Ivanvector ArbCom protest

[The Garbage Scow]

https://en.wikipedia.org/wiki/User:Ivan ... ee_protest

Is he really arguing that requiring 2FA is some kind of abuse of power?

Other thoughts?

[Anroth]

It technically is on arbcoms part. It's not their decision on who is and isn't an admin except in emergencies or as a result of a case.

Since 2FA is not by policy required for being an admin, nor is it required by the WMF (for admins) and arbcom explicitly doesn't create policy - that's up to the community,as is who is and isn't an admin - It's a blatant power grab to attempt to have more control over admins.

[Kumioko]

I agree, for all the times Arbcom spouts nonsense about something not being within their remit, to then do something like this that obviously is, just shows how truly useless and manipulative they are. The community and in fact the WMF should be pushing back hard on this.

Having said that I do think that 2FA should be required, but that should be mandated by the WMF, site wide, not left to the individual projects. Not for something like this, it just doesn't make sense the WMF wouldn't be advocating this.

[Alex Shih]

While I think Ivanvector's "protest" is futile and quite silly, there are grains of truth in the sense how ArbCom is grossly overstepping with ambiguous "directives" while trying to argue that they are not creating new policy. Why the hell are Arbcom "issuing directives" at all? There are real issues everyday actually concerning users, but these are often blatantly ignored/avoided?

Although I am not surprised at the most of the members being this ridiculously out of touch (and for a few of those that actually cares, being cowardly in the face of intimidation from other arbs), I am a bit disappointed that Joe has slid into the arb mold perfectly; although in hindsight, it shouldn't have been surprising.

[C&B]

Joe has slid into the arb mold perfectly

Yeah, volunteering to write up proposed decisions and then fucking off to "dig holes in the ground", as the feller said

[The Garbage Scow]

Maybe it's ultimately more evidence of the WMF incompetence and sloth. They have glaring security issues that definitely need addressed.

[Poetlister]

Is Arbcom saying that all admins must have 2FA? How on earth could that be enforced? It might be reasonable to require a particular admin who seems to be very sloppy about security to have 2FA.

[Anroth]

Is Arbcom saying that all admins must have 2FA? How on earth could that be enforced? It might be reasonable to require a particular admin who seems to be very sloppy about security to have 2FA.

Might be yes. I would quite happily vote yes on any policy put forward that required admins to have 2FA before they can pick up the mop. But its not remotely within Arbcoms remit to set the criteria for being an admin.

[Alex Shih]

Is Arbcom saying that all admins must have 2FA? How on earth could that be enforced? It might be reasonable to require a particular admin who seems to be very sloppy about security to have 2FA.

I think the issue some people have is not about 2FA at all. The way I see it is that Arbcom is basically saying "existing policy encourages all users with advanced permissions to use 2FA anyway, so we are here to use a strongly worded reminder – not saying you "must" – but you should use 2FA. And if you don't use 2FA and your account becomes compromised, you may lose your admin privilege. Arbcom can say admins should use 2FA, that's okay. But to basically say they must use 2FA or else face consequence (direct threat) is very distasteful and antagonising, and at the risk of sounding like a broken record, completely out of their scope and out of touch with the "community". This happens when you put together a bunch of bureaucratic power mongering individuals that no longer edit the encyclopedia for years, and plus a few others that just goes with everyone else even if they clearly see what's wrong and disagree.

[BURob13]

The initial message sucked, but we definitely were not requiring 2FA. All we were trying to communicate is that admins must follow existing policies about administrator account security, and ArbCom is going to begin assessing whether they engaged in misconduct by failing to abide by those policies before returning privileges to compromised accounts. That's literally it. No new requirements, just the enforcement of old requirements - keep a secure password, basically.

[Boing! said Zebedee]

Yes, it was very poorly presented, but I think ArbCom was genuinely just trying to strongly stress the importance of account security. I've been in computer software and computer systems all my working life, always in positions where account security was essential, and it can be astonishingly difficult trying to get even intelligent educated computer techies to secure their accounts properly.

[Kumioko]

Yes, it was very poorly presented, but I think ArbCom was genuinely just trying to strongly stress the importance of account security. I've been in computer software and computer systems all my working life, always in positions where account security was essential, and it can be astonishingly difficult trying to get even intelligent educated computer techies to secure their accounts properly.

You guys can back pedal all you want, but that message is exactly what most of us have come to expect from the Arbcom. Poorly thought out, poorly worded, poorly implemented and poorly corrected when the problem was identified. This is what happens when you choose unqualified people to do a job like the Arbcom. You would be better off just eliminating the arbcom completely.

[Poetlister]

You would be better off just eliminating the arbcom completely.

That would ruin this site! What would we have to talk about?

[Instant Noodle]

Of all the things to protest against this seems rather trivial. Still, let's hope more admins join the boycott. Where does Bbb23 stand on this?

[Kumioko]

You would be better off just eliminating the arbcom completely.

That would ruin this site! What would we have to talk about?

We could always talk about my bullshit ban....rofl

[doggie015]

You would be better off just eliminating the arbcom completely.

That would ruin this site! What would we have to talk about?

We could always talk about my bullshit ban....rofl

Or my equally bullshit cban.

[C&B]

I'd forgotten about that!

Hi, Arbcom. I have another WP:ADMINACCTcase for you today - and this one is a doozy!