[05:17:59] <sam007>	 Hi what is the best way for sending patch  to pywikibot. Do you use gerrit ?
[05:36:23] <Niharika>	 sam007: Looks like they do: https://gerrit.wikimedia.org/r/#/admin/projects/pywikibot But why'd you ask that on this channel of all places?
[17:51:37] <Philippe>	 Hey Ash :-)
[17:51:50] <agorski>	 Hi Philippe!
[17:52:01] <Trijn|afk>	 brb
[17:55:29] <Philippe>	 morning Ironholds, Dragonfly. :-)
[17:56:57] <Ironholds>	 hey Philippe :)
[17:58:54] <guillom>	 How many are joining this session only to troll Philippe? _o/
[17:59:01] <Philippe>	 At least two, Guillom :P
[17:59:03] <marktraceur>	 o/
[17:59:05] <guillom>	 :p
[17:59:06] <Philippe>	 (and I'm including you in that number...)
[17:59:06] <Dragonfly6-7>	 does the NSA have a representative here?
[17:59:11] <marktraceur>	 Though I didn't "join".
[17:59:16] <Philippe>	 Dragonfly, I believe that would be "NotASpy"
[17:59:17] <Philippe>	 :P
[17:59:17] <Dragonfly6-7>	 will they be reading the log of this conversation?
[17:59:23] * Finnegan is just here to troll marktraceur
[17:59:27] <marktraceur>	 Dragonfly6-7: It'll all come out in discovery.
[17:59:35] <Keegan>	 Make it three.
[17:59:42] <Philippe>	 Keegan, don't help :)
[17:59:48] <Philippe>	 Or i'll troll you over SUL.
[17:59:57] <marktraceur>	 Hey, keep it on topic Philippe
[17:59:57] <legoktm>	 :/
[18:00:11] <marktraceur>	 Trolling about the NSA suit only.
[18:00:13] <Keegan>	 :(
[18:00:16] <Philippe>	 marktraceur, since I control the topic line, i believe topic is what I say it is :P
[18:00:24] <NotASpy>	 I've been NotASpy on IRC long before half you guys joined WMF, thank you very much.
[18:00:35] <Dragonfly6-7>	 Philippe - can we have a topic line about twerking and autotune, then?
[18:00:43] <guillom>	 NSA vs SUL: Which is the most of a pain. Discuss.
[18:00:52] <lilatretikov>	 Hello everyone!
[18:01:01] <Philippe>	 OK, I believe it's time.... :-)
[18:01:05] <guillom>	 Hey lilatretikov
[18:01:09] <NotASpy>	 SUL, since it's created an almighty mess of copyright violations on de.wp
[18:01:34] <Philippe>	 Welcome, all, to this trolling session...er... IRC office hours.... about SUL.  Wait, that's wrong.  About the WMF and its discussion to file against the NSA.
[18:01:50] <Philippe>	 We have with us LilaTretikov, who I think you all know...
[18:01:58] <Philippe>	 and Ashley Gorski from the ACLU.  :-)
[18:01:58] <marktraceur>	 !coffee Philippe
[18:02:09] <agorski>	 Hi everyone
[18:02:12] <Philippe>	 Thanks, marktraceur.  It's badly needed.
[18:02:21] <marktraceur>	 Hi agorski, welcome to our crazy little world.
[18:02:26] <Ironholds>	 hey agorski. Thanks for your and your org's help with this :)
[18:02:54] <russavia>	 lilatretikov, I have a question if I may. Do you think that the WMF looks pretty damned stupid launching a lawsuit against the NSA because it allegedly invades the privacy of Wikimedia users, and yet I have found myself globally banned by the WMF because I dare to continue question the gross violation of my privacy and the resultant coverup. As soon as I said to Philippe the refusal to deal with this places the WMF in a precarious positi
[18:03:24] <Philippe>	 Maybe this is a good opportunity to set some thoughts around how we want to handle this. :-)
[18:03:31] <Dragonfly6-7>	 russavia, have you stopped beating your wife?
[18:03:39] <marktraceur>	 russavia: Your message cut off at "precarious positi"
[18:03:53] <russavia>	 As soon as I said to Philippe the refusal to deal with this places the WMF in a precarious position, I found myself banned. Food for thought huh
[18:03:58] <Isarra>	 Can we just stick to the one topic please?
[18:04:00] <Philippe>	 We're going to ask that questions for this one be fairly narrowly limited in topic today. :-)
[18:04:22] <Philippe>	 First,  Michelle Paulson is going to chat about that what the decision was and set the stage a bit.
[18:04:44] <Philippe>	 and then we'll take questions about why, and (again, fairly narrowly limited to this decision) how we move forward.
[18:05:09] <mpaulson-WMF>	 Hi all! Thank you for joining us. We are here to answer any questions you may have about the NSA lawsuit and why we have joined the lawsuit in order to better protect Wikimedia users and the greater internet community.
[18:05:57] <lilatretikov>	 Hi all, first let please all treat the topic and each other with respect. Second let's focus on the privacy issue. We have to practice what we beleive, so as part of this effort we are growing our security team and commitment to security, privacy and encryption of PAI.
[18:05:59] <marktraceur>	 mpaulson-WMF: Good to have you on too!
[18:06:02] <Ironholds>	 dammit, I wanted to do that.
[18:06:03] <lilatretikov>	 sorry PII
[18:06:21] <mpaulson-WMF>	 We would like to let you know that, while we welcome your questions, we cannot answer questions about specific legal strategies during this office hour.
[18:06:24] <legoktm>	 PII?
[18:06:27] <Guerillero>	 thanks Philippe
[18:06:33] <mpaulson-WMF>	 Thanks, mark!
[18:06:46] <marktraceur>	 Never quite enough lawyers on IRC. :)
[18:06:55] <Philippe>	 Sorry to stomp on the fun, but he *is* globally banned.  For what it's worth, if you have particular questions and things get a little crazy... we have a system.  If you will send your questions to Jamesofur, we'll be taking them from him.
[18:07:23] <legoktm>	 what does PAI and PII stand for?
[18:07:30] <Dragonfly6-7>	 agorski - check your private message window, please
[18:07:33] <jamesofur>	 Personally Identifiable Information
[18:07:33] <marktraceur>	 There's a debate there but I'll save it for after the office hour.
[18:07:36] <lilatretikov>	 Personally Identifyable Information
[18:07:41] <mpaulson-WMF>	 You know you love the lawyers, Mark. =)
[18:07:49] <Philippe>	 Dragonfly6-7: agorski is handling a few dozen different windows at the moment. :-)
[18:07:49] <Dragonfly6-7>	 carnally?
[18:07:56] <lilatretikov>	 Personally Identifiable Information
[18:08:07] <lilatretikov>	 pardon my typos
[18:08:13] <marktraceur>	 Dragonfly6-7: No comment.
[18:08:29] <Philippe>	 OK, so, any open questions here? :-)
[18:08:33] <jamesofur>	 Bueller? Bueller? Any questions? :)
[18:08:35] <NotASpy>	 combining what Lila said with russavia's concerns (which can't easily be dismissed with a 'he's banned' quip) what additional safeguards is the WMF going to put in place to make sure their enhanced security, privacy and encryption is as safe, secure and private as it can be ?
[18:08:39] <HungaryHungaryHi>	 jamesofur, you mean like my personally identifiable information which was duly passed around by WMF approved checkusers to individuals who had no right to it, and then which I was banned for because I dared to demand answers because of the obvious breach of your privacy policy?
[18:09:00] <legoktm>	 jamesofur: is the WMF planning on similar lawsuits in any other countries?
[18:09:01] * Dragonfly6-7 withdraws earlier snarky comment
[18:09:37] <Philippe>	 NotASpy: Great question... so you're asking what safeguards we're putting in place to be sure that we've hardened against the NSA?
[18:09:48] <jamesofur>	 As usual, for the benefit of those confused, we will not be discussing the reasons for global bans. Especially when those reasons did not include anything related to either the topic being discussed or the topic being brought up by the banned user.
[18:10:08] <NotASpy>	 Philippe: yeah - will there be external auditors or consultants who make sure WMF's security, privacy and encryption is keeping up with or ahead of any threat 'curve' so to speak ?
[18:10:27] <jamesofur>	 legoktm: received
[18:11:24] <mpaulson-WMF>	 Re: similar lawsuits in any other countries...We are not presently considering similar lawsuits, but will certainly consider such suits if an appropriate situation develops where we think action from WMF is warranted and could be effective in better protecting Wikimedia users.
[18:11:26] <Dragonfly6-7>	 actually, how does this apply to the NSA's (and everyone's) total access to our database of every edit made by an IP user?
[18:11:35] <Philippe>	 There's much clicking and clacking in the room here, so your answer is headed your way, NotASpy (I still find myself giggling at the name given today's topic)
[18:11:46] <lilatretikov>	 NotASpy -- we have a policy in place already (and we continually review it), in parallel we are thinking through how to ensure (technically) that the informations is protected and the user is in control of what the system knows about them. WMF is in a unique position to provide better protection and we are actively working to figure out what that needs to look like. No final answers yet, as we are
[18:11:46] <lilatretikov>	  investigating it now.
[18:11:55] <jamesofur>	 Dragonfly6-7: recieved
[18:12:40] <NotASpy>	 thanks guys
[18:12:56] <jamesofur>	 From Finnegan: Assuming the WMF feels this case is likely to end in their favor, I'm curious about what elements appear in this case that makes people think it will go differently than the one that was dismissed a few years ago. Why are we likely to win this one this time around?
[18:13:26] <paravoid>	 we provide HTTPS these days, which is default for logged-in users and opt-in for all others
[18:13:27] <jamesofur>	 Thanks NotASpy
[18:13:34] <lilatretikov>	 HungaryHungaryHi we are not yet where we want to be, but it we are working on hardening this with tech.
[18:13:35] <paravoid>	 and we continue to invest on encryption
[18:13:57] <Philippe>	 Thanks, paravoid. :-)
[18:14:44] <lilatretikov>	 Dragonfly6-7 You are right, we are thinking about how to mask that.  It is on the radar to address. Not ETA yet.
[18:15:02] <Philippe>	 (Lila, you mean the historical edits by IP, right?0
[18:15:02] <lilatretikov>	 Dragonfly6-7 as it is a community related issue as well. You would need to concur.
[18:15:35] <agorski>	 Hi, I'm from the ACLU. In response to Finnegan's question, some context for those who may not know. In Clapper v. Amnesty, the US Supreme Court held, by a 5-4 vote, that the ACLU's plaintiffs in that case lacked standing to challenge the constitutionality of the 2008 FISA Amendments Act -- the same statute that the government now invokes to justify the NSA's "upstream" surveillance. The...
[18:15:36] <agorski>	 ...Court reasoned that plaintiffs couldn't show a sufficient likelihood that their communications were being monitored.
[18:15:56] <Philippe>	 Thanks, Agorski. :-)  Context is good here.
[18:16:40] <agorski>	 The landscape is dramatically different today, and we don't think Clapper v. Amnesty forecloses our new lawsuit. This is true for a few reasons. First, thanks to the disclosures by Edward Snowden, we know much more about the government's surveillance practices now than we did when Clapper v. Amnesty was litigated.
[18:16:41] <lilatretikov>	 NotASpy yes we are having recurring security audits as part of the new process.
[18:16:58] <NotASpy>	 that sounds good.
[18:17:48] <agorski>	 Second, the government itself has acknowledged and confirmed many of the key facts about the NSA's upstream surveillance. And third, the volume of WMF's communications is so enormous that there's no way the government can conduct upstream surveillance without sweeping up a substantial amount of these communications.
[18:17:58] <jamesofur>	 Any more questions? We're currently out :)
[18:18:04] <Philippe>	 Sooooo... at this point, the Reddit community is makin' ya'll look bad.
[18:18:08] <Seth_Finkelstein>	 lilatretikov (preface) In the Reddit AMA, you wrote: "This was an important decision for us. After the mass surveillance revelations, everyone became aware of the vastness of these programs. We began to think carefully about what this meant for the Wikimedia mission and community. We started conversations with the ACLU in May 2014 about the possibility of filing this suit against the NSA and other defendants." (question follows)
[18:18:12] <Dragonfly6-7>	 "y'all"
[18:18:13] <Philippe>	 Nobody has a question about a thousand tiny little horses or one great big horse? :)
[18:18:16] <Seth_Finkelstein>	 lilatretikov (question) Do you mean that WMF actively sought to create this lawsuit and looked for civil-liberties lawyers, as opposed to a scenario where the ACLU lawyers wanted to do this lawsuit, and looked for plaintiffs? That is, which organization was the one proposing this lawsuit to the other?
[18:18:34] <Ironholds>	 agorski, yeah, no.3 is 80 hours of my life I'm never getting back
[18:18:38] <Ironholds>	 we better win ;p
[18:18:45] <Philippe>	 Dragonfly6-7: I'm from Oklahoma; I can misspell my own colloquialisms.
[18:18:55] <Seth_Finkelstein>	 Ack, did my question get across?
[18:19:01] <Philippe>	 It did, Seth_Finkelstein
[18:19:03] <jamesofur>	 It did, thanks Seth_Finkelstein
[18:19:08] <Philippe>	 Lila is typing furiously.
[18:19:09] <Seth_Finkelstein>	 OK, IRC is painful.
[18:19:13] <guillom>	 If we win the suit, do we get billions of $$$ ?
[18:19:14] <Seth_Finkelstein>	 Just checking.
[18:19:23] <Philippe>	 guillom, no... YOU do.  Personally.
[18:19:25] <Dragonfly6-7>	 Philippe - mmm, a thousand tiny little horses. Now I'm hungry.
[18:19:35] <Ironholds>	 guillom, unfortunately I've been told that the NSA is going to intercept the money and take all of it
[18:19:44] <Ironholds>	 their rationale is...it's the agent's cut *badumtish*
[18:19:52] <guillom>	 Philippe: Good; my yacht isn't going to buy itself :P
[18:19:56] <Ironholds>	 (one moment, firing myself for that joke)
[18:20:08] <lilatretikov>	 Seth_Finkelstein We were looking for ways to make impact on this issue and we made it known. ACLU has approached us knowing that we saw this as critical to our editor and reader communities.
[18:20:16] <Philippe>	 Ironholds, if you'll hold still for a moment, I've got a couple of papers from HR that I need to deliver :P
[18:20:29] <Ironholds>	 hah
[18:20:35] <lilatretikov>	 Seth_Finkelstein Our legal team maintains ongoing relations around topics of concern with many orgnaizations.
[18:20:50] <Philippe>	 (you're safe, as jamesofur  knows well, I"m too lazy to do the paperwork to fire anyone.)
[18:21:37] <Philippe>	 OK, so I think that handles Seth's question.... anyone else?
[18:22:41] <marktraceur>	 Actually I'd like guillom's question clarified and answered - are we seeking any monetary damages or are we only seeking injunctive relief?
[18:22:48] <lilatretikov>	 Staff, please take inside jokes off-line.
[18:22:53] <jamesofur>	 If anyone would rather submit privately then please feel free to send privately to myself
[18:22:59] * Ironholds raises hand. I have a question?
[18:23:17] <lilatretikov>	 Any questions about the lawsuite are welcome!
[18:23:19] <Ironholds>	 So, this has probably been covered somewhere in the brief (which I will confess to only having read part of)
[18:23:39] <Ironholds>	 But: what's the goal here? Are we seeking for them to swear they won't do it again? If so, do we think that they'll adhere to this?
[18:23:43] <agorski>	 Marktraceur, we're seeking injunctive relief, not damanges.
[18:23:44] <Keegan>	 marktraceur: The filing asks for relief and cost, I don't see damages.
[18:23:51] <agorski>	 *damages
[18:23:54] <Philippe>	 Ironholds, good question....
[18:24:08] <marktraceur>	 I thought I recalled that from the filing, but I was just making sure guillom got his answer and I wasn't making things up :)
[18:24:13] <Dragonfly6-7>	 Ironholds - I strongly doubt that they'd adhere to it, but it's a question of precedent, I think.
[18:24:13] * Trijnstel will now read back :)
[18:24:23] <Ironholds>	 If they do adhere to it, we get a new tagline
[18:24:35] <Ironholds>	 "Wikipedia: More Honesty-Inducing than Congress"
[18:24:42] <Finnegan>	 hah
[18:24:44] <marktraceur>	 Because *that's* a challenge.
[18:25:45] <Philippe>	 We're still typing away on a full question to the "will they adhere to it" question....
[18:25:54] <Philippe>	 on a full answer, I mean.
[18:26:01] <Philippe>	 Listen to what I mean, not what I type.  :-)
[18:26:16] <Ironholds>	 heh
[18:26:46] <lilatretikov>	 Ironholds good question. We are seeking to ensure that there are suffcient controls in place when the government seeks to monitor communications. Just like you would expect the police to get a warrant to search your house, we expect some level of evidence that monitoring someone's communication is necessary. It is a matter of transparency and personal freedoms.
[18:27:19] <marktraceur>	 I think I asked this in some other venue, but if we run out of questions I'd enjoy more discussion: Why did you decide to challenge the upstream surveillance and not PRISM?
[18:27:52] <Philippe>	 Thanks, marktraceur ... noted and we'll take a swing at it in a sec.
[18:27:53] <Ironholds>	 right.
[18:27:59] <lilatretikov>	 We don't expect NSA to not try to use any possible way to survey. We expect better guardrails around those ways from our government. As internet evolves we need to protect it as we did with other media.
[18:28:00] <Isarra>	 I assume anything about whether or not the evidence used for that is bogus would be out of scope for this, just so long as there is evidence at all.
[18:28:15] <agorski>	 Ironholds, we don't think the NSA would refuse to comply with a court order, but there's a significant risk that it would seek to exploit any ambiguities in a court order -- which is part of why we're urging for legislative reforms as well, to help ensure that the NSA's activities are subject to meaningful judicial and legislative oversight.
[18:28:33] <Ironholds>	 agorski, thanks, that's really helpful :)
[18:28:46] <Philippe>	 Isarra, yeah, I'm afraid taht one is probably going to be out of scope for this one... :-)
[18:29:04] <Ironholds>	 I can totally see the NSA going "oh, you said we couldn't intercept data" "and you DID!" "no, see, you said intercept data between machines, you never said nothing about breaking in and physically carting off a server or ten" "..."
[18:29:22] <Ironholds>	 so pairing it with legislative and oversight efforts is awesome to hear.
[18:29:33] <Trijnstel>	 too many text, so I will just fire my questions and then see if they are already answered or not :)
[18:29:42] <jamesofur>	 Trijnstel: Please go ahead, I'll keep notes :)
[18:29:45] <Philippe>	 Trijnstel, that's great... thanks. :-)
[18:30:09] <Trijnstel>	 first of all, why did the WMF to file a lawsuit against the NSA now? was there a specific reason?
[18:30:15] <lilatretikov>	 Loopholes are plentiful. We have to take this one step at a time. In parallel we can urge our representatives to pass meaningful laws proactively protecting our rights.
[18:30:58] <marktraceur>	 Trijnstel: Answer above about WMF and ACLU being in frequent contact, and WMF making it known that they wanted to make an "impact" around this issue.
[18:31:16] <Trijnstel>	 second, how does the use of open proxies - which the WMF prohibits - relates to this? I mean, you feel privacy is important, but on the other hand you prohibit ways to hide once privacy..
[18:31:44] <jamesofur>	 marktraceur: unfortunately your question re:Prism vs upstream touches a bit too close to evidince questions that we can't really talk about publicly quite yet for legal reasons.
[18:31:50] <Philippe>	 Trijnstel, you're talking about Tor? :)
[18:31:52] <jamesofur>	 so we're going to have to punt on that
[18:31:55] <marktraceur>	 At a guess, I'd say it's a pretty separate issue, Trijnstel
[18:32:18] <Trijnstel>	 and third, I've noticed most complaints about the NSA come from people from the USA (at least it looks like it) Did you do some sort of survey? And what will change for people from other parts of the world - if any?
[18:32:32] <marktraceur>	 jamesofur: Curse the fates, ah well.
[18:32:38] <Philippe>	 Regarding Tor, though, that's been a vandalism issue more than a privacy issue, and the WMF actually didn't prohibit it, as I understand it.
[18:32:43] <Philippe>	 My understanding is that was a community decision.
[18:32:45] <jamesofur>	 marktraceur: apologies and thanks for the understanding :)
[18:33:03] <Isarra>	 Vandalism and spam. Projects get overwhelmed trying to deal with it, so they block the proxies.
[18:33:12] <Trijnstel>	 Philippe: yes, but we also have a global open proxy policy, which makes clear we don't allow the use of proxies/hostings
[18:33:23] <Philippe>	 But I know that the engineering team here has been talking to some engineers at Tor to see if there are ways to work with them.  We do host a Tor relay though. :-)
[18:33:41] <lilatretikov>	 Trijnstel -- we feel that it was the right time to make our voices heard. Our communities are growing especially in the areas where government protections are lacking around freedom of speech and privacy. In parallel the internet trends around the world are going in the direction of fencing and monitoring traffic based on political borders. It is time to confront this.
[18:33:52] <thedj>	 Trijnstel: but that's still community policy
[18:34:07] <Trijnstel>	 and I also know more and more people use Tor for example to hide their privacy, because of the NSA sometimes
[18:34:46] <thedj>	 they can all request IP block expemptions as far as I know
[18:34:49] <csteipp>	 Trijnstel: My personal answer is that the best way to protect data is to not have it in the first place. That's one of the reasons I'm pushing (again, personally) to explore ways to safely allow Tor editing.
[18:35:15] <Philippe>	 csteipp, for those who don't know, is a security engineer here. :-)
[18:35:24] <Trijnstel>	 lilatretikov: yes, but isn't the NSA mostly a USA thing? (correct me if I'm wrong)
[18:35:36] <Philippe>	 Great question, Trij.
[18:35:54] <Harmonia_Amanda>	 Trijnstel: they spy all around the world...
[18:36:17] <Trijnstel>	 define "spy" ;)
[18:37:13] <Philippe>	 Well, we can define it, confusingly, as "Not...NotASpy".  (OK, enough jokes about that username.  I get it.  :P)
[18:37:21] <Trijnstel>	 because if I will speak for myself, NSA seems to far away
[18:37:33] <Philippe>	 But to handle that seriously, Trij, Agorski has an answer coming.
[18:37:48] <Trijnstel>	 and I wonder what will change, if any
[18:37:53] <Trijnstel>	 Philippe: yeah, sure, take your time :)
[18:38:16] <agorski>	 Trijnstel, the NSA conducts much of its surveillance abroad. This blog post by one of my colleagues discusses this surveillance in more detail: https://www.aclu.org/blog/national-security/new-documents-shed-light-one-nsas-most-powerful-tools
[18:38:27] <lilatretikov>	 Trijnstel NSA is under US jurisdiction but affect everyone. Traffic going via US territory is not only US traffic. That said since the passage of hte Patriot Act, the global internet traffic passing through the US is estimated to have dropped from 70% to ~25%.
[18:38:42] <agorski>	 And under upstream surveillance, the NSA's "targets" are non-U.S. persons located abroad.
[18:39:19] <marktraceur>	 Not even necessarily non-U.S. persons, as explained at length in the complaint
[18:39:27] <guillom>	 I was actually going to ask about that. Are aliens in the US targets of the NSA?
[18:39:32] <guillom>	 (officially)
[18:39:41] <thedj>	 oh, and their equipment (either THEIR equipment, or equipment that they can influence trough manufacturers) is all around the world, and they can use it
[18:39:52] <thedj>	 and do use it.
[18:40:35] <Philippe>	 guillom, I think that Katherine is taking htat one.
[18:41:06] <jamesofur>	 Other then guillom's question is there anyone who thinks they have a question outstanding (who hasn't gotten an answer)?
[18:41:12] <Harmonia_Amanda>	 how many aliens do you know personnally guillom? (just curious)
[18:41:14] <krmaher>	 Hey Guillom, the answer is that aliens legally residing in the United States are theoretically afforded protections afforded to US citizens with regards to their expectations of privacy.
[18:41:34] <guillom>	 Harmonia_Amanda: aliens as in: non citizens :)
[18:41:35] <Trijnstel>	 agorski, lilatretikov: so summarized, it affects everyone?
[18:41:46] <Trijnstel>	 it doesn't matter where on the world we live?
[18:41:52] <Harmonia_Amanda>	 guillom: aah! ok
[18:41:53] <Trijnstel>	 (and thus the lawsuit affects everyone too?)
[18:42:08] <krmaher>	 But Guillom, if you're communicating cross-border with non-US nationals, that traffic could be intercepted under such a program
[18:42:16] <guillom>	 krmaher: Do you know if that includes nonresident aliens?
[18:42:20] <guillom>	 Ah I see
[18:42:27] <guillom>	 Thanks krmaher :)
[18:42:39] <harej>	 Question: Does having this logged IRC discussion impugn the lawsuit in any way?
[18:42:42] <paravoid>	 guillom: the NSA is known to collaborate with other agencies (mainly the "five eyes") to workaround this limitation and spy on US citizens/residents too, though.
[18:43:06] <mpaulson-WMF>	 Trijnstel - Yes, gross invasions of privacy conducted through upstream surveillance is an issue that affects us all - no matter where in the world we are.
[18:43:26] <Philippe>	 harej, there's a reason why there are some questions we won't answer. ;-)
[18:43:51] <harej>	 Understood.
[18:43:55] <harej>	 Hi Philippe!
[18:44:01] <Philippe>	 hi harej :-)
[18:44:13] <Philippe>	 OK, any outstanding questions? :-)
[18:44:33] <Philippe>	 Because if not, I'm going to ask mpaulson to tell "knock-knock" jokes for the next 15 minutes.
[18:44:43] <mpaulson-WMF>	 Warning: they are going to be terrible
[18:44:48] <krmaher>	 guillom and paravoid, one thing to look at is the recent suit by Privacy International in the UK about GCHQ (UK's version of the NSA) information-sharing policies with NSA, to get a sense of how these intel agencies in the five eyes work
[18:44:49] <marktraceur>	 Yay!
[18:44:52] <Ironholds>	 you can't really make NSA knock-knock jokes
[18:44:54] <marktraceur>	 Everyone hush, I want to hear this
[18:44:55] <geniice>	 lilatretikov you were born and spent the early part of your life in the soviet union. What contact did you and your immediate family have with the then soviet internal and external intelligence services
[18:45:03] <Ironholds>	 since knock-knock jokes have the premise that the visitor tells you they're there
[18:45:09] <Ironholds>	 and lets you ask questions
[18:45:26] <krmaher>	 See here: https://www.privacyinternational.org/?q=node/485 +guillom +paravoid
[18:45:36] <guillom>	 This may have been asked earlier (sorry if I missed it): How safe is it to browse Wikipedia in HTTPS? Is it the illusion of privacy, or actually useful?
[18:45:55] <paravoid>	 guillom: better than plain http, for sure. :)
[18:46:03] <guillom>	 Well, yes :)
[18:46:17] <Trijnstel>	 there is another thing I wonder
[18:46:29] <Trijnstel>	 (perhaps unnecessary, but want to be sure)
[18:46:29] <guillom>	 Thanks krmaher!
[18:46:40] <Philippe>	 Go for it, Trij  :)
[18:46:54] <jamesofur>	 geniice: Lila is typing for you now
[18:46:56] <Trijnstel>	 as a steward and CU on meta/commons I have access to the CU buttons almost everywhere....
[18:47:06] <geniice>	 jamesofur hmm
[18:47:06] <csteipp>	 guillom: It depends on what you mean by "safe" ;). HTTPS both encrypts the contents, and also authenticates the server you're talking to. So you're less likely to get random code on the page. And it's significantly harder for someone to tell what you're reading.
[18:47:07] <Trijnstel>	 and thus also to IP addresses etc
[18:47:16] <harej>	 My understanding is that whatever problems there are with HTTPS, it's still better than HTTP. The difference between locking your door and leaving it unlocked. Locks can be broken and have been broken, but not even locking your door removes all doubt.
[18:47:18] <Trijnstel>	 should we be more careful then before now, or not?
[18:47:22] <lilatretikov>	 geniice I can tell you a few stories over drinks. There are plenty of novel-worthy stories.
[18:47:38] <harej>	 lilatretikov: I want to be there for those stories. Berlin?
[18:47:40] <krmaher>	 Hey Guillom, it really depends on your risk profile (or threat modeling, in the lingo of the security types). We know the capability to break SSL exists. We know certain countries have been caught doing it. We know certain companies sell that capacity to sovereign nations, including some countries with rather icky human rights records. But generally, always better than using plain old HTTP.
[18:47:54] <Trijnstel>	 (thinking about NSA)
[18:47:55] <lilatretikov>	 harej It's on.
[18:47:59] <harej>	 :D :D :D
[18:48:12] <marktraceur>	 harej: Or sooner!
[18:48:13] <jamesofur>	 Trijnstel: received, typing
[18:48:19] <thedj>	 when it comes to security, ther is no 100% protection, it's all about how many holes you have been able to plug and how many barriers you put in place, always knowing that at any time more holes might pop up.
[18:48:27] <thedj>	 and the user is the weakest link.
[18:48:55] <thedj>	 ask someone for his password, and you'll be surprised how often you'll get an actual answer...
[18:48:59] <guillom>	 So would you recommend for example that people use a VPN in addition to HTTPS to browse Wikipedia?
[18:49:00] <lilatretikov>	 thedj that is correct. It is an NP-complete problem. Another important way is monitoring for traffic anomalities.
[18:49:07] <jamesofur>	 The biggest risk is always between keyboard and chair
[18:49:21] <Trijnstel>	 should we perhaps protect our users more than?
[18:49:22] <Ironholds>	 can you give an example of what you mean about traffic anomalies, lilatretikov? That is, do you mean server-side or client-side monitoring?
[18:49:24] <paravoid>	 guillom: Tor, IMHO.
[18:49:31] <Trijnstel>	 *then
[18:49:34] <guillom>	 Gotcha
[18:49:49] <Trijnstel>	 (though I've no idea how or so)
[18:49:52] <guillom>	 Thanks paravoid :) I must admin my relative ignorance in these matters.
[18:49:58] <Philippe>	 Trij, that's a good question without an easy answer.  The truth is, there are some countries where communities have said clearly that they prefer not to have CU's "in-country"... the Farsi wiki comes to mind immediately.  We've worked with them to coordinate the removal of tools from folks (voluntarily) as needed to support those communities in their decisions.
[18:49:59] <paravoid>	 my personal guess would be that it's totally within the NSA's reach to break HTTPS as currently deployed at least in the Wikimedia infrastructure
[18:50:05] <geniice>	 guillom nah. Only brows via HTTPS using a clean openBSD install via public wifi and make it the last thing you do before leaving an area
[18:50:32] <Trijnstel>	 Philippe: yeah, and I remember stories about CUs on the arabic wikipedia
[18:50:35] <paravoid>	 geniice: still pretty traceable -- I'd recommend Tails if you want a "clean" OS
[18:50:42] <Ironholds>	 what's the Stross line? The only secure computer is in a mine surrounded by armed guards buried under concrete with no internet connection
[18:50:43] <Ironholds>	 and turned off
[18:50:49] <lilatretikov>	 Ironholds client-side is harder for WMF to implement. Server side is more feasible. Just like in a DOS attack you would see an unusual spike of traffic, with security issues you may see a change in a pattern (source, direction, type of traffic).
[18:50:54] <Philippe>	 Trij, ah yes, I had forgotten that.
[18:51:04] <geniice>	 oh and if you are in the UK leave by train and pay in cash
[18:51:14] <Ironholds>	 lilatretikov, indeed. I look forward to seeing Toby's team tackle that problem; it sounds fascinating.
[18:52:12] <Trijnstel>	 and I can guess the answer, but I assume you will keep us (the community) up to date about the lawsuit? :)
[18:52:46] <Philippe>	 So one question that I think is important that no one is asking.... How can we get involved?  What can we do to support the lawsuit?
[18:52:57] <Philippe>	 (i guess that's two questions)
[18:52:59] <mpaulson-WMF>	 Trijnstel - Yes, absolutely as major developments occur.
[18:53:04] <Ironholds>	 Philippe, +1
[18:53:06] <harej>	 lilatretikov: I'll make sure Kirill joins in. Fellow Soviet expat.
[18:53:40] <Philippe>	 "Gee, Philippe, that's a great questions.  We're typing an answer now."  "Thanks, Philippe."
[18:53:41] <Ironholds>	 harej, so, http is an unlocked door, https is a locked door, and Kirill is a Lokshin'd door?
[18:54:05] * harej glares at Ironholds
[18:54:07] <Trijnstel>	 7:52 PM <•Philippe> So one question that I think is important that no one is asking.... How can we get involved? What can we do to support the lawsuit? <- you ask that to the community?
[18:54:17] <Philippe>	 No, I ask Lila and Ash :P
[18:54:23] <Trijnstel>	 (because personally I wonder if people really have these questions) :P
[18:54:31] <harej>	 Some people in NYC are interested in filing an amicus brief.
[18:54:51] <jamesofur>	 Trijnstel: Given that I've had multiple community members ask me I'd say they tend to, yes :)
[18:55:04] <Trijnstel>	 oh, okay
[18:55:06] <mpaulson-WMF>	 Lawsuits are just one approach to tackling the bigger issue of defending privacy. The unique thing about the internet is that because it is interconnected, we can each take action to make it stronger.
[18:55:06] <mpaulson-WMF>	 As the Foundation, we can take legal action on behalf of our staff and users, but we encourage everyone to take part in making the internet more secure. As an individual, or a non-lawyer, you can help make the internet more secure by raising awareness through your personal networks, using encryption and tools like HTTPS Everywhere from the EFF, and supporting local organizations that support your rights on the interne
[18:55:06] <mpaulson-WMF>	 t. Talk about why privacy matters to your local or national politics to support privacy reform.
[18:55:24] <Philippe>	 Thanks. :-)
[18:55:33] <thedj>	 and in that category, what would be especially useful for non-US residents to get involved.
[18:55:34] <guillom>	 (Tell me if this is offtopic) HAve you heard about the new law proposal in France, that is proposing to set up permanent "black boxes" in ISP datacenters and the like? https://fr.wikipedia.org/wiki/Projet_de_loi_relatif_au_renseignement
[18:55:56] <Trijnstel>	 7:48 PM <jamesofur> Trijnstel: received, typing <- done typing? ;)
[18:56:24] <Philippe>	 Guillom, I think we can safely say... "uh... we'll be taking a look at that."
[18:56:28] <Trijnstel>	 btw, as a response to mpaulson-WMF...
[18:56:31] <marktraceur>	 Shameless plug: And using free software!
[18:56:42] <paravoid>	 guillom: Lawful Interception (LI) laws & associated equipment is pretty standard across Europe
[18:56:45] <Trijnstel>	 you say you support using personal networks, encryption, https etc
[18:56:55] <Trijnstel>	 and I assume you/the WMF also supports using Tor....
[18:57:02] <Trijnstel>	 which brings me back to Tor
[18:57:22] <Trijnstel>	 (personally I don't support Tor since it makes it harder for CUs to do their job....)
[18:57:28] <Trijnstel>	 but maybe I'm a bit biased here
[18:57:30] <Philippe>	 ....and at that point, we're almost out of time.  :-)
[18:57:37] <Trijnstel>	 yeah sorry :(
[18:57:42] <Vito>	 on the other hand the Foundation wants a certain accountability for users I think
[18:57:44] <lilatretikov>	 All -- I have to go to my next meeting. Thank you for your questions -- they were great! WMF, ACLU  staff -- thanks for heping with answers. See you all soon.
[18:57:54] <Philippe>	 I know that Lila has a meeting to run to, and so we need to wrap up.
[18:58:07] <thedj>	 Trijnstel: i think the big point here is fragmentation
[18:58:14] <jamesofur>	 Also, if anyone knows of any chilling effects that related to our projects (users who left, refused to edit certain articles, slowed down editing etc) because of the NSA or snowden revelations then we would be interested in hearing it (especially if it's in non english language wikis where it's harder for us to find it). You can email me at Jalexander@wikimedia.org
[18:58:21] <Philippe>	 Thanks, everyone.  We all think that it's important, though, that the WMF be visible to the community here and accountable for the reasoning behind this decision.
[18:58:31] <Philippe>	 So please feel free to continue to reach out with opinions and questions.
[18:58:43] <thedj>	 Trijnstel: it's ok if we want to block tor because it creates too much of a hassle.
[18:58:45] <Trijnstel>	 jamesofur: okay, will look at it
[18:58:50] <Philippe>	 You can write to me, or to legal@wikimedia.org. :-)
[18:58:53] <Trijnstel>	 found a few emails on OTRS
[18:58:56] <Philippe>	 And we'll be sure to pass your thoughts along.
[18:59:03] <thedj>	 and when we permit it, it's ok for a government agency to ask us to assist in solving a crime
[18:59:25] <Vito>	 that's one of my reasons in blocking open proxies
[18:59:25] * jamesofur waves and thanks everyone
[18:59:47] <thedj>	 but if everyone is by default suspect and gets collected in the 'potential crime'-bucket, then that's not ok
[18:59:50] * Philippe waves as well. :)
[19:00:12] <Trijnstel>	 7:59 PM <thedj> and when we permit it, it's ok for a government agency to ask us to assist in solving a crime <- why is that okay for the government agency?
[19:00:36] <Trijnstel>	 thedj: I don't get your point :)
[19:00:45] <thedj>	 solving a crime is not something i would want my government not be able to do
[19:00:55] * marktraceur wonders how he's supposed to talk to Philippe about things when he logs off.
[19:00:56] <Vito>	 Trijnstel: our logs might be useful in crime investigations
[19:01:03] <Trijnstel>	 Vito: yes, I get that
[19:01:11] <thedj>	 but then it should be possible to disclose this in a court case
[19:01:20] <thedj>	 and it should be the exception, not the rule
[19:01:23] <Dragonfly6-7>	 let's say someone uploads a photograph to commons of themselves committing a horrible crime. Wouldn't the right thing to do involve a checkuser to facilitate identifying that person?
[19:01:30] <Vito>	 (though subpoena suck)
[19:01:54] <Trijnstel>	 thedj: well, I've never experienced that any government asked me to send in logs or so...
[19:02:04] <Trijnstel>	 though it will probably happen
[19:02:07] <Dragonfly6-7>	 Trijnstel - 'have never' doesn't mean 'will never'
[19:02:08] <Dragonfly6-7>	 exactly
[19:02:12] <Vito>	 it happened for good reasons in the past
[19:02:21] <Trijnstel>	 8:01 PM <Dragonfly6-7> let's say someone uploads a photograph to commons of themselves committing a horrible crime. Wouldn't the right thing to do involve a checkuser to facilitate identifying that person? <- well, that happens....
[19:02:37] <Trijnstel>	 I don't know about a photo, but I do know about the emergency email
[19:03:08] <Trijnstel>	 https://en.wikipedia.org/wiki/Wikipedia:Responding_to_threats_of_harm
[19:03:20] <Trijnstel>	 + http://blog.wikimedia.org/2014/09/22/wikimedia-foundation-emergency-response-system/
[19:03:40] <Trijnstel>	 though that's always an exception (luckily)
[19:04:06] <Vito>	 but a certain degree of accountability is definitely needed
[19:04:13] <Trijnstel>	 Vito: but does that mean that governments will request CU data more when Tor is allowed?
[19:04:42] <Trijnstel>	 8:04 PM <Vito> but a certain degree of accountability is definitely needed <- agree
[19:04:50] <Trijnstel>	 eh, net split...
[19:05:09] <Trijnstel>	 8:04 PM <Vito> but a certain degree of accountability is definitely needed <- agree
[19:05:13] <Trijnstel>	 eh, net split...
[19:05:45] <Trijnstel>	 I still think an hour was way too short to talk about this important topic
[19:11:35] <Vito>	 Trijnstel: [20:04:13] <Trijnstel> Vito: but does that mean that governments will request CU data more when Tor is allowed? <-- with tor we will have just useless data
[19:12:16] <Trijnstel>	 8:05 PM <Trijnstel> 8:04 PM <Vito> but a certain degree of accountability is definitely needed <- agree
[19:12:24] <Trijnstel>	 8:05 PM <Trijnstel> I still think an hour was way too short to talk about this important topic
[19:12:33] <Trijnstel>	 Vito: yes, so you would support Tor?
[19:13:37] <Vito>	 current practice works fine
[19:13:53] <Vito>	 (giving out some per user except)
[19:29:58] <quiddity>	 Greetings all.
[19:30:12] <quiddity>	 Welcome to the Office Hour for discussing Flow.
[19:30:41] <quiddity>	 The main focus of this discussion is intended to be the upcoming conversion of LQT to Flow, on mediawiki.org
[19:31:00] <quiddity>	 See announcement and links at https://www.mediawiki.org/wiki/Topic:Sdoatsbslsafx6lw
[19:31:31] <quiddity>	 But the team is also ready and happy to discuss other aspects of Flow. (Main page at https://www.mediawiki.org/wiki/Flow )
[19:32:17] <dannyh>	 hi, I'm Danny -- product manager for the Collaboration team at WMF, working on Flow
[19:32:32] <superm401>	 I'm Matt, software engineer.
[19:32:35] <dannyh>	 and I'm happy to talk with you, answer questions etc.
[19:33:06] <quiddity>	 Does anyone have any questions, to get us started? :)
[19:33:39] <superm401>	 quiddity, you want to start with an overview of the MW.org conversion?
[19:34:15] <quiddity>	 Sure. The plan is currently drafted in more detail at https://www.mediawiki.org/wiki/Flow/LQT_conversion_process
[19:35:16] <quiddity>	 The team intends to begin the conversion on April 6 (Monday), with the assumption that all blockers are fixed before then.
[19:37:29] <quiddity>	 They'll begin converting just 2 pages ([[mw:VisualEditor/Feedback]] and [[mw:User talk:superm401]] (the volunteer-account usertalkpage of one of our engineers)
[19:39:38] <superm401>	 Task tracking the overall conversion is https://phabricator.wikimedia.org/T92303#1142516
[19:43:24] <YuviPanda>	 quiddity: would you rather fight 100 SULF sized ducks or one horse sized Flow?
[19:43:52] <quiddity>	 Ha!  One horse-sized Flow.
[19:44:09] * YuviPanda notes down, will use against quiddity at his RfA.
[19:44:12] <quiddity>	 I do not envy keegan's mailbox.
[19:44:30] <YuviPanda>	 Do not covet thy neighbor’s mailbox
[19:44:32] <dannyh>	 I would sit the ducks down and encourage them to work together as a team
[19:44:34] <Keegan>	 Grind grind grind grind
[19:45:03] <dannyh>	 -- or -- I would romance them
[19:45:04] <quiddity>	 Although, a horse-sized project like Flow, is somewhat made up of 100(0000000) duck sized issues...
[19:45:11] <thedj>	 so can i ask what the point is ? Is it just to get rid of LQT ?
[19:45:38] <dannyh>	 yeah, there's two points, and that's definitely one of them
[19:45:59] <dannyh>	 we're going to have to decommission LQT at some point
[19:46:09] <Negative24>	 I see it as a big step in Flow development
[19:46:09] <thedj>	 has there been an increase about complaints on LQT, or more maintenance than desired ?
[19:46:13] <dannyh>	 and we might as well start doing it now
[19:47:08] <dannyh>	 honestly, it's just silly for us to have 3+ different ways for people to talk on the same wiki
[19:47:38] <dannyh>	 so it's partly to get started on that process
[19:47:51] <dannyh>	 and then the other point is to have another place where people are using Flow
[19:48:13] <thedj>	 ok, do we have metrics to show that Flow can be as effective as LQT currently is ?
[19:48:17] <dannyh>	 which gives us real use cases where things are/aren't working well
[19:49:43] <thedj>	 my point being, are we aware of if the user is going to experience this as being 'upgraded' or being 'downgraded with betaware' :)
[19:49:46] <dannyh>	 mediawiki is going to be the first really active wiki where we're doing LQT -> Flow conversion
[19:50:09] <dannyh>	 my guess is that it's going to be seen as a lateral move at the moment
[19:50:14] <thedj>	 ok, so we don't know and are going to heavily adjust where required during the process ?
[19:50:26] <dannyh>	 "using betaware" --> "using different betaware"
[19:50:46] <dannyh>	 and then the different betaware is actively being worked on and improved
[19:50:56] <marktraceur>	 dannyh: Until it isn't.
[19:51:02] <thedj>	 ---> is a learning curve here, and  bad + learning curve == terrible :)
[19:51:13] <superm401>	 thedj, yeah, we've been very open to feedback in general.
[19:51:16] <wctaiwan>	 thedj: it's kind of irrelevant, though. LQT isn't being developed. Having developers use Flow will help / force them to fix whatever is wrong with it. MW.org is probably best-equipped to handle any rough edges.
[19:51:33] <superm401>	 For example, we were originally not going to do a TOC, but we looked into it further in response to feedback, and decided to.
[19:52:27] <thedj>	 ok, so what 5 things are we the most worries about/looking out for ? (assuming the conversion script works)
[19:52:35] <thedj>	 worried.
[19:52:46] <dannyh>	 the conversion script is pretty solid
[19:52:47] <wctaiwan>	 I guess you could argue that we should wait until we're absolutely certain Flow is at least as good as LQT, but I think such a comparison is difficult. LQT has the advantage of familiarity, and people are more willing to accept its faults because people are used to it.
[19:53:09] <dannyh>	 we did our first conversion on Officewiki, and then we've done a lot of test conversions for Translatewiki and Mediawiki.org
[19:53:47] <superm401>	 marktraceur, part of the LQT conversion is actually committing to not leaving unmaintained code out there.  Although LQT did not fully work out, we're making sure that data is not abandoned in an unmaintained product.
[19:53:54] <dannyh>	 the one thing that is unknown right now is being able to convert all existing LQT notifications into Flow notifications
[19:54:12] <dannyh>	 the watched pages will all copy over, so you'll still be watching the same pages/threads
[19:54:30] <dannyh>	 but this will be the first time we're converting existing notifications. it'll be interesting
[19:54:42] <superm401>	 It's possible we may have some further Parsoid issues (obscure content it is not yet able to handle), but we have plans to deal with it if that occurs.
[19:54:52] <superm401>	 We've dealt with all the issues like that which happened during testing.
[19:55:10] <quiddity>	 (test conversions can be seen at http://flow-tests.wmflabs.org/wiki/Testwiki:Support_desk vs https://www.mediawiki.org/wiki/Project:Support_desk )
[19:55:11] <thedj>	 one of my biggest concens right now is spam... About 9/30 notifications in my mw.org list is spam from the hovercards talk page...
[19:55:40] <thedj>	 which is a lot of noise for 1 page out of the dozens that i'm watching.
[19:55:50] <jorm>	 ugh, i had to unwatch that.
[19:56:35] <thedj>	 and this probably isn't easily solvable right ? because the notification system wasn't ever really designed to handle that ?
[19:56:37] <quiddity>	 thedj, I guess you're asking for a way to: watchlist a page, without *also* receiving (certain types of) Echo notification for it?
[19:56:57] <quiddity>	 i.e. a more powerful set of watchlist/notification configurations.
[19:56:58] <dannyh>	 we're going to be working in April on a more sophisticated watchlist/notifications system, to give people more options about how they're getting notified about new topics on a page they're watching
[19:57:00] <thedj>	 quiddity: no, i'm asking for a way for stuff that gets deleted to be removed from my list of notifications.
[19:57:01] <superm401>	 thedj, yes, it's solvable if this is a general issue people are having.  We've already adjusted the Flow notifications.
[19:57:17] <Negative24>	 How is this conversion going to look in watchlists and will their be email notifications about changes?
[19:57:59] <thedj>	 hovercards gets about 2 spam messages a day right now, and even though the flow messages are deleted, the 'new topic' notifs remain in my notifications.
[19:58:00] <quiddity>	 thedj, ah, I'll file a bug for that.
[19:58:14] <quiddity>	 (if there isn't one already)
[19:58:36] <dannyh>	 yeah, thank you for mentioning that -- I'm not watching Hovercards & I haven't seen a lot of deleted spam so far
[19:58:49] <dannyh>	 that is annoying and ought to be fixed
[19:58:52] <ebernhardson>	 is that also a problem where the spam filters need to be adjusted, or flow needs to support more mw spam prevention tehcniques?
[19:58:56] <superm401>	 I don't believe it will show in your watchlist, right ebernhardson?
[19:59:00] <superm401>	 I know it will not in RC.
[19:59:16] <superm401>	 Because they are old messages, just changing systems.
[19:59:19] <ebernhardson>	 superm401: all the new pages will have old timestamps, so nothing about the conversion should show up inthe watchlist specifically
[19:59:26] <ebernhardson>	 s/pages/topics/
[19:59:47] <superm401>	 Nor will there be an automated email notification for the conversion itself.
[19:59:56] <ebernhardson>	 we should double check re-notificaions though, i'm not sure if we have ensured those wont be sent out
[20:00:18] <dannyh>	 Negative24 when there's a new post on a conversation that you're following, it'll show up in your watchlist -- and new topics starting on a page that you're watching generate Echo notifications.
[20:00:34] <dannyh>	 Negative24 you can also get/turn off email notifications, it's in Preferences
[20:00:41] <superm401>	 dannyh, but that doesn't include new posts from the conversion itself.
[20:00:46] <superm401>	 Or at least shouldn't.
[20:01:13] <dannyh>	 superm401 right -- it'll just be new posts
[20:01:24] <thedj>	 abusefilter and captcha work ?
[20:01:26] <superm401>	 Right, normal posts made after the conversion is done will trigger notifications.
[20:01:29] <ebernhardson>	 thedj: yes
[20:01:40] <thedj>	 ok. that should help with fighting spam
[20:01:52] <superm401>	 thedj, yes, except that you can not tag posts that are allowed through.  You can just pass/reject.
[20:01:54] <ebernhardson>	 thedj: flow currently cupports abuse filter, confirm edit, spamblacklist, spamfilter and spamregex
[20:02:19] <thedj>	 ebernhardson: we need to make sure that's in the faq/announcement/docs whatever
[20:02:24] <quiddity>	 (details at https://www.mediawiki.org/wiki/Extension:Flow/Spam )
[20:02:30] <thedj>	 cool !
[20:06:21] <thedj>	 one thing that still has me worried a bit is inpage and inarchive search...
[20:06:33] <thedj>	 this still seems very weak in the current version of Flow
[20:06:34] <superm401>	  thedj, in-board search is our top search priority.
[20:07:02] <superm401>	 This will include both stuff that's already visible on the page, and farther down (i.e. stuff behind infinite scroll will be brought in if it matches your search results).
[20:07:10] <ebernhardson>	 it has been progressing, but a bit slowly because there are no engineers assigned the the foundation search infrastructure at the moment.  We are working on it though and getting closer every week
[20:07:13] <superm401>	 We've already implemented the back-end code for this.
[20:07:55] <superm401>	 The initial back-end code is pretty much done though, just needs code review (and any tweaks that brings up).
[20:08:45] <thedj>	 are we waiting for that or going forward in parallel ?
[20:09:35] <superm401>	 Waiting
[20:10:12] <dannyh>	 yeah, unfortunately we've been held up by it
[20:12:48] <Negative24>	 How will automated posts by bots and mass message be handled in Flow?
[20:13:18] <superm401>	 MassMessage already supports it.
[20:13:40] <superm401>	 Bots will need to be adapted.  This is already in progress, but will still need a significant amount of work.  We are supporting the bot writers and library writers on this.
[20:14:05] <legoktm>	 o/
[20:15:15] <thedj>	 hmm, i notice some of the menu items have no hover state at all.. that's slighly confusing. filing a ticket on that.
[20:15:49] <quiddity>	 I recently checked through the 1st page of contributions of accounts marked as https://www.mediawiki.org/w/index.php?title=Special:ListUsers&group=bot and couldn't see any usertalkpage edits (at LQT boards).
[20:16:46] <Negative24>	 Just LQT boards?
[20:17:27] <quiddity>	 That's all that is being converted, in the near future, at mediawiki.org
[20:17:54] <legoktm>	 I'm showing up late...will all users (including anons) be able to edit posts? Or will it still be restricted to admins only?
[20:18:14] <ebernhardson>	 we are soon trialing edits by autoconfirmed users on mw.org, enwiki and ruwiki
[20:18:26] <ebernhardson>	 (i think, lemme double check which ones)
[20:18:43] <ebernhardson>	 yes those three
[20:19:27] <ebernhardson>	 i believe we are shipping that wednesday after the train deploy
[20:19:28] <ebernhardson>	 ?
[20:20:40] <superm401>	 ebernhardson, don't see why not.  All blockers are done.
[20:20:56] <Negative24>	 legoktm: I believe that is T90670
[20:21:54] <legoktm>	 ebernhardson: why not allow new users+anons? are there technical blockers?
[20:21:58] <thedj>	 what about indexability etc ?
[20:22:10] <thedj>	 google i mean
[20:22:28] <superm401>	 legoktm, no.  It's just that it's not that common you need to edit someone's post, so it's questionable if anons need that right.
[20:22:37] <superm401>	 But it's fully configurable, so we can revisit that at any time.
[20:22:51] <superm401>	 Similar to why we don't let anons move pages.
[20:22:57] <quiddity>	 10 minute warning
[20:22:58] <superm401>	 Yes, it needs to be done, but not that often.
[20:25:01] <legoktm>	 superm401: I don't like the idea of new software implementing social restrictions that didn't exist before.
[20:25:41] <legoktm>	 superm401: it's a wiki, we adapt in response to issues. anons can't move pages because of huge page move vandalism problems...we don't have that issue with anons editing other people's posts in a malicious manner
[20:26:23] <thedj>	 actually, speaking of search engines. what page is the 'canonical' content page of a discussion. It's Topic page ?
[20:26:37] <ebernhardson>	 thedj: yes, the Topic: page
[20:26:39] <superm401>	 A wiki does not mean that all decisions have to be reactive.  However, this configuration is not set in stone.
[20:26:46] <thedj>	 since google punishes you for content duplication.
[20:27:26] <ebernhardson>	 thedj: wikipedia isn't treated like everything else in wikipedia, they have more employee's working on the search rankings of wikipedia in google than we have working on wikipedia
[20:27:40] <thedj>	 ebernhardson: can i change the indexability of a topic ?
[20:27:50] <ebernhardson>	 thedj: i dunno really
[20:28:12] <superm401>	 thedj, no.
[20:28:13] <thedj>	 probalby not possible for LQT right now, but gonna be important for a wider deploy
[20:28:40] <dannyh>	 what are the issues that might come up?
[20:28:42] <superm401>	 ebernhardson, that might be a slight exaggeration. ;)
[20:28:54] <thedj>	 currently entire talk pages are marked as NOINDEX by users.
[20:28:56] <ebernhardson>	 superm401: i mean in terms of # of engineers
[20:29:00] <superm401>	 Still
[20:29:19] <jayvdb>	 hi, I am looking for a flow dev to help mentor GSOC project https://phabricator.wikimedia.org/T67119 - Implement Flow support in Pywikibot
[20:29:26] <thedj>	 but that usually happens with the header templates. And if topics are the new 'canonical' urls, then that's where the indexability needs to be set.
[20:29:34] <thedj>	 or possibly inherited to.
[20:30:11] <superm401>	 jayvdb, let's talk about it in #wikimedia-collaboration afterwards.
[20:30:17] <thedj>	 think discussion pages of arbcom cases for instance. all hidden from search engines by default to limit off wiki real life impact for individuals.
[20:30:41] <dannyh>	 thedj that's a good question, it hasn't come up for us before -- we'll have to talk about it
[20:30:48] <superm401>	 thedj, but yeah, if you're aware of any specific indexing problems or ranking problems, please report them.
[20:30:58] <quiddity>	 legoktm, There has been some discussion about this before, including this small survey (in July 2013) where a number of editors made good points about regularly needing to fix the sandbox-type-experiments by unregistered users: https://en.wikipedia.org/wiki/Wikipedia_talk:Flow/Archive_3#Survey:_who_should_be_allowed_to_edit_another_person.27s_article_talk_page_comments.3F
[20:31:00] <superm401>	 Generally, it should work, since everything should be accessible with no-JS
[20:31:44] <legoktm>	 quiddity: thanks
[20:31:52] <superm401>	 At least all content is readable.
[20:32:18] <legoktm>	 quiddity: oh heh, I particpated in that discussion :P
[20:32:38] <quiddity>	 Ok, time is up for this hour.
[20:33:01] <quiddity>	 Much thanks to all participants, including the Collaboration Team, and the many people who brought up good questions.
[20:33:05] <superm401>	 Yep, thank you.
[20:33:09] <superm401>	 We'll be in #wikimedia-collaboration as usual.
[20:33:09] <dannyh>	 yes, thank you!
[20:33:11] <thedj>	 dannyh: i made a ticket
[20:33:13] <jayvdb>	 superm401: ok.
[20:33:18] <quiddity>	 The Logs will be posted on meta, soon.
[20:33:20] <dannyh>	 thedj good, thanks
[20:34:11] <thedj>	 ok, my concerns are mostly addressed for an LQT rollout. just wanted the team to know that.
[20:34:25] <quiddity>	 Thanks again, for asking the most (and good) questions. :)
[20:34:42] <dannyh>	 thedj oh, good! thanks
[20:35:01] <dannyh>	 thedj talk to you later
[20:35:26] <thedj>	 i would also still advise to spend a shit load of time on your communication strategies around this, but I guess that after the last two years of various mishaps, this shouldn't come up again... :)
[20:45:21] <EdSaperia>	 Hmm, just heard there was a flow meeting.
[20:45:27] <EdSaperia>	 I take it that's long over?
[20:45:39] <Negative24>	 Sorry about that. Internet conked out :(
[20:45:40] <EdSaperia>	 Ooh, logs...
[20:45:58] <Negative24>	 quiddity: Did I miss much?
[20:46:14] <Negative24>	 logs haven't updated
[20:46:39] <Negative24>	 Oh wait they have I just needed to clear my cache :)
[20:46:58] <quiddity>	 sorry, i'm eating lunch. I'll upload the logs in ~15 mins.
[20:47:21] <Negative24>	 I was referencing the catch-all logs
[20:48:51] <EdSaperia>	 Logs are fine
[20:49:24] <EdSaperia>	 Someone told me this was about Flow, but apparently it wasn't. Just some "suing the NSA" thing :P
[20:50:06] <harej>	 There were two meetings.
[20:50:10] <legoktm>	 EdSaperia: there were two meetings
[20:50:17] <harej>	 There are four lights!
[20:50:31] <EdSaperia>	 nine turtle doves
[20:51:48] <EdSaperia>	 Ah, so there was a meeting about flow after that meeting
[20:52:45] <Negative24>	 Yep. You can see the schedule here: https://meta.wikimedia.org/wiki/IRC_office_hours
[20:57:44] <EdSaperia>	 Cool. Quiddity can you ping my username when you update the logs?
[21:11:41] <quiddity>	 EdSaperia, logs are now at https://meta.wikimedia.org/wiki/IRC_office_hours/Office_hours_2015-03-23
[21:11:57] <quiddity>	 come to #wikimedia-collaboration for further discussion. :)