Trust and Safety Product/IP Info/2022 testwiki feedback

The feedback link from testwiki outputs broken wikisyntax on this page:

<translate>
<!--T:1-->
* '''What did you find difficult to understand or do?''': ...

<!--T:2-->
* '''What did you find missing in this feature?''': ...

<!--T:3-->
* '''How else can we improve?''': ...

<!--T:4-->
* '''What did you like about this tool?''': ... 
</translate>

The translate tags and markers should not be there. I am not sure how to fix it while keeping the preloading fully translatable. Regards, —MarcoAurelio (talk) 16:01, 2 April 2022 (UTC)[reply]

I believe the link should use {{int:lang}} or {{PAGELANGUAGE}} to substitute the correct subpage of Template:IPInfoFeedback. For example: [1]. This is how it works for Tech News distribution and when creating proposals in the Community Wishlist Survey. Using Special:MyLanguage will use the translation source page for English, which has the unwanted translate tags and markers. — MusikAnimal ^talk 22:45, 4 April 2022 (UTC)[reply]

@MusikAnimal: Thank you. Looking at the code, the feedback hook comes from the BetaFeaturePreferencesHandler.php at the IPInfo repo, but the URL comes from modules/ext.wikimediaMessages.ipInfo.hooks/feedback.js on WikimediaMessages. It should be amended to use the proper code, and probably as a bonus to populate the title of the new section with something like Feedback from $username at $timestamp. Regards, —MarcoAurelio (talk) 10:28, 5 April 2022 (UTC)[reply]

@MarcoAurelio, @MusikAnimal, please share comments about the template on the discussion page of the template. Thank you for the feedback. –– STei (WMF) (talk) 10:34, 8 April 2022 (UTC)[reply]

• What did you find difficult to understand or do?: ...

1. Before I was autoconfirmed, the "IP Information" block appeared in Special:Contributions for IPs. However, the box was empty, with no indication that I was not being shown the info because of the lack of privileges. It might be better to completely omit the "IP Information" block if there are not enough privileges, to avoid confusing new users.
2. After I was autoconfirmed, advanced information such as ISP appeared as Not Available. It was not clear if it was missing from MaxMind data or, as it was the case, I had not enough privileges to see it.
3. The proxy field always says Not Available, even for a VPN endpoint. Initially, I didn't know if it's not available to me (lack of permissions), or if MaxMind's database lacks records for it. Once I got temp sysop perm I realized it's simply not available, but it was not clear initially.

• What did you find missing in this feature?: ...

1. Clearer indications of when data is missing or when I have no permission to see it.

• How else can we improve?: ...

1. MaxMind data quality for connection type seems to be subpar. I tried two VPN endpoint: 185.225.28.154 was identified as Cable/DSL, residential, no proxy flags. 194.127.167.100 was identified as Corporate, hosting, Hosting Provider. Both of these VPN endpoints are easily identifiable, since the VPN provider publishes the full endpoint list. Even ipqualityscore.com, which is known for its quality problems, detects them.

• What did you like about this tool?: ...

1. The info is easy and convenient to find, discounting the issues outlined in the first question.
2. From a UX point of view, it's nice to have a standardized place for IP information. I expect (someone) to update or create some user scripts to attach IP info we have from other sources to that box.

--MarioGom (talk) 06:46, 6 April 2022 (UTC)[reply]

Hello @MarioGom. Thank you for your feedback. I will try to reply to each of the points you make individually.

• You should not be seeing an empty box if you don't have the privileges. This sounds like a bug. I will file a task for us to fix this.
• If the data is "Not available" it means that either Maxmind does not have it or there has been a technical failure in fetching the data. If the user does not have the privileges to see something, that field is omitted entirely. Maybe we can elaborate on the "Not available" to clarify this.
• Hmm, the proxy field should ideally show the proxy data. We need to look into this.
• Disappointed to hear about the poor quality of Maxmind data. We went with it for the first iteration of the tool because we already had the Legal contracts in place with them (we use them over in fundraising). We want to expand the tool to incorporate some more datasets to have more comprehensive and reliable information. Spur has been raised as a potential source of data and we will look into others too.

What other IP information would you like to see in that box which is absent right now, if any?

-- NKohli (WMF) (talk) 00:32, 20 April 2022 (UTC)[reply]

NKohli (WMF): Thank you for addressing my feedback. To your question, I'd probably include links to the IP on whois-referral.toolforge.org, bullseye.toolforge.org, and shodan.io, or might pull everything from the APIs at bullseye, internetdb.shodan.io, and spur and include the full information. This is all quite niche, that's why I expect us to write some user scripts to include this rather than stuffing it all out of the box, but for the record, here's some of the info I look in these services:

• Networks name, description, cidr, and range (whois example)
• Open ports (shodan example, shodan API example)
• Fine-grained proxy service flags (spur example, IPCheck via bullseye example)

The proxy service flags could probably be added to the Real IP/Proxy field. Something like an overall assessment (e.g. VPN, open proxy, residential proxy), as well as the exact flags from each service.

Best, MarioGom (talk) 08:15, 20 April 2022 (UTC)[reply]

@MarioGom thanks for the details. Yeah, the links you mention are specific to us and won't work for 3rd parties so it's not ideal to add them to the extension. Thanks for the examples. Proxy seems to be the biggest pain point. We will try our best to get better data as soon as possible. Thanks again. I hugely appreciate the feedback. -- NKohli (WMF) (talk) 20:39, 29 April 2022 (UTC)[reply]

• What did you find difficult to understand or do?: Use the tool.
• What did you find missing in this feature?: The ability to check info for IPs that haven't edited testwiki, where very few IPs (and even fewer interesting IPs) edit. As a steward, I often need to get info for IPs that haven't edited, either because of the CheckUser tool or because they tripped a filter/spam blacklist.
• How else can we improve?: Fix that.
• What did you like about this tool?: ...

I'll post more meaningful feedback once I get the chance to try it in a realistic situation. AntiCompositeNumber (talk) 14:06, 6 April 2022 (UTC)[reply]

Hi @AntiCompositeNumber. Sorry. We wanted to test this feature before a broad rollout and chose testwiki. We have been facing the same issue as you -- not enough data to meaningfully test. We will roll this out to all projects by May 10th. Looking forward to hearing your review once that happens. -- NKohli (WMF) (talk) 00:34, 20 April 2022 (UTC)[reply]

• What did you find difficult to understand or do?:

I think the tool is very easy to use, especially for users with less technical knowledge.

• What did you find missing in this feature?:
  • The basic information don't help at all, as many proxys are not detected (example [2][3]). Without even the option to check the geolocation a rollbacker/patroller has no clue if these IPs might be proxys or not.
  • The tool is basically useless if even admins don't see the IP address. Right now, if someone changes their IP by resetting the wifi router they can be stopped via range block. If we can only block one single cookie it will be much easier to circumvent blocks. In addition, IP-Ranges are frequently used for abuse filters. I can't see, how that's going to work in the future, if we don't see IP/Ranges.
  • I think there should be a block button. As the advanced information are likely used to check a vandal/troll IP before blocking it, this would be a nice feature
  • It is not possible to get information for IPs without edits on this wiki (example of an IP with global contributions [4][5]). Is there really no cookie, even though they edited in other Wikimedia projects? This makes it more difficult to fight crosswiki vandalism, if I need to switch to those projects where the IP edited to get more information.
  • The tool showed only local edits, how am I supposed to get information, if there is crosswiki vandalism?
  • Right now I saw the information icon at recent changes and page history but not at my watchlist. Will this be implemented in the future?

• How else can we improve?:

At the moment I fear that fighting IP-vandalism will be much harder in the future.

• What did you like about this tool?:

I like the information icon and the general look of this tool.

Thanks for your feedback @Johannnes89: . I will respond individually to all the points you made below:

• Thank you for raising the issue about proxies not being flagged. This is a problem with the data source we are using (Maxmind). We want to add more data sources in the near future to get better, more reliable information. We went with Maxmind for the first iteration as it is a dataset the WMF has used in the past for fundraising and we already had the right contracts in place.
• Rollbackers and patrollers should be able to see the "Country" level geolocation when they access the IP information. Do you feel like that is not enough information for them?
• Admins and checkusers will be able to see IP addresses and ranges even after IP Masking. This tool is to support their work and make it easier, hopefully. Non-admin patrollers will need to obtain a right to see them, if they need to see them to do their work effectively. You can read more about who will and will not have IP address access on this page under the title Proposal for sharing IP addresses with those who need access (10 June 2021).
• Adding a block button to the tool is an interesting idea. It could directly take the user to the Block page with the IP information pre-filled. Thanks!
• The feature lives on the Contributions page of the IP address right now. If there are no edits by the IP then where would you want to see that information?
• We really want to add global edits to the tool but it was a significant technical lift. So for the first version we did not add the global edits. It helps that you told us those would be helpful! We can definitely try to include the information next time.
• Yes, we will add this to the watchlist too. I was not aware it was not already enabled there. Thank you for flagging this!

This is amazing feedback. Thank you very much. Our hope is to ease vandal-fighting and not make it harder. We want these tools to help in that process. -- NKohli (WMF) (talk) 00:57, 20 April 2022 (UTC)[reply]

@NKohli (WMF) thanks for clarification! I somehow thought the session-based approach instead of the IP-based approach (and the IP-Masking tool not having a feature to reveal an IP) could lead to even admins not seeing IPs in the future. Glad to hear I was wrong. Concerning the other points:

• Adding more data sources for proxy detection seems like a good idea, the current IP check many people are using [6] is combining multiple sources as well
• Countrylevel geolocation for rollbacks & patrollers seems enough to predict possible open proxys. But that's not covered by the current IP masking tool or am I missing something?
  • If non-admin vandalism fighters get the user right to see an IP, will they see all the advanced information of the masking tool? According to the status update from April 1st 2022 the tool only distinguishes between „advanced privileges“ (admin, sysop, bureaucrat, checkuser) and autoconfirmed users.
  • If those users don't see the advanced information, why not? If they see the IP after getting the new user right, they can get the advanced information anyway using third-party tools
• I would like to see the IP masking information on the contribution page, even if there are no contributions on this wiki. If someone creates a report page about long time abuse (such as those at en:WP:Long-term abuse/List) and there is crosswiki abuse, new IPs of the same LTA will still be added to the report page like * {{user|IP1234}} or * [[Special:Contributions/IP1234]] even if all the edits occurred at a different project. If I click on the contribution link I would like to see the IP masking information without changing to the project where the IP's edits actually occurred. Johannnes89 (talk) 15:46, 20 April 2022 (UTC)[reply]

@Johannnes89 thanks for the reply. Country level location will be available to anyone who uses this tool -- the only requirement is for you to be autoconfirmed to see the basic information (which includes country level location). Non-admin vandalism fighters who get the right to see an IP will also be able to access the advanced information on this tool. Does this answer your question?

Thanks for raising the concern about needing to see IP information for IPs with no local edits. The example was helpful. I've noted this and will pass it along to the engineering team. -- NKohli (WMF) (talk) 20:46, 29 April 2022 (UTC)[reply]

• What did you find difficult to understand or do?: It is not clear what kind of information you will get, if you use the IP infobox or pupup and how detailed the informations would be.

• What did you find missing in this feature?: If think it would be helpful, if you can access global informations for the IP directly (contribs/blocks on other projects).

• How else can we improve?:
  • It would be nice to have the ability to decide how big the informations are displayed. I would like to make the infobox a bit smaller if the IP has more than just a few edits, so you do not need to scroll so much.
  • The IP infobox should not be shown by default, if you have opened it for the contributions of one IP and now you are looking at the contributions of another IP. IMHO you should need to open the IP infobox manually then.

• What did you like about this tool?: The design in general look good: not too many icons and everything is ordered. --Ameisenigel (talk) 15:20, 17 April 2022 (UTC)[reply]

  @AmeisenigelThe IP infobox should not be shown by default, if you have opened it for the contributions of one IP and now you are looking at the contributions of another IP. IMHO you should need to open the IP infobox manually then. I thought so too at first, and I thought it was quite unexpected that it worked like that. But it's difficult to say how it will affect the workflow in a live situation. Maybe in one situation you want to open many IP information boxes and it's useful that they all open automatically without you having to click them open one by one. Or you might get used to always closing the box once you're done with the information, and then the next one won't open by itself. I don't know, just thinking out loud. kyykaarme (talk) 16:51, 20 April 2022 (UTC)[reply]

  @Ameisenigel thanks for the feedback! Do you have any suggestions for what can we do to make it clearer what information is available? I've taken note of your other feedback.

  The way the IP infobox is designed is that it will remember the last state. If you open it for one IP, it will stay opened for the next IP. If you close it, it will stay closed. The reason is similar to what @Kyykaarme describes. For patrollers who regularly want to see this IP information it may be bothersome to repeatedly have to open the infobox.

  @Kyykaarme I would also like to get your feedback on the other aspects of the tool if you have time. Thank you.

  -- NKohli (WMF) (talk) 21:00, 29 April 2022 (UTC)[reply]

  OK, I understand. That sounds reasonable.

  I think it would be the easiest solution to have one help icon that links to a page (on Meta) where everything is explained (ideally with some [fictional] examples). --Ameisenigel (talk) 21:10, 29 April 2022 (UTC)[reply]

• I generally like where this tool is going from a UI/UX perspective, and I want to thank everyone who has put time and effort into developing it.
• I ran some tests a while ago [7] using 4 open proxies and a VPN service; all of the open proxies were from publicly available lists, and are hence very easy for data providers to identify. The database failed to identify any of the open proxies (2x SOCKS4, 2x HTTPS), and both VPN IPs (Mullvad, [8][9], the first edit was not by me). What I found particularly problematic was that it did not just fail to identify the Mullvad IPs as VPN exits, but that in both test cases, it listed the connection as residential, despite both ranges being clearly identified as hosting ranges (one as blix[10], the other as Mullvad_VPN_AB [11]). In the case of the Mullvad_VPN_AB range, the tool only identifies the ISP as TELEKS DOOEL Skopje; the lack of a netname means that someone who only relies on the IP info tool would likely not investigate further. Generally speaking, WHOIS data can be fairly complicated, and individual ranges can be registered by multiple parties at once (often because they are subleased), so "simplified" results often don't present the full picture.
• I concur with most of MarioGom's comments, especially regarding data quality. I'm hoping that we can either augment or replace MaxMind in order to make the tool competitive with current community-developed tools like bullseye. The information currently exposed by spur (to those with an API key) is more accurate when it comes to both proxy and infrastructure detection; if we have to use a single provider, I'd go with that over MaxMind.
• I also want to echo AntiCompositeNumber's comments regarding the need to get info for IPs that haven't edited. I understand that exposing the entire database to everyone is probably tricky from a licensing perspective, but maybe we could allow administrators, checkusers and stewards to query IPs without edits?
• I'm not entirely clear what the Active blocks field is supposed to do; does it display only local single IP blocks, current and past? Ideally, it would show if there are active blocks on any wikis (similar to stalktoy), and also note any current or past rangeblocks that the IP was included in (similar to rangeblockfinder). I haven't had the chance to test this, so if this is already implemented, please disregard this note.
• Summing up the above: The way the tool works now, I would still have to rely on external data sources for every IP I look at, both to verify that I can trust the information displayed by IP info, and to be able to access additional relevant information.
• I'm aware that some of these requests are specific to people who work in my "niche"Template:Sndit might be worth considering adding an "advanced mode" that e.g. outputs more specific WHOIS data or includes links to commonly used external tools, so as to not clutter the interface for casual users while displaying additional information to those who need it.
• Best, --Blablubbs (talk) 09:17, 25 April 2022 (UTC)[reply]

  Thanks for your thoughts, @Blablubbs. We are looking into the data quality concerns. We are also talking to Spur in order to obtain their data feed and integrate it into IP Info to improve the data. We are hoping to have that soonish!

  We are also actively thinking about the other points you made regarding getting info for IPs that haven't edited and including global blocks information. 'Active blocks' does not include rangeblocks at the moment. We wanted to implement it but it was a good amount of technical lift to do so. Hence we decided to roll out the first version to ensure we are on the right track before picking up that work. I have added a note to investigate this work further.

  Advanced mode is a good idea -- there is indeed a lot of information that not everyone needs to see.

  I will follow up as we make progress on these improvements. Thanks again for your notes -- very helpful. -- NKohli (WMF) (talk) 23:10, 26 May 2022 (UTC)[reply]

• What did you find difficult to understand or do?: Some result texts are not translated (I'm not referring to interface texts) - like "Cellular" in connection method field - and need i18n.
• What did you find missing in this feature?:
  • Global sysops are not treated the same as local sysops. I tried to check info of an IP with edits on both a small wiki where GS has rights and a large wiki where I am a local admin. On the small wiki I can only see partial information with ISP, ASN etc. redacted while on the large wiki I can see everything. Please treat GS as local admin on wikis they have rights since this will help SWMT workflow.
  • And the current blocks field does not count global blocks in.
  • Also why is the IP info box automatically open when I'm checking contributions from anonymous users? I do not really want to know their detailed info every time I open a random contribution page and this may flood the log. Please at least give us a preference to set the default to collapse the box.
• How else can we improve?:
  • Here's another bug: It seems that the beta feature does not respect global preferences yet. I tried to enable it in Special:GlobalPreferences but it did not show on contribution special page. Only after I checked "Set a local exception for this global preference." in local preferences, then disabled it, then re-enabled it, the feature was able to work normally. (edit: this is phab:T298977)
  • Others have mentioned it but I really want to see asn_cidr information from whois as well. Pretty useful when assessing range blocks.
• What did you like about this tool?: The design looks really neat and the tool is overall quite handy. --WhitePhosphorus (talk) 15:13, 25 May 2022 (UTC)[reply]

@WhitePhosphorus, there seemed to be an issue with your post: which link have you clicked to get the feedback form, please? --Pols12 (talk) 18:32, 25 May 2022 (UTC)[reply]

@Pols12: the "leave feedback" button in ip info interface from contributions page. --WhitePhosphorus (talk) 01:42, 26 May 2022 (UTC)[reply]

Thanks! Still a question: in what language was the page when you get this link, and what is your language interface on Meta-Wiki? -- Pols12 (talk) 13:36, 26 May 2022 (UTC)[reply]

I am using zh-cn as interface language here and the link is also here on Meta. I tried to change my interface language to en just now and the comments in templates are gone. Seems consistent with the testing notes in that task. --WhitePhosphorus (talk) 15:12, 26 May 2022 (UTC)[reply]

• What did you find difficult to understand or do?: ...

• What did you find missing in this feature?: Once the IP info section is expanded, it always is expanded on whatever IP address I click on (Special:Contributions), whether I actually need the info or not. --Rschen7754 03:17, 27 May 2022 (UTC)[reply]

• How else can we improve?: ...

• What did you like about this tool?: ...

+1; is this intended? —MarcoAurelio (talk) 09:33, 28 May 2022 (UTC)[reply]

 Comment: I do not see this as a problem, as I only read the box when I need it. 𝐖𝐢𝐤𝐢𝐁𝐚𝐲𝐞𝐫 👤💬 09:38, 28 May 2022 (UTC)[reply]

Yes, but then it logs you as having looked at that information, which might put you on the WMF naughty list. --Rschen7754 16:25, 28 May 2022 (UTC)[reply]

Indeed it does that. The log is now live (at least in my home wiki) and it's visible to admins and checkusers. The tool works as intended, it was mentioned somewhere up-page that it remembers the state you left it in. But I'm starting to think that it's not a good thing that something that is a logged action can happen without the user fully understanding what is happening. Maybe there could be a checkbox as someone mentioned, so that the user can choose if they want to keep the box open or not. kyykaarme (talk) 16:43, 28 May 2022 (UTC)[reply]

This is a MAJOR issue, which may lead to unprivileged users connecting ip addresses to editors. There should be a button, or link, or something to specifically request ip info. SQL^{Query me!} 19:43, 4 June 2022 (UTC)[reply]

I didn't even think about that. Yes, if a CheckUser had this tool enabled (or even does today), it could result in a serious privacy violation, revealing the IP addresses to anyone who can see the log (at the moment including administrators). @NKohli (WMF): What can we do to get this issue prioritized? --Rschen7754 19:58, 4 June 2022 (UTC)[reply]

@Rschen7754 I personally find the automatic unfolding convenient, because I always see the information immediately and do not have to click extra, should I need this information. I have already addressed the log problem elsewhere. The logbook should be abolished or only accessible to WMF T&S or visible to CUs during a query. 𝐖𝐢𝐤𝐢𝐁𝐚𝐲𝐞𝐫 👤💬 20:17, 4 June 2022 (UTC)[reply]

That would be a great solution too. I can't think of a reason where as a checkuser I'd need access to that log. And, if I did - perhaps it should at a maximum just show up in the normal CU results as a part of a logged check like logins / failed logins do. We've never had a log that reveals what pages you've visted before. SQL^{Query me!} 20:49, 4 June 2022 (UTC)[reply]

@Rschen7754: There is a ticket in phab now to remove this from sysops: task T309928 SQL^{Query me!} 21:35, 4 June 2022 (UTC)[reply]

+1, I raised similar concern at Talk:IP Editing: Privacy Enhancement and Abuse Mitigation/IP Info feature#Special:Log/ipinfo -- Johannnes89 (talk) 07:23, 5 June 2022 (UTC)[reply]

Indeed. I am purposefully being vague about what my concern is on a public web page since this is a live privacy issue and IMO should be addressed ASAP. --Rschen7754 07:29, 5 June 2022 (UTC)[reply]

@Rschen7754 @SQL @WikiBayer Thanks for flagging this issue. I see that Martin already disabled log access from sysops. We can make it more explicit that the box remembers the last state unless changed through the interface. We are looking into the options for doing that. Thank you again. -- NKohli (WMF) (talk) 06:33, 7 June 2022 (UTC)[reply]

• What did you find difficult to understand or do?: Once I agreed, IP info was automatically fetched for every contributions page that was recorded

• What did you find missing in this feature?: Something like 'click to load information'

• How else can we improve?: Maybe make the link to the guidelines more prominent?

• What did you like about this tool?: The speed of its loading

I.hate.spam.mail.here (talk) 03:25, 27 May 2022 (UTC)[reply]

@I.hate.spam.mail.here to confirm you would like for the infobox to not automatically expand, correct? Would you prefer to load it manually when you go to the IP's contributions page? -- NKohli (WMF) (talk) 22:54, 15 June 2022 (UTC)[reply]

• What did you find difficult to understand or do?: ...

I wonder if terms like "ASN" are generally understood outside computer/network experts? While the tool will probably mostly used by computer-savy people/advanced users, I wonder if it could create confusion for general availability- anything that is not understood could lead to misunderstandings.

• What did you find missing in this feature?: ...

It would be nice, for the final deployment, to have 1) longer documentation in the local language, based on MaxMind/general term definition of all or most of the fields, plus 2) some short summary that is non intrusive for the first time the functionality is used. I don't know what would be the best method to do that, so it is not annoying the second and later times it is used (needs careful UI consideration to make things easy but not be two intrusive). Tooltip on hover with a link to the longer explanation?

3) While IPv6 is probably going to take over IPv4 soon, maybe it could be useful for some years to say if the connection was using an IPv6 address or an IPv4 one, as an additional data point? This is a binary data point and should not reveal any personal information.

4) Some of the fields could benefit from an internal link- for example, the summary of blocks could link to the list of blocks, if any; etc. List of contributions, if this page was to be moved elsewhere. I can see why this is not done yet, as those external links may change.

• How else can we improve?: ...

-

• What did you like about this tool?: ...

Good job! --JCrespo (WMF) (talk) 07:23, 27 May 2022 (UTC)[reply]

Thanks for the feedback, @JCrespo (WMF). I agree with all of your feedback and will file appropriate tasks for them. Adding the IP version is already in the works - https://phabricator.wikimedia.org/T310454 . NKohli (WMF) (talk) 23:05, 15 June 2022 (UTC)[reply]

• What did you find difficult to understand or do?: —
• What did you find missing in this feature?: global sysops do not have full access? How can I block an IP range, how can I find matches between subnets, when I don't see any specific info about IPs?
• How else can we improve?:
• Contributions from other addresses based on cookies.
• Global contribs and global contribs based on cookies.
• Before (it means not after!) deploying IPs hiding, need to replace IPs to hash/unique ID on EventStreams platform! So that all anti-vandal tools do not stop working in one day. It's very important!
• API? (for sysops, etc only)
• What did you like about this tool?: . —

• What did you find difficult to understand or do?: Enable the tool globally. While the tool can be enabled from Special:GlobalPreferences#mw-prefsection-betafeatures § Notes, there is no corresponding confirmation checkboxes in #mw-prefsection-personal.
• What did you find missing in this feature?: It can be that I'm a bit greedy, but the box is a bit wide comparing to the amount of information it holds. I'm not requesting for a smaller box; instead, please add more information, e.g number deleted edits for trusted user (e.g. patrollers), add number of active range blocks to active blocks count , previous blocks, previous range blocks, etc.
• How else can we improve?: Fix these interface messages. Also, popups are attached to log/revision lines, so if I want to see the same IP's info, but on another line, I will have to load everything again. Can you make them attached somewhere else, along with a key that reflects the IP it it holds information of, like what Navpop do?
• What did you like about this tool?: Good design; looking forward for new features, if any.

NguoiDungKhongDinhDanh 12:25, 29 May 2022 (UTC)[reply]

• Qu’avez-vous trouvé difficile à comprendre ou à faire ?

No particular difficulty.

• Qu’est-ce qui manque, selon vous, dans cette fonctionnalité ?

1. Indicate the relevant range(s) to which the IP belongs.

Whenever I have vandals or sockpuppets using exotic IP addresses (=non-French speaking countries), I always do a whois to find the relevant range(s) to check, in order to identify possible other problematic contributions.

2. In the history, next to the IP address, just have the country name or flag without needing to click or hover over an icon. One would only click to have more details.

For several years, I've been using a (non-public) CSS stylesheet injected via UserContent.css in Firefox. This stylesheet contains rules displaying the provider name (eventually the country) in front of the IP, and a color is associated to each geographical area, or if it's mobile IP.

/* France Télécom - Orange */
/* 2A01:C000::/19 - [2A01:C000:: - 2A01:DFFF:] */ #bodyContent a[href*=":Contributions/"]:is([href*="/2A01:C" i], [href*="/2A01:D" i])::before
{
	content: "\a0 Orange\a0 ";
    background: limegreen;
    border: 1px solid gray;
    margin-right: 4px;
    font-size: smaller;
    white-space: nowrap;
}

• Que pouvons-nous améliorer d’autre ?

There is a painful FOUC problem when loading any IP contributions list.

The generated box should already take into account the likely height it will have when filled with the retrieved data (or else you have to stop doing everything via JavaScript).

So I added the following CSS rule on my common.css impose a minimum height to the box, while waiting for it to be filled :

.ext-ipinfo-collapsible-layout
{
    min-height: 247px;
}

• Qu’avez-vous apprécié avec cet outil ?

It allows me to reduce the number of whois I do every day (concerning IPs not listed in my personal CSS stylesheet, as explained in the drop-down box above).

Thank you.

(sorry for my bad English, i partially helped with an automatic translator)

--Tractopelle-jaune (talk) 06:55, 2 June 2022 (UTC)[reply]

• What did you find difficult to understand or do?: There was nothing difficult to understand or do.

• What did you find missing in this feature?: A better and more perfect data is required. At times, data doesn't match WHOIS data

• How else can we improve?: Please change the 'no edit no information' settings. What does edits have to do with IP info?

• What did you like about this tool?: The IP connection type feature

• How else can we improve?: This rule seems to be loaded even at places where i links are not added: block message boxes.

.client-js .mw-anonuserlink:not(.ext-ipinfo-anonuserlink-loaded) {
	padding-right: 22px;
}

NguoiDungKhongDinhDanh 23:42, 3 June 2022 (UTC)[reply]

• Co było trudno zrozumieć albo zrobić?: The country name should be translated to local language. If you don't have that translations already then you should be able to download them from Wikidata.

• Czego brakuje w tej funkcjonalności?: Would be nice to have RIR link in the same place (ripe.net for Europe, arin.net for America etc). Otherwise have to collapse and un-collapse that IP Info box. As you know the country you should be able to provide a specific RIR link.

I know that long term you want to do IP anonymization. You could still provide link to the range, not a specific IP. So e.g.:

https://apps.db.ripe.net/db-web-ui/query?searchtext=5.63.188.0

Not:

https://apps.db.ripe.net/db-web-ui/query?searchtext=5.63.188.106

Not sure if this would work with all RIRs, but I guess it should.

• Co jeszcze możemy poprawić?: If you could get more data for Polish IPs that would be great. For this IP range RIPE shows "PLUSNET, Warszawa": https://apps.db.ripe.net/db-web-ui/query?searchtext=46.169.15.0. IP Info shows no info about organisation, ASN, and provider. Also cannot tell if it is a proxy or not. So it seems European DB of IPs is rather weak.

Here is another example. He has a lot of edits, so I assume he don't mind showing his IP

IP Info shows mostly no information. https://pl.wikipedia.org/wiki/Specjalna:Wk%C5%82ad/5.63.188.106

RIPE shows GBN.PL Sp. z o.o., Tychy, Poland (and also IP range): https://apps.db.ripe.net/db-web-ui/query?searchtext=5.63.188.106

• Co Ci się podobało w tym narzędziu?: I like that it is showing number of edits and when connection is cellular.

--Nux (talk) 09:37, 5 June 2022 (UTC)[reply]

I think that all features (Real IP, city level detail, etc.) should be enabled by default, because other online tools can do just that. Hiding them is just useless and frustrating to the end user. CactiStaccingCrane (talk) 11:02, 14 June 2022 (UTC)[reply]

@CactiStaccingCrane other online tools won't do that any longer as soon as IP masking is implemented. That's why the IP info feature aims to provide some insights about unregistered users even if you don't see their IP address. -- Johannnes89 (talk) 20:14, 20 June 2022 (UTC)[reply]

Thanks for the clarification. CactiStaccingCrane (talk) 05:02, 21 June 2022 (UTC)[reply]

• What did you find missing in this feature?:
  1. Deleted contributions are not counted. This prevents checking IP info if all the edits from the target IP are deleted.
  2. CIDR of related ASN. This could be useful when determing an IP range block.
• --Tiger (talk) 19:27, 20 June 2022 (UTC)[reply]

• What did you find difficult to understand or do?:

• Can development team give all the enumeration values of the two fields "Connection method" and "Connection owner" and complete the localized translation? As a user of the Chinese site, I can't understand the value given by the "Connection method" field as "Corporate". And as it literally shows, what is "Corporate"? At least the literal "Cable/DSL" I can surmise is probably home broadband internet access.
• As previously complained, how confident is the Foundation in the ability to find out proxies? I tested with some addresses that are likely to be used as proxies, and the "Real IP/Proxy" field just give me "Hosting Provider". According to my observation, the visit from almost most web hosting companies is likely to exist as a proxy.
• Providing the CIDR range (based on whois or other data sources) to which the queried IP address belongs can be helpful in checking for vandals trying to escape tracking. Some vandals use one IP address for destructive editing and are discovered, and may reconnect to the Internet access to replace another IP address, but generally, the IP address provided by the ISP to the customer is in the same address pool (or in other words, the same specific CIDR address segment) in a short period of time. Even if a vandal clears the browser's cookies to erase the identification of IP users, the association between IP addresses is not easy to remove.

--Cwek (talk) 00:35, 7 July 2022 (UTC)[reply]

• What did you find difficult to understand or do?: The information is there but I'm not quiet sure how to utilize it.

• What did you find missing in this feature?: A link for blocks. If users have active blocks we should be able to click on that notification and get more information on those said blocks.

• How else can we improve?: I believe it would be nice to have training resources for better understanding network/IP matters. This can be specific documentation precisely for this or at least links to corresponding Wikipedia articles/MaxMind's pages about concepts mentioned there. IP blocking time periods and IP range determination methods should also be included in the said information.

• What did you like about this tool?: I feel like with the increased information (and its accessibility) there is potential for improving overall IP handling. But as I said above, I believe that the said information currently appears for many as just trivia facts, not really being able to "connect the dots" and utilize it for something useful.

• What did you find difficult to understand or do?: ...

• What did you find missing in this feature?: ...

• How else can we improve?: ...

「アクセスなし」ではなく「アクセス権なし」が正しいのではないですか？

https://ja.wikipedia.org/wiki/%E7%89%B9%E5%88%A5:%E6%8A%95%E7%A8%BF%E8%A8%98%E9%8C%B2/180.44.192.66

• What did you like about this tool?: ...

• What did you find difficult to understand or do?: ...

• What did you find missing in this feature?: ...

• How else can we improve?: ...

• What did you like about this tool?: ...

Si c'est tout ce dont disposent les patrouilleurs, c'est une régression d'envergure maximale. Impossible de connaitre la région géographique sur un niveau plus fin que le pays, impossible de connaitre le FAI, ou la racine de l'IP. Impossible aussi (à terme, lorsqu'il n'y aura plus d'affichage de l'IP) de repérer les proxies avec lesquels jonglent les pros. Vandales, publicistes et autres doivent se réjouir de ces évolutions. --Pa2chant.bis (talk) 11:29, 28 July 2022 (UTC)[reply]

• What did you find difficult to understand or do?: Nothing

• What did you find missing in this feature?: IP trust rankings, option for checkusers to use checkuser abilities

• How else can we improve?: See above and I would like it to be expanded by default

• What did you like about this tool?: Everything, just feels like it could have more stuff

• What did you find difficult to understand or do?: N/A

• What did you find missing in this feature?: If possible, it would be great to have an information whether particular IPv4 address is a part of Carrier Grade NAT or NAT64 (on wikis not supporting IPv6 natively) used by an ISP, or it's assigned to a single internet user at a given time. That information could be useful for administrators to determine the appropriate duration and/or necessity of issuing a block to a particular IP. Blocking NAT64 and CGN IPs may end up affecting even dozens of internet users, as opposed to an IP, even dynamic, assigned to just one user.

• How else can we improve?: I'm very happy with development of this tool as-is.

• What did you like about this tool?: It provides useful information, technical in accessible form, which is great.

Rail01 (talk) 18:47, 25 August 2022 (UTC)[reply]

• What did you find missing in this feature?: When all of an IP's edits have been deleted, the information disappears and is replaced by a misleading and unhelpful red error message.
• What did you like about this tool?: I like that it puts the information in front of me in a clear way (except when it doesn't).

• What did you find difficult to understand or do?: I did not find the tool too bad, however, I believe more may need to be done to protect IP privacy because a simple whois search can still reveal the details about an IP address that are hidden from the tool for most users.

• What did you find missing in this feature?: I did not find much missing. The tool is helpful for patrollers, especially when getting details for the shared IP templates.

• How else can we improve?: Hash the IP addresses to improve privacy while preserving range data. Also give a confirmation prompt because this is something that people should not use casually if you are aimed to protect privacy. Despite the rules not allowing casual use, there is not much done technically to stop it.

• What did you like about this tool?: I like the workflow of the tool. The tool, and the redaction of IP addresses, still needs more work. Otherwise, this is something that I look forward to seeing developing in the future. Aasim 02:47, 10 October 2022 (UTC)[reply]

• What did you find difficult to understand or do?: Determine connection to other IP vandals based on geolocation.

• What did you find missing in this feature?: Geolocation.

• How else can we improve?: ...

• What did you like about this tool?: ...

The tool is quite useful (although I could imagine some vandalism fighting power users might want even more info). It helped me quickly determine that edits to a single article were probably coming from the same group of people.

I don't know if this is really feedback or rather a question, but I'm wondering about when the tool pulls IP information. As stated in the policy for use of the tool, it is only supposed to be used for fighting abuse, but I notice that when I go to the contribs page of an IP-address which I've already looked up before, the IP information box is already expanded. Presumably this is because I've just recently looked it up, but in a hypothetical situation where the abuse from that IP has long since stopped, but I go to the IP contribs page, I would hope that it does not pull information anew, since that would technically be unnecessary use of the tool in violation of policy. Can you clarify how this works? InsaneHacker (talk) 22:27, 12 November 2022 (UTC)[reply]

I just opened the contribs page for an account which I had not previously used the IP tool on for a different purpose than abuse mitigation, and the IP information box extended automatically. Given the policy on appropriate use, this seems undesirable. InsaneHacker (talk) 21:52, 13 November 2022 (UTC)[reply]

• Що вам було важко зрозуміти чи зробити?: ...

  The tools ToS mention that stewards can remove access to the tool, but as a steward I have no idea how to do that at this point (from the wording it sounds like it is possible to remove the access to the tool without removing the flag that initially enables the possibility of the access). --Base (talk) 06:34, 19 November 2022 (UTC)[reply]

• Чого вам забракло у цьому функціоналі?: ...

  See below. --Base (talk) 06:34, 19 November 2022 (UTC)[reply]

• Які ще покращення ми можемо зробити?: ...

  It should work for IP ranges. It should show what range the IP belongs to. --Base (talk) 06:34, 19 November 2022 (UTC)[reply]

• Що вам сподобалося у цьому інструменті?: ...

  TBD. --Base (talk) 06:34, 19 November 2022 (UTC)[reply]

• What did you find difficult to understand or do?: ...

I don't quite understand. Things like ISP, geolocation, proxy checking, etc. are only available to admins, CUs, and other high-privileged users, but this is all publicly available information that I can just use a third-party site for. Does this really need to be restricted?

• What did you find missing in this feature?: ...

Hmm, nothing in particular, just a bit strange in my opinion.

• How else can we improve?: ...

• What did you like about this tool?: ...

This is definitely going to be useful for investigating spam, vandalism, and sockpuppetry.

A little late feedback, but better late then never:

• What did you find missing in this feature?: ...

The fact that Administrator access is required to see the ASN makes this tool of limited use in combating vandalism. I still need to copy the IP to a whois query and ask a third party for the ASN. I do not see advantages of hiding the information, but it effectively renders this tool useless, at least for my work in vandalism hunting.-- Dr.üsenfieber (talk) 13:42, 20 January 2023 (UTC)[reply]

• What did you find difficult to understand or do?: Nothing.

• What did you find missing in this feature?: Number of reverted edits?

• How else can we improve?: If all of a users edits have been deleted it won't show me information about them. Not sure why it won't.

• What did you like about this tool?: Easy to use. Good presentation of data.

• What did you find difficult to understand or do?: ...

I find it difficult to understand why some IP info is hidden, when WHOIS provides most of that data.

• What did you find missing in this feature?: ...

I think the log of who is accessing IP info should be public to help prevent abuse of the tool, as no people seem to get blocked from the tool.

• How else can we improve?: ...

Nothing

• What did you like about this tool?: ...

I like the ability to quickly check similar data to that from WHOIS, but in the same window.

The Global Contributions link no longer works. Instead of showing the IP's global edits, it directs to https://xtools.wmcloud.org/globalcontribs/null, which shows the contributions of User:Null. –FlyingAce^✈hello 14:47, 4 May 2023 (UTC)[reply]

• What did you find difficult to understand or do?: ...

• What did you find missing in this feature?: The field "Internet provider" is always "No access", while other tools do show it.

• How else can we improve?: ...

• What did you like about this tool?: ...

• What did you find difficult to understand or do?: ...

Pretty easy to use, no complaints there. ARandomName123 (talk) 21:25, 29 October 2023 (UTC)[reply]

• What did you find missing in this feature?: ...

Not much, seems pretty good. ARandomName123 (talk) 21:25, 29 October 2023 (UTC)[reply]

• How else can we improve?: ...

Maybe enable viewing ISP/ASN/org info for patrollers? I get hiding it from autoconfirmed editors, because they don't have access to the actual IP, but for patrollers, who do have access to the actual IP, they can just copy-paste the IP into a third-party website. ARandomName123 (talk) 21:25, 29 October 2023 (UTC)[reply]

• What did you like about this tool?: ...

Really simple and easy to understand, the little popup next to the IP is also really helpful. ARandomName123 (talk) 21:25, 29 October 2023 (UTC)[reply]

• What did you find missing in this feature? Qu’est-ce qui manque, selon vous, dans cette fonctionnalité ? :

  CIDR information with IP range is missing.

  Translation : Il manque les infos CIDR avec la plage IP (range). Cordialement. ―Eihel (talk) 08:08, 23 November 2023 (UTC)[reply]

• What did you find difficult to understand or do?: ...

N/A

• What did you find missing in this feature?: ...

N/A

• How else can we improve?: ...

Good so far.

• What did you like about this tool?: ...

Makes it easy to spot vandals spastically resetting their routers.

• What did you find difficult to understand or do?: ...

• What did you find missing in this feature?: ...

Posible vandalo de paginas. Diff de boca junior

• How else can we improve?: ...

• What did you like about this tool?: ...

Looks like you might need to edit to permissable username range to avoid usernames that look very like the temporary ones. I suggest disallowing '~' as the first character in new usernames. ~2023-27459-O41 (talk) 04:03, 17 March 2024 (UTC)[reply]

Appears to be handled at https://phabricator.wikimedia.org/T345678 ~2023-27459-O41 (talk) 07:58, 17 March 2024 (UTC)[reply]

@SGrabarczuk (WMF) fyi regarding your rename requests [12]: It is currently possible to create usernames which closely resemble temporary accounts as this feedback shows. We would need to modify the title blacklist addition [13], e.g. by adding antispoof or just shortening it to something like ^~2 Johannnes89 (talk) 21:33, 22 March 2024 (UTC)[reply]