This is an archive of past discussions about Wikipedia:Discord. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.
Latest comment: 5 years ago2 comments2 people in discussion
I wanna suggest a bot that'll help add roles to users, just for customization. Roles can include "rollbacker", "pending pages reviewer", etc.. You can use YAGPDB.xyz, a utility bot. Setting up custom roles is kinda tricky, but there is a tutorial vid on it. Thanks! ;) –apap04 talk | contributions03:01, 22 September 2019 (UTC)
I brought this up today again and was sent the diff for this. :) I agree there should be roles for Rollbacker and pending pages, but also language proficiency, that can be added via bot. Ideally, the system would allow new roles to be added and configured quickly. (also if Wikibot's source is on GH then I could simply make a PR with the changes) - VeryGoodDog21:36, 12 October 2019 (UTC)
Server bots for a Wikivoyage server
Latest comment: 4 years ago6 comments4 people in discussion
Good day!
I am assisting ויקיג'אנקי with setting up a central server for the Wikivoyage project. We would like to know whether the server bots would be available to be used in it, and if so, how we can get these bots working on the server. Thank you in advance! -- Wauteurz (talk) 20:29, 16 April 2020 (UTC)
@Wauteurz: your server can get WikiBot if it has a sufficient number of members (10 or more, just to prove that it is an active server) and if you write me about it on Discord. stjn[ru]16:55, 24 April 2020 (UTC)
@Wauteurz: Same as stjn above, I'm happy to support this request given the server has sufficient members. However I am going to begin rewriting the bot for proper OAuth so it'd be easiest to wait until after that has been conducted. I aim for the end product to have users just authenticate to Wikimedia, which can then be used among any Wikiproject. — IVORKTalk05:05, 18 May 2020 (UTC)
@IVORK: Thank you. If the bot will be reworked completely, then I reckon it'd be best for us to wait for a bit before setting it up for the Wikivoyage server. Is there any kind of ETA on when the bot will have these functions? -- Wauteurz (talk) 13:37, 30 May 2020 (UTC)
Latest comment: 4 years ago43 comments10 people in discussion
The following discussion is closed. Please do not modify it. Subsequent comments should be made in a new section.A summary of the conclusions reached follows.
Feedback has been reviewed and in many cases implemented. Guidelines are now considered "live"
This section is for feedback regarding Wikipedia:Discord/Guidelines, a tweaked and expanded version of the IRC guidelines to soon take effect as the rules for the Discord server. Much of the guidelines are taken straight from the IRC guidelines, with the language modernized (1-7). Several new bullets are added that deal with Discord specifically (7-11). Leave any feedback, questions or concerns you have here. Not every rule is expected to be popular and final decision will lie with the moderators and admins. -- ferret (talk) 17:55, 28 July 2020 (UTC)
I agree with all of these. A query about number 8 though - it's supposed to prevent impersonation, which is good. But does that mean that one can't just change their display name to something that's not already taken as a valid username on-wiki? For instance, can someone not have their display name as just "Shipping Container" without having their on-wiki username or nickname in their display name as well? Also, does number 9 mean that memes should not be spammed except in offtopic? epicgenius (talk) 18:03, 28 July 2020 (UTC)
Nicknames should always make it clear who you are, whether by including your normal chat name or on-wiki username in some fashion. Nicknames have generated a lot of complaints lately. Keep in mind that the compact mode doesn't show avatars/profiles, so name changes can be even more confusing. As for memes, they shouldn't be excessively spammed anywhere. Offtopic is monitored more lightly but just back to back spam is a problem even there if it's disrupting the chat. -- ferret (talk) 18:09, 28 July 2020 (UTC)
I see, thanks. If I'm understanding correctly: nicknames or usernames should be incorporated into the display name in some fashion, and memes should be used only sparingly and only in offtopic if possible. Since Discord caters to a generally younger audience than IRC, I think that is a good tradeoff. epicgenius (talk) 18:12, 28 July 2020 (UTC)
@Epicgenius: I think that's a reasonable interpretation Epic re nicknames. Regarding memes, my rough viewpoint is "memes with no relation to the discussion should go in offtopic. Even if they are relevant, they should be rare, or still be moved to OT. Being in OT does not permit mass spamming/disruptive meming" The boundaries are more likely to be firmly enforced if there are individuals in the channel at that point who don't want it/are talking about something different. — Preceding unsigned comment added by Nosebagbear (talk • contribs) 19:02, 28 July 2020 (UTC)
Thanks for the guidelines ferret, as we requested. I agree with all of this. But I am afraid I will have to trouble you with another question about the nickname guideline. Some people usually Susmuffin and Epicgenius impersonate k6ka and other "popular" Discord memebers, jokingly of course, by having a nickname like "Mr Pee Vilenski", "Probably k6ka", "Thicc genius". These nickname can appear as disruptive but not always. Is this allowed? Ainz Ooal Gown (talk) 19:27, 28 July 2020 (UTC)
Under the guideline, it is not allowed unless they make it clear who they really are, such as with the suggested inclusion of their normal name in parenthesis. -- ferret (talk) 19:42, 28 July 2020 (UTC)
I have a suggestion: You can click someone's username on discord to see their actual account. For example, my discord account is @leijurv#5021, and no matter what my nickname is, you see my account when you click my name. Perhaps that could be sufficient? Leijurv (talk) 19:48, 28 July 2020 (UTC)
I dunno. That might not work for people like me, where my account name is @ryanmng#8888 and not anything resembling my Wikipedia username. epicgenius (talk) 20:05, 28 July 2020 (UTC)
True. I sort of figured that the point of the WikiAuthBot was to allow exactly this, a verifiable way to link your Discord to your Wikipedia account. I just don't really think it's a good assumption that someone's Discord name or nickname will match their on-wiki name. Unlike IRC where it's different per-server, your Discord account (and therefore your default nickname) is shared everywhere so it would probably be an undue burden to make them match. I wonder if WikiAuthBot could enforce a nickname policy where once you link a wiki account, it forces your nickname to always be that :) Leijurv (talk) 20:08, 28 July 2020 (UTC)
We're concerned only with nicknames, which are per server. It doesn't necessarily have to be your onwiki name, so long as it's a stable name that you've established a presence with. -- ferret (talk) 20:19, 28 July 2020 (UTC)
Hm. Then I'm confused by but it should be clear to chatters who you are at all times, such as suffixing your normal name in parenthesis. So does "normal name" mean your established-presence name and not your onwiki name? Leijurv (talk) 20:23, 28 July 2020 (UTC)
It can. We have no rule that users must authenticate with their Wiki identity. As long as it's clear who you are, in the context of a user who has been chatting on the server for some time, you're fine. -- ferret (talk) 20:27, 28 July 2020 (UTC)
I see. I'm not really sure about this one, I probably wouldn't include it myself. I think the wiki auth bot is sufficient proof of stable identity enough to prevent impersonation from having negative outcomes (beyond just confusion), as well as the role colors not being fake-able. I also actually think that a profile pic is a sufficient "continuity of identity" in most cases. I guess I just think the nickname foolishness is pretty harmless :) Leijurv (talk) 20:30, 28 July 2020 (UTC)
Profile pictures aren't shown next to messages in compact mode. I personally have no idea what any of your profile pictures are. This is generating significant complaints in my inbox, though, which is why a rule was included. I think you're focused on the "imposture" aspect of it, which is fine, but that's not driving complaints. Annoyance and confusion at rapidly changing nicknames is. -- ferret (talk) 20:37, 28 July 2020 (UTC)
Ah. I didn't know either of those things. I'm realizing that if there were no profile pictures, I wouldn't have what I rely on to realize what susmuffin's latest nickname is. And I don't see the complaints myself. Obviously the moderator burden of handling / explaining those situations will outweigh the "fun". Sounds good. Thanks! Leijurv (talk) 20:47, 28 July 2020 (UTC)
FWIW strongly support a guideline to ensure names match (or at least include) Wikipedia usernames when the person does indeed have a Wikipedia account. It's persistently confusing/distracting to have to click people's names and/or search the wikiauthlog (more so when people take each other's names -- in friendliness, granted, but unless it's going to be a small private club that's not really great practice). On a someone separate note, I'd feel more comfortable if everyone were authenticated. Maybe it's worth exploring having a default help channel for people without an account and the rest only if authenticated? — Rhododendritestalk \\ 20:38, 28 July 2020 (UTC)
Forcing confirmation outside of #general is possible, but I don't want to tackle that just yet as part of this round of establishing guidelines. -- ferret (talk) 20:49, 28 July 2020 (UTC)
Just commenting to say it should definitely be possible to get my bot changing nicknames on auth & go back to change others. Would just need the bot to get manage_members and all users get change_nickname denied. Other WMF servers don't allow image upload until authenticated or allow access to the WPproject channels, imo something similar would be good. Only issues to consider are for long-term IP editors. — IVORKTalk22:34, 28 July 2020 (UTC)
I might also make the Discord TOS part more explicit. I separately help manage a large public Discord so we've run against just about every possible thing that can go wrong. Discord places the burden on the owners of the server regarding following the TOS. For example, a friend of mine has a very active server with 7,000+ members, and he received a notification from Discord Trust and Safety that his server had content that violated the TOS within the last week. They did not say what was violating or where, the burden was on the Discord server to fix the problem. It might be worth emphasizing that infringing content can negatively impact the server on a whole, not just one user. One example is posting NSFW: Discord's TOS allows users between 13 and 18 to use the service, but also requires that any NSFW be posted in channels marked as NSFW, which brings up an additional menu requiring you to confirm you're 18+. Posting NSFW in non-NSFW marked channels, without moderators quickly removing it, can put the whole server at risk. So this part should be emphasized more. Also, Discord TOS does forbid any form of doxing / personal information already, as well as a laundry list of other unexpectedly prohibited behaviors (e.g. discussing cheating in video games). It might be worth adding stronger language that guides users towards reading the Discord TOS before doing anything sketchy. Leijurv (talk) 19:52, 28 July 2020 (UTC)
@Leijurv and Giraffer: I've expanded slightly on Discord TOS and it's precedence over any community guideline/policy like NOTCENSORED, as well as added a direct call out about NSFW content in the bullet about explicit content. -- ferret (talk) 21:16, 28 July 2020 (UTC)
What is the meaning of large gifs? Like, large in file size? Length? Amount of space they take up physically on the screen? Leijurv (talk) 19:58, 28 July 2020 (UTC)
Space on screens, need to come back to this one. It really should be more about content, flashing screens, etc. I'm open to suggestions on wording. -- ferret (talk) 20:23, 28 July 2020 (UTC)
Large file sizes might not be necessarily bad based on the context (and many media files may be at a higher resolution than what's needed). File size is restricted for non-nitro users anyway. But rapidly flashing or blinking gifs are more disruptive in my opinion. epicgenius (talk) 20:30, 28 July 2020 (UTC)
I might also suggest a guideline advising against non-English conversation, since I've seen that come up. Leijurv (talk) 20:00, 28 July 2020 (UTC)
Since we interact with many projects I don't think we should make this a rule. Short conversations to help someone struggling aren't a big deal. -- ferret (talk) 20:23, 28 July 2020 (UTC)
This is risky, as absolute statements don't make sense. As well as any future dedicated channels, there's also discussion on non en-wiki wikis, which can require it. Nosebagbear (talk) 20:27, 28 July 2020 (UTC)
I'd back expanding excessive pinging to users (such as @here pings etc) but it's thus far been a problem with admin/mod pings. Nosebagbear (talk) 20:27, 28 July 2020 (UTC)
I would also like to see a higher standard of conduct than simply avoiding 'insulting' or 'harassing' conduct. We have a low-enough bar for civility on-wiki without diluting it further on Discord. Darren-Mtalk20:09, 28 July 2020 (UTC)
This one is essentially pulled from the current IRC channel guidelines on Meta. I'm open to suggestions. -- ferret (talk) 20:23, 28 July 2020 (UTC)
I'm reticent about falling further down this line by rigid rules - the behaviour levels enforced aren't going to change much from what they are now - this is just a short-hand summary. Firmer wording also risks putting everyone who teases each other on it into breaching the rules. Nosebagbear (talk) 20:27, 28 July 2020 (UTC)
I think it's very well written (and agree with all the points) but maybe I would reword the last point to clarify that Discord TOS takes precedence over WP:NOTCENSORED, as some people may not be able to derive that from what is written. Otherwise thumbs up from me! Regards, Giraffer (munch) 21:00, 28 July 2020 (UTC)
Replied under Leijurv's similar concern. I think we can consider Discord server links as just normal spam and not give a direct call out. -- ferret (talk) 21:16, 28 July 2020 (UTC)
Just my 2¢ @Ferret: but I think this might be one of the very few instances where an @everyone ping is justified since this should basically apply and be read by all Discord users. Ben · Salvidrim!✉21:56, 28 July 2020 (UTC)
Also we need a modbot to set temporary bans/mute for punishment for less severe cases. A Discord server mute is done through assigning a Muted role on Discord which explicitly denies the permission to send messages in all channels effectively muting them like in voice channels. You can do it manually or have a modbot do it for you for convenience. Also, it would be nice to have a public modlogs channel like IRC ban list as we have seen a recent increase of trolls and NOTHERE in the server. Thoughts on this everyone? I personally don't see any reason for not making mod logs public. I am not asking for "audit log" to be public because it might contain other server related changes besides mod log. Looking forward to your replies everyone. Ainz Ooal Gown (talk) 16:19, 29 July 2020 (UTC)
A modbot or muting go beyond the scope of this discussion, as they are mechanisms for enforcing guidelines. If and when the moderator work load requires such, they'll be researched. At this time we're just establishing the baseline guidelines clearly and expanding from IRC to account for Discord's common usages and needs. -- ferret (talk) 16:23, 29 July 2020 (UTC)
The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
Moderator's Mail
Latest comment: 4 years ago3 comments2 people in discussion
Can add a bot, else it'd be about 7 lines for me to add to WikiAuthBot or another depending on what features the staff here want. I wouldn't imagine paying for something is a needed answer for such basic code. — IVORKTalk22:52, 2 August 2020 (UTC)
Signpost Discord Channel
Latest comment: 3 years ago3 comments3 people in discussion
I'm not sure how much need there is for a dedicated signpost channel - most signpost discussion takes place within 4 days or so, and there it could just as well go on in the general or en-wiki channels Nosebagbear (talk) 11:09, 1 August 2020 (UTC)
Sensitive information about editors in private chats?
Latest comment: 3 years ago4 comments4 people in discussion
Considering the way private chats are sent to Discord servers, it occurs to me the page may need to explicitly state something to the effect of "don't use this to discuss sensitive information about Wikipedia users, even in private chats". It's easy to forget that even if you switch to a private message to, say, discuss something with an admin/arb/oversighter, that's probably still inappropriate to send via Discord. I'm just thinking about a central point of failure for a large amount of private information. Thoughts? — Rhododendritestalk \\ 14:44, 9 July 2021 (UTC)
Worth discussing, but I would wait for an outcome to the VPP discussion before modifying text in this vicinity. How that discussion closes will heavily influence disclaimer adjustments on this page. -- ferret (talk) 14:50, 9 July 2021 (UTC)
'Sensitive information' is sent over IRC private chats, as well. Arguably it shouldn't be done on any offwiki platform, but maybe we should implement some rules for the storage of information first (eg there is nothing even requiring CUOS to store their notes on WMF private wikis; they can store them on Google Drive or their desktop for all policy says). ProcrastinatingReader (talk) 15:08, 9 July 2021 (UTC)
How is this any different than an e-mail, text message, paper letter or any other messaging platform? It all goes through third party services to transit from the sender to the receiver, there are a dozen points where the "privacy" could be compromised -- from someone reading over a shoulder, to a physical device being compromised, to the ISP and/or nation-state collecting traffic data, to the messaging service being compromised and/or willingly selling data, and double those same risks at the receiving end. Would this page, along with WP:EMAIL, need a warning to users that "anything not whispered quietly into another person's ear or transmitted telepathically may be intercepted or leaked by third parties"? In fact the recipient may be non-secure and leak the information as well, so I guess the warning should be "The only privacy is inside your brain... for now" Ben · Salvidrim!✉05:05, 24 July 2021 (UTC)
Latest comment: 3 years ago11 comments5 people in discussion
Can anyone provide more details on how the authentication process works? Is there a need to trust the WikiAuthBot? isaacl (talk) 20:42, 10 July 2021 (UTC)
What do you mean by "trust the WikiAuthBot"? The bot's method of authentication is WMF OAuth, which it was approved to use. The bot is ran by User:IVORK and is also verified with Discord. -- ferret (talk) 20:51, 10 July 2021 (UTC)
All this page says is to follow the instructions provided by WikiAuthBot, so I don't know how the process works. If someone could provide a description, it would be helpful to understand ahead of time how security is maintained. isaacl (talk) 20:54, 10 July 2021 (UTC)
When you send the message ".auth" in a channel, the bot will direct message you an authentication link. This link will take you to the WMF website and tell you what application (WikiAuthBot) wants to know about your account and what it will be allowed to do. You allow or deny it. If you allow it, WMF tells the bot that you did so, and you are authenticated. This information is also at WikiAuthBot which the page links to. -- ferret (talk) 20:56, 10 July 2021 (UTC)
How the bot's flow works is it uses a general OAuth flow (I'm guessing you're familiar with it), which allows a user to log in on meta.wikimedia.org with their Wikimedia account to authorise the bot's application. Effectively, if there's a successful grant then the bot knows you have control of the Wikimedia account and then gives you a role. You can see a demo flow at https://oauth-hello-world.toolforge.org (ran by Anomie).
The bot is unofficial (ie, not ran by the WMF) and hosted by a community member, so naturally you have to trust the bot and its operator. Whether an OAuth flow even happens is up to the operator, and they're the only person who can verify an OAuth actually happened. They could (ie, they have the technical ability to do it) give a Discord user an 'authentication' of being Isaacl without that user actually being you, and nobody else can verify that. The authentication is effectively just IVORK vouching for the Wikipedia identity of a Discord user.
In terms of grants, WikiAuthBot only asks for permission to access information on all projects of this site on your behalf. No changes will be made with your account. (which I presume is the least invasive grant possible). ProcrastinatingReader (talk) 21:04, 10 July 2021 (UTC)
@Isaacl: When authentication is requested, WikiAuthBot sends a message to the Discord account with a link to Special:OAuth/authorize. The user then permits the bot access to basic account information, and the connection is made between Discord account and Wikipedia account. This essentially works exactly like IRC cloaking requests (as those rely on OAuth as well), except any user of any account age can authenticate themselves, and there is no waiting time for authentication. Chlod (say hi!) 21:03, 10 July 2021 (UTC)
Thanks for both responses! So WikiAuthBot is not given any grants to perform actions on behalf of the user? isaacl (talk) 21:05, 10 July 2021 (UTC)
If you wanted to be very specific, WikiAuthBot requests "User identity verification only, no ability to read pages or act on a user's behalf.", a special grant for OAuth consumers. Chlod (say hi!) 21:13, 10 July 2021 (UTC)
@Isaacl: Hi there, I'm the dev they speak of, just a couple points to aid your queries/the points above. The grant it uses is the least invasive possible and was approved for purpose by Stewards. The bot being verified by Discord (& I having the Verified Bot Developer badge), means that Discord has photo ID of my real identity. I also run other bots, some of which generate income, this all means that misuse of one would mean loss of all & that I'm legally vulnerable to the actions of my bots. Finally, the bot & OAuth redirect is hosted on Toolforge & therefor open source to those that need it.
In terms of the literal process, upon typing .auth, my bot reaches out to the appropriate Wikimedia API (I split it to the language appropriate wiki for the server the command was used on) and open an OAuth 'ticket' which gives back a unique URL, this is passed onto the user, if they log into an account & hit accept within a period of time, they'll be redirected with token arguments to my Toolforge endpoint, the bot receives these, uses the tokens to pull the UserID from the Wikimedia API as well as gender if relevant to the language equivalent of User: & finally assigns roles/posts messages for all guilds the user is in. I only store the on-wiki name of the user against their Discord ID, I don't store the tokens. So even with the read access being granted, it is not persistent access currently. Although I may change that last part due to it meaning users changing names can't be resolved automatically. — IVORKTalk23:27, 11 July 2021 (UTC)
I think it should be made clear at the top of the page attached to this talk page that Discord is non-libre software, not endorsed by the Wikimedia Foundation or aligned with its goals, that there is no way to know exactly what it does once installed, and that it is known to collect data on its users. Obviously, it needs to be worded better than that, but does anyone have any objections to this proposal? Regards, DesertPipeline (talk) 12:04, 25 June 2021 (UTC)
I feel it's a deliberate negative spin. Users can make their own determinations on what software they like to use. The same can be said about IRC in regards to various different clients having unknown functionality after being installed (Let's not fool ourselves, most editors are not programmers and can't verify an open source project, and bunches of them aren't open source anyway), and the ability to collect data, as well as no WMF endorsement or strict alignment with goals, not any true guarantee that the network is being ran responsibly (See, Freenode). The page already denoted that it's an unofficial server. -- ferret (talk) 12:25, 25 June 2021 (UTC)
@Xaosflux: The same absolutely applies to IRC as well. WMF is not in control of the platform. Telegraph, Mumble, Matrix and related pages all need the same. -- ferret (talk) 13:05, 25 June 2021 (UTC)
@Ferret: oh for sure, feel free to reuse that banner on project pages where we suggest editors to leave the site to use such services. — xaosfluxTalk13:09, 25 June 2021 (UTC)
@Xaosflux: I think putting me in that position is a bit unfair given the optics of my involvement in this page, and then to come to IRC or Telegraph pages and add this. -- ferret (talk) 13:31, 25 June 2021 (UTC)
I think it should at least be clearly stated specifically for any non-libre services people use to communicate about Wikipedia (which are 'advertised' here on Wikipedia in this manner) that there are added risks of using such services. Regards, DesertPipeline (talk) 13:22, 25 June 2021 (UTC)
User:Ferret: Can we make a new template which explains the possible risks with a hide/show button? Depending on whether or not the service is libre there should be a parameter for that, which adds to the list of risks if "|libre=no" is added, or something. Regards, DesertPipeline (talk) 13:26, 25 June 2021 (UTC)
I'm not interested in this, I am not an adherent or advocate of libre philosophy. And I'm certainly not interested in the one sided application to just this project page when the same risks apply to all the other side channels including IRC. It is absolutely misleading to suggest to anyone that if a project is "libre" it lacks risks. -- ferret (talk) 13:29, 25 June 2021 (UTC)
User:Ferret: I'm sorry; I miscommunicated. I mean to say that we should make a new template listing the risks of services, libre and non-libre; however, some risks only really apply to non-libre services, so the "|libre=no" parameter would add those risks as applicable and specifically warn people reading the page that the software cannot be audited by the general public to determine that it does only what it should and not what it shouldn't. Regards, DesertPipeline (talk) 13:33, 25 June 2021 (UTC)
DesertPipeline, that would be a very broad area for consideration and doesn't really belong here - it would also be, in policy terms, UNDUE. The nature of your opening comment "[not] aligned with its goals" is also concerning - there's no reason anyone would think they were. Nor does any other organisation at all, even a fully libre one, do so - even Wikimedia's goals are distinct from the WMF's. Nosebagbear (talk) 14:36, 25 June 2021 (UTC)
User:Nosebagbear: I think there at least needs to be a clear warning, to prevent people coming to this page and thinking Discord must be fine because people on Wikipedia are using it. The current notice doesn't really explain what the issue is. I'm not trying to be a nuisance here; I just want people to be informed. Regards, DesertPipeline (talk) 02:50, 26 June 2021 (UTC)
I've seen this page being linked in a few places like the Teahouse. I'm not very comfortable with that. Please can we continue this discussion on adding a suitable warning to this page so that new people on Wikipedia aren't being introduced to Discord here without any warning about its nature? DesertPipeline (talk) 07:30, 9 July 2021 (UTC)
DesertPipeline, I'm not sure what you mean - there is now a clear notice at the top of the page stating that as an external service isn't not subject to the WMF Privacy Policy. firefly ( t · c ) 07:34, 9 July 2021 (UTC)
User:Firefly: The notice currently at the top of the page that you mention isn't, in my opinion, something that would make anyone pause and think "should I really use this?", which is what we want to make them think. I mean no offence to the Wikipedia community on Discord, but if you're going to set up a server on a proprietary communication protocol which is collecting data on its users for a website which is supposed to be against such things, against unethical technology and all its ills, then you have to clearly explain to people what they're getting themselves into if they want to join you. There needs to be a newly-written warning which incorporates the current box's text (so you don't need two boxes) but which concisely and clearly explains the nature of Discord. DesertPipeline (talk) 07:45, 9 July 2021 (UTC)
DesertPipeline, which is what we want to make them think - that may be what you want to make them think, but I doubt the same can be said for the Wikimedia community as a whole. Wikimedia has its own individual goals, which may align with the wider free/libre software movement in some areas, but are not obliged to align in all. Users are free to make their own judgment about what software they do or do not use, and a warning of the kind you want would be giving undue weight to a specific point of view in my opinion. firefly ( t · c ) 08:02, 9 July 2021 (UTC)
User:Firefly: You're right that users are free to make their own judgement. But they should be able to make an informed judgement. That's the only reason I'm requesting this; so that anyone who comes here without initially knowing what Discord is is given the opportunity to make an informed decision, rather than simply going in "blind" so to speak. I've written a first draft for a possible warning on the page, although I think maybe the privacy policy bullet point may be unnecessary now. What do you think? I'm not sure about the wording right now. DesertPipeline (talk) 08:07, 9 July 2021 (UTC)
Discord's privacy policy is better than most companies', tbh, and I don't think they really misuse data. Of course, the use of any website external to Wikipedia is subject to different privacy policies. When you click on a link on a ref, you could go to some malicious site. Links on user profiles, ditto (especially links to personally-controlled web pages, which basically can be used to get specific Wikipedians' IPs). We're not going to start putting up disclaimers everywhere, right? ProcrastinatingReader (talk) 11:18, 9 July 2021 (UTC)
First draft of page warning
First draft of page warning
This program is not developed or endorsed by the Wikimedia Foundation. The Wikimedia Foundation is committed to freedom in computing, in line with the vision of free software. Discord is not free software; there is no way for any third parties to audit its computer code to determine what it does or does not do.
This program does not use end-to-end encryption; all messages sent and received via Discord can be intercepted and viewed by third parties.
Also, this message can be adapted for all other pages with external communication platforms. For instance, with IRC, the second bullet point would apply. The first could be changed to specify that some IRC clients are free software and some are not. DesertPipeline (talk) 08:14, 9 July 2021 (UTC)
DesertPipeline, I maintain that a warning along those lines would be giving undue weight to one particular opinion. I also very much do not like the idea of saying that "the WMF is committed" to something unilaterally. As I said before, the Wikimedia community is not obliged to align with the wider free software movement. This to me feels entirely like a solution looking for a problem. firefly ( t · c ) 08:18, 9 July 2021 (UTC)
This is a third-party program; neither the Wikimedia Foundation nor the Wikipedia community, nor any other Wikimedia community, have any involvement with its development.
This program is not free (libre) software; there is no way for any third parties to audit its source code to determine what it does or does not do.
This program does not use end-to-end encryption; all messages sent and received via Discord can be intercepted and viewed by third parties.
Note: This draft was updated at 10:16, 9 July 2021 (UTC) to replace the wikilink "computer code" with "source code", which is more appropriate.
Note 2: This draft was updated at 10:24, 9 July 2021 (UTC) to clarify that the Wikipedia community and other Wikimedia communities have no involvement either
Oppose. Hi DP. Long time no see. I see you are still making pro-libre edits. But to the point at hand: I do not find any notices about this to be necessary. Notices should be reserved for information that the average reader will be interested in. A prominent reminder that installing software not written by yourself comes with a minuscule chance of something bad happening is, in my opinion, not necessary. –Novem Linguae (talk) 08:28, 9 July 2021 (UTC)
User:Novem Linguae: There's nothing wrong with installing software written by others; that is, if you can find out what it does and doesn't do. The warning is simply intended to allow people coming here without prior knowledge to make an informed decision about whether or not to use the program. DesertPipeline (talk) 08:30, 9 July 2021 (UTC)
Discord (and similar systems) are more than just a "program" - that may make it seem that you are talking about a specific client application; "system" is better for things like talking about the privacy policy. — xaosfluxTalk10:25, 9 July 2021 (UTC)
User:Xaosflux: "System" doesn't sound right to me. Maybe "service" or "communication platform"? Or maybe "communication system". "System" by itself just doesn't seem to fit the context in my opinion. DesertPipeline (talk) 10:27, 9 July 2021 (UTC)
The only part I'm concerned with is the "WMF Privacy Policy" part, because we already got some support from WMF for This external system is not subject to the WMF Privacy Policy. in other locations. I'm not really concerned with the other lines about software/programs/systems/etc. If "external system" isn't descriptive enough (how?) in this specific case "external communications system" seems OK as the clients and programs in this case are always part of the same system (as opposed to IRC for example). — xaosfluxTalk10:44, 9 July 2021 (UTC)
User:Xaosflux: How is this one then? I specified "Discord client distributed by the developers of the Discord communication system" because I presume there are free software clients out there. I'm not actually sure about that, though. Also, is "third-party communication system" sufficient? Or should "external" be specified too? DesertPipeline (talk) 10:49, 9 July 2021 (UTC)
This is a third-party communication system; neither the Wikimedia Foundation nor the Wikipedia community, nor any other Wikimedia community, have any involvement with its development.
The Discord client distributed by the developers of the Discord communication system, and the Discord server backend, are not free (libre) software; there is no way for any third parties to audit the source code to determine what they do or do not do. Other Discord clients may or may not be free (libre) software.
This communication system does not encrypt messages stored on its servers; all messages sent and received via Discord can be viewed by Discord staff and may be shared with third parties.
Note 1: Draft 3 updated at 12:46, 9 July 2021 (UTC) to clarify encryption
Note 2: Draft 3 updated 12:51, 9 July 2021 (UTC) to clarify encryption further
Possible merge of first and fourth bullet points
This is a third-party communication system; neither the Wikimedia Foundation nor the Wikipedia community, nor any other Wikimedia community, have any involvement with its development. It is not subject to the WMF Privacy Policy.
The Discord client distributed by the developers of the Discord communication system, and the Discord server backend, are not free (libre) software; there is no way for any third parties to audit the source code to determine what they do or do not do. Other Discord clients may or may not be free (libre) software.
This communication system does not encrypt messages stored on its servers; all messages sent and received via Discord can be viewed by Discord staff and may be shared with third parties.
"external" seems OK to leave off of this one, as it is obvious that it is external to users. (That privacy verbiage came from cases where it may not be as obvious such as in Gadgets). — xaosfluxTalk10:52, 9 July 2021 (UTC)
DesertPipeline, I still think it's undue to be giving such a warning, and still view this as a solution looking for a problem, but ultimately I don't care enough either way. firefly ( t · c ) 11:17, 9 July 2021 (UTC)
DesertPipeline, sorry, see WP:UNDUE. I realise that's an article guideline, but I feel the same logic applies here. We would be giving undue weight to one particular opinion (that non-libre software is in some way undesirable / that libre software is preferable) by having that notice at the top of the article. firefly ( t · c ) 11:25, 9 July 2021 (UTC)
User:Firefly: The way I see it, the notice is only stating things that are true and which someone should consider before deciding whether or not to use it. I think this notice should also be added to any other page about an external communication system, but tailored to its context (like I mentioned before with IRC). It may seem like I'm trying to "attack" the Discord page, but I promise you that I'm not – I only want to add this notice because I believe it would be helpful. Do you think my rationale is fair? DesertPipeline (talk) 11:33, 9 July 2021 (UTC)
DesertPipeline, I've never thought that you're singling out Discord in particular (you've said above that you think the notice should be added to any page for an external service). I just disagree that we should / need to 'warn' people about such things in any event, particularly given that (to my knowledge) you are the only person who has expressed such views so far and they do not appear to represent general consensus. firefly ( t · c ) 12:20, 9 July 2021 (UTC)
User:Firefly: Would you agree with my point about how people should be able to make an informed choice, though? Currently I'd say that they can't because the page doesn't indicate these things. That's why I believe the notice is necessary. What are your thoughts? DesertPipeline (talk) 12:32, 9 July 2021 (UTC)
DesertPipeline, there is a link to Discord (software) at the top of the article. I think it's entirely reasonable to expect anyone - particularly Wikipedians - unfamiliar with the software to click the link and make a judgment that way without a specific "warning". firefly ( t · c ) 12:47, 9 July 2021 (UTC)
User:Firefly: I'm more concerned about people who don't frequent Wikipedia and might not think to read the article. Looking at it though, it doesn't even mention the things that this notice would. The Controversies section even states "the... privacy offered by Discord" (which makes me wonder: what privacy?) DesertPipeline (talk) 12:59, 9 July 2021 (UTC)
DesertPipeline, ah okay I see what you're getting at. I still think that expecting people to read the article (or do their own research!) if they're unsure is reasonable, and a "here be dragons" warning is undue, but I think we should 'agree to disagree' here. firefly ( t · c ) 13:26, 9 July 2021 (UTC)
User:Firefly: Well, yes, it would be nice if people would do their own research, but as you say, the requirement for them to do that would be to be unsure about it. I think most people don't think about these sorts of things. Considering Wikipedia is built on the free-as-in-freedom concept, it only seems fair to me that we encourage people to think about things when we can. DesertPipeline (talk) 13:32, 9 July 2021 (UTC)
DesertPipeline the point of "UNDUE" (applied here) means that The way I see it, the notice is only stating things that are true isn't the relevant bit. Depending on your wording, it would definitely be true. The issue is that it would be given stress it neither deserves nor warrants. Nosebagbear (talk) 12:27, 9 July 2021 (UTC)
(edit conflict) For the warning you propose, coupled with the placement, it would need to be a) the most important facet of the use of a Wikipedia Discord, which it in no way is, to deserve it and b) Actually be a significant threat and not be obvious to general users, to warrant it (neither of which, to me, is the case). Nosebagbear (talk) 12:44, 9 July 2021 (UTC)
User:Nosebagbear: So why do you feel it is not a significant threat, nor non-obvious? What I'm talking about is people being linked this page from another area on Wikipedia and having had no knowledge of Discord before they come here. They might not think to do any research before they decide to use it. DesertPipeline (talk) 12:49, 9 July 2021 (UTC)
Firstly, we haven't seen any indication of individuals who have so little awareness on the Discord that they didn't know it was private software before clicking on the invite link. Secondly, your reasoning for why libre software is safer wouldn't hold-up if individuals are the type of blindly join a platform they certainly would neither be the type to utilise an ability to check over the information available for libre software - or even care about that not being the case for private software. I don't believe it's a significant threat because there's no indication that Discord's software has done things it shouldn't do, nor is that likely to change in the near future. It's not obvious because I don't see any indication that users are joining Discord without awareness that it's a company using proprietary source code. Nosebagbear (talk) 13:37, 9 July 2021 (UTC)
User:Nosebagbear: Regarding your usage of the term "private software": that isn't a related concept. Software is "private" when only certain people can get copies; it may or may not be libre.
Regarding "libre software is safer": that's not what I'm saying. There is certainly the opportunity for the community around a piece of software to verify that it's safe to use (and fix it if it's not) if it's libre software; no such opportunity exists with non-libre software, of course. That doesn't mean it is automatically, but at least you're not required to merely trust the developers.
Regarding "it hasn't done things it shouldn't": well, it collects data on people. It sells that data. It can determine what else is running on a computer it's running on. It automatically updates itself with no option to go back to, or continue using, a previous version. I would say that all of these things are things it shouldn't do. And of course, this is only what we know it does. That's the problem with non-libre software: you can't possibly know exactly what it's doing.
In fact, I think I'm being too lenient on it by not mentioning the fact that it knows what else is running on a computer it's running on in the notice. DesertPipeline (talk) 13:46, 9 July 2021 (UTC)
Addendum: Essentially all the notice is saying is that it's unrelated to Wikipedia and the WMF, it's not possible to know what it does, and messages are stored on their servers unencrypted. I think these are reasonable things to inform people about before they decide to use it. DesertPipeline (talk) 14:36, 9 July 2021 (UTC)
Opposed I gave my views before, and Firefly and Nosebagbear have re-iterated, but if I don't say something it'll be taken as silent assent. Whether it's "technically" true or not, this amounts to a kind of "smear campaign" on non-libre software. The ultimate goal and drive is a scare tactic. Barring any major controversy or issue with Discord's privacy rules, it's UNDUE. And it's not even true per se. The line about end-to-end encryption is patently fear mongering. While true it's not end-to-end encrypted, to state all messages can be intercepted? No, it's still encrypted in transit to and from Discord. -- ferret (talk) 12:42, 9 July 2021 (UTC)
User:Ferret: It's not a scare tactic; it's allowing for an informed decision to be made, rather than not telling anyone anything about what they're about to get themselves into. Regarding the encryption part, I wasn't aware of that. I'll change it. DesertPipeline (talk) 12:46, 9 July 2021 (UTC)
Still opposed, and will remain opposed. Why aren't you making the same arguments for IRC? I brought this up from the start. Everything you've stated here essentially applies there. -- ferret (talk) 12:50, 9 July 2021 (UTC)
I've modified the notice again. It seems it's not as readable on the page with the yellow outline, so I swapped it out. I also changed the icon to an orange information icon. The previous wording was a bit ambiguous, so I changed the wording to fix that. DesertPipeline (talk) 15:19, 9 July 2021 (UTC)
Fourth draft of page warning
Fourth draft of page warning
Discord is a third-party communication system; neither the Wikimedia Foundation nor the Wikipedia community, nor any other Wikimedia community, have any involvement with its development. It is not subject to the WMF Privacy Policy.
The Discord client distributed by the developers of the Discord communication system, and the Discord server backend, are not free (libre) software; there is no way for any third parties to audit the source code to determine what they do or do not do. Other Discord clients may or may not be free (libre) software.
Discord does not encrypt messages stored on its servers; all messages sent and received via Discord can be viewed by Discord staff and may be shared with third parties.
Note 1: Changed to {{ombox}} to demonstrate how the notice will look on the page (15:22, 9 July 2021 (UTC)).
Attempt to clarify encryption
Discord is a third-party communication system; neither the Wikimedia Foundation nor the Wikipedia community, nor any other Wikimedia community, have any involvement with its development. It is not subject to the WMF Privacy Policy.
The Discord client distributed by the developers of the Discord communication system, and the Discord server backend, are not free (libre) software; there is no way for any third parties to audit the source code to determine what they do or do not do. Other Discord clients may or may not be free (libre) software.
Discord does not encrypt messages stored on its servers in such a way that they can only be read by message senders and recipients; all messages sent and received via Discord can be viewed by Discord staff and may be shared with third parties.
I'm very convinced that this is a scare tactic or at least an attempt at discrediting the usage of Discord. Anyone who uses the platform should have read Discord's Terms of Service and Privacy Policy, clearly linked when you register. The last bullet point is just a gigantic scare itself. Discord's Trust and Safety team, fully composed of Discord employees and not outsourced to third parties, logs access to message logs — and also don't snoop in channels to check message logs, instead relying on reports from users to do so (making their moderation practices reactive than proactive).[1] Messages are not shared with third parties unless compliant with their privacy policy (in which it clarifies that Discord data stays on Discord).[2]Chlod (say hi!) 07:17, 10 July 2021 (UTC)
In addition to this, how are you sure that messages aren't encrypted? Sure, they're not end-to-end encrypted, which has an entirely different meaning from "encrypted". What's to say that their databases aren't on encrypted drives or (physical) servers? Chlod (say hi!) 07:19, 10 July 2021 (UTC)
User:Chlod: I don't understand why you think this is a scare tactic. Its only intent is to make people stop and think about what they're doing – something that we should all do as often as possible. These are things that they should take into account before deciding to use Discord. It should be clearly mentioned.
Discord may or may not give access to its data to third parties; we can't know. Proper encryption means that only people involved in a message can read it – as in, the sender and the receiver. Maybe they do encrypt the data they store on their hard drives; but it's not encrypted in such a way that they can't access it. If that part of the message box needs to be worded better, please feel free to give suggestions.
I don't want to seem rude, but I can't understand the opposition to this. I don't see what I'm requesting as being harmful in any way. People making informed decisions is never a bad thing; we should encourage it. Do you agree or disagree with that? If you agree, what do you consider different about this specific context to oppose my suggestion? DesertPipeline (talk) 08:44, 10 July 2021 (UTC)
Addendum: And as an aside, I don't think it's possible to "discredit" a communication system where the developers are asking for your blind trust; something that can only ever benefit the developers and not the people using it. Saying "discredit" implies that there was ever any reason to view it positively. Don't trust; verify. If you can't verify, take your business elsewhere. DesertPipeline (talk) 08:53, 10 July 2021 (UTC)
Addendum 2: Although I'm not saying "you have to always verify"; just that if it's not possible to verify, don't use whatever it is. With any popular program, service, etc, there'll be other people verifying it anyway if they can. DesertPipeline (talk) 08:55, 10 July 2021 (UTC)
I don't want to seem rude, but I can't understand the opposition to this. I don't see what I'm requesting as being harmful in any way. People making informed decisions is never a bad thing; we should encourage it. The average person doesn't care about avoiding proprietary products, programs, companies, software, etc. Even the average developer doesn't care about tending towards GPL and away from MIT. If you read an example of how one can use the internet while fully avoiding these things, it's absurdist.
The warning isn't a meaningful or good use of the attention or "capacity for worry" in the average audience member who'll read it. If someone's interest is piqued and they read through precisely what "libre" is, or what the difference is between client side and server side source code, they'll come to a simple conclusion like "oh well that was a silly warning, my gmail is just like that, so is my facebook messenger".
If someone knows/cares about avoiding proprietary programs, this warning is moot. If someone doesn't care, I'm not sure this is a good time/place/manner/venue to inform people about the benefits of libre software, because in the end the effect would be a "oh, perhaps I should avoid chatting with these Wikipedia people, this software doesn't respect my freedoms". i.e. the scenario in which this new page warning does its job is one where a wiki user is turned away from the Discord community. (That would be different if there were an alternative presented though. For example, if there was a libre client for Discord with E2EE that could be offered instead, this warning would make more sense. Or if there were an alternate similarly-trafficked chat platform with all libre software.) Leijurv (talk) 09:20, 10 July 2021 (UTC)
Just wanted to add one thing: end to end encryption would be an anti-feature. It's a feature not a bug of Discord that new members can join the Wikimedia discord and read the chat history. It's meant to be a public chat space, not a private one. That makes it particularly not worth frightening people with a confusing warning for something that they wouldn't even want in this context. Leijurv (talk) 09:27, 10 July 2021 (UTC)
User:LeijurvIf you read an example of how one can use the internet while fully avoiding these things, it's absurdist.
Absolutely; it is absurd the effort we have to make simply to try to stop others from mistreating us. If only something could be done about that – like rejecting such things at a societal level. Maybe if the technology we used was actually built on ethical principles, this wouldn't be a problem. Unfortunately, it's not. So people need to act to change it. Otherwise, nothing's going to get better. And saying "it's too difficult to change it; why try?" is defeatist. Obviously we will automatically fail with such an attitude.
The warning isn't a meaningful or good use of the attention or "capacity for worry" in the average audience member who'll read it. If someone's interest is piqued and they read through precisely what "libre" is, or what the difference is between client side and server side source code, they'll come to a simple conclusion like "oh well that was a silly warning, my gmail is just like that, so is my facebook messenger".
Maybe so. But at least they'll be informed. At least they'll now be accepting a stated risk, rather than going blindly into it. I'd rather they didn't, but that's not the intention of the notice.
the scenario in which this new page warning does its job is one where a wiki user is turned away from the Discord community
The intention of the warning is to inform them. If they want to choose to use it after being informed, at least they know what they're getting into.
Or if there were an alternate similarly-trafficked chat platform with all libre software
"Similiarly-trafficked" isn't going to occur unless people understand why they shouldn't use communication systems which don't respect them, don't encrypt their messages so that only people who should be reading the messages can do so, and spy on their every move. People won't understand unless we try to explain. Ignoring the problem won't make it go away – it'll make things worse.
end to end encryption would be an anti-feature. It's a feature not a bug of Discord that new members can join the Wikimedia discord and read the chat history.
The purpose of encryption is to prevent people who shouldn't be able to see a message from seeing it. For instance, in a public chat room, the messages should be encrypted so that only people in the room can read a message. If you join the server, you'll be able to see the messages. The intent is to stop those running the communication system from just pulling data from all rooms/channels/etc running on the communication system because the messages are stored on the communication system maintainer's servers either unencrypted or encrypted with a key the maintainer knows. It also means that people can't just crack into the communication system's servers and gather information from it. Obviously, in a public room, someone can just join and copy the messages – but that's no reason to not use encryption so that anyone who doesn't can't just get the data anyway. DesertPipeline (talk) 10:20, 10 July 2021 (UTC)
And saying "it's too difficult to change it; why try?" is defeatist. Not quite. For example, I develop (rather popular) software that's released under LGPL and I try and convince others to do the same, or even GPL/AGPL. I'd consider that advocacy on my part. The place where defeatism comes in is onwiki. I think you need to take a good look at WP:RGW, WP:SOAP, and WP:ADVOCACY. So it's more of a "Wikipedia is not the place to advocate for changing it, so why try?" which you can call defeatist if you want, but I just call it good policy.
Obviously, in a public room, someone can just join and copy the messages – but that's no reason to not use encryption so that anyone who doesn't can't just get the data anyway. I think you're messing with me, public means public. The point of the Discord is that anyone can join and read the entire history. There aren't any people who shouldn't be able to see a message.
Maybe so. But at least they'll be informed. Well the "maybe so" is rather important. I argue that even if Wikipedia were a tool for advocacy, putting that warning there would be a particularly ineffective way of advancing the goals of libre software. Leijurv (talk) 20:14, 10 July 2021 (UTC)
User:Leijurv: People who shouldn't be able to see a message would be those who aren't in the room. The main point is to prevent messages from being stored on Discord's servers in a way where they can read them without any action. DesertPipeline (talk) 03:08, 11 July 2021 (UTC)
Again, public rooms are intended, by design, to allow anyone to read their contents. This is inherently opposed to the idea of E2EE. In fact, you can't have both permissionless entry, and encrypted data. If the key is instantly accessible to anyone and everyone upon request, the data isn't truly encrypted. If the key is not accessible as such, the room is not truly public. But this is a diverging branch, I'll go to #l-lowerdown. Leijurv (talk) 03:27, 11 July 2021 (UTC)
(edit conflict) The scaremongering insinuating that Discord can read your messages at any moment or that the Discord software installed on devices does some sneaky spying is completely undue, and leans on the side of doubting their practices. Four users on this very thread have all agreed that a warning is undue. At this point, I'm wondering why drafts are still being made to compromise despite the lack of consensus to back up the inclusion of one, regardless of how it's written. You might make me compromise by literring that warning with [citation needed] tags though.
I can't help but think "Discord may or may not give access to its data to third parties; we can't know." accuses Discord of violating their own privacy policy, which is illegal in Discord's state of jurisdiction. There's very specific details that indicate when information is showed to third parties. What is "proper encryption" in your words is "proper" exclusively to you. There is no golden standard that stipulates all messaging service requires end-to-end encryption. One can even make the argument that the mere HTTPS connection formed by the Discord client when connecting to the Discord server is already a form of encryption.
Not everything related to Wikipedia needs to be libre and I'm very sure that we don't need to add warnings every time a service uses non-free software. Don't trust proprietary programs? Then don't. Everyone passing by this page doesn't need to conform to that mindset. The only thing I agree with here is a disclosure that the WMF does not control Discord, nor its servers, which is already provided in the first section.
I suggest you stop beating the dead horse and move on. It's not our responsibility to tell users to read terms of services and privacy policies — they have all the chance to make an informed decision when they register and see the very clear text: By registering, you agree to Discord's Terms of Service and Privacy Policy. We're Wikipedians, not lawyers. We don't need disclaimers for every non-WMF-hosted service. Chlod (say hi!) 09:23, 10 July 2021 (UTC)
User:ChlodThe scaremongering insinuating that Discord can read your messages at any moment or that the Discord software installed on devices does some sneaky spying is completely undue, and leans on the side of doubting their practice
I absolutely doubt their practice. Because it's impossible for me to verify what they're doing. Blind trust is a bad thing. Also, statements that are true are not "scaremongering". They can and do read messages that you send and receive via the communication system. That's what happens when you communicate via a communication system which doesn't encrypt your messages with a key only you know – you essentially give them permission to spy on you. Why take such an unnecessary risk? It's like not wearing a seatbelt when driving your car.
Four users on this very thread have all agreed that a warning is undue
Which is why I'm grateful that Wikipedia is not a democracy; the majority opinion is not always the correct one.
I can't help but think "Discord may or may not give access to its data to third parties; we can't know." accuses Discord of violating their own privacy policy, which is illegal in Discord's state of jurisdiction
Do you think that companies are incapable of doing things which are against the law? Plenty before have committed unethical or outright illegal acts in the past; plenty more will continue to do things until we actually make positive changes.
There's very specific details that indicate when information is showed to third parties
And what if the idea of them even having the data to show to third parties is illegitimate? They shouldn't be collecting it in the first place; we shouldn't be allowing them to. And quite frankly I don't trust a company which distributes proprietary software on its word. They can say whatever they like in their "privacy policy"; but when the people using their communication system can't keep them in check, there's no guarantee that they're abiding by it.
There is no golden standard that stipulates all messaging service requires end-to-end encryption
But that doesn't mean there shouldn't be one. And quite honestly I don't know why anyone wouldn't want such a thing.
One can even make the argument that the mere HTTPS connection formed by the Discord client when connecting to the Discord server is already a form of encryption
HTTPS only secures your connection from and to the Discord servers. Once the data is on their servers, they have access to it. This is not necessary nor reasonable, and I don't know why anyone would think otherwise. People are usually good at avoiding things which are harmful to them; so why in some cases does that fail? Why do you want to use a communication system like this? There is no possible benefit to the people using an insecure, non-libre communication system. It can only ever benefit the developers, who are being given every opportunity to mistreat the people who use their communication system.
Not everything related to Wikipedia needs to be libre and I'm very sure that we don't need to add warnings every time a service uses non-free software
You are essentially saying "not everything needs to be ethical". I disagree. Ethics is the one thing we need more of; not less. If you want to hurt yourself, then that's none of my business; although I'd much prefer you didn't. But when what you're doing hurts everyone else by extension? I can't be expected to ignore that. And I won't. DesertPipeline (talk) 10:20, 10 July 2021 (UTC)
Thanks for the bludgeon. I wasn't talking about a democracy, there's no consensus for this. I'm not going to entertain this further. I suggest you do the same. Chlod (say hi!) 10:25, 10 July 2021 (UTC)
Refuted with facts and details. What I see here are conspiracies accusing a company of spying, illegal data collection, violating California privacy law, among others. Wikipedia does not entertain unsourced claims, and this discussion won't proceed unless you have solid evidence of what you're accusing. Chlod (say hi!) 10:45, 10 July 2021 (UTC)
User:Chlod: The fact of the matter is that they are capable of doing these things. I know that they have done them, but I don't know where I could find citations for such things – I don't like visiting websites I haven't visited before. But whether or not they have is irrelevant to this; the warning is simply stating verifiable truths: That Discord is unrelated to Wikipedia and the WMF (etc), that it is non-libre software, and that messages are not encrypted with a key not possessed by Discord. DesertPipeline (talk) 10:48, 10 July 2021 (UTC)
User:Chlod: There is not consensus not to include it. This discussion has gone completely off-topic and people aren't listening to what I'm saying. Reasons to oppose have to be valid. You can't just talk about things that don't apply and then pretend something can't be done because you argued around the point rather than discussing the point itself. Nobody here has given any reason that this warning should not exist which I haven't refuted. DesertPipeline (talk) 10:56, 10 July 2021 (UTC)
Also, statements that are true are not "scaremongering". No, true statements can absolutely be scaremongering. Look up the definition. For example, if every link to Wikimedia Commons popped up a big red banner saying "This project has been accused by credible sources of hosting child pornography hentai", that would be true, but still scaremongering, and it wouldn't be a good idea.
Once the data is on their servers, they have access to it. This is not necessary nor reasonable, and I don't know why anyone would think otherwise. People are usually good at avoiding things which are harmful to them; so why in some cases does that fail? Why do you want to use a communication system like this? There is no possible benefit to the people using an insecure, non-libre communication system. Now I'm curious. Could you please describe how E2EE could/would/should work for Wikipedia's use case? Recall that brand new users (who have never participated in a key signing party or anything of the sort) need to be able to join the Wikipedia chat space and read all its history, no one explicitly gives them permission to do so. How could an E2EE scheme work there, that allows anyone to join and read the messages, but somehow still prohibits Discord from reading the messages? Leijurv (talk) 20:34, 10 July 2021 (UTC)
User:LeijurvHow could an E2EE scheme work there, that allows anyone to join and read the messages, but somehow still prohibits Discord from reading the messages?
I don't know the specifics of encryption, but anyone who joined the server would be sent the key so they can read messages. Like I said, it doesn't prevent Discord staff from joining the server themselves and storing all messages sent in the server that way, but at least it's not "the messages are stored on Discord's servers without encryption, or with encryption with a key that Discord knows". Personally I would say that peer-to-peer communication is better, because it eliminates trusting a central server. DesertPipeline (talk) 02:57, 11 July 2021 (UTC)
Yeah that's what I thought, your criticism in this case is uninformed. anyone who joined the server would be sent the key so they can read messages Who sends them the key? Is that key publicly available to all? Including to Discord? Defeats the point. (How could a key be instantly publicly accessible without needing permission to any one who wishes to join the room, but not accessible to Discord? Since you imply it's unacceptable to use encryption with a key that Discord knows) Sometimes, public communication is intended as such, to be public. Leijurv (talk) 03:24, 11 July 2021 (UTC)
You could make an argument to add a link to the Discord privacy policy to the existing banner. That's really as much as I'm willing to compromise. The rest is just completely undue in my eyes (and, per others' comments, their eyes as well). Chlod (say hi!) 09:31, 10 July 2021 (UTC)
(edit conflict) The world will tremble when DesertPipeline realizes just how many pages on Wikipedia already have external links to websites served by proprietary backend software.... perhaps even causing an unsuspecting Wikipedia reader's browser to download and execute nonfree JavaScript upon loading the page! And there are no warnings beforehand to allow them to make an informed decision on whether to click each external link, whether each such link will respect the four essential freedoms of software! Leijurv (talk) 09:32, 10 July 2021 (UTC)
Sorry, you're agreeing with the thing I said as a joke? That a warning should be presented to Wikipedia readers whenever they click an external link, that loading the following page could cause their browser to download and execute nonfree JavaScript? That's absolutely not in their interest. I'd say you should go read about alarm fatigue. People aren't idealized robotic conceptions of libre software optimizing decision making engines. That would be a counterproductive annoyance. Leijurv (talk) 20:17, 10 July 2021 (UTC)
This kind of warning would apply to basically everything one does online. Are we gonna add disclaimers to WP:EMAIL, Help:User talk; after all, Wikipedia cannot guarantee that your ISP is not monitoring your traffic or that your computer isn't compromised, and Wikimedia server sysops thechnically would be able to pry into anything that goes on the websites. In the end, Discord is no better or worse than any other app one uses online, relatively speaking. Nothing is ever truly privately secure. That's the compromise of the modern world in exchange for the growth of technology. Ben · Salvidrim!✉10:16, 10 July 2021 (UTC)
User:Salvidrim: That's the compromise of the modern world in exchange for the growth of technology
Such a "compromise" is not necessary or acceptable. Stop accepting it; only then will things change. You will effect no positive change with such an attitude. Please rethink this. DesertPipeline (talk) 10:25, 10 July 2021 (UTC)
You will effect no positive change with such an attitude. Please rethink this.
You will effect no positive change with such an attitude. Please rethink this.
You will effect no positive change with such an attitude. Please rethink this.
The following discussion has been closed. Please do not modify it.
Have you ever wondered what it feels like to watch someone repeatedly smash their head against a brick wall? Well, it probably feels a lot better than watching someone smash their own head, plus everyone else's, against a brick wall at the same time. DesertPipeline (talk) 10:39, 10 July 2021 (UTC)
"Have you ever wondered what it feels like to watch someone repeatedly smash their head against a brick wall?" I no longer have to wonder after seeing you in this thread! Ben · Salvidrim!✉10:41, 10 July 2021 (UTC)
How can I make this more clear? Stop hurting yourself. Stop hurting others in the process of hurting yourself. Think rationally and always try to do what is right. DesertPipeline (talk) 10:43, 10 July 2021 (UTC)
Good morning. Re-iterating my Oppose just in case there's any doubt that because I haven't replied to the multiple drafts since my last oppose, I now accept it. Please stop attempting to Wikipedia:Right great wrongs. -- ferret (talk) 14:25, 10 July 2021 (UTC)
Likewise opposed to this new idea of adding these banners everywhere for the same reasons as above. firefly ( t · c ) 17:31, 10 July 2021 (UTC)
Is this warning useful to people visiting this page?
Warning draft candidate for use
Discord is a third-party communication system; neither the Wikimedia Foundation nor the Wikipedia community, nor any other Wikimedia community, have any involvement with its development. It is not subject to the WMF Privacy Policy.
The Discord client distributed by the developers of the Discord communication system, and the Discord server backend, are not free (libre) software; there is no way for any third parties to audit the source code to determine what they do or do not do. Other Discord clients may or may not be free (libre) software.
Discord does not encrypt messages stored on its servers in such a way that they can only be read by message senders and recipients; all messages sent and received via Discord can be viewed by Discord staff and may be shared with third parties.
As the above went so far off the topic, I'm starting a new section. If you don't want this warning on this page, then please give a reason below why you feel this warning is not useful to people visiting this page. If someone else gives a similar reason, please mention what changes you would make to their reason in a reply rather than adding a new reason. If I am able to refute your reason, please think about what I said and consider whether or not it is valid – not whether or not you like it.
I know people here don't want this change; but that does not necessarily mean it should not happen. Please judge opinions based on their merits, rather than on your own personal views. If I say something which is correct, please acknowledge that. I will do the same for you.
Also, I will not respond to anything which goes off the topic (examples: debating whether or not libre software is good, debating whether or not Discord upholds its word, debating whether encryption where the communication system does not have the key is good).
Add a new section with four equal signs either side for your comment; put it below other existing sections. Please name the section "Oppose rationale by [your username]". DesertPipeline (talk) 02:57, 11 July 2021 (UTC)
Oppose rationale by ferret
Opposed And no, I'm not re-stating my reasons yet again. Put the stick down, the horse has no blood left. -- ferret (talk) 03:04, 11 July 2021 (UTC)
User:Ferret: If you won't state a reason for opposition, then your opposition isn't valid. This isn't a vote. You don't get to say "no" and that's the end of it. You say "no, and here's why". And then if I can't refute what you said, your argument is more likely to be the correct one. DesertPipeline (talk) 03:10, 11 July 2021 (UTC)
I've already stated my rationale, you just don't like it. This is a scare tactic against non-libre software that you disagree with philosophically, which does not represent the general community views. It does not represent a DUE WEIGHT view. If you truly cared about this, you'd be pushing a broader effort to label all such articles, external links, and so forth in this manner. But instead you're attempting to strong arm this one tiny corner, with an unnecessary flashing lights warning. The pertinent information is already provided to the reader. And thus far, essentially every participant has agreed with me on these points, which is the basis of a consensus. You don't get to force me to continually re-engage and re-state it over and over hoping that I'll forget or miss it. At some point, continuously restarting this discussion and trying to reset it over and over to get your way is disruptive. -- ferret (talk) 03:19, 11 July 2021 (UTC)
This is a scare tactic against non-libre software
Giving people fair warning that they will have no control over a program running on their own computer is not a scare tactic. It is objective fact that you allow yourself to be mistreated by using non-libre software; if someone else is controlling software running on your computer, you are forced to trust them and hope they don't abuse said trust.
If you truly cared about this, you'd be pushing a broader effort to label all such articles
As soon as this discussion is over I will be moving on to other areas that need similar warnings.
You don't get to force me to continually re-engage and re-state it over and over hoping that I'll forget or miss it
I'm not asking you to restate anything. Please answer the question this subsection poses: Is this warning helpful to readers? If not, why not? After this message that is the only point I will respond to. DesertPipeline (talk) 03:26, 11 July 2021 (UTC)
If such warnings were helpful or necessary to the readers or a general goal of the Wikipedia community, they would already exist. This warning is NOT helpful to readers. The goal of the warning is to discourage use and present extremely unlikely risks as if they are severe and regularly causing hardship and injury to users. This simply isn't the case, and any argument that it is remains rooted in your libre philosophy. You don't get to declare your philosophy to be objective fact and say the rest of us are just spouting opinions. I will not reply to any refute you provide, as there's little point in arguing philosophical views. And no, that doesn't invalidate my position. -- ferret (talk) 03:36, 11 July 2021 (UTC)
If such warnings were helpful or necessary to the readers or a general goal of the Wikipedia community, they would already exist.
User:Ferret: That presumes that people always do what is in their best interests – the mere fact that non-libre software is used, and that the majority do not even consider it a threat to use it, demonstrates this to be false. If your argument were correct, we wouldn't be having this discussion, because this problem wouldn't exist.
The goal of the warning is to discourage use and present extremely unlikely risks as if they are severe and regularly causing hardship and injury to users
There is no false representation of risk. The warning is saying that the software is non-libre, not that the Discord staff are definitely going to abuse their position of power. It is saying they have unnecessary power, not that they will use their unnecessary power; however, they have already used it. I'm not even trying to state that part in the warning. DesertPipeline (talk) 03:59, 11 July 2021 (UTC)
Oppose rationale by Leijurv
Oppose all, and particularly strongly opposed to the third bullet point on E2EE, my rationale can be found at Special:Diff/1033020948 and Special:Diff/1033021237. I agree with ferret on the other points, it is unreasonable to repeatedly "refresh" this discussion and suggest that people's votes aren't valid unless they restate their position. Leijurv (talk) 03:31, 11 July 2021 (UTC)
Moving goal posts and trying to create logical argument traps isn't going to change anything. The current reframing of the discussion is meant to make the opposer look bad by making them argue for the "unhelpful" position. It's meant to put them on the spot. -- ferret (talk) 03:38, 11 July 2021 (UTC)
Refer to Special:Diff/1032974332. The warning does not bring up a meaningful concern. See the first paragraph of Special:Diff/1032976729 about Wikimedia Commons. It's WP:UNDUE weight. A warning becomes unhelpful if it is misleading to the reader. In this context, it is misleading since they will be incorrectly led to believe that Discord is particularly nefarious, dangerous, or has a bad reputation (when compared to other links on Wikipedia with no such warning). Leijurv (talk) 04:08, 11 July 2021 (UTC)
Oppose rationale by TarkusAB
Oppose The warning suggests that using Discord is dangerous and there may be malicious intent on Discord's part, both of which there is no basis in. Most people with a clue know that internet activity is being monitored everywhere. NSA, PRISM, etc. You could apply this warning to every external link on the site. True privacy advocates keep to themselves and know to use an encrypted chat service that runs over Tor. TarkusABtalk/contrib05:48, 11 July 2021 (UTC)
User:TarkusAB: It does not state that; it states that Discord is non-libre (true, and allows for mistreatment – and is mistreatment in and of itself, because it prohibits you from having control over your own computer and what's running on it), that messages are not encrypted with a key Discord does not know (true, and allows them to spy on people), and that it uses a client–server model (true, and also facilitates spying). Where is the lack of basis? DesertPipeline (talk) 05:54, 11 July 2021 (UTC)
LOL. No sir, you didn't. By applying this warning to the Discord page, and only the Discord page, and not every external link on this website, it implies a specific danger with Discord that doesn't exist when using other internet services. Most other websites, web services, and nearly every ISP has the same potential to abuse privacy just as easily as Discord. Because I'm not aware of Discord abusing this access, there is no reason to pick on Discord specifically and not the whole world wide web. That's what I mean by there is no basis. Go back to Tor. TarkusABtalk/contrib06:38, 11 July 2021 (UTC)
User:TarkusAB: Displaying a generic warning when clicking on external links on Wikipedia is something I would support; I don't think this would violate "no disclaimers in articles" because it technically wouldn't be in the article. However, in this specific case, this Wikipedia page is promoting the use of a communication system antithetical to something Wikipedia is supposed to support (freedom). Therefore, it is reasonable to have such a warning in this instance. This should also be done for any other pages promoting non-libre software in some way. DesertPipeline (talk) 10:08, 11 July 2021 (UTC)
Oppose rationale by W. Tell
I've been watching this for a few days and I oppose points 2 and 3. DesertPipeline said I will not respond to anything which goes off the topic (examples: [...] debating whether or not Discord upholds its word...), I say that imposes unreasonable constraints on this discussion because it appears to take out of the discussion the improbability of Discord misusing personal data. We are not simply going off Discord's word here, it is California state law that mandates that consumer data should not be shared. This is different from a person asking to be taken at their word - when a person fails to keep their word, they lose trust; when a corporation breaks the law, its employees lose not only trust but money, reputation, livelihood and possibly also personal freedom.
DesertPipeline admits freely that this template is intended as a "warning". Usually we warn people about probable - not possible, probable - dangers they have no idea about. This is because a situation can have infinite possible bad outcomes, making listing the improbable ones out a pointless exercise; besides, people on the internet generally do have an idea that software online can track their actions. Given that Discord apparently has no record - even alleged - of selling user data or, indeed, being malicious in any other way, I see no reason to add this disclaimer. It is not useful to readers; it may scare them unreasonably. It is no different from the tactic used by apps and websites to say "Critical functions of this service may not work!!11!!!1!" when you deny them device/cookie permissions.
If we implement DesertPipeline's philosophy of warning readers of the worst-case scenarios of literally anything and everything, no matter how improbable, we should not only start adding templates similar to theirs to all external links, but start warning people that:
The behaviour of the Oversight team offwiki is not monitored. Oversighters may or may not leak the contents of emails you send them to users you have a dispute with and/or hostile foreign governments.
...and this kind of template to userpages and BLPs too:
This person has not made their thoughts open-source. The motives behind this person's actions are held in their brain and therefore may or may not be free knowledge; therefore there may be no way for any third party to predict said actions. Thus this person may or may not, without warning, commit crimes in their jurisdiction, up to and including gory murder of and cannibalism on anyone that approaches them after reading this article.
After all, it is possible that the person described may, without warning, kill and eat anyone that approaches them after reading the article, yes? Let's not argue about the fact that the probability of the average person with a BLP or a userpage being a murderer and cannibal is very low - they have the potential to be! And hey, we're not even saying they are murderers and cannibals - just that they might be!
Any person would agree, however, that such a disclaimer would, indeed, be a scare tactic. I think Wikipedia should not use scare tactics.
Which leads one to wonder why they even leave open the option to do that. Probably because they do do it, and they know that it's improbable anyone will ever find out – much less be able do anything about it.
it is California state law that mandates that [customer] data should not be shared
But we have no reason to believe that they will follow the law when their breaking it cannot be detected. Another case of blindly trusting without a very good reason for it.
Usually we warn people about probable - not possible, probable - dangers they have no idea about
And this warning regards not just possible, not just probable, but guaranteed danger – non-libre software is, in itself, an injustice, even if the developers don't use their unnecessary power. Unencrypted communication is in itself a foolish idea.
It is no different from the tactic used by apps and websites to say "Critical functions of this service may not work!!11!!!1!" when you deny them device/cookie permissions
I'm not sure how the difference between a warning which tries to positively influence people's behaviour and make them think about their actions and a warning which tries to negatively influence behaviour and make people do things which they might not desire to do otherwise is unclear to you. DesertPipeline (talk) 13:50, 12 July 2021 (UTC)
Sir, this is a Wendy's a talk page. If you wish to advocate the ills of non-libre software, please use your userspace, or a (libre) platform offwiki to do so. I think it is clear your proposal has no support here; at this point, all your opposers are saying the same things, and you are saying the same things in return, and all that is being achieved is that a lot of pointless back-and-forth is being added to an already pointless section. As we part - cos I'm not posting anything more here - here's a little something to add on to the rationale for the second warning template on my previous message: And this warning regards not just possible, not just probable, but guaranteed danger – not confiscating clubs, knives, pencils, knitting needles and other sharp/heavy objects is, in itself, an injustice, even if people don't use their unnecessary power. A population with such tools is in itself a foolish idea.Wilhelm Tell DCCXLVIconverse | fings wot i hav dun14:42, 12 July 2021 (UTC)
You confuse tools which have the capacity to be misused but also have useful attributes with an unnecessary and harmful societal practice which has no possible benefits, yet goes unchallenged by the population at large. DesertPipeline (talk) 14:45, 12 July 2021 (UTC)
Sigh, I have poor resolve...
DesertPipeline, you fundamentally misunderstand why Discord stores messages in full on its servers. You are blinded by your determination to see monsters in the shadows.
Others have already told you why Discord does store messages: to enable new joinees to read the entire chat history. I think you do not comprehend the scale of what this means, and why this is advantageous compared to end-to-end encryption in the case of mass communication.
On services like WhatsApp with end-to-end encryption, all messages have to be stored locally, somewhere on the user's device or cloud storage, to be read. This consumes device space and Internet data. This is famously not the case on Discord. I am on ten Discord servers, five of them have upwards of 700 messages - ~5% of them being multimedia - posted on them each day. The fact that the messages are stored by Discord, and not by me, means that I do not have to download and store locally 3500 messages per day, most of which I won't read. If I want to see server history on a large server, I do not have to download millions of messages. If someone sends me an image, I do not have to download it to see it. If someone posts a video, I do not have to download it to see it. This is a well-known, well-appreciated feature of Discord.
This is by design and has been so since Discord's founding. It is not an unnecessary and harmful societal practice which has no possible benefits, yet goes unchallenged by the population at large. This is understood by everyone here except, probably, you; this is why this proposal of yours has no support and this is why everyone is being sharp-tongued with you - they have explained all that is there to be explained, yet you do not listen and remain stubbornly stuck to your own peculiar and unfounded beliefs of why Discord is the way it is. Wilhelm Tell DCCXLVIconverse | fings wot i hav dun03:39, 13 July 2021 (UTC)
Apologies, but hey, I did refute that unencrypted communication is a foolish idea.
Now, I think it is fairly nonsensical to expect a for-profit company recently valued at $10 billion to release the source code of its sole product, enabling knockoffs with cheaper Nitro to proliferate. In fact, I, as a user, wouldn't even want it, because it will be easier to tailor malware for the Discord application, which would mean the leaking of my information and private chats to a third party with guaranteed mal-intent, unlike the imagined kind you assign Discord. Wilhelm Tell DCCXLVIconverse | fings wot i hav dun08:37, 14 July 2021 (UTC)
User:Leijurv: Because I am not knowledgeable on this subject, I may be confused. You may be right about encryption. Any communication system which uses servers will have this problem; so I think that the warning should mention both that it uses servers (meaning your messages are being stored on them) and that those messages are not encrypted with a key Discord doesn't know. However, I would appreciate your advice on this. DesertPipeline (talk) 03:59, 11 July 2021 (UTC)
I would have no problem with a statement to the effect of users should be aware that conversations held in Discord may be read by anyone who joins the server. However, that disclaimer is already present on the page.
If the conversations are public, they're public. There is no use worrying people with this idea that Discord can read their communications, when anyone can read those communications, by design, by intent. A feature, not a bug. Leijurv (talk) 04:04, 11 July 2021 (UTC)
User:Leijurv "users should be aware that conversations held in Discord may be read by anyone who joins the server" isn't accurate though. That's not what's being warned about; what's being warned about is that Discord itself can view messages in any rooms on Discord because they are hosting the rooms on their servers and all data is being stored on Discord's servers. That's more than just "anyone who joins the server can see previous messages". DesertPipeline (talk) 04:08, 11 July 2021 (UTC)
Perhaps it should say "users should be aware that this Discord server is a public space, and anyone may read the chat history". But whatever, it really isn't important. Because, it's plain as day when you join the server and see the chat history right there. (So I'm barely even in support of that existing text to be honest) Leijurv (talk) 04:13, 11 July 2021 (UTC)
User:Leijurv: I would accept something like "Please be aware that while Discord is composed of chat rooms, it offers no more privacy than a Wikipedia page. All messages are stored on Discord's servers and are technically accessible by Discord staff. There is no way to know whether or not they provide third parties with copies of data collected."
To reduce fragmentation of the discussion I will reply to the below here:
If the language is phrased in a non neutral way that disparages or implies potential wrongdoing on the part of Discord, I see no reason to support that without evidence.
Do you think the wording I suggest above implies that? My only intent is to make it clear that they are technically capable of this, and we cannot know whether or not they do these things. It's important for people to be fully informed on these matters. DesertPipeline (talk) 04:23, 11 July 2021 (UTC)
(edit conflict) Again, no, because, again, that manufactures a suspicion in the mind of the reader for no good reason. It is enough to inform them that "anyone" can read the messages sent in the Wikipedia Discord. Just like how it's reasonable to warn people that talk pages can be seen by anyone. When I was blocked 3.5 years ago with only a few edits under my belt, I actually assumed that my talk page was a private discussion between me and the blocking admin, and later had to ask for oversight lol. If literally anyone can read it, please explain why there is any particular concern of Discord sharing the data with third parties, why should we bring up that idea? Leijurv (talk) 04:27, 11 July 2021 (UTC)
Do you think the wording I suggest above implies that? My only intent is to make it clear that they are technically capable of this, and we cannot know whether or not they do these things. Yes, absolutely I do think that. All messages are stored on Discord's servers and are technically accessible by Discord staff. There is no way to know whether or not they provide third parties with copies of data collected. This does imply that this is something that the reader ought to worry about. The neutrality of "there is no way to know" is faux neutrality because it gives undue weight to the speculative idea that this might happen, and the idea that, if it happens, the reader ought to be concerned. Leijurv (talk) 04:29, 11 July 2021 (UTC)
User:Leijurv: I just don't understand why we shouldn't warn people about what is technically possible. Also, they should be concerned, because when you send a message in a chat room, you're sending it to the people in that room, and people who might join later – the message was not directed at the operators of the communication system (if they have no intention to join), so they should only be allowed to read it if they also join the chat room. It's the difference between "the communication system operators joined the room and read the message, and I know they could have read it because they joined", and "the communication system operators can read the message without me ever knowing". Of course, when there are no communication system operators (in a peer-to-peer model), this problem is eliminated – you only have to worry about people in the room who might relay messages to others outside the room, but that's outside of the scope of this. DesertPipeline (talk) 04:37, 11 July 2021 (UTC)
Sure. I'd say I have enough AGF left to explain that. We absolutely should not warn people about what is technically possible. Not as a general rule. Something being technically possible is not enough to warrant a warning. We should not put a warning on the Wikipedia login button saying "Go check your mobile data plan! There is no way for us to know, but, it's possible that requesting this next page COULD cause a data overage for you, costing you money!". We should not put that hentai warning that I mentioned above on Wikimedia Commons (that one's easy per WP:NOTCENSORED).
Whether something is worth warning about, is a separate concept from if it's technically possible. We shouldn't warn people about impossibilities, and indeed, we also shouldn't warn them about something that's exceedingly unlikely. See alarm fatigue, it's a real thing. A sad fact of human psychology, if you want to think of it as such.
the communication system operators can read the message without me ever knowing With respect to this, it is technically true, but it is implausible to worry about. In order for this to truly be on your mind, I imagine you would have to be interrogating every individual account that joined the Discord server "prove to me that you have a Wikipedia account! Prove to me that you're a Wiki editor and not a bot funneling information to an advertising company! I will not say a single word further in this server until you prove your identity". This is a little silly. My point is that it's not worth worrying about, because the scenario in which that worry bears fruit is completely implausible.
I actually think it would be unchanged in a p2p setting? Assuming that we still maintain the property that anyone can join the network and read all the history, any advertiser or data miner or AI researcher or otherwise interested third party is already allowed to download the entire message history without needing permission...? It is a little strange that in the context of p2p, the worry of nefarious actors reading the messages disappears. Why would it disappear? My entire point is that Discord's position as the operators of the communication system does not grant them any additional abilities or permissions to read messages, than the general public. Therefore, there is no concern about their behavior, at all. Leijurv (talk) 04:50, 11 July 2021 (UTC)
User:Leijurv: Okay; your points about the Wikipedia chat room on Discord are fair. However, this warning would serve a general purpose. There are surely people out there who don't use Discord and don't know anything about it – and encouraging them to start using it means they could use it for purposes other than Wikipedia communication; they may think that they are communicating privately in a small chat room with friends when actually Discord staff are able to see their messages. This is the main problem. I don't really like that we have a Wikipedia page encouraging people to use software which mistreats them. At least if we tell them that it does, they might think critically about it rather than going in blindly. Like I said, all I want people to be is informed. Informed choices are better than uninformed choices. If they decide they want to use Discord despite the risks, that's their choice – but you wouldn't encourage someone to go bungee jumping without clearly explaining the risks first, would you? DesertPipeline (talk) 04:57, 11 July 2021 (UTC)
And that is where WP:RGW and WP:ADVOCACY come in, right on cue. Of course, you are correct that there is no way to be sure that Discord staff do not read some otherwise-private messages, separately from the Wikipedia community. If that is now your worry, that users will venture beyond the Wikipedia Discord and into other incorrectly-presumed-private spaces, I call that advocacy. It's above and beyond, excessive, to warn people about that. Also a bit of WP:NOTCENSORED, about how Wikipedia tends towards not putting warnings by links, images, citations, pages. I also argue that people can be informed if they want to be informed, on a meta level. If they care about such things, they will click the link and read about Discord (software). You don't need to tell them what to worry about, that's not neutral, and it's WP:RGW. Leijurv (talk) 05:05, 11 July 2021 (UTC)
User:Leijurv: Outside of articles, there's nothing wrong with advocacy. Essays do that. We should do the right thing when we have the opportunity, and we have the opportunity here. Also, like I said before, the Wikipedia article on Discord doesn't even mention privacy. It even claims that people are using it "because it gives them privacy", which is a false statement. DesertPipeline (talk) 05:10, 11 July 2021 (UTC)
You can go and write an essay on the harms of Discord. But the project page on Discord is subject to consensus. I have heard your arguments on this matter and I think that alarm fatigue makes the warning as proposed counterproductive or misleading or both. At most, such topics could be covered in the body. I believe that the current such coverage in the body is sufficient for us to sleep easy knowing that we have done our moral duty in warning potential users of the Wikipedia Discord, regarding who will be able to read their messages. I won't comment on Discord (software), a page with independent consensus to here, except to say that it's perfectly possible that it provides more privacy than another service (I'm sure we'd agree that we'd rather use Discord than WeChat). Leijurv (talk) 05:16, 11 July 2021 (UTC)
User:Leijurv: I've read through this page before and I don't agree that it does enough to warn people about Discord. Also, the button to join is big and obvious at the top, while only below that is anything mentioned about how it might actually not be such a great idea to use it. DesertPipeline (talk) 05:19, 11 July 2021 (UTC)
I can't really reply in full without doing a lot of repeating myself. So, in short: I believe that the risk presented to the average reader, the average Wikipedian, who joins Discord and participates in the Wiki community on there, is essentially nonexistent. It is so small, that adding such a warning about it would constitute alarm fatigue and be counterproductive. Leijurv (talk) 05:29, 11 July 2021 (UTC)
User:Leijurv: From your perspective the risk is essentially nonexistent; but you're confusing "essentially nonexistent risk" with "extremely prevalent but well-hidden risk". If the risks were obvious, the warning wouldn't be necessary. From the perspective of someone about to be run over by a reversing car without any backing-up sound, there's essentially nonexistent risk too; except in this case, there's often not even a point where someone even feels the effect, and so they continue doing what harms them without ever realising it is harming them. Also, I'm not sure how alarm fatigue applies in this context, honestly. DesertPipeline (talk) 05:34, 11 July 2021 (UTC)
A warning about a triviality will make someone disregard the warning, and perhaps future similar warnings. We don't want that. I'm not saying it's obvious I'm saying it's trivial (i.e. tiny risk). Leijurv (talk) 05:36, 11 July 2021 (UTC)
User:Leijurv: But it's not trivial. That's the point. Just because you don't see the harmful effects, it doesn't mean they aren't there. If you remained in an area with a radiation leak you wouldn't feel the effects until it was too late; but there's no analogy that can convey what happens in this case properly, because, so long as you don't go looking for it, you'll probably never find out that you're being harmed. That makes it even worse, and it's why it's even more important that we actually make people think about it rather than just letting them go into it blindly. DesertPipeline (talk) 05:40, 11 July 2021 (UTC)
The risk of otherwise-private communications being read by third parties like Discord is trivial, as I argued above (I thought you agreed?). The risk of the Discord server-side software misbehaving is similarly discounted, because there's nothing that Discord can do that any old person couldn't. Again because the server is public.
I wonder, would you suggest that a store selling stamps should have a warning There is no way to know for sure that postal workers aren't reading your mail!Leijurv (talk) 05:44, 11 July 2021 (UTC)
User:Leijurv: Letters are different to digital communication; but I do think that people should be informed about that danger, too (so they can try to enact changes which mitigate the risk). Also, I don't remember agreeing to what you said. What is your definition of "trivial"? As in, you think they likely won't do it, or you think that when they do it, it's a trivial problem? DesertPipeline (talk) 05:51, 11 July 2021 (UTC)
Ok, that is funny to hear, that you essentially agree that that warning should exist. Never mind that it's a felony and there is data that it is essentially never happens. There's a point where something is so unlikely that it's counterproductive to bring it up.
Ok, maybe I made a wrong assumption. It was based of when you said Okay; your points about the Wikipedia chat room on Discord are fair. My point has been simple: the fact that the Wikipedia space on Discord is fully public is an automatic negation of a number of possible complaints or issues. There is no longer any possible reason to worry about misbehavior on the part of Discord. We might just as easily worry about Discord going out, scraping onwiki communications, and mishandling those - both are equally public. For this reason, the risk presented by communicating in the Wikipedia space on Discord is zero, I cannot think of any. Other than your moral complaint about how Discord is itself a proprietary program, I suppose. Leijurv (talk) 05:58, 11 July 2021 (UTC)
User:Leijurv: And does it not concern you that people are even allowed to say "This is not your computer. These are not your programs. You may have bought that computer, and bought or downloaded those programs, but they are ours. We control them. It is with our permission that you use them. You will accept what we impose on you or stop using them."? DesertPipeline (talk) 06:01, 11 July 2021 (UTC)
User:Leijurv: It is what non-libre software developers are doing, put into words. When you use their programs, the developers have unjust power over your computer. Whatever they want to do, they can do it, and your only options are to accept what they impose or stop using the program. That's not something that should exist in a reasonable society. DesertPipeline (talk) 06:05, 11 July 2021 (UTC)
Okay so this has moved away from "inform users about a real, tangible risk that they face" and towards "I morally disagree with essentially the entire modern Internet".
For example, if the risk was "someone can read messages that you would believe are private", then sure I can see how exposing that information is something that should be warned about, such as if Discord had a history of such behavior, or had a bad reputation like that.
But your concern is simply that users are.... browsing to a website that doesn't mark its JavaScript as free software so that your LibreJS browser extension can recognize it? That's >99.99% of all websites on the entire internet. We, as a society, have determined that this is okay. You disagree. This doesn't give you moral authority to suggest that the act of executing software that one cannot enact their four essential freedoms against, is somehow morally perverse and something to be warned against. Again, see WP:CON, WP:RGW, WP:SOAP, WP:ADVOCACY. These things, especially consensus, absolutely apply. Wikipedia project pages and talk pages and all of that still have to conform to the purpose of Wikipedia, which is exclusive to advocacy and righting great wrongs. Leijurv (talk) 06:11, 11 July 2021 (UTC)
User:Leijurv: So "you have no control over what this software does or does not do, and if you install it you are essentially giving the developers permission to do whatever they want to your computer" isn't a risk? DesertPipeline (talk) 06:29, 11 July 2021 (UTC)
It would be infantilizing to put a message like "if you use Discord as a website, it can't really do anything to harm you, at all. but if you download it as a program, look out! you can't really know that it isn't messing with your computer!". Not our place to walk people through basic functionality of the internet versus a downloaded program. It would, as I've said before, give undue weight to the idea that Discord is risky versus other programs or websites. Personally I use discord.com/app more often than not. It's the exact same as the downloaded program. Leijurv (talk) 06:39, 11 July 2021 (UTC)
Discord is a third-party communication system; neither the Wikimedia Foundation nor the Wikipedia community, nor any other Wikimedia community, have any involvement with its development. It is not subject to the WMF Privacy Policy.
The Discord client distributed by the developers of the Discord communication system, and the Discord server backend, are not free (libre) software; there is no way for any third parties to audit the source code to determine what they do or do not do. Other Discord clients may or may not be free (libre) software.
Discord uses a client–server model – this means that all messages are stored on Discord's servers. These messages are not encrypted with a key that Discord does not know; all messages sent and received via Discord can be viewed by Discord staff and may be shared with third parties.
That is even more of a silly warning. I agree that it's good to say users should be aware that conversations held in Discord may be read by anyone who joins the server, but it already says that! It is undue to put this into a warning. There is no basis for the concern that Discord will take publicly available chat messages and share them with a third party, when the chat messages are not private to begin with. Wikimedia could just as easily take our talk messages and share them with third parties. I'm not worried about that because I understand that anyone can read any talk page! So there is no concern of Wikimedia sharing them with anyone, they are already public. Leijurv (talk) 04:10, 11 July 2021 (UTC)
User:Leijurv: Please see my comment above. Also, there is a large difference between a talk page on a public website like Wikipedia and a public chat room. There cannot be expectation of privacy here; but in a chat room, some measures can be taken to have a reasonable amount of privacy. Obviously, it can be circumvented. But that there will always be ways to circumvent security does not mean that we shouldn't take security measures which are possible and provide a reasonable level of it. DesertPipeline (talk) 04:16, 11 July 2021 (UTC)
Some language to make sure a reader is aware that the Wikimedia Discord server is a public space would be reasonable. For example, users should be aware that this Discord server is a public space, and anyone may read the chat history. If the language is phrased in a non neutral way that disparages or implies potential wrongdoing on the part of Discord, I see no reason to support that without evidence. (such as all messages sent and received via Discord can be viewed by Discord staff and may be shared with third parties I do not support, because it implies that the reader ought to worry for some reason about Discord staff poring through the chat logs, it creates a worry that has no reason to exist). Leijurv (talk) 04:20, 11 July 2021 (UTC)
Someone may want to hat this entire thread, from top to bottom. It has generated almost 100 revisions on my watchlist today, it involves one person bludgeoning an unpopular opinion that nobody else is supporting, and this person has a history of doing this. –Novem Linguae (talk) 06:12, 11 July 2021 (UTC)
What you refer to as "bludgeoning", I refer to as "discussion". But unfortunately I feel most here aren't desiring a discussion; they just want to get rid of me so they can stop being reminded that their actions have consequences and they have responsibilities too, much as they wish they didn't because they feel everything is hopeless they and couldn't possibly effect change (an attitude which causes everything to continually become worse, making them even less willing to try to change things). DesertPipeline (talk) 06:29, 11 July 2021 (UTC)
I don't think that's quite fair to other editors. I assume you aren't referring to me since I've put a significant amount of time into replying to you today.
Even if they don't abuse the power they have, should they have it?
Something I would like to mention that I found interesting is how, during this discussion, as it became clear to some participants that the assessment of risk was incorrect, rather than analysing the risk objectively, they "upgraded" it just enough to continue to remain comfortable. "There's no risk" → "The risk is minimal" → "They can do these things, but it's unlikely they will". From my perspective I believe this is some sort of defence mechanism. I believe that other participants in this discussion are made uncomfortable by my points, because they know – subconsciously – that they are true, but feel there isn't anything that can be done. Therefore, to prevent themselves from feeling extreme mental discomfort due to this, their brains must defend something that could still plausibly apply.
Obviously, "there's no risk" is the point of highest comfort; at that point, nothing is wrong in their conscious minds, so everything is good – no changes necessary, everything can continue "as normal". But then when there is no way their subconscious can continue defending this stance, they have to then go a little lower down the "comfort chain" so to speak – the risk is minimal. Sure, maybe a risk exists, but it's small. It's fine. Nothing needs to be changed still – there are always risks in life, right? Then, however, we come to a point where actual discomfort sets in. It is now clear that the risks aren't minimal. Even though this is the point of actual discomfort, they actually come to the easiest-to-defend stance – the risk exists, but it's unlikely they'll do the things they have the capability to do. This one causes actual discomfort because they must now acknowledge that there is a non-insignificant risk. But there is still no change in behaviour prompted, because there is always plausible deniability – because of the nature of the problem, it usually isn't possible to say for certain whether or not a certain entity is abusing its power.
But the fact of the matter is that the power they have is problem one. There isn't any legitimate reason for the developers of Discord to have control over the copies of the software others possess. There isn't any legitimate reason for any software developer to have that power. There are only two possible scenarios: 1. The developer doesn't abuse their power, and therefore doesn't need it (but keeping it allows them to change their mind at any point and start abusing it). 2. The developer does abuse their power, and therefore shouldn't have it. There isn't any context in software where a developer of a program should have control over the copies of others.
And that people allow such a thing is, in my mind, very strange. If you bought a car, would you accept the car manufacturer saying "You may have bought that car, but it's ours. We made it. Therefore, we get to tell you what you can and can't do with it. You're also not allowed to know how it works. If it breaks, you have to hope we'll fix it. If it has some malicious function, then you'll just have to accept that or stop using the car – if you ever even notice, because maybe the malicious function is hidden." I hope that people here see how that would be an insane scenario. The same logic applies to software too.
Therefore, to warn people that someone else will have control over something you want to use, and that they have no legitimate reason to control it and can only ever use that control maliciously, is surely not unreasonable. Let them know the risks. Let them make an informed decision.
We all have an obligation to be ethical, good people. Some people refuse that obligation – like non-libre software developers. For our own sake, we need to offset the damage they cause as much as possible. What is happening right now helps them. Sometimes, even if you don't think you're directly helping something negative, you're still helping. Sometimes, you have to do good to offset bad. That's all I'm asking we do. DesertPipeline (talk) 04:04, 12 July 2021 (UTC)
Good job on writing a long essay. Very off-topic though. I still affirm my oppose for the reasons I've stated above. This suggested change isn't based on any policy or guideline, and now you're bringing up "ethics" as if being "unethical" in your own perspective is not allowed on Wikipedia. There's too many holes here that I honestly can't be bothered to respond to any knowing that it's just going to be a lost cause. Perhaps the others in this thread have excess energy to waste on this. Chlod (say hi!) 04:32, 12 July 2021 (UTC) (please do notping on reply)
User:Chlod: I wanted to encourage you to think about this more carefully. The opportunity isn't gone just because you haven't yet; you always have that opportunity. I'm asking you to do this because it benefits you to do so. Don't let your current opinions inform you on this; think about it carefully from the "ground up". (I don't know how to say that literally.) Scrutinise it as much as you can. I believe in you. DesertPipeline (talk) 04:48, 12 July 2021 (UTC)
This is the second time you ignored a {{ppor}} that I'm beginning to assume battleground behavior. Leave me alone and keep your opinions to yourself. I'm not going to be swayed by this manifesto. Waste your time on something else. (please do notping on reply) Chlod (say hi!) 04:57, 12 July 2021 (UTC)
I didn't notice the "don't ping" template again. I'm sorry. You might want to put it in front of your messages in future if you use it again anywhere, because it's not very noticeable after your signature – or at least it's not noticeable to me. Again, I'm sorry for pinging you. DesertPipeline (talk) 05:06, 12 July 2021 (UTC)
Although I would like to mention that it feels like you're using the "don't ping" template to mean "I want to say something and I don't want to hear your response". I don't think that's a good attitude to have. Reasoned discussion is important and positive. DesertPipeline (talk) 05:13, 12 July 2021 (UTC)
Learn to read the room. We don't want what you're selling. You're going to end up at ANI if you keep bludgeoning like this. –Novem Linguae (talk) 04:53, 12 July 2021 (UTC)
User:Novem Linguae: I dislike your characterisation of a discussion as bludgeoning. Reasoned discourse is how we get things done. If you think I'm wrong, tell me and say why. Then if I think your rationale isn't valid, I'll tell you and say why. [Edit 05:03, 12 July 2021 (UTC): And so on, until an agreement is reached.] Sometimes I can't respond to things that I don't consider valid because I'm not very good at communicating, though. DesertPipeline (talk) 05:01, 12 July 2021 (UTC)
@DesertPipeline: Late to the party but holy shit, this appears to be pretty textbook for what it is to WP:BLUDGEON - Typically, the person replies to almost every "!vote" or comment, arguing against that particular person's point of view. The person attempts to pick apart each argument with the goal of getting each person to change their "!vote". They always have to have the last word.... No clear supports to your argument in full, and practically every counter point is met with counter argument, forgetting that this is a place where consensus is needed. Agree to disagree & accept defeat where a motion is futile against overwhelming numbers. — IVORKTalk06:05, 12 July 2021 (UTC)
User:IVORK: Unfortunately, what the bludgeon page describes is actually proper discourse. What kind of logic is it to say "If someone else says something you disagree with, you can't try to refute their argument because that would be bludgeoning"? This is how a good discussion works. But other participants in the discussion need to listen to what I'm saying; I'm trying to listen to what they're saying and responding to their points whenever I can. That's how we improve. Tell me why you think I'm wrong; if I disagree, I'll tell you and explain why. All participants must try to listen as much as possible to what other participants are actually saying; not what they think they are saying. We continue this process until we come to an agreement. If that's what counts as "bludgeoning" on Wikipedia, we have a serious problem. DesertPipeline (talk) 06:15, 12 July 2021 (UTC)
@DesertPipeline: It's the difference between everyone stating their views/opinions on the matter, and you restating your argument countless times over in opposition to any views you don't agree with. — IVORKTalk06:20, 12 July 2021 (UTC)
User:IVORK: I keep repeating myself because others keep bringing things up that I've already responded to. Perhaps I should stop doing that, but also sometimes I forget if I have responded to a point or not. DesertPipeline (talk) 06:22, 12 July 2021 (UTC)
Oh, sorry. I misread. I don't feel like I'm being aggressive. I'm definitely trying to be as polite as possible in this discussion, but it can be difficult at times, and I'm sorry if I ever say something which I shouldn't. I'm only trying to do what's best here. DesertPipeline (talk) 06:43, 12 July 2021 (UTC)
User:ProcrastinatingReader: I don't mean to be rude, but the strength of an argument is not based on how many people agree with it. You have to refute what I'm saying; just because many people are responding with opposition it doesn't mean I'm wrong. Also, I personally feel I've adequately refuted the points of opposition so far. DesertPipeline (talk) 06:40, 12 July 2021 (UTC)
Not at all. Consensus, by definition, means "general agreement". The only "general agreement" here is that all of your proposals are opposed. Nobody has to address your individual points to your satisfaction. If you persist in pursuing this matter single-handedly, it will likely be seen as a conduct issue once the editors above start to become frustrated and tired. ProcrastinatingReader (talk) 06:46, 12 July 2021 (UTC)
User:ProcrastinatingReader: On Wikipedia, "consensus" doesn't mean "everyone agrees". For instance, the Wikipedia:Consensus page says this: A consensus decision takes into account all of the proper concerns raised. It's about what is most logical, not what is most popular – because unfortunately, "popular" and "logical" don't always align. DesertPipeline (talk) 06:53, 12 July 2021 (UTC)
Yes, that means decisions don’t need to be unanimous, not that the minority of 1 is classed as ‘consensus’. I’m not going to engage in a protracted argument with you, I’m just suggesting you rethink your approach because someone will take this to ANI eventually at this rate. If you disagree, feel free to ignore the suggestion. ProcrastinatingReader (talk) 07:28, 12 July 2021 (UTC)
User:ProcrastinatingReader: If I'm right, it doesn't matter that I'm the only person arguing for this position. If it's what makes logical sense and nobody can provide an unrefuted objection, then it's probably the correct thing to do. And if it turns out it's not, we stop doing it. DesertPipeline (talk) 07:34, 12 July 2021 (UTC)
You were given several objections by people above. You don’t have to agree with them, and it doesn’t matter whether you’re ‘right’ (whatever that word means, who gets to decide ‘rightness’ anyway?). Everyone who advances a point thinks they’re right, otherwise they wouldn’t advance the point. It matters whether you can convince other people. You could not, and so that’s that. ProcrastinatingReader (talk) 07:51, 12 July 2021 (UTC)
User:ProcrastinatingReader: I refuted the objections previously stated; if someone feels a refutation was invalid they need to say that and say why. The process stops when there are no more refutations, and as long as the last refutation is valid, the person who said it is more likely to have the correct argument. DesertPipeline (talk) 07:59, 12 July 2021 (UTC)
I watched this for a bit at the start, but I can't see what the point of this discussion is (and the one above)? If you use a service/application/platform/whatever, you need to have some due diligence. Nothing that has been said here has garnered any support, and so I suggest we spend our next 11,000 words doing something useful. Giraffer(talk·contribs)09:11, 12 July 2021 (UTC)
User:Giraffer: Why do you feel that way? (Not a rhetorical question.) I would agree with you if this were about the Wikipedia article on Discord; that's not inviting anyone to use it. But this project page is specifically saying "join us". Therefore, I think there is a responsibility to inform them; otherwise, it's "join us (but there are risks we aren't going to mention, even though it would be by our actions that you became exposed to them if you do so)". DesertPipeline (talk) 10:08, 12 July 2021 (UTC)
None of my answers would differ from anything that has been said above, and I especially agree with what ferret & Firefly have said. Giraffer(talk·contribs)10:39, 12 July 2021 (UTC)
DesertPipeline, you're still talking as if nothing I've said has gotten through. For the Wikipedia Discord, which is what we are concerned with here, Discord-the-company has no additional access or information beyond the general public. They have no ability to leak personal communications or otherwise misuse them, because there are no personal communications. It's all very intentionally accessible to everyone. Can you explain why you are still going on about how we need to worry about Discord doing such a thing? Additionally, when you refer to the concern that Discord will somehow someday insert malicious code into their website: that concern is equally as large on Wikipedia itself, since both are client-server applications and not peer to peer. I don't think it's reasonable to warn someone about something that's already the case on Wikipedia. Leijurv (talk) 20:45, 12 July 2021 (UTC)
User:Leijurv: Again, the problem is people being encouraged to start using Discord by this page and then using it for other purposes. (Although I don't think it's fit for purpose in this use-case either, but still.) Discord has a "private" messages function, and someone might start a Discord chat room for a few friends where the "public chat" part doesn't apply. DesertPipeline (talk) 08:49, 13 July 2021 (UTC)
That's a leap that I don't think we have any cause to warn about. It's not a risk directly associated with using the Wikipedia Discord. You may think it's an obvious eventuality, but that's where I disagree. You may say I'm morally bankrupt, but I say that proprietary is the fifth word of this page Discord is a freemium proprietary ... and that's good enough. Among other links where someone can inform themselves. I don't think you have the moral high ground just based on the time/place/manner that this information is being presented, a big warning versus links in the body. Leijurv (talk) 19:12, 13 July 2021 (UTC)
User:Leijurv: People need to respect themselves and not get into situations where they allow themselves to be harmed by others for no reason. I'm not saying this warning will suddenly make people respect themselves, but maybe it will make them think. People need to think. DesertPipeline (talk) 03:27, 14 July 2021 (UTC)
This is a tradeoff of how to do the right thing by Wikipedians who consider Discord. A big warning isn't objectively better than an explanation in the body. In my eyes, this is a bit of a motte-and-bailey fallacy between People need to respect themselves and not get into situations where they allow themselves to be harmed by others for no reason which is a big and prescriptive moral statement, and The warning is simply intended to allow people coming here without prior knowledge to make an informed decision about whether or not to use the program which is an unobjectionable informational proposal. Leijurv (talk) 03:49, 14 July 2021 (UTC)
User:Leijurv: But nobody has refuted that the "prescriptive moral statement" is correct; something being prescriptive does not make it incorrect. If it cannot be refuted that advising people to not use non-libre software is a good thing, then that presumably means it is correct. If someone later does refute it with a valid argument, then we can re-evaluate our actions and make necessary change. DesertPipeline (talk) 08:07, 14 July 2021 (UTC)
Addendum: And it's not even like the warning is advising not to use non-libre software. It's just saying that it is, and therefore knowing what it does or does not do is not possible – which I think is a fair statement. DesertPipeline (talk) 08:08, 14 July 2021 (UTC)
My point was that you're switching between a quite weak and a quite strong statement as it suits your argument at the moment, which is called a motte-and-bailey fallacy. The prescriptive moral statement ("quite strong") is not to be included, per WP:RGW and WP:ADVOCACY and WP:SOAP. The informed decision statement ("quite weak") is not to be included since the risk you are bringing up admittedly does not exist in the Wikipedia Discord and they would need to venture elsewhere.
Additionally, you back up the moral statement by saying that it's in people's "best interests" etc to "not allow themselves to be harmed by others". If there is no harm, there is no moral issue. The two are linked. If you pull out the foundation, the castle falls down. Leijurv (talk) 08:12, 14 July 2021 (UTC)
Addendum: And it's not even like the warning is advising not to use non-libre software. It's just saying that it is, and therefore knowing what it does or does not do is not possible – which I think is a fair statement. This is the motte, the idea that you simply want to inform them that it's non-libre, not to advise them against non-libre software. But then you switch to stating that non-libre software is a moral failing, which is the stronger version. Leijurv (talk) 08:14, 14 July 2021 (UTC)
The prescriptive moral statement ("quite strong") is not to be included, per WP:RGW and WP:ADVOCACY and WP:SOAP
Previously I stated that we shouldn't always rigidly base our decisions on policy; context is important. Do you have any response to that?
The informed decision statement ("quite weak") is not to be included since the risk you are bringing up admittedly does not exist in the Wikipedia Discord and they would need to venture elsewhere
The page is encouraging them to use Discord. It's unlikely they'll only use Discord to communicate in the Wikipedia chat room. If you introduce someone to something harmful they need to be aware of the risks. DesertPipeline (talk) 10:31, 14 July 2021 (UTC)
This isn't an WP:IAR case, because this isn't a blind following of the letter of a policy with disregard for the spirit. This is a straightforward direct application of these policies and I see no reason why this page is some special exception.
Why are they not sufficiently aware of the risk by clicking the links like "proprietary" and "Discord"? Why is the big orange box a determining factor? Why could phrases like that not be incorporated into the body? Leijurv (talk) 17:29, 14 July 2021 (UTC)
User:Leijurv: Again, the Discord article doesn't mention anything about the privacy implications – it actually claims the opposite, that Discord gives its users privacy. Also, if this were to be integrated into the project page's text rather than being a box at the top, the "join server" button needs to be made less prominent. It should also be below the caveats, so that hopefully people will read those first and then decide whether or not to use Discord. DesertPipeline (talk) 04:27, 15 July 2021 (UTC)
Also, this is off-topic, but I really want to know your thought-process. You believe that in itself non-libre software is not a bad thing, correct? If so, can you tell me why you feel that way? DesertPipeline (talk) 04:29, 15 July 2021 (UTC)
Please continue this on your own talk page so that watchlisters can stop reading this back and forth. -- ferret (talk) 13:11, 15 July 2021 (UTC)
Asking for ban reason
Latest comment: 2 years ago5 comments2 people in discussion
Hello. I am Luxtaythe2nd (luxtaythe2nd#0287 on Discord) and it seems as I have been banned from the Discord server without being notified of why. Can any server admins tell me why? I have already asked a few server members but no reponse has arrived. Thank you! Luxtay theIInd (talketh to me) 10:25, 11 September 2022 (UTC)
Latest comment: 2 years ago6 comments4 people in discussion
I am Luxtaythe2nd (luxtaythe2nd#0287 on Discord) and I, as I started in the previous thread, have been banned from the Wikimedia Community Discord server for a post about ROBLOX scams I do. Firstly, I do not wish to solicit such scams and do not wish to continue such activity. I would also like to point out I, having learned a lesson from this ban, will not continue soliciting such material in the server and will behave accordingly with the rules. Luxtay theIInd (talketh to me) 19:03, 11 September 2022 (UTC)
Not the place for this. This page is just to direct you to the unban process on Discord. Discord is the place. Not here. Please discuss this on Discord. -- Deepfriedokra (talk) 19:08, 11 September 2022 (UTC)
Luxtaythe2nd, that was only the latest in a long series of things you've done that the server mods have heard complaints about. You have a long history of inappropriate behavior and comments, as well as general over-the-top attempts at "edginess," and this was simply the last straw. Additionally, the overwhelming majority of your time in-server has been spent in the offtopic area instead of in the Wikipedia-related channels, and as noted in the server rules, If your only significant activity is [in #offtopic], you may garner extra scrutiny. That extra scrutiny has been garnered and you have been judged to be a net negative to the server. This is a fundamental problem with lack of maturity on your part and so it is not something that I would expect to be lifted anytime soon, no matter how much you tell us that you've "learned your lesson". GeneralNotability (talk) 19:22, 11 September 2022 (UTC)
I understand this is awkward, especially after I wrote what seems to be a closing statement, but: first, I still hold my claim that I do not intend to solicit scamming that I did in my ban appeal. Second, I do admit to having rather controversial takes and over-the-top attempts at being "edgy" which I acknowledge negatively affected the atmosphere of the server, but I got several warning signs from server members and decided to stop, from which point I have only occasionally debated/mentioned controversial topics or used such edgy humour. That ROBLOX scamming message was an outlier, but it was indeed scummy and, again, I apologize. I also have to admit to sporadically using channels outside of #offtopic, although my rare usage of these channels still provided me with necessary help when I needed it. Luxtay theIInd (talketh to me) 16:48, 30 September 2022 (UTC)
More information about ban
Latest comment: 2 years ago7 comments2 people in discussion
Hi there, the last message I posted in the Wikimedia Community Discord was "imagine crying over some random old woman dying thousands of kilometers from your home". I would like to request further information about my ban, such as a formal reason, the length of the ban, and whether it is appealable or not. I am still deciding on a course of action regarding this ban. Thanks! A diehard editor (talk | edits) 22:14, 16 September 2022 (UTC)
i) The formal reason is repeated inflammatory or problematic communications, including when asked to avoid such, of which the final edit was merely the most recent.
ii) All Discord bans are to be considered indefinite, unless notified by the banning moderator to the contrary.
iii) It is appealable. Any appeal should note why your return to the Discord would be beneficial and how it would avoid the issues that led to the ban being issued
You may either make a single post below this one, with your appeal, or you can friend request me on-wiki and make a single DM with it - whichever you prefer. No rush, there's no time limit. Nosebagbear (talk) 22:33, 16 September 2022 (UTC)
Latest comment: 2 years ago3 comments2 people in discussion
Hi,
I left the server earlier today, but upon trying to re-enter, saw that I was banned. I would have at least appreciated a DM or talk page message before that decision was made.
Not sure why or if it's personal to any degree, but I'd appreciate some sort of clarification. I did heed and understand the warning I received about sockpuppetry on the server, but am unaware as to any other possible violation. Thanks. (Hemoglobin#4059). — That Coptic Guy (talk) 01:37, 30 September 2022 (UTC)
@That Coptic Guy Bans include IP bans. When your sock account was banned, that created an IP ban from rejoining. When you voluntarily left the server, your rejoining was blocked as a result. I will temporarily lift the ban, but you're on thin ice after this. -- ferret (talk) 02:35, 30 September 2022 (UTC)