with quote
CheckUsers use IP info. If two editors edit from the same IP, and only one IP, then it's either the same person (most likely), or a house (possibly family, but usually fake brother) or a school/dorm (favorite target of Bbb23). These are CU blocked before they can claim it's a shared network behind NAT. This is called a "confirmed CU block".

Complications start, if a user edits from vastly different IPs (home, cafe, office, train, vpn, can be many reasons), or different IPs from the same subrange (dynamic IPs of one ISP). It's likely other people will use the same networks, thus the IP addresses used is not unique to one user. The user agent can distinguish these users, but 1. an editor might use different browsers and devices, 2. two editors might use the same browser or device type. It's up to the CU to judge the "uniqueness" of the data (taking into account the behavioral evidence). This results in suspected sockpuppets, or "possible sock-puppetry".


Sat Sep 21, 2019 4:26 am
Profile
User avatar

Joined: Sun Jun 11, 2017 8:20 am
Posts: 3705
Reply with quote
Gaslighted wrote:
CheckUsers use IP info. If two editors edit from the same IP, and only one IP, then it's either the same person (most likely), or a house (possibly family, but usually fake brother) or a school/dorm (favorite target of Bbb23). These are CU blocked before they can claim it's a shared network behind NAT. This is called a "confirmed CU block".

Complications start, if a user edits from vastly different IPs (home, cafe, office, train, vpn, can be many reasons), or different IPs from the same subrange (dynamic IPs of one ISP). It's likely other people will use the same networks, thus the IP addresses used is not unique to one user. The user agent can distinguish these users, but 1. an editor might use different browsers and devices, 2. two editors might use the same browser or device type. It's up to the CU to judge the "uniqueness" of the data (taking into account the behavioral evidence). This results in suspected sockpuppets, or "possible sock-puppetry".

It's a grab bag filled up with wrong conclusions. Bot technology? Seems to me much more relabel with human control. Good control I mean, not mister Ymnes with a Moira coat on.

_________________
Mijn blog. (In Dutch) of kom eens gezellig bij de Kolonel langs in Eerbeek.
En kijk eens hier, het "Verboden" lijstje van door mij aangemaakte artiklen.

. Image
.Winner of
The SanBan


Sat Sep 21, 2019 4:34 am
Profile
User avatar

Joined: Fri Sep 20, 2019 11:32 am
Posts: 10
Reply with quote
CrowsNest wrote:
This advice is out of date.

Wikipedia primarily tracks socks using cookies now. So clear 'em.

I seriously doubt they ever really used IP addresses as the primary identifier. It's always been User Agent strings and behavioral cues.

About the cookies, good point there. But cookies aren't considered CheckUser data, I'm pretty sure. They're just there so that socks can be prevented.


Sat Sep 21, 2019 4:41 am
Profile
User avatar

Joined: Mon Feb 26, 2018 8:50 pm
Posts: 4422
Reply with quote
Gaslighted wrote:
CheckUsers use IP info. If two editors edit from the same IP, and only one IP, then it's either the same person (most likely), or a house (possibly family, but usually fake brother) or a school/dorm (favorite target of Bbb23). These are CU blocked before they can claim it's a shared network behind NAT. This is called a "confirmed CU block".

Complications start, if a user edits from vastly different IPs (home, cafe, office, train, vpn, can be many reasons), or different IPs from the same subrange (dynamic IPs of one ISP). It's likely other people will use the same networks, thus the IP addresses used is not unique to one user. The user agent can distinguish these users, but 1. an editor might use different browsers and devices, 2. two editors might use the same browser or device type. It's up to the CU to judge the "uniqueness" of the data (taking into account the behavioral evidence). This results in suspected sockpuppets, or "possible sock-puppetry".
I don't mean they don't use it. But in the world of socky-socking, looking at an IP as your primary identifier, is about as much use as asking for ID in a forger's den. You only catch the stone cold idiots, or the completely innocent.

Cookies, device/browser, and behavior, is what it's all about. Change/mask those, you're home free. People who don't know how to do that, including how to evade AI tools, will be caught. And people who need to be taught how to do that, will also be caught, just a little later.

With a bit of work on appeal, you could even get away with using a Grawp IP. Might even be granted IP block exemption!

At the end of the day though, what potential socks have to be clear on, is why they are socking. It's a lot of effort, and in my experience, the only reward that justifies it, is just to fuck with Wikipedians, to waste their time and make them mad/bad/sad. If that's the goal, then by all means, become the best socky-sock you can be. If not, maybe find another hobby.


Sat Sep 21, 2019 5:10 am
Profile
User avatar

Joined: Sun Jun 11, 2017 8:20 am
Posts: 3705
Reply with quote
On WP-NL (don't know on other wiki's too) there is even a bot for "trusted" users to avoid filters. So they can post with any, any free poxy.
Well, is this the way to run a checkusers farm? It is rediciles and insane, special if you have people like Ymnes and Vig with there hands on the buttons who are able to destroy complete wiki's.

_________________
Mijn blog. (In Dutch) of kom eens gezellig bij de Kolonel langs in Eerbeek.
En kijk eens hier, het "Verboden" lijstje van door mij aangemaakte artiklen.

. Image
.Winner of
The SanBan


Sat Sep 21, 2019 5:41 am
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 34 posts ]  Go to page 1, 2, 3, 4  Next

Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group ColorizeIt.
Designed by ST Software.