Forum:Ban account sharing on IRC

From the RuneScape Wiki, the wiki for all things RuneScape
Jump to: navigation, search
Forums: Yew Grove > Ban account sharing on IRC
Archive
This page or section is an archive.
Please do not edit the contents of this page.
This thread was archived on 3 April 2011 by Suppa chuppa.

NOTE: This is not an April Fool's Day thread. This is Serious Business(tm) that just happens to be posted on April 1st. Do not take this thread as a joke or post April Fool's-inspired responses.


Yesterday, Cook Me Plox and suppa chuppa gave each other their respective IRC passwords so they could join the channel as one another and pass themselves off as one another. Evidently this was for an April Fool's prank. Here are some relevant logs (truncated because there was quite a bit of irrelevant conversation between these events):

Mar 31 21:59:20 *	Cook_Me_Plox ([email protected]/Cook-Me-Plox) has left #wikia-runescape
Mar 31 21:59:30 *	suppa ([email protected]/Suppa-chuppa) has left #wikia-runescape ("brb")
Mar 31 22:01:01 *	suppa ([email protected]/Suppa-chuppa) has joined #wikia-runescape
Mar 31 22:01:02 *	ChanServ gives channel operator status to suppa
Mar 31 22:01:45 *	CookMePlox ([email protected]/Cook-Me-Plox) has joined #wikia-runescape
Mar 31 22:08:42 *	CookMePlox has kicked suppa from #wikia-runescape (nou)
Mar 31 22:08:48 *	suppa ([email protected]/Suppa-chuppa) has joined #wikia-runescape
Mar 31 22:08:49 *	ChanServ gives channel operator status to suppa
Mar 31 22:08:57 <@suppa>	Cook what the hell was that for?
Mar 31 22:08:59 <@CookMePlox>	er
Mar 31 22:09:02 <@CookMePlox>	wasn't me
Mar 31 22:09:06 <@suppa>	yes it was
Mar 31 22:09:29 <@CookMePlox>	nop
Mar 31 22:09:35 <@suppa>	You nominate me for adminship and you think you can do anything to me?
Mar 31 22:09:38 *	CookMePlox removes channel operator status from CookMePlox
Mar 31 22:09:41 <@suppa>	I've had it with you treating me like this.

When these two left and re-joined, I assumed that their nicks were accurate but they had changed their names. I never dreamed that they had actually switched accounts, and so I thought that suppa was honestly pissed off at Cook. Anyway, after that, it appears that neither of them left and re-joined for a while, which definitely makes me think that they were impersonating each other for some time afterward.

I think this went way too far. Sharing your account on IRC brings two big problems. The first applies to all users: We're dependent on NickServ to provide authenticity, which is to say that the person behind the nick is who they're supposed to be. Theoretically, anyone could join with the nickname Andorin while I'm offline and try to pass themselves off as me, but unless they were authenticated with NickServ and authorized to use this nick, it would be easy to tell that they were an imposter. Sharing your account on IRC is the same as sharing your account on any other service, including this wiki and RuneScape: You couldn't tell that someone else was using the account.

The second reason to not share accounts applies to channel operators and managers. Divulging the password to your account and allowing someone else on it, even once and even if you trust them with everything in the world, diminishes its security. When you have administrative access to a channel, this poses an obvious problem: If the account were compromised, someone could join and misuse that access to cause trouble or screw up the channel. You could even be blamed for it because, as I've said, the rest of us can't tell if someone else is on your account. Much like sysops, crats, and clan chat ranks, IRC operators and managers are supposed to be our most trustworthy users, and one of the very basic things I would expect from these users is to keep their accounts secure.

I don't want Cook and suppa to be punished, because their incident was less severe than it could have been. Both of them are already channel operators, so neither is an administrative threat while on the other's accounts. Also, I'm told that both changed their passwords afterward. However, actually impersonating one another by using each other's accounts was absolutely not okay (it is just about the biggest way you can violate the "don't impersonate other users" rule). Neither of them intended anything malicious; it was just a stupid April Fool's joke. But there is no plausible situation in which sharing your IRC account, especially when you have operator access to a channel, is acceptable.

So my proposal is this. We add a rule to RuneScape:Off-site/IRC stipulating that account sharing is strictly prohibited. Furthermore, I propose that in the event that a channel operator or channel manager is found to have divulged their password, their operator/manager access to the channel be removed immediately. This is not a punitive measure, but a precaution in the name of security; on the chance that their account has been compromised, we don't want an attacker to join #wikia-runescape and mess with anything. Would this revocation be permanent? I don't know. They would have to prove to the community that they could be trusted to keep their accounts secure, and off the top of my head I don't know how someone could do that. However, in my mind, there is no question that when we place trust in certain users to uphold rules & policies and make administrative decisions, part of that trust involves keeping your accounts secure in all circumstances.

Discuss. --Andorin (Talk) (Contribs) 19:36, April 1, 2011 (UTC)

Discussion

Calm down - It's an April fool's joke, the rules are relaxed a little. We obviously wouldn't do this any other time of year. Nbd. HaloTalk 20:45, April 1, 2011 (UTC)

I agree that not sharing your account should be a common sense issue, but that doesn't explain the opposition to my adding a rule against it. People objected in the IRC channel when I added the rule, so I started this thread. --Andorin (Talk) (Contribs) 20:55, April 1, 2011 (UTC)
Wha? - Nobody ever gets harmed from it; no harm no foul. (Although there is a somewhat confused Smuff sometimes). Smuff [citation provided] 21:48, April 1, 2011 (UTC)
You do not acknowledge the potential problems that I go to great lengths to outline in my post? --Andorin (Talk) (Contribs) 01:16, April 2, 2011 (UTC)
So deal with it on a case by case basis. If people are account sharing take a problem with it. You don't need an additional policy/rule to have grounds to do so. HaloTalk 08:31, April 2, 2011 (UTC)
It just appears to me that you're making this argument over a wrongly made assumption to be honest. Smuff [citation provided] 14:41, April 3, 2011 (UTC)
So essentially, what you're saying is that under normal (non-April Fools) circumstances, account sharing would be an actual serious problem? --Andorin (Talk) (Contribs) 17:31, April 3, 2011 (UTC)

Support - It should be comon sense, but it appears that quite a few of us are lacking in that area (hipocrit :P). - [Pharos] iPhone Edit 01:22, April 2, 2011 (UTC)

Support - Security is a top priority, and when those with powers lose it, then all hell can break loose. Zaros symbol.pngChaos Monk Talk SignCoins 250.png 01:28, April 2, 2011 (UTC)

Calm down - Per Halo --Cakemix 04:53, April 2, 2011 (UTC)

Um - Per above, it was AFD stupidity which has stopped now. ajr 15:47, April 2, 2011 (UTC)

April fools - per all... Andrew talk 16:41, April 2, 2011 (UTC)

Jokes should be allowed - Just let people be. If you want to know who is who you can query them to ask who they are if that's not clear to you. No need to add extra rules which killjoys will use to kill the joy when everyone knows it's a joke and not serious impersonating. And as they both gave each other's passwords, that shows they both agreed to do this. I'd say leave people be if they both want to do this. JOEYTJE50TALKpull my finger 14:35, April 3, 2011 (UTC)

There are limits on what can be justified as a joke. As for your "leave people be" comment, we have to do something if their actions would adversely affect our channel (as in the operator security argument). --Andorin (Talk) (Contribs) 17:31, April 3, 2011 (UTC)
Just like we trust sysops with sysop powers, we should also trust them to keep their account secure, and that they won't abuse trust. Also we should trust them they won't give their password to anyone who's slightly untrustworthy. As in this case, Cook and Suppa could be sure none of them would do anything with the other's password. Also, secure is definetely not the same as strictly private and secret in my opinion. Secure is as well giving your password, but watching the person you gave your password to, and changing your password afterwards. Then you can be completely secure, but still give access to your account for a short time. JOEYTJE50TALKpull my finger 19:05, April 3, 2011 (UTC)

Withdrawn - After a discussion with Cook in IRC I've decided that this proposal is unnecessary. --Andorin (Talk) (Contribs) 21:40, April 3, 2011 (UTC)

Closed - Nominator has withdrawn. Suppa chuppa Talk 21:44, April 3, 2011 (UTC)