Wikipedia:Requests for adminship/Cool3 (as Cool three): Difference between revisions

Cool three

Voice your opinion on this candidate (talk page) (?/?/?); Scheduled to end 01:31, 15 February 2010 (UTC)

Nomination

Cool three (talk · contribs) – I am Cool3. I passed RfA in June. Due to busy circumstances in my life, I took a wikibreak beginning September 26 (this edit). I recall checking my watchlist a few times in October, and once in early November, but on November 23, someone else using my account made this edit. I was away from Wikipedia until January 23, when I returned and found myself unable to log in to my account. Upon looking at my talk page, I learned that I had been blocked indefinitely due to a compromised account and desysopped.

I do not know how the account became compromised (apparently by Thekohser, a banned user), but I confess that I was using a relatively weak password, which may be to blame. Otherwise, I am unsure how the account became compromised, but I have not been generally security conscious. In any case, I contacted ArbCom as soon as all of this came to my attention, and they have been deliberating on the situation, but after deliberations, the ArbCom was "not satisfied with the various explanations provided" and declined to return my account. As such, I am here appealing directly to the community with those same explanations.

As evidence that I am Cool3, I present this entry in the block log clearly showing that this account is a known sockpuppet of User:Cool3. Naturally, this raises the question of whether this account was also compromised. As evidence that it was not, I have made it known to ArbCom that I exchanged emails with JulianColton earlier this year and have emailed him again from the same address recently. I have also exchanged emails with User:Pharos from a different account as long ago as 2007 and have recently emailed him from that address. I have asked both Julian and Pharos to confirm that fact here. Cool three (talk) 01:25, 8 February 2010 (UTC)[reply]

Confirmed. –Juliancolton | ^Talk 01:50, 8 February 2010 (UTC)[reply]

Confirmed.--Pharos (talk) 21:04, 8 February 2010 (UTC)[reply]

Questions for the candidate

Dear candidate, thank you for offering to serve Wikipedia as an administrator. It is recommended that you answer these optional questions to provide guidance for participants:

1. What administrative work do you intend to take part in?

A: The responses to all of these questions should be quite similar to those found at Wikipedia:Requests for adminship/Cool3 4. Generally speaking, I'll be working at AfD, routine maintenance, and countervandalism.

2. What are your best contributions to Wikipedia, and why?

A: Naturally, these are my two featured articles: Hastings Ismay and Michael Woodruff. In terms of work undertaken since the last RfA, I'm happy to have expanded the article Ronald Wingate, created User:Cool3/RfA_Hypothetical_1 for use in RfB discussions, and written the DYK article Fernando de Rosa.

3. Have you been in any conflicts over editing in the past or have other users caused you stress? How have you dealt with it and how will you deal with it in the future?

A: Well yes. Again, this is largely covered in the previous RfA. Of course, most recently the Wikipedia-related stress has come from the compromise of my account and related drama.

Additional optional questions from Beeblebrox

4. What exactly was the "recent incident" referred to in the oppose section?

A: I can only assume that this refers to the compromise and desysop.

Optional question from Jujutacular

5. Do you now use a strong password for your account?

A: Yes. Believe me, I learned that lesson. My current password is randomized and contains both numbers and letters. I'd like to take this opportunity to remind everyone else out there, particularly administrators, to use a strong password and change it periodically. If you don't, you could end up in this same unfortunate situation, or worse. The only good part of my experience is that Thekohser didn't use the account to do anything particularly nefarious; you might not be so lucky.'

Optional question from Otherlleft

6. The details of what happened to your account are a bit vague - in particular, the diff you show of an edit you didn't make actually appears helpful, so in and of itself shouldn't have led to a block. Could you provide any details you've reconstructed or link(s) to any investigations that occurred?

A: Well, first of all, I should note that I have not been made privy to any of the particular details of ArbCom's investigation or how they first discovered that the account had been compromised - I played no role in that process and can only put together a reconstruction on the basis of what is already in the public record. I'll try to provide the most thorough reconstruction possible here interspersing it with my own story, but I welcome people who know more of the details to correct me.

As I stated in the nomination statement, the story begins in September when I made my last edit as Cool3 (a relatively inconsequential wording change). I work in a highly cyclical industry where the demands on my time tend to be very low from mid-January to June then gradually increase, reaching a peak in November and December. I had actually been planning to change jobs this October, but (what with this whole economy mess) that did not happen, so I went on an unofficial wikibreak from the beginning of October. I checked my watchlist a few times in October and I think once or twice in early November (I don't recall exactly). By this time, however, I was very busy at work and a few things had happened in my personal life (including a period of illness and an unforeseen trip that lasted a week and further intensified by workload once I got back), bumping Wikipedia to a pretty low priority, so I did not log in for a while.

On, or around November 23, an unknown person (which ArbCom believes to have been Thekohser took control of the account, and made this edit, which apart from the snarky edit summary seems to have been innocuous enough. I was still gone, and busy with work and personal matters, so I did not notice the edits, and apparently they were not immediately remarkable. Naturally, the question on everyone's mind is this: How did Thekohser take control of the account? It's possible, but I think highly unlikely, that he did one of those super-hacking things like you see on TV. If this is the case, it seems strange that I would have been chosen as the target. Given that I've logged on to Wikipedia from a variety of public computers and insecure WiFi networks over the years, it's also possible that some sort of keystroke logger is responsible. This seems marginally more likely. There's also the possibility that my computer was compromised by some sort of malware and the password stolen this way. I use a Mac (and we're not supposed to get viruses), so this also seems quite unlikely. On the whole, the most likely situation is that my password was guessed. In the interests of full transparency, and as I am no longer using the password, I was using "HastingsIsmay" as my password (this is the title of the article of which I am most proud). Now, obviously this is not a strong password, and it is one that could reasonably be guessed, but I still think that guessing it would be quite a feat. Thus, I suppose that we will never be completely sure how the account was compromised. I do assure you, however, that contrary to rumor I was in no way complicit in the compromise.

Now, our story continues, from November 23 until January 2, Thekohser used the account, apparently escaping detection. He appears to have made 20 edits, and unless some of those have since been oversighted, they were mostly unremarkable. He made one edit to a marginally controversial AfD, signed a petition for flagged revisions, and made a few mundane article edits. He also deleted one page and blocked one user for 48 hours.

By means unknown to me, ArbCom apparently discovered the compromise on January 14, and at that time Roger Davies blocked the account indefinitely. SirFozzie of the ArbCom also requested an emergency desysop, which was performed by Lar, though I can't seem to find it in the log -maybe I'm not looking in the right place. Shortly later, Roger Davies announced the desysop at the Arbitration noticeboard. All of this happened in rapid succession, so I think we can assume that the ArbCom acted as soon as it suspected compromise. According to the announcement: Cool3 was "temporarily desysopped because the account has been certified by checkusers as a confirmed sockpuppet of a banned user, Thekohser". Thus, I believe we can safely assume (again someone more knowledgeable should feel free to correct me) that the ArbCom discovered the compromise as the result of running a CheckUser. I know very little about the technical side of CheckUser and given the contribution history, I have no idea why one would have been performed, but something obviously drew the ArbCom's attention. You'll have to ask them what that was.

Anyway, the story continues until I returned from my absence, discovered what had happened and emailed ArbCom. ArbCom then began an investigation - the details of which are again largely unknown to me. I complied with ArbCom's requests and supplied them with as much information as possible. Most of that information has been revealed here. Through email exchanges I had had with KnightLago and Juliancolton, I was able to confirm for the committee that I was Cool3. I received the following message from the committee: "Cool3, The Arbitration Committee has looked into your claim. Unfortunately, we are unable to conclusively establish your identity. Email was sent to both Juliancolton and I in mid-June of 2009. However, the Committee cannot determine who was in control of the account, and by association this email address at that time. Barring conclusive proof of you being the original Cool3, we cannot assist you in recovering that account." In order to rectify this difficulty, I emailed the committee again with evidence that I had been in contact via email with User:Pharos in May 2007, which in my opinion, established with a high degree of certainty that I was in fact "the original Cool3" or at least the same one who had been editing since 2007. After this, I responded to several questions from the committee, and yesterday I received the following email from Roger Davies: "Cool Three: The Arbitration Committee has carefully considered your requests and consensus is as follows: 1. your request to have the User:Cool3 account returned is declined; 2. User:Cool3 will remain indefinitely banned; 3. you may edit with the User:Cool Three account, or a new account if you prefer. Obviously, per policy, if you decide to run for adminship again at any point you will be required to disclose the User:Cool3 account."

I requested clarification from the ArbCom as to why they would not be able to return my account and received the response: "I suppose "not satisfied with the various explanations" provided would probably sum it up succinctly." Finding this a most unsatisfactory answer myself, I decided to put all of the available evidence in front of the community here in order to clear my good name, and return to contributing productively. I believe I have provided you here with the same essential evidence that was made available to the ArbCom. Obviously, the ArbCom also had CheckUser/technical data available. I have not been made aware of that evidence myself, but Cool Hand Luke has stated on this page: "Checkuser evidence suggests that the current user of this account is not Thekohser, although the User:Cool3 account was controlled by Thekohser before it was blocked". I would be more than happy for a member of the Arbitration Committee to provide (in general terms without disclosing specific IP addresses) the nature of the CU evidence available. As I said earlier, I would also welcome corrections or additions to my recounting of events from people who were privy to the details which remain unknown to me.

Optional question from Olaf Davis

7. Have you considered placing a committed identity on this account to prevent similar circumstances in the future?

A: That's an excellent idea! I've done it now. As a matter of fact, I think it would be a good idea to require all administrators to have a committed identity for situations like this.

Optional questions from Hipocrite

8. Is your computer currently secure? What measures do you currently use to make your computer secure?

A. It is my belief that my computer is currently secure. I run Mac OS X with all of the latest security patches installed. I even have Norton for Mac, and run scans periodically. Since the incident I have stopped using public wifi networks. If there are other security-related things I should be doing, please tell me, but I think I'm doing what I should.

9. Prior to 11:49, 23 November 2009, which non-wikimedia wikipedia related sites had you visied (Wikipediareview, hivemind, sofixit, any others you could think of)?

A. I'm a fan of Uncyclopedia and go there with some frequency, but I've never contributed anything to it. I read a number of tech-related blogs that mention Wikipedia from time to time (including Nicholas Carr's Roughtype, a variety of articles on Wired and that sort of thing). Sometimes I look at Reddit's Wikipedia page and other miscellaneous material on Wikipedia (one of my favorites, for example, is Who Writes Wikipedia). I've been to Wikipedia Review but once a few times. I first discovered it during the Gail Trimble AfD when someone linked there, but it's not some place I've been very many times. Recently, though, I've read the things they have to say about me - like so many web forums the place seems rather inane. I've never been to Hivemind and never intend to go there and I've never even heard of sofixit.

General comments

• Links for Cool three: Cool three (talk · contribs · deleted · count · AfD · logs · block log · lu · rfar · spi)
• Links for Cool3: Cool3 (talk · contribs · former admin: blocks · protections · deletions · rights · meta · local rights)
• Edit summary usage for Cool three can be found here.

Please keep discussion constructive and civil. If you are unfamiliar with the nominee, please thoroughly review Special:Contributions/Cool three before commenting.

Discussion

• Edit stats posted on talk. -FASTILY ^(TALK) 03:13, 8 February 2010 (UTC)[reply]
• Could you add links to all your previous RfAs please? Beeblebrox (talk) 01:58, 8 February 2010 (UTC)[reply]
• To be honest, I don't know what to believe. The rumor on Kohs's steward application on Meta claims that you sold your account to him for an undisclosed sum of money, reason not given. There's no way that you can prove or disprove that, so this RfA is likely going to center around whether people are able to have faith in your honesty. Of course I would oppose if the story turned out to be true, but I can't feel comfortable opposing for something that might be true and is absolutely impossible to prove. If the rumor is somehow proven true, I'm sure that you'll be desysopped on the spot, and maybe even banned, so I'm going to put away the fear and not concern myself with the Kohs incident in this RfA. However, since I've only run into you a few times before, I dont know you very well and am not ready to !vote yet. -- Soap ^Talk/_{Contributions} 02:55, 8 February 2010 (UTC)[reply]

  Sold the account? This is the first I've heard of it, although in light of that rumor things do seem a bit more comprehensible. I've emailed ArbCom to try to find out more about that matter, but allow me to assure everyone involved here that I did not sell my account. Considering that false rumor, I guess the main issue here will be whether or not I seem like the kind of person who would sell their account. Obviously, I can't make that decision for you, but let me say this: I have not spent countless hours of my own time writing high-quality articles merely to sell the account with which I wrote them. I value all of my contributions to Wikipedia, and I have given a lot of my time and energy to making it the best encyclopedia in the world today. I have trouble believing that anyone who's spent enough time around here to become an administrator could so thoroughly lose touch with the mission of Wikipedia as to willing let a banned user take control of their account. In the end, I'm asking you to assume good faith, but I think my record speaks for itself. I have always been a good user and a good writer (I like to think). I would not suddenly abandon my years of writing for Wikipedia. Cool three (talk) 03:09, 8 February 2010 (UTC)[reply]

  The thinking behind this idea is that on Wikipedia Review, an undisclosed admin was willing to sell their admin account to Kohs, around the time that the Cool3 account became active again. Or that's what I heard. (X! · talk)  · @231  ·  04:33, 8 February 2010 (UTC)[reply]

  An alternative interpretation of the same events is that whoever succeeded in subverting the account sold it to a banned user on a "bad site" and simultaneously successfully trolled the Wikipedia community by claiming to be an admin selling their own account. I don't know if it is possible for checkusers to do this, but I'd be greatly reassured if there was some indication from them that this account changed hands twice rather than once. ϢereSpielChequers 14:11, 8 February 2010 (UTC)[reply]

  I would second WereSpielChequers' request. Hacked by a second person and then sold to a third is plausible. It would certainly mesh better with the various claims floating around as to what happened. Is it technically possible to investigate this theory? delirious & lost ☯ ^~hugs~ 14:57, 8 February 2010 (UTC)[reply]

  No. Too old. Cool Hand Luke 16:03, 8 February 2010 (UTC)[reply]

  • Hmm. I, for one, am not comfortable with the timing of this request and with the explanations given about how the previous account was hacked (did you use your username as password or something?). Another possible explanation, consistent with the facts presented so far, is that User:Thekohser and User:Cool3 have been the same person all along (and not just since November 2009). Is there checkuser data indicating to the contrary? Perhaps somebody from ArbCom could comment here... Nsk92 (talk) 03:41, 8 February 2010 (UTC)[reply]
    • I have interacted with both editors. I assure you that Cool3 and Thekohser are not the same person. –Juliancolton | ^Talk 03:47, 8 February 2010 (UTC)[reply]
    • If we believed User:Cool three was Thekohser, we would have blocked the account. Checkuser evidence suggests that the current user of this account is not Thekohser, although the User:Cool3 account was controlled by Thekohser before it was blocked. Cool Hand Luke 04:58, 8 February 2010 (UTC)[reply]

• Why not get Cool3 unblocked, and re-request adminship under that account name? Tiptoety ^talk 05:43, 8 February 2010 (UTC)[reply]
• I don't understand the "too soon" remarks - Do you earnestly believe such incident will be forgotten in May? This one will follow Cool3 to the grave if not clearly proven wrong; is there really no possibility to get more clarity? Login logs, IP lookups, anything? --Pgallert (talk) 09:14, 8 February 2010 (UTC)[reply]
  • Im not sure what happens on the developer side of things, but just doing some off-hand calculations, I estimate that if Wikipedia is viewed 100 million times per day and each visitor adds about 1K to the server log, the server log would grow by 100 gigabytes each day, and long-term storage of details like that is unlikely. Checkusers do have access to the IP addresses someone has edited from, but I dont believe they track the IPs that particular pages are viewed from (which would help identify if there was a third party involved or if it was just Cool3 to Kohs). At any rate I think that the core of the opposition is based around things that a checkuser cannot disprove, and indeed things that can never really disproven because there will always be alternate explanations. -- Soap ^Talk/_{Contributions} 14:40, 8 February 2010 (UTC)[reply]
    • It would really be great to have an admin (I mean the ones with root access to WP servers, not WP:ADMIN) involved - failed login attempts are logged on UNIX boxes/clusters, and I'm sure there are several Intrusion detection systems in the WP server farm which would have logged an alert if a dictionary attack was run on his account. We just risk too much, either tainting the reputation of a long-standing contributor, or allowing an editor to continue after a very serious attack on the project itself. --Pgallert (talk) 16:47, 8 February 2010 (UTC)[reply]
      • The notion of Kohs buying an admin account was discussed on Cool3's talk page three weeks ago. How is it that Cool three knew nothing of this rumor until today? On its face, that's hard for me to believe. ReverendWayne (talk) 22:24, 8 February 2010 (UTC)[reply]
        • I assume you're referring to this comment? Yes, I had seen that, but I didn't realize that anyone actually believed it. I thought it was just an idle comment, something of "interest" not really something meant seriously. Cool three (talk) 23:30, 8 February 2010 (UTC)[reply]

Support

1. Welcome back. ϢereSpielChequers 01:35, 8 February 2010 (UTC)[reply]

   I'm going to expand on this support because this RFA has become more controversial than I feared. There are people out there who are trying to trash Wikipedia, and some of those people have targeted admins in the past. We are all vulnerable to malware, keylogging and so forth; If an account has become compromised, but we can get the editor back then we should do so, to do otherwise is to increase the damage done by whoever compromised the account. The appropriate response to admins who have a weak password is admonition not desysopping. ϢereSpielChequers 11:31, 8 February 2010 (UTC)[reply]

2. After hearing your explanation for this whole situation, I believe that you have learned what you did wrong, and how to fix it. I'm hoping that you will continue to be a good admin in the future. (X! · talk)  · @127  ·  02:03, 8 February 2010 (UTC)[reply]
3. Indeed, welcome back. Blurpeace 02:13, 8 February 2010 (UTC)[reply]
4. Given my previous positive interactions with this user, I'm willing to AGF. ArbCom have not, as far as I'm aware, confirmed there was any intentional wrongdoing on Cool3's part. –Juliancolton | ^Talk 02:21, 8 February 2010 (UTC)[reply]
5. Innocent until proven guilty really... welcome back. Pmlineditor ∞ 07:27, 8 February 2010 (UTC)[reply]
6. Procedural support If it is how he says it is his bits should be reinstated. If it is not, he should be banned. There is nothing in the middle. AGF. --Pgallert (talk) 09:07, 8 February 2010 (UTC)[reply]
7. These things happen. Watertower (talk) 14:51, 8 February 2010 (UTC)[reply]

   This template must be substituted. -- Soap ^Talk/_{Contributions} 15:02, 8 February 2010 (UTC)[reply]

8. Support. I'm willing to AGF on Cool's account of what happened, and also on their job being the reason for the drop of activity between gaining adminship and the compromise of the account (were it not for that I might be tempted towards neutral per Master&Expert's concerns about activity). I'm also not too worried about the speed of this reapplication, which some people mention below: if we're worried that Cool contributed constructively for ages and then decided to sell their account, will any amount of productive work be able to satisfy us? In some situations of course "wait until 3 months after the incident and we'll trust you" makes sense: to me personally, this is not one. Best of luck, Cool. Olaf Davis (talk) 14:54, 8 February 2010 (UTC)[reply]
9. Support; while story is admittedly a bit fantastic, I find it even harder to believe that this solid editor is doing this to waste our time and/or amuse him/herself. Tan | 39 15:24, 8 February 2010 (UTC)[reply]
10. Welcome back. Ray^Talk 22:25, 8 February 2010 (UTC)[reply]
11. Support While it's not impossible that we aren't being told the whole story, it's also quite unlikely, and the real issue is benefit or harm to the project. I see no harm from this outweighing the possible benefit. If it's up to me, welcome back, Cool three! And if you did actually sell your account to Mr. Kohs, congratulations on selecting someone who would not actually trash the place with it.... --Abd (talk) 22:35, 8 February 2010 (UTC)[reply]
12. Strong Support WP:AGF people! More than half of the opposers all echo the same thing "I don;t trust you". What is there not to trust? He made an honset mistake of letting his account be hacked into and now he's asking for the tools back. No need to tell him that he's a "sock" is there?--Coldplay Expért ^{Let's talk} 01:10, 9 February 2010 (UTC)[reply]

    Must as I disagree with the majority of the opposition, I think it's a legitimate issue, and I can understand being wary. –Juliancolton | ^Talk 02:23, 9 February 2010 (UTC)[reply]

13. Support This is a double indignity: having an account hacked and then being treated like a criminal when trying to recover what was stolen. Warrah (talk) 02:15, 9 February 2010 (UTC)[reply]
14. Support per Warrah. I certainly support returning the tools to a good user who would still be an admin had the sinister events of last year not occurred. As Cool3 (talk · contribs · former admin: blocks · protections · deletions · rights · meta · local rights), the candidate did plenty of good article editing and administrative work. Although his activity between his successful RfA and the time when the account was compromised by Thekohser, who is indefinitely banned, was sparse, that's beside the point. The point is that if it weren't for Thekohser's shenanigans, Cool3 would still be an admin. Taking his word as the truth – and I see no reason why we should trust Thekohser of all people over an individual we trusted enough to grant these tools less than one year ago. Thus, I am assuming good faith and supporting promotion. Please do make sure you've got a better password, though. A Stop at Willoughby (talk) 02:57, 9 February 2010 (UTC)[reply]

Oppose

1. I'm really sorry, I don't vote here often and this is not a "I don't believe you" vote at least in my mind. The problem is that I just have way to many concerns about the whole incident and what happened and I am not honestly sure you will be able to satisfy those. It's possible of course and I'll keep an eye on this over the week but for now I just can't see myself trusting you in the near future and if I can't trust you I can't vote for you (or to be honest even stay neutral. James (T|C) 01:41, 8 February 2010 (UTC)[reply]

   If you have any particular concerns, I would be happy to answer any reasonable requests for information in the Questions section. The same goes for anyone else. Cool three (talk) 01:53, 8 February 2010 (UTC)[reply]

2. I believe this user's story, but I think the timing of this request is awkward. Only two weeks have passed since the incident, so it is still fresh on many people's minds. As such, I would recommend waiting until such time this incident becomes a distant memory for most people. TML (talk) 01:46, 8 February 2010 (UTC)[reply]
3. Oppose. per above. You vanish shortly after passing RfA, then are blocked as a sockpuppet of Thekohser. Two weeks later you return and ask for adminship again? I don't like the way this looks. Sorry, but I just don't trust you. -FASTILY ^(TALK) 03:11, 8 February 2010 (UTC)[reply]

   That's not entirely true; Cool3's account was blocked because as apparently controlled by Thekohser for a short period of time, not as a sockpuppet of that editor. –Juliancolton | ^Talk 03:15, 8 February 2010 (UTC)[reply]

   Regardless, I still don't trust this user. Sorry, FASTILY ^(TALK) 03:35, 8 February 2010 (UTC)[reply]

4. Too soon since the incident. Unfortunately, there's no real way to prove one way or the other whether Cool3 sold his own account or it was compromised and sold by a third party (or whether it was sold at all). Mr.Z-man 04:31, 8 February 2010 (UTC)[reply]
5. Oppose - Per Fastily... Sorry. smithers - talk 04:42, 8 February 2010 (UTC)[reply]
6. Oppose - Too soon. I read over your last RFA, and you looked like a good admin candidate. I would probably support you if you try again after a couple months of solid editing. Trusilver 04:43, 8 February 2010 (UTC)[reply]
7. Oppose. Sorry, something about this whole affair just doesn't sit right with me, not comfortable with supporting at this time. -- œ^™ 05:18, 8 February 2010 (UTC)[reply]
8. Oppose No, sorry. The trust just isn't there. Pretty much per the above. ThemFromSpace 06:39, 8 February 2010 (UTC)[reply]
9. Oppose - I highly doubt that your account just "magically" ended up in the hands of thekosher, and that you didn't realize it. And then you think that 2 weeks is long enough to wait to request them back? Please, if that's the best you've got then I don't feel comfortable supporting in the future let alone the present. — Coffee // have a cup // ark // 09:08, 8 February 2010 (UTC)[reply]
10. The timing is just too coincidental for my liking. While I wish I could assume good faith in this situation, I just have too many doubts. Sorry. —Dark 10:08, 8 February 2010 (UTC)[reply]

    However, if a developer can confirm that your old password is easily guessable, (I am unsure whether technically, this is possible) I will support. —Dark 10:13, 8 February 2010 (UTC)[reply]

    Hahahahahahahahahahahahahaha, yes. The developers of the sixth-busiest website in the world have plaintext access to every user's password, and would happily use that access to confirm a request like this. Man, thank you for the biggest laugh I've had all day. Badger Drink (talk) 18:11, 8 February 2010 (UTC)[reply]

    The usual high brow level of debate, creative input and added value one expects from you Badger Drink. Pedro :  Chat  23:30, 8 February 2010 (UTC)[reply]

    And the usual level of ineffectual, self-righteous, pompous and overwrought smugness we've come to expect from the original WT:RFA Student Council Chairman himself. Badger Drink (talk) 02:29, 9 February 2010 (UTC)[reply]

    See cracklib, Wikipedia:Wikipedia Signpost/2006-02-06/Password security, Wikipedia:Administrators'_noticeboard/Archive86#Password_cracker_to_be_run_over_admin_accounts_shortly, Wikipedia talk:Administrators/Archive 4#Security, etc. John Vandenberg ^(chat) 06:11, 9 February 2010 (UTC)[reply]

    Ah thanks, John. But Cool3 wasn't an administrator during 2007. Do you know of any recent checks of password security? —Dark 06:39, 9 February 2010 (UTC)[reply]

11. Oppose Whatever the issues we are left with the unfortunate situation that this user has to regain the trust of the community. So In my oppinion it does not matter who is right or wrong we have to trust that this account is going to be used only for the positive and that cannot be done at present. Polargeo (talk) 11:05, 8 February 2010 (UTC)[reply]
12. Oppose, Essentially agree with Polargeo (talk · contribs). Cirt (talk) 12:17, 8 February 2010 (UTC)[reply]
13. Per Coffee. Explanation doesn't hang together for me, although there is a possibility the account wasn't sold, I suppose, but just subverted. ++Lar: t/c 13:16, 8 February 2010 (UTC)[reply]
14. Oppose Without any way to verify what actually happened, I think the possible danger outweighs the possible benefits.--Cube lurker (talk) 14:27, 8 February 2010 (UTC)[reply]
15. Oppose per candidate's own views on compromised accounts, as stated in his RfA coaching. "Compromised admin accounts can inflict some serious damage; thus, it's much more important to keep them secure. From a personal perspective, if you're an admin and your account is compromised it will be hard to regain the necessary community trust to do your work effectively; people will always wonder if you're going to be compromised again." (Italics added to distinguish the quote from my vote.)[1] I generally will support an RfA but this time i am in agreement with Jamesofur that there are just too many questions. At minimum i would have hoped for a committed identity on Cool three after you discovered the compromise of Cool3 but you seem not to have done even that to prevent this from happening again. delirious & lost ☯ ^~hugs~ 14:33, 8 February 2010 (UTC)[reply]
16. Oppose at this time - for using a weak password on a privileged account. –xeno^talk 15:40, 8 February 2010 (UTC)[reply]

    In my defense, although I do certainly accept the blame for the password - if that is the culprit, my password wasn't something that seemed weak to me at the time. It was much stronger than "Cool3" or "Password" or something like that. I have now thoroughly learned my lesson, and I invite everyone here to try to guess my password now. Cool three (talk) 23:33, 8 February 2010 (UTC)[reply]

17. Oppose I just have that sort of feeling of something going on that's stopping me from a support.  fetchcomms☛ 15:44, 8 February 2010 (UTC)[reply]
18. Oppose. There are too many gaps in the contribs, too chequered a history. The account was created in October 2005, and was barely used from then until February 2009. From February there was active editing for four months, during which there were two RfAs. Once the account was promoted, there was hardly any editing from July 2009 until now. There have been five RfAs in all. A joke one in October 2005 (deleted); unsuccessful in May 2006; unsuccessful in March 2009, successful in June 2009; and now this one. Even without the recent compromise of the account, I would oppose this. SlimVirgin ^{TALK contribs} 17:14, 8 February 2010 (UTC)[reply]

    You may already have read it, and I'm guessing it won't change your mind anyway, but I thought I'd point out that the candidate explains the intermittent activity due to the nature of their job in the answer to Q4. Olaf Davis (talk) 17:38, 8 February 2010 (UTC)[reply]

    This does not explain the lack of activity during the early parts of 2006, 2007, and 2008. I find it telling that--despite his lack of activity during that time--Cool still managed to get RfAed.--*Kat* (talk) 18:32, 8 February 2010 (UTC)[reply]

19. Oppose per Mr.Z-man. Too soon, no way to prove anything. Can't take the risk that this account might have been offered for sale to Thekohser. GlassCobra 17:25, 8 February 2010 (UTC)[reply]
20. Oppose Don't trust you. Hipocrite (talk) 17:44, 8 February 2010 (UTC)[reply]
21. Oppose – the issue is still very fresh in people's minds. It would be prudent to wait a little longer, in my opinion. Best, Aiken ♫ 18:06, 8 February 2010 (UTC)[reply]
22. Strongly Oppose The tools are not necessary to being a good Wikipedian. Contributions are. Furthermore, according to your own story, your account was not used for anything terribly controversial. Therefore, you don't really have anything to prove except that you are not Kosher. Finally, your story has too many holes for me to really buy it. Add in what SlimVirgin had to say and this is one very strong opposition vote. —Preceding unsigned comment added by *Kat* (talk • contribs) 18:32, 8 February 2010 (UTC)[reply]
23. Oppose Even if I believe you that your password was guessed (although I can understand some concerns voiced above, for example by Coffee), then I cannot support a request by someone who admitted to have used a weak password in the past - at least not now. Imho, you need to regain the trust of the community using your new account just like any other user. Regards SoWhy 19:52, 8 February 2010 (UTC)[reply]
24. Wexeb ^(Talk·_{Contributions)} 20:35, 8 February 2010 (UTC)[reply]
25. Oppose My issue here is the lack of editing activity recently. I beleive it is possible for accounts to be hacked. It can happen. And as such your account was blocked and adminship removed. That is how it is those are the guidelines and structure which protects the project from abuse from compromised admin accounts, encouraging users to make stronger passwords; but if your going to run for adminship again, in my opinion I hope to see contributions to the project, proof of why you need the tools again to help the project. Your recent activity has been very low. Basically all i can tell you is this; Regain the trust of the community, and we will no doubt give you trust back. Ottawa4ever (talk) 21:12, 8 February 2010 (UTC)[reply]
26. Oppose. Your adminship, as short as it lasted, can be characterized by 2 things: inactivity during all but the first few months, and a compromised account with you apparently oblivious to it. The former makes me wonder what someone would do with admin tools, who's hardly around to use them. The latter seriously makes me doubt your common sense. Try again in 6 months or so.--Atlan (talk) 23:35, 8 February 2010 (UTC)[reply]
27. Oppose I know what happened, and the fact that ArbCom is not comfortable with "various explanations" says it all. Thou doth protest too much. Keegan (talk) 00:15, 9 February 2010 (UTC)[reply]
28. Oppose Whether the previous account was intentionally or unintentionally compromised is immaterial - the candidate has shown judgement incompatible with adminship either way. Skinwalker (talk) 02:09, 9 February 2010 (UTC)[reply]
29. Oppose. This candidate's story seems somewhat suspicious to me. This, along with my lack of trust in the candidate and his complete lack of editing activity in the past few months garner my oppose. Laurinavicius (talk) 02:27, 9 February 2010 (UTC)[reply]

Neutral

1. The first neutral comment at this RfA. I have no idea what I should do here. On the one hand, I absolutely trust Cool3's description of the events and I trust Juliancolton's assurance that he is not the same person as thekohser - that I am positive of. But Fastily's comment in the oppose section is also... well, it's concerning. I'd call it a coincidence at best, and I don't believe rumours unless they are verifiably true, but it's still concerning enough for me to feel reluctance in supporting. Another concern is, while I do not distrust Cool3, I'm not sure if he'd be a very active admin given his previous lack of activity directly after being granted the tools, and I see no real point in giving adminship to somebody with no obvious intention of ever using it; however, I never consider that in itself to be valid grounds for oppoition (the only time I oppose is when I feel somebody is either not trustworthy, or fundamentally unsuited). If I am leaning towards the support column, it is very weakly. Master&Expert (Talk) 04:54, 8 February 2010 (UTC)[reply]
2. Neutral I am really undecided on this one. I want to believe what the candidate says (and I trust Juliancolton's assessment when he says that he believes what the candidate says), but I think at the moment it is too soon after the incident to feel confident that this would not happen again. Like Master&Expert, the lack of use of the tools would not in itself be enough to oppose, so I would be veering towards support, but at the moment I cannot in all honesty support the candidate, although this may change following answers to questions. Failing that (and failing any firm reason to oppose), I'll stay sat on this neutral sofa. -- PhantomSteve/talk|contribs\ 09:06, 8 February 2010 (UTC)[reply]
3. Neutral: This one has me stumped. - Ret.Prof (talk) 12:13, 8 February 2010 (UTC)[reply]
4. Neutral. I believe the explanation given by the candidate for the account hacking incident, plus he has been a constructive contributor for several years prior to that. However, even viewed in the most favorable light, the hacking incident was a very serious security breach which, at least, shows lack of attention to security issues by the candidate in the past. After such a serious incident, a significant period of problem-free and constructive editing is needed before the doubts about the candidate's trustworthiness can be dispelled. I am also bothered by the fact that the candidate disappeared for half a year fairly quickly after gaining adminship, and is now asking for the tools back before re-establishing a record of actively contributing. If all goes well, I'd be willing to support in about 6 months from now, but the request seems premature at this time. Nsk92 (talk) 14:26, 8 February 2010 (UTC)[reply]
5. Neutral. The explanation of what occurred is credible, and the candidate is taking steps to prevent something similar from happening again. The combination of a poor password and near-immediate inactivity after becoming an admin represent a lapse in judgment of a different sort than the norm, and I don't yet know how evaluate it. I appreciate the calls for more time, but I'm not sure how more time would allow this user to demonstrate that the problem is corrected. A longer edit history won't address it, and additional months (or years) without an account compromise won't prove that the password is stronger, or being changed more frequently, or that the user won't be victimized by another key logger. I rather want to support, and I'm going to consider what other question(s) I may pose to help move me in that direction.--otherlleft 16:06, 8 February 2010 (UTC)[reply]
6. Neutral per Retprof. Doc Quintana (talk) 18:10, 8 February 2010 (UTC)[reply]
7. Neutral I can't bring myself to go either way on this one. The explanation is very credible, but the sequence of events makes it hard to put my full support for giving back the bit. I would say give it some time to show that this account will be used responsibly, and I will support. Jujutacular ^T · C 20:22, 8 February 2010 (UTC)[reply]
8. Neutral — I am keen to WP:AGF, but this is a bit too soon for me after what happened. Maybe after a few months of active editing, you will have regained the trust of the community; better luck next time. Airplaneman ^talk 06:13, 9 February 2010 (UTC)[reply]