TechInfoDepot:Vandalism


 * This is not a noticeboard for vandalism. Report vandalism at TechInfoDepot:Administrator intervention against vandalism.

Vandalism is any addition, removal, or change of content in a deliberate attempt to compromise the integrity of TechInfoDepot. Examples of typical vandalism are adding irrelevant obscenities and crude humor to a page, illegitimately blanking pages, and inserting obvious nonsense into a page.

Vandalism is prohibited. While editors are encouraged to warn and educate vandals, warnings are by no means necessary for an administrator to block.

Even if misguided, willfully against consensus, or disruptive, any good-faith effort to improve the encyclopedia is not vandalism. Edit warring over content is not vandalism. Careful consideration may be required to differentiate between edits that are beneficial, detrimental but well-intentioned, and vandalizing. Mislabelling good-faith edits as vandalism can be considered harmful.

Upon their discovery, revert clearly vandalizing edits. Then warn the vandalizing editor. Notify administrators of vandalizing users who persist despite warnings, and administrators should intervene to protect content and prevent further disruption by blocking such users from editing. When warranted, accounts whose main or only use is obvious vandalism or other forbidden activity may be blocked even without warning.

How to spot vandalism
Very useful ways to detect vandalism include: In all the three methods above, examples of suspicious edits are those performed by IP addresses, red linked, or obviously improvised usernames. A good way to start is to click on every edit in watchlists, histories etc. with the least suspicion of being vandalism. Increased experience will probably give a sense of which edit descriptions are worth to check further and which may likely be ignored. IP editors should not be approached with the assumption that they are vandals. Although many vandals do vandalise without registering an account, there are many IP editors who are great contributors to TechInfoDepot. Always read the actual changes made and judge on that, rather than who made the changes.
 * Recent changes patrolling, using the recent changes link to spot suspicious edits
 * Keeping an eye on your watchlist
 * The edit history of an article may be checked for any recent suspicious edits, and compared with the version after any previous revert or cluster of non-suspicious edits. This method can check many suspicious edits at the same time. The article size, as given in bytes, usually increases slightly with time, while a sudden large decrease may indicate a section blanking.
 * See the what links here pages for Insert text, Link title, Headline text, Bold text and Example Image to detect test edits. (See also toolbar experiments)
 * The auto-summary feature can also help users spot vandalism.
 * Viewing the abuse log
 * Watching for edits tagged by the abuse filter. However, many tagged edits are legitimate, so they should not be blindly reverted. That is, do not revert without at least reading the edit.

How to respond to vandalism
If you see vandalism in an article, the simplest thing to do is just to remove it. But take care! Sometimes vandalism takes place on top of older, undetected vandalism. With undetected vandalism, editors may make edits without realizing the vandalism occurred. This can make it harder to detect and delete the vandalism, which is now hidden among other edits. Sometimes bots try to fix collateral damage and accidentally make things worse. Check the edit history to make sure you're reverting to a "clean" version of the page. Alternatively, if you can't tell where the best place is, take your best guess and leave a note on the article's talk page so that someone more familiar with the page can address the issue—or you can manually remove the vandalism without reverting it.

If you see vandalism on a list of changes (such as your watchlist), then revert it immediately. You may use the "undo" button (and the automatic edit summary it generates), and mark the change as minor. It may be helpful to check the page history to determine whether other recent edits by the same or other editors also represent vandalism. Repair all vandalism you can identify.

For a new article, if all versions of the article are pure vandalism, mark it for speedy deletion by tagging it with.

To make vandalism reverts easier you can ask for the rollback feature to be enabled for your registered TechInfoDepot account. This feature is only for reverting vandalism and other obvious disruption, and lets you revert several recent edits with a single click. See TechInfoDepot:Requests for permissions.

If you see that a user has added vandalism you may also check the user's other contributions (click "User contributions" on the left sidebar of the screen). If most or all of these are obvious vandalism you may report the user immediately at TechInfoDepot:Administrator intervention against vandalism, though even in this case you may consider issuing a warning first, unless there is an urgent need to block the user. Otherwise you can leave an appropriate warning message on the user's talk page. Remember that any editor may freely remove messages from their own talk page, so they might appear only in the talk history. If a user continues to cause disruption after being warned, report them at TechInfoDepot:Administrator intervention against vandalism. An administrator will then decide whether to block the user.

For repeated vandalism by an IP user it is helpful to take the following additional steps:
 * 1) Trace the IP address (e.g. http://www.domaintools.com/) and add  to the user talk page of the address. If it appears to be a shared IP address, add  or . The OrgName on the IP trace result should be used as the Name of owner parameter in the above three templates.
 * 2) Particularly if the IP address is registered to a school or other kind of responsive ISP, consider listing it on TechInfoDepot:Abuse response.

For beginners
For relatively inexperienced TechInfoDepotns, use these simple steps to quickly respond to what you consider vandalism. This is essentially an abridged version of TechInfoDepot:Vandalism. For a detailed guide, see Arnon Chaffin's Anti-Vandalism Center.


 * 1) Assess whether the edit was made in good faith or bad faith. If it is in good faith, it is not technically vandalism, so question the accuracy of information on the talk page and/or add a "dubious" tag to the disputed edit. If it is in bad faith, then it is vandalism and you may take the appropriate steps to remove it.
 * 2) Revert the vandalism by viewing the page's history and selecting the most recent version of the page prior to the vandalism. Use an edit summary such as 'rv/v' or 'reverted vandalism' and click on 'Save page'.
 * 3) Warn the vandal. Access the vandal's talk page and warn them by posting an appropriate warning template from the following list. It is not necessary to start with the level one warning, particularly when faced with especially egregious or offensive vandalism, when the vandal has damaged multiple articles, or when the vandal has created an account with no positive contributions across more than one editing session.
 * 4) * Level one: This is a gentle caution regarding unconstructive edits; it encourages new editors to use a sandbox for test edits. This is the mildest warning.
 * 5) * Level two: This warning is also fairly mild, though it explicitly uses the word 'vandalism' and links to the TechInfoDepot policy.
 * 6) * Level three: This warning is sterner. It is the first to warn that further disruptive editing or vandalism may lead to a block.
 * 7) * Level four: This is the sharpest vandalism warning template, and indicates that any further disruptive editing may lead to a block without warning.
 * 8) Watch for future vandalism from the vandal by checking the user's contributions. If bad faith edits continue, revert them and use higher level warning tags on their talk page. An example of warning a repeat offender can be found at User talk:201.21.233.202/Archive 1. Note that it is not necessary to use all four warning templates in succession, nor is it necessary to incrementally step through the warnings.
 * 9) Report vandals that continue their behavior after being warned to 'TechInfoDepot:Administrator intervention against vandalism'. While not strictly required, administrators there are most likely to respond rapidly to requests which include at least two warnings, culminating in the level four 'last chance' template.

Template and CSS vandalism
If no vandalizing edits appear in the page's edit history, or the vandalism obscures the page tabs so you can't easily access the history or edit the page, it is probably template or cascading style sheets vandalism. These are often not difficult to fix, but can be confusing.

To access the page history or edit the page when the "View history" or "Edit" tabs are inaccessible, use TechInfoDepot keyboard shortcuts. You can also access the history through a vandalism patrolling tool if you're using one, or by going to another page and using the "My Watchlist" link (if you are watching the page) or "My Contributions" link if you've edited the page recently. Or, enter the URL manually into the address bar of your browser: it will take the form  http:// www.techinfodepot.info/w/index.php?title=Name_of_article&action=edit or  http:// www.techinfodepot.info/w/index.php?title=Name_of_article&action=history.

If vandalizing edits do not appear in the page history, the vandalism is likely in a transcluded template instead of the page itself. To find the template page, edit the article (using TechInfoDepot keyboard shortcuts if necessary); toward the bottom of the edit page is a list of all templates transcluded into the page. Look for vandalism in the transcluded templates not protected. Alternatively, look for or  in the text, approximately where the vandalism appears, then go to the page Template:Template name and revert any vandalism. When you return to the original page, the vandalism should be gone, though you may need to purge the page.

Image vandalism
Images are occasionally used for vandalism, such as by placing shock or explicit images where they should not be. When an image has been created exclusively for vandalism, it can be requested for speedy deletion: under criterion G3 if hosted on TechInfoDepot or as vandalism if hosted on Commons (a file repository for Wikimedia projects). When an image is used for vandalism due to its explicit nature but has legitimate encyclopedic uses (TechInfoDepot is not censored) or is hosted on Commons and has legitimate uses on other projects, it can be requested for being added to the bad image list, which precludes its addition on any page except those specified.

How not to respond to vandalism

 * Do not nominate an article for deletion because it is being vandalized.
 * Do not feed the trolls. Fanning the fire will make the situation worse. Similarly, do not insult the vandals. If someone is doing something they know is wrong, insulting them over it is likely to make them vandalize more, just to get that reaction. Furthermore, TechInfoDepot is not the place for personal attacks, it is not a battleground, and two wrongs don't make a right. Instead, report them to the administrators if they continue.


 * Avoid the word "vandal". In particular, this word should not be used to refer to any contributor in good standing, or to any edits that might have been made in good faith. This is because if the edits were made in good faith, they are not vandalism. Assume good faith yourself—instead of calling the person who made the edits a "vandal", discuss your concerns with them. Comment on the content and substance of the edits, instead of making personal comments.

Warnings
The purpose of warning a user who has vandalized is to inform the user that the user's conduct is abusive and prohibited, and seek the user's compliance. Not all that appears to be vandalism is in bad faith, and a warning can politely advise and correct users unaware of the nature of their actions. A warning may even dissuade a user acting in bad faith from continuing, particularly as the warnings escalate and the user is informed of the consequences of continuing.

Warning a user for vandalism is generally a prerequisite to administrator intervention. Because of this, users should be warned for each and every instance of vandalism (see the guidance below on what constitutes a single instance).

How to warn vandalizing users
A list of user warning templates, with descriptions and instructions for their use, is at TechInfoDepot:Template messages/User talk namespace. In addition to a series of user warning templates for vandalism, there are series for specific types of vandalism. Use the most specific user warning template for the conduct.

Assume good faith (such as that the user is simply unaware of the policies and guidelines), but only if plausible. Circumstances may warrant no assumption of good faith, or indicate bad faith; respond accordingly.

Users should be warned for each instance of vandalism for which the user has not been warned previously. For purposes of warning, multiple edits should be considered a single instance, and only one warning given, if:
 * the edits are of the same page;
 * the user received no intervening warning between the edits; and
 * the same user warning template series would be used to warn for each edit.

A new warning generally should not escalate from a previous warning unless a user received the previous warning and failed to heed it. So, if a user vandalizes, and, before a responding user can warn the vandalizing user, the vandalizing user vandalizes again, the responding user should not yet escalate the warning (for example, give a final warning) or report the user for administrator intervention yet.

If the user receives the warning and, after receiving it, continues to vandalize, the warning may be escalated or the user reported for administrator intervention.

Reminding responding users to correctly warn
Because warnings for vandalism are generally a prerequisite to administrator intervention, it is important that users responding to vandalism warn vandalizing users. To inform responding users of this responsibility, use the user warning template uw-warn.

Likewise, incorrect use of user warning templates, even if well-intended, should be identified to the mistaken user. The series of user warning templates may be used, but a detailed talk page message is better.

Tracing IP addresses
The owners of IP addresses can be found using:

If an address is not in one registry, it will probably be in another.
 * ARIN (North America)
 * RIPE NCC (Europe, the Middle East and Central Asia)
 * APNIC (Asia Pacific)
 * LACNIC (Latin American and Caribbean)
 * AfriNIC (Africa)
 * IPLigence
 * IP-adress.com (sic)
 * Find-IP-address.org

Types of vandalism
Vandalism on TechInfoDepot usually falls into one or more of these categories:

Abuse of tags

 * Bad-faith placing of non-content tags such as afd, delete, sprotected, or other tags on pages that do not meet such criteria. This includes baseless removal of policy and related tags.

Account creation, malicious

 * Creating accounts with usernames that contain deliberately offensive or disruptive terms is considered vandalism, whether the account is used or not. For TechInfoDepot's policy on what is considered inappropriate for a username, see TechInfoDepot:Username policy. See also TechInfoDepot:Sock puppetry.

Avoidant vandalism

 * Removing afd, copyvio and other related tags in order to conceal deletion candidates or avert deletion of such content. However, this is often mistakenly done by new users who are unfamiliar with AfD procedures and such users should be given the benefit of the doubt and pointed to the proper page to discuss the issue.

Blanking, illegitimate

 * Removing all or significant parts of a page's content without any reason, or replacing entire pages with nonsense. Sometimes referenced information or important verifiable references are deleted with no valid reason(s) given in the summary. However, significant content removals are usually not considered to be vandalism where the reason for the removal of the content is readily apparent by examination of the content itself, or where a non-frivolous explanation for the removal of apparently legitimate content is provided, linked to, or referenced in an edit summary.


 * Blanking that could be legitimate includes blanking all or part of a biography of a living person. TechInfoDepot is especially concerned about providing accurate and unbiased information on the living; blanking may be an effort to remove inaccurate or biased material. Due to the possibility of unexplained good-faith content removal, uw-test1 or uw-delete1, as appropriate, should be used as initial warnings for content removals without more descriptive edit summaries.

Copyrighted material, repeated uploading of

 * Uploading or using material on TechInfoDepot in ways which violate TechInfoDepot's copyright policies after having been warned is vandalism. Because users may be unaware that the information is copyrighted, or of TechInfoDepot policies on how such material may and may not be used, such action only becomes vandalism if it continues after the copyrighted nature of the material and relevant policy restricting its use have been communicated to the user.

Edit summary vandalism

 * Making offensive edit summaries in an attempt to leave a mark that cannot be easily expunged from the record (edit summaries cannot simply be "reverted" and require administrative action if they have to be removed from a page's history). Often combined with malicious account creation.

Gaming the system

 * Deliberate attempts to circumvent enforcement of TechInfoDepot policies, guidelines, and procedures by causing bad faith edits to go unnoticed. Includes marking bad faith edits as minor to get less scrutiny, making a minor edit following a bad faith edit so it won't appear on all watchlists, recreating previously deleted bad faith creations under a new title, use of the construction tag to prevent deletion of a page that would otherwise be a clear candidate for deletion, or use of sock puppets.

Hidden vandalism

 * Any form of vandalism that makes use of embedded text, which is not visible to the final rendering of the article but visible during editing. This includes link vandalism, or placing malicious, offensive, or otherwise disruptive or irrelevant messages or spam in hidden comments for editors to see.

Image vandalism

 * Uploading shock images, inappropriately placing explicit images on pages, or simply using any image in a way that is disruptive. Please note though that TechInfoDepot is not censored for the protection of minors and that explicit images may be uploaded and/or placed on pages for legitimate reasons (that is, if they have encyclopedic value).

Link vandalism

 * Adding or changing internal or external links on a page to disruptive, irrelevant, or inappropriate targets while disguising them with mislabeling.

Page creation, illegitimate

 * Creating new pages with the sole intent of malicious behavior. It also includes personal attack pages (articles written to disparage the subject), hoaxes and other intentionally inaccurate pages. There are many other types of pages that merit deletion, even speedy deletion, but which are not vandalism. New users sometimes create test pages containing nonsense or even autobiographies, and doing so is not vandalism; such pages can also be moved to become their sandbox or userpage. Pages on non-notable topics are not vandalism.  Blatant advertising pages, and  blatant POV pushes, are not vandalism, but frequently happen and often lead to editors being blocked.  It's important that people creating inappropriate pages are given appropriate communication; even if they aren't willing to edit within our rules, they are more likely to go away quietly if they understand why their page has been deleted.

Page lengthening

 * Adding very large (measured by the number of bytes) amounts of bad-faith content to a page so as to make the page's load time abnormally long or even make the page impossible to load on some computers without the browser or machine crashing. Adding large amounts of good-faith content is not vandalism, though prior to doing so, one should consider if splitting a long page may be appropriate (see TechInfoDepot:Article size).

Page-move vandalism

 * Changing the names of pages to disruptive, irrelevant, or inappropriate names. Only autoconfirmed or confirmed users can move pages.

Silly vandalism

 * Adding profanity, graffiti, or patent nonsense to pages; creating nonsensical and obviously unencyclopedic pages, etc. However, the addition of random characters to pages is often characteristic of an editing test and, though impermissible, may not be malicious.

Sneaky vandalism

 * Vandalism that is harder to spot, or that otherwise circumvents detection, including adding plausible misinformation to articles (such as minor alteration of facts or additions of plausible-sounding hoaxes), hiding vandalism (such as by making two bad edits and only reverting one), simultaneously using multiple accounts or IP addresses to vandalize, abuse of maintenance and deletion templates, or reverting legitimate edits with the intent of hindering the improvement of pages. Impersonating other users by signing an edit with a different username or IP address also constitutes sneaky vandalism, but take care not to confuse this with appropriately correcting an unsigned edit made by another user. Some vandals even follow their vandalism with an edit that states "rv vandalism" in the edit summary in order to give the appearance the vandalism was reverted.

Spam external linking

 * Adding or continuing to add spam external links is vandalism if the activity continues after a warning. A spam external link is one added to a page mainly for the purpose of promoting a website, product or a user's interests rather than to improve the page editorially.

Talk page vandalism

 * Illegitimately deleting or editing other users' comments. However, it is acceptable to blank comments constituting vandalism, internal spam, or harassment or a personal attack. It is also acceptable to identify an unsigned comment. Users are also permitted to remove comments from their own user talk pages. A policy of prohibiting users from removing warnings from their own talk pages was considered and rejected on the grounds that it would create more issues than it would solve.

Template vandalism

 * Modifying the wiki language or text of a template in a harmful or disruptive manner. This is especially serious, because it will negatively impact the appearance of multiple pages. Some templates appear on hundreds or thousands of pages, so they are permanently protected from editing to prevent vandalism.

User and user talk page vandalism

 * Unwelcome, illegitimate edits to another person's user page may be considered vandalism. User pages are regarded as within the control of their respective users and, with certain exceptions, should not be edited without permission of the user to whom they belong. See WP:UP. Related is TechInfoDepot:No personal attacks.

Vandalbots

 * A script or "robot" that attempts to vandalize or add spam to a mass of pages.

What is not vandalism
Although at times the following situations may be referred to as vandalism, they are not usually considered vandalism as such. However, each case should be treated independently, taking into consideration whether or not the actions violate TechInfoDepot policies and guidelines. In addition, if an editor treats situations which are not clearly vandalism as such, then that editor may harm the encyclopedia by alienating or driving away potential editors.

Boldly editing

 * Bold edits, though they may precede consensus or be inconsistent with prior consensus, are not vandalism unless other aspects of the edits identify them as vandalism. The TechInfoDepot community encourages users to be bold, and acknowledges the role of bold edits in reaching consensus.

Copyright policy violations

 * Uploading or using material on TechInfoDepot in violation of TechInfoDepot's copyright policies is prohibited, but is not vandalism unless the user does so maliciously or fails to heed warnings. It is at least as serious an issue as vandalism and persistent offenders will ultimately get blocked, but it is well worth spending time communicating clearly with those who add copyvio as they are far more likely to reform than vandals or spammers.

Disruptive editing or stubbornness

 * Some users cannot come to agreement with others who are willing to talk to them about an editing issue, and repeatedly make changes against consensus. Edit warring is not vandalism and should not be dealt with as such. Dispute resolution may help. See also: Tendentious editing

Edit summary ommission

 * The edit summary is important in that it helps other editors understand the purpose of your edit. Though its use is not required, it is strongly recommended, even for minor edits, and is considered proper TechInfoDepot etiquette. Even a brief edit summary is better than none. However, not leaving edit summaries is not considered vandalism.

Editing tests by experimenting users

 * Users sometimes edit pages as an experiment. Such edits, while prohibited, are treated differently from vandalism. These users should be warned using the uw-test series of user warning templates, or by a talk page message including, if appropriate, a welcome and referral to the TechInfoDepot sandbox, where they can continue to make test edits without being unintentionally disruptive. Registered users can also create their own sandboxes as a user subpage. If a user has made a test edit and then reverted it, consider placing the message uw-selfrevert, on their talk page.

Harassment or personal attacks

 * Personal attacks and harassment are not allowed. While some harassment is also vandalism, such as user page vandalism, or inserting a personal attack into an article, harassment in itself is not vandalism and should be handled differently.

Incorrect wiki markup and style

 * Inexperienced users are often unfamiliar with TechInfoDepot's formatting and grammatical standards, such as how to create internal and/or external links or which words should be bolded or italicized, etc. Rather than label such users as vandals, just explain to them what the standard style would be for the issue at hand, perhaps pointing them towards the documentation at How to edit a page, and the like.

Lack of understanding of the purpose of TechInfoDepot

 * Some users are not familiar with TechInfoDepot's purpose or policies and may start editing it as if it were a different medium—such as a forum or blog—in a way that it appears as unproductive editing or borderline vandalism to experienced users. Although such edits can usually be reverted, it should not be treated as vandalism.

Misinformation, accidental

 * A user who, in good faith, adds content to an article that is factually inaccurate but in the belief that it is accurate is trying to contribute to and improve TechInfoDepot, not vandalize it. If you believe inaccurate information has been added to an article in good faith, remove it once you are certain it is inaccurate, or discuss its factuality with the user who has added it.

NPOV contraventions

 * The neutral point of view policy is difficult for many of us to understand. Even TechInfoDepot veterans occasionally introduce material which is not ideal from an NPOV perspective. Indeed, we are all affected by our beliefs to a greater extent than we estimate. Though the material added may be inappropriate, it is not vandalism in itself.

Nonsense, accidental

 * While intentionally adding nonsense to a page is a form of vandalism, sometimes honest editors may not have expressed themselves correctly (e.g., there may be an error in the syntax, particularly for TechInfoDepotns who use English as a second language). Also, connection errors or edit conflicts can unintentionally produce the appearance of nonsense or malicious edits. In either case, assume good faith.

Policy and guideline pages, good-faith changes to

 * Editors are encouraged to be bold. However, making edits to TechInfoDepot policies and guidelines pages, such as this one, does require some knowledge of the consensus on the issues. If people misjudge consensus, it would not be considered vandalism; rather, it would be an opportunity to discuss the matter with them, and help them understand the consensus.

Reversion or removal of unencyclopedic material, or of edits covered under the biographies of living persons policy.

 * Some material—sometimes even factually correct material—does not belong on TechInfoDepot, and removing it is not vandalism. Check to make sure that the removal was in line with TechInfoDepot standards, before restoring it or reporting its removal as vandalism.

Tools

 * Huggle – Windows application for dealing with vandalism (requires rollback).
 * Twinkle – JavaScript gadget allowing reversion of vandalism from page diffs.
 * Igloo – JavaScript-based browser window for reverting vandalism. Connects to a remote, non Wikimedia server (requires rollback).
 * STiki – Cross-platform and Java-based anti-vandalism application. Connects to a remote, non Wikimedia server.

Guidelines

 * Abuse response – centralized forum for the reporting and investigation of abuse complaints, related to IP address-specific vandalism
 * Administrator intervention against vandalism – intended to get administrator attention for obvious and persistent vandals and spammers
 * Cleaning up vandalism – introduction to cleaning up vandalism
 * Criteria for speedy deletion – English TechInfoDepot policy
 * Do not create hoaxes – content guideline
 * Most vandalized pages – articles that have undergone repeated vandalism
 * Recent changes patrol – TechInfoDepot communal patrol
 * Requests for page protection – for protection against long-term attacks
 * Template messages/User talk namespace – grid of templates for user talk page warnings and notices
 * WikiProject user warnings – internal project for creating a complete, standardised set of user warning templates
 * WikiProject Vandalism studies – internal project for conducting research related to unconstructive edits on TechInfoDepot (currently semi-active)

Essays

 * Avoid the word "vandal" – essay on the differences between vandals and those who make adverse edits
 * Deny recognition – essay on not feeding the trolls
 * Do not insult the vandals – essay on vandals and civility
 * Don't call a spade a spade – essay on civility and difficult editors
 * Don't template the regulars – essay on how to use warning templates carefully
 * IP address editors are human too – essay on assuming IP address editors are able and willing to make positive contributions
 * Make protection requests sparingly – essay recommending not overusing page protection
 * Not every IP is a vandal – essay on the common assumption that IP address editors are vandals
 * On assuming good faith – essay on the relationship between the Vandalism policy and the Assume good faith behavioral guideline
 * The motivation of a vandal – essay on "Why would anyone wish to vandalize a source of information that benefits people?"
 * Vandals versus Trolls – essay on the distinction between vandals and trolls

Meta

 * Anti-vandalism ideas
 * Vandalbot
 * What is a troll?
 * Small Wiki Monitoring Team – cross-wiki anti-vandalism