I think we can eliminate David Brooks as a suspect
Yesterday the New York Times published an interesting article on the identification of the source of Wikipedia edits through WikiScanner. Toward the end of the story the Times resorts to unusual understatement to describe its own behavior:
The New York Times Company is among those whose employees have made, among hundreds of innocuous changes, a handful of questionable edits. A change to the page on President Bush, for instance, repeated the word “jerk” 12 times. And in the entry for Condoleezza Rice, the secretary of state, the word “pianist” was changed to “penis.”I doubt that it's impossible for the Times to discover who made those "questionable edits." I think, all things considered, it would prefer not to know.“It’s impossible to determine who did any of these things,” said Craig R. Whitney, the standards editor of The Times. “But you can only shake your head when you see what was done to the George Bush and Condoleezza Rice entries.”
UPDATE: Reader Greg Amy writes:
Indeed. As a systems administrator for a large corporation, I know for a fact that it is "best practice" for corporations to at least *LOG* web activity of its employees. Not to do this is foolhardy, especially for a public corporation.Reader Rich Waldis writes:To find out who did this is a simple matter of matching the date and time of the Wikipedia edit with these internal logs and presto! you have the internal IP address (and probably the login name) of the computer (person) that did this.
Not rocket science, this.
As the CTO of my “little” company, I can’t argue the validity of Greg’s statement. However, as a former consultant at organizations like Delta Air Lines, Federal Express and others, I can tell you that his assumptions are just that. It is a GREAT LEAP to suggest that the New York Times *MUST* be able to easily find the culprit. Many, many large companies do not track their employees’ web adventures. It wouldn’t surprise me if the NYT did track it, but it wouldn’t surprise me if they didn’t. A liberal organization “spying” on its employees – it’s just not right! Further, even if they did track, how long ago was the update. Even the NYT isn’t going to keep logs forever.But reader Parker Shannon restates the consensus view and gets the last word, at least for today:For the record, my company does not track internal web usage. I can tell you the top 25 web sites that are accessed from within our company walls, but I don’t know who goes where.
The Times knows damn well who made the changes -- unless, of course, they didn't look, but the daily logs are maintained automatically as part of their daily backup and restore protocols. The data are there.I have to relent for another reader who is a security expert and who writes in support of Rich Waldis:
[T]he problem is these things go back a year, maybe even more. That is an enormous amount of logs for people to keep. Nobody does that, except for the most sensitive organizations.As for the suggestion about daily backups -- daily backups tend to be of specific folders, not entire systems. Surely not entire web traffic. But, even if it were of entire web traffic it is a different matter entirely to archive this stuff going back a year or longer. It is just too expensive and there is no need for it.
