Talk:Basic Wiki Content and Editor Policies: Difference between revisions

From Enlace Hacktivista
Jump to navigation Jump to search
(→‎Content: Added a question at the bottom)
 
(14 intermediate revisions by 3 users not shown)
Line 11: Line 11:


* How is the information on the wiki different from the information on Wikipedia?
* How is the information on the wiki different from the information on Wikipedia?
** Mostly just most pages on here don't meet the standards of notability for inclusion in Wikipedia. Also we'd especially like to include any statements or textfiles published by the hackers, and any technical information about how the hack was performed. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
*** Speaking of technical information about the hack - does that include information from the subjects of the hack? Or third party analysis performed by cyber experts, etc.? [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 20:25, 25 December 2021 (UTC)
**** I'd personally favor first-party accounts from the hackers falling back on incident reports from the subject. With "cyber experts" you start running into things that are pure speculation. I'm trying to convey the instinct of what a hacker might look for with my writing, so where there is conflicting speculation, I'm favoring the easiest way in that "checks out." But people are welcome to add their own write ups/theories. If somebody does a better job trying to figure out how the hack was done than the cyber pundits, it's well researched and educational, I also don't see why we should not allow it. [[User:Amongomous|Amongomous]] ([[User talk:Amongomous|talk]]) 23:55, 25 December 2021 (UTC)
***** "I'd personally favor first-party accounts from the hackers falling back on incident reports from the subject." <--- Absolutely agree with this, especially for the purposes of this wiki. There are definitely times where we need to include both, though. One page I've been putting off creating is the [[Apple UDIDs]] entry, because it's a headache of contradictions and apparent lies. It's one of the instances where I don't think we can trust the hackers' account, but the full history and contradictory versions are definitely worth recording. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 15:31, 27 December 2021 (UTC)


==Editor conduct==
==Editor conduct==


* Do Conflicts Of Interest (COI) prevent users from editing a page?
* Do Conflicts Of Interest (COI) prevent users from editing a page?
** If not, should editors disclose their COI?
** If not, should editors disclose their COI?
 
*** If so, how to do this while maintaining OPSEC?
*** If so, how to do this without self-doxing?
 
* How should the community handle people using the wiki for self-promotion?
* How should the community handle people using the wiki for self-promotion?
* How should the community handle people using the wiki to attack or defame others?
** I think it's fine for people to edit pages about hacks they took part in and they shouldn't have to disclose it for obvious opsec reasons. If someone is using it to attack or defame others or for excessive self-promotion then we'll warn or block the user. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
* What about first hand experience and knowledge? If the wiki attracts people in the community, it may very well draw people who were "in the room." How should the wiki handle those situations?


==Content==
==Content==


* How are hacks attributed when they aren't claimed at the time, but attribution is later claimed?
* How are hacks attributed when they aren't claimed at the time, but attribution is later claimed without definitive proof?
 
** I think it should be noted with context and skepticism. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 22:20, 24 December 2021 (UTC)
* How are hacks attributed when they aren't claimed at the time, but alleged attribution is later given by a third party?
* How are hacks attributed when they aren't claimed at the time, but alleged attribution is later given by a third party - and denied by the alleged hacker?
 
** If there's conflicting claims I think we can just include both [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
* If a hack is just a dox, should it be included with the wiki?
* If a hack is just a dox, should it be included with the wiki?
 
** no [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
* If attribution isn't widely known or accepted, should it be listed on the wiki?
* If attribution isn't widely known or accepted, should it be listed on the wiki?
 
** If there's something public you can cite to back it [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
*** What if it falls into that amorphous field of "community knowledge" but it isn't published anywhere that's still accessible? After all, pastes get removed, forums go down, etc. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 20:25, 25 December 2021 (UTC)
* Do defacements count as hacks for the purpose of the wiki and the [[Hacker History]] section?
* Do defacements count as hacks for the purpose of the wiki and the [[Hacker History]] section?
 
** We don't really want to have articles about every defacement on zone-h, but I think we can include defacements if it's well-targeted and not just randomly scanning for and defacing vulnerable sites. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
*** It was pointed out to me that some defacements were used for communiques by groups like [[AntiSec]]. These probably shouldn't be listed as separate hacks (unless there was more to it) but they should probably be included on the wiki if they include a communique from a notable hacker or hacker group/collective. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 20:25, 25 December 2021 (UTC)
* Does malware count as a hack for the purpose of the wiki and the [[Hacker History]] section?
* Does malware count as a hack for the purpose of the wiki and the [[Hacker History]] section?
 
** I'd propose that malware itself doesn't, but hacks based on malware obviously do. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 22:20, 24 December 2021 (UTC)
* Do ransomware hacks count for the purpose of the wiki and the [[Hacker History]] section?
* Do ransomware hacks count for the purpose of the wiki and the [[Hacker History]] section?
 
** I think we should include if there was data leaked in the public interest. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
** Leaked negotiations and chats with ransomware hackers can also prove enlightening and interesting for cultural and historical value. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 22:20, 24 December 2021 (UTC)
* Do commercial hacks count for the purpose of the wiki and the [[Hacker History]] section?
* Do commercial hacks count for the purpose of the wiki and the [[Hacker History]] section?
 
** I feel like if maybe if there's information that would particularly fit the wiki, like communications/messages from the hackers or technical information about the hack. But if it's basically just a breach notification, it'd just be cluttering up the wiki and missing what I understand the intent of its spirit to be. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 20:25, 25 December 2021 (UTC)
* Do state sponsored hacks count for the purpose of the wiki and the [[Hacker History]] section?
* Do state sponsored hacks count for the purpose of the wiki and the [[Hacker History]] section?
** What about cases like Shaltai-Boltai or Lulzsec that started off independent but were later run by states? I think it's fine to include but we should put a note about state involvement. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
** I think we should include them and generally take the hackers' word for it when they claim to be hacktivist until there is solid proof otherwise. Especially if we can demystify the hack to show that the level of technical sophistication is attainable by a single person or small group. Something like the recent Iran railways hack comes to mind where there is a lot of accusation of state backing, but no solid proof besides "it seems too well resourced to really be hacktivism." [[User:Amongomous|Amongomous]] ([[User talk:Amongomous|talk]]) 00:45, 25 December 2021 (UTC)
*** Just chiming in here to say I think this is a really good point and goal. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 01:20, 25 December 2021 (UTC)
** I'd eventually like to cover SolarWinds from the attackers' perspective and there is certainly a lot about this one that we do not yet know about, so it could be an interesting subject of leaks in itself. [[User:Amongomous|Amongomous]] ([[User talk:Amongomous|talk]]) 01:53, 26 December 2021 (UTC)
* What about leaks of state sponsored hacks/hackers? e.g. Vault 7, Vault 8, Shadowbrokers
* What about cases where someone presents as a hacktivist, but there's widespread acceptance that they're a state sponsored actor? e.g. Guccifer 2.0


* Do "script kiddie" hacks count for the purpose of the wiki and the [[Hacker History]] section?
** I don't think we should include untargeted attacks, like script kiddies just scanning the internet and defacing whatever vulnerable websites they find. If the hack is of a well-chosen target but the methods are basic or "script kiddie" I think it's fine for inclusion. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
*** This makes sense, especially considering the number of hacks that are simple or basic and waiting to happen, just lacking someone with the will and interest. After all, how frequent do articles after the fact marvel that a hack didn't happen earlier? Epik is recent one example that comes to mind where there was that sort of commentary. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 22:20, 24 December 2021 (UTC)
* Do hacks have to meet a notability test, similar to Wikipedia articles?
* Do hacks have to meet a notability test, similar to Wikipedia articles?
 
** I don't think there needs to be a notability test, but if the wiki starts getting unbalanced with too many articles about some not-so-notable hacker group then we'll think if we need standards [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
** If something that wouldn't otherwise qualify is especially notable, does that make a difference?
* If something that wouldn't otherwise qualify is especially notable, does that make a difference?
 
** I don't think it should, unless it was already very borderline. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 22:20, 24 December 2021 (UTC)
* How should the wiki treat anonymous (lowercase a) research?
* How should the wiki treat anonymous (lowercase a) research?
 
** It should probably ignore it unless it's been peer reviewed in someway. [[User:Mx Yzptlk|Mxy]] ([[User talk:Mx Yzptlk|talk]]) 22:20, 24 December 2021 (UTC)
* How should the wiki treat claims, statements and self-identifications from dishonest hackers?
* How should the wiki treat claims, statements and self-identifications from dishonest hackers? At what point does correcting this become doxing and does it matter?
 
** In theory this site is just documenting what's already been public so I don't think we're doxing anyone. If a hacker claimed something that's probably false, I think we should include it, with a note about why it's probably false. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
** At what point does correcting this become doxing?
* If the wiki seeks to capture a sort of oral history of hackers, it'll inevitably capture disputed claims - should it seek to reconcile these, or simply record them and their discordance?
 
** We should just record the different claims, unless there's very strong evidence that one is correct and the other is just wrong. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
* If the wiki seeks to capture a sort of oral history of hackers, it'll inevitably capture disputed claims - should it seek to reconcile these, or simply record them and their discordance?  
 
* How should the wiki handle allegations of hackers cooperating with law enforcement, etc.?
* How should the wiki handle allegations of hackers cooperating with law enforcement, etc.?
** We shouldn't accuse without good evidence but if there's solid evidence I think it's worth including [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
* How much media should be hosted on the wiki?
* Should the wiki include things like logs?
* How much cultural content should go on the wiki? e.g. Hacker zines
** It's fine to include but I don't think it's that important to mirror stuff that's already in phrack or textfiles.com or otherwise well-archived and unlikely to disappear. [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
* What about non-English content?
** non-english content is good [[User:Enlacehacktivista|Enlacehacktivista]] ([[User talk:Enlacehacktivista|talk]]) 21:55, 24 December 2021 (UTC)
* How should we handle articles for serialized hacks? e.g. Nintendo Gigaleaks seems to be a series of hacks collected under one banner/name - but the hacks and leaks took place at different times.
* How should we handle things that are definitely leaks - but the exfiltration had some element of hacking? e.g. Snowden and Schulte are both definitely leakers, but copying and exfiltrating the data involved some level of activity that could be considered hacking. There are other examples.

Latest revision as of 21:07, 27 December 2021

Please use this space to discuss the basic scope and purpose of the wiki

Format

Please add more questions to the appropriate section, and add your thoughts and comments under each question.

For the purposes of this Discussion page only, questions do not need to be signed - only answers and comments.

Questions

General

  • How is the information on the wiki different from the information on Wikipedia?
    • Mostly just most pages on here don't meet the standards of notability for inclusion in Wikipedia. Also we'd especially like to include any statements or textfiles published by the hackers, and any technical information about how the hack was performed. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
      • Speaking of technical information about the hack - does that include information from the subjects of the hack? Or third party analysis performed by cyber experts, etc.? Mxy (talk) 20:25, 25 December 2021 (UTC)
        • I'd personally favor first-party accounts from the hackers falling back on incident reports from the subject. With "cyber experts" you start running into things that are pure speculation. I'm trying to convey the instinct of what a hacker might look for with my writing, so where there is conflicting speculation, I'm favoring the easiest way in that "checks out." But people are welcome to add their own write ups/theories. If somebody does a better job trying to figure out how the hack was done than the cyber pundits, it's well researched and educational, I also don't see why we should not allow it. Amongomous (talk) 23:55, 25 December 2021 (UTC)
          • "I'd personally favor first-party accounts from the hackers falling back on incident reports from the subject." <--- Absolutely agree with this, especially for the purposes of this wiki. There are definitely times where we need to include both, though. One page I've been putting off creating is the Apple UDIDs entry, because it's a headache of contradictions and apparent lies. It's one of the instances where I don't think we can trust the hackers' account, but the full history and contradictory versions are definitely worth recording. Mxy (talk) 15:31, 27 December 2021 (UTC)

Editor conduct

  • Do Conflicts Of Interest (COI) prevent users from editing a page?
    • If not, should editors disclose their COI?
      • If so, how to do this while maintaining OPSEC?
  • How should the community handle people using the wiki for self-promotion?
  • How should the community handle people using the wiki to attack or defame others?
    • I think it's fine for people to edit pages about hacks they took part in and they shouldn't have to disclose it for obvious opsec reasons. If someone is using it to attack or defame others or for excessive self-promotion then we'll warn or block the user. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
  • What about first hand experience and knowledge? If the wiki attracts people in the community, it may very well draw people who were "in the room." How should the wiki handle those situations?

Content

  • How are hacks attributed when they aren't claimed at the time, but attribution is later claimed without definitive proof?
    • I think it should be noted with context and skepticism. Mxy (talk) 22:20, 24 December 2021 (UTC)
  • How are hacks attributed when they aren't claimed at the time, but alleged attribution is later given by a third party - and denied by the alleged hacker?
    • If there's conflicting claims I think we can just include both Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
  • If a hack is just a dox, should it be included with the wiki?
  • If attribution isn't widely known or accepted, should it be listed on the wiki?
    • If there's something public you can cite to back it Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
      • What if it falls into that amorphous field of "community knowledge" but it isn't published anywhere that's still accessible? After all, pastes get removed, forums go down, etc. Mxy (talk) 20:25, 25 December 2021 (UTC)
  • Do defacements count as hacks for the purpose of the wiki and the Hacker History section?
    • We don't really want to have articles about every defacement on zone-h, but I think we can include defacements if it's well-targeted and not just randomly scanning for and defacing vulnerable sites. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
      • It was pointed out to me that some defacements were used for communiques by groups like AntiSec. These probably shouldn't be listed as separate hacks (unless there was more to it) but they should probably be included on the wiki if they include a communique from a notable hacker or hacker group/collective. Mxy (talk) 20:25, 25 December 2021 (UTC)
  • Does malware count as a hack for the purpose of the wiki and the Hacker History section?
    • I'd propose that malware itself doesn't, but hacks based on malware obviously do. Mxy (talk) 22:20, 24 December 2021 (UTC)
  • Do ransomware hacks count for the purpose of the wiki and the Hacker History section?
    • I think we should include if there was data leaked in the public interest. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
    • Leaked negotiations and chats with ransomware hackers can also prove enlightening and interesting for cultural and historical value. Mxy (talk) 22:20, 24 December 2021 (UTC)
  • Do commercial hacks count for the purpose of the wiki and the Hacker History section?
    • I feel like if maybe if there's information that would particularly fit the wiki, like communications/messages from the hackers or technical information about the hack. But if it's basically just a breach notification, it'd just be cluttering up the wiki and missing what I understand the intent of its spirit to be. Mxy (talk) 20:25, 25 December 2021 (UTC)
  • Do state sponsored hacks count for the purpose of the wiki and the Hacker History section?
    • What about cases like Shaltai-Boltai or Lulzsec that started off independent but were later run by states? I think it's fine to include but we should put a note about state involvement. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
    • I think we should include them and generally take the hackers' word for it when they claim to be hacktivist until there is solid proof otherwise. Especially if we can demystify the hack to show that the level of technical sophistication is attainable by a single person or small group. Something like the recent Iran railways hack comes to mind where there is a lot of accusation of state backing, but no solid proof besides "it seems too well resourced to really be hacktivism." Amongomous (talk) 00:45, 25 December 2021 (UTC)
      • Just chiming in here to say I think this is a really good point and goal. Mxy (talk) 01:20, 25 December 2021 (UTC)
    • I'd eventually like to cover SolarWinds from the attackers' perspective and there is certainly a lot about this one that we do not yet know about, so it could be an interesting subject of leaks in itself. Amongomous (talk) 01:53, 26 December 2021 (UTC)
  • What about leaks of state sponsored hacks/hackers? e.g. Vault 7, Vault 8, Shadowbrokers
  • What about cases where someone presents as a hacktivist, but there's widespread acceptance that they're a state sponsored actor? e.g. Guccifer 2.0
  • Do "script kiddie" hacks count for the purpose of the wiki and the Hacker History section?
    • I don't think we should include untargeted attacks, like script kiddies just scanning the internet and defacing whatever vulnerable websites they find. If the hack is of a well-chosen target but the methods are basic or "script kiddie" I think it's fine for inclusion. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
      • This makes sense, especially considering the number of hacks that are simple or basic and waiting to happen, just lacking someone with the will and interest. After all, how frequent do articles after the fact marvel that a hack didn't happen earlier? Epik is recent one example that comes to mind where there was that sort of commentary. Mxy (talk) 22:20, 24 December 2021 (UTC)
  • Do hacks have to meet a notability test, similar to Wikipedia articles?
    • I don't think there needs to be a notability test, but if the wiki starts getting unbalanced with too many articles about some not-so-notable hacker group then we'll think if we need standards Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
  • If something that wouldn't otherwise qualify is especially notable, does that make a difference?
    • I don't think it should, unless it was already very borderline. Mxy (talk) 22:20, 24 December 2021 (UTC)
  • How should the wiki treat anonymous (lowercase a) research?
    • It should probably ignore it unless it's been peer reviewed in someway. Mxy (talk) 22:20, 24 December 2021 (UTC)
  • How should the wiki treat claims, statements and self-identifications from dishonest hackers? At what point does correcting this become doxing and does it matter?
    • In theory this site is just documenting what's already been public so I don't think we're doxing anyone. If a hacker claimed something that's probably false, I think we should include it, with a note about why it's probably false. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
  • If the wiki seeks to capture a sort of oral history of hackers, it'll inevitably capture disputed claims - should it seek to reconcile these, or simply record them and their discordance?
    • We should just record the different claims, unless there's very strong evidence that one is correct and the other is just wrong. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
  • How should the wiki handle allegations of hackers cooperating with law enforcement, etc.?
    • We shouldn't accuse without good evidence but if there's solid evidence I think it's worth including Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
  • How much media should be hosted on the wiki?
  • Should the wiki include things like logs?
  • How much cultural content should go on the wiki? e.g. Hacker zines
    • It's fine to include but I don't think it's that important to mirror stuff that's already in phrack or textfiles.com or otherwise well-archived and unlikely to disappear. Enlacehacktivista (talk) 21:55, 24 December 2021 (UTC)
  • What about non-English content?
  • How should we handle articles for serialized hacks? e.g. Nintendo Gigaleaks seems to be a series of hacks collected under one banner/name - but the hacks and leaks took place at different times.
  • How should we handle things that are definitely leaks - but the exfiltration had some element of hacking? e.g. Snowden and Schulte are both definitely leakers, but copying and exfiltrating the data involved some level of activity that could be considered hacking. There are other examples.