Concerns were raised on the Foundation-l mailing list this week by several Wikipedians when it became known that the Office IT team of the Wikimedia Foundation had decided to start using Google Apps. Google Apps is a web-based office suite that includes Gmail, Google Calendar, Docs and other productivity tools.
User MZMcBride pointed out the software was closed source (in contrast to the open source nature of the MediaWiki software) and wondered if there was any connection to the $2 million grant that Google had given to Wikimedia. The privacy track record of Google was also under question, with Risker noting that "Google's greatest weakness is in the privacy sector. Anyone remember when they turned on Buzz and suddenly there was all kinds of personal information made available because they linked people's multiple accounts? Well, the same thing holds for all their other applications."
Jon Davis, the office IT employee who is running the migration, pointed out the benefits of online office tools for a group of people often on the road, the quality of the software and its usage of open standards. He added that the Foundation is a commercial user of the software and does not receive any benefits for its usage from Google. Responding to privacy concerns, he replied that:
“ | The EULA for Google App[s] is slightly different than the normal one. We continue to own our data and Google doesn't. We have had the EULA reviewed by legal counsel, as well as our in-house tech staff, and received the opinion that the privacy provisions were strong enough to meet our needs. | ” |
The Foundation's Deputy Director Erik Möller emphasized that its "general policy is to be as open on internal tools as reasonably possible", but that unfortunately the open source Mozilla Thunderbird email client didn't meet all its needs. "We're reluctantly switching to GMail as the standard email solution, but we'd love to switch to an open solution in future".
Last week's release of the Firefox extension Firesheep prompted discussion on the wikitech-l mailing list about the lack of default secure browsing for Wikimedia websites. Firesheep is a utility that simplifies hijacking the Twitter and Facebook accounts of other users when they use insecure Wi-Fi networks. Although not included in Firesheep, Wikipedia is vulnerable to the same problem unless people make use of the secure server when logging in to Foundation sites. Questions were raised regarding switching all login requests to such secure connections, but Foundation contractor Roan Kattouw quickly pointed out that to protect connections against this problem, all traffic (and not just all login requests) would have to make use of secure connections. On this point, there were many concerns about the hardware cost of switching all traffic to secure connections, but Conrad Irwin pointed out:
“ | There is no real massive load caused by https [using the secure server] at runtime. There is however a significant chink of developer and sys[tem] admin time needed to implement this and make it work. | ” |
Developer Ashar Voultoiz subsequently added an option to the interface of the MediaWiki software to simplify use of a secure server for logging in. The option will benefit other users of the software who do have the resources to provide a secure browsing environment. In the meantime, editors and especially administrators of the Foundation's websites are encouraged to make use of the secure server whenever they are logging in from open Wi-Fi networks and other shared internet connections, such as in libraries.
In August, The Signpost covered a study of the security of large websites, in which Wikipedia received a 4 out of 10 score on their current password practices.
Not all fixes may have gone live to WMF sites at the time of writing; some may not be scheduled to go live for many weeks.
Discuss this story
Secure browsing: it is possible to use a combination of server side scripting and JavaScript to create signed URLs: using encryption on the content of WP pages and the edits thereto,which are public knowledge, would be a waste of resource indeed. Rich Farmbrough, 09:51, 2 November 2010 (UTC).[reply]
- Keep in mind that the number of active editors is much, much smaller than the number of anonymous readers. I don't know whether the secure server would support us editing securely all at once, since WMF has not yet dedicated any special resources to scaling SSL, but you should always use it when editing from a network that you don't control such as an open wifi network, particularly if you have a privileged account. A hybrid solution that encrypts session data and not page content might be useful, but I know of no way to implement it and it still presents privacy risks (which articles you read says something about you). Dcoetzee 18:49, 3 November 2010 (UTC)[reply]
- Note, that well the secure site does protect your session, it doesn't really (overly) protect your privacy. Images are still loaded from the non-secure site. If you notice person A downloads 10 images in about 5 seconds, and there is only one page on wikipedia that uses precisely these ten images, it is a pretty sure bet that person A is looking at that page. (Of course, if someone is watching you that closely, you probably have bigger problems...). Bawolff (talk) 05:33, 4 November 2010 (UTC)[reply]
- Interesting, I didn't know that. I hope WMF will consider also protecting inline images by SSL, eventually - although I realise the cost of doing so would be somewhat greater than pages alone. This would be particularly important for people who are interested in learning more about topics related to sex and pornography and may not want this to be known. Dcoetzee 05:36, 4 November 2010 (UTC)[reply]
- Well there is a long standing bug - bugzilla:16822. But If you're really that concerned about your privacy, you can always use something like TOR. (which has the added bonus that even if the foundation was evil, they still wouldn't know who you are ;) Bawolff (talk) 00:24, 5 November 2010 (UTC)[reply]
- But we block TOR, remember? :P - Jarry1250 [Who? Discuss.] 17:46, 5 November 2010 (UTC)[reply]
No comments on the Wikimedia / Gmail story? Doesn't that concern some poeple? 128.59.179.238 (talk) 18:37, 18 November 2010 (UTC)[reply]