We’ve probably seen the topics of vandalism in the last week. Our own drolbr chimed in with some more stories we likely didn’t know about.

One of the main weaknesses that OSM currently has is that basically every account can do anything and everything.
I’m sure some will disagree on this being a weakness, for those that think instant power is useful, I respectfully disagree. (see why at bottom of this post).

The main reason this is a weakness is that vandalism is essentially trivial. Fighting it is the thing that takes effort. Vandalism takes no effort whatsoever, really. Shouldn’t that be the other way around?

OSM has become so big that it has become a target, and the companies that depend on OSM financially likewise increase the target on OSMs back. Our pain is shared with those companies, afterall.

What about we recognize the value of an OSM account?

An OSM account is currently basically free. I can make 10 new ones in no time and they all have the same rights as my main one. Which makes them valuable.

I think we need to re-think this balance at a fundamental level. The OSM design today is really quiet bad at creating local ownership of data. While that would be great way to ensure quality.
Today, a user that babysits a neighborhood or town would either need to be pretty good with 3rd party websites or spend a huge amount of time on OSM org.
The balance need to be changed, the tools need to be build. But there is no incentive to do so. Lets create that incentive.

Here is my thought:

Account levels.

People get higher levels by getting changesets approved by people that already have higher levels.
The idea is that normal people won’t see these limits as a problem. They would normally grow into this just fine.

level 1: (first start).

• limits on changeset size, area wise. You can’t edit an area larger than 5 x 5 km in a single changeset.
• limits on number of changesets per day. Say, 10 per day.
• limits on number of properties that can be deleted in a changeset. No more than 25. Deleting a point with 30 properties is thus not possible.

level 2: user got 10 of their changesets thumbed-upped. Regardless of comments / discussion.

• Area increases to 15x15km per changeset.
• number per day goes up to 25 / day
• properties that can be deleted goes up to 100.

Level 3; user has created at least one changeset on 14 distinct days, that got thumbed-up

• numbers increase to sane levels.
• user can thumb-up changesets
• users can comment on other people’s changesets.

level 4:

• numbers increase to insane levels. The level that bots and maintainers only do today.
• user gets access to a stream of changes in a certain area or important properties, llowing them to be a local maintainer or overseer of their designated area.

Users thus are forced to coordinate, communicate and work together. At least during the initial phase. Which is going to set the trend for people working on OSM in most cases. I expect that 80% of the users never need to pass level 2 and still not feel restricted. I like that balance, they can improve the map but they don’t have the power to do much damage. And with some better social tools this becomes easy to manage.

I would think that this while design important to avoid random vandalism, but especially for companies this would be useful to avoid little bubbles of teams that work together internally but not with the rest of the world.
I think it helps people become aware that they are not mapping alone. Comments on changesets need to be responded to. OSM is not just editing, its got a social ingredient too.

That footnote:

Why is it always a weakness that a new account can do anything and everything?

Because it creates an imbalance in what kind of mapping society you create. Specifically it rewards loners that have no problem taking risk (i’ll just edit this, lets see what happens). But those people are the minority and it punishes everyone else that would love to get someone to handhold a little.

More importantly, by skipping any sort of introduction or communication or anything, we skip building of (local) communities. The majority of accounts never have any communication with any other mapper. Isn’t that strange? People are social animals, just plainly ignoring this part is damaging. Ask an actual social person if you have no clue why that would be

One thing not mentioned here is import accounts. Do they have no place in this system? Or in addition to thumbs ups, secondary account creation system should be created.

I want to note: Limit number of edits per user and day · Issue #2342 · openstreetmap/openstreetmap-website · GitHub this is much simpler and basically prerequisite to anything more complex but already has some tricky issues.

I understand why some limits seem like a reasonable precaution. However, I feel such limits would have to meet two requirements: They should

• be generous enough that almost no new user will hit the limit
• not impose significant extra work on existing volunteers.

I don’t think your proposal would achieve that. For example, an eager beginner using StreetComplete (which creates numerous small changesets) would easily hit the wall of 10 changesets in a few minutes. And, of course, many changesets are never reviewed, which would prevent the new user from leveling up. The system would depend on volunteers’ willingness to put a lot more effort into performing reviews than they do today.

It’s possible that the first issue could be avoided by designing the levels and associated restrictions differently, but the second issue seems inherent in relying on reviews.

Streetcomplete is actually quite curious because it collates all edits of the same quest type in a single CS for like 2 hours keeping it open for that long, that is, if you’re in auto report. During that time the CS is visible by others but cannot be commented on until closed. (if this has changed it must have been very recent).

Just to add a bit of context, the current round of worldwide vandalism that we’re seeing has something like this as the first non-empty changeset created by a new user. That isn’t 10 objects, or 100, or 1000 - it is 9000 changes in their “first” changeset.

I’m sure that a technical restriction could be placed that stops “new” users doing that but still allowing StreetComplete etc.users to do lots and lots of editing!

about >30 blocked sock puppets - hard work!
Thanks for Your work @SomeoneElse

After this one, it’s 32 now, I think. There are 59 reverts to do for that last one, so if anyone fancies having a go…

I don’t actually disagree with anything you say here, but the biggest stumbling block, as Tordanik touched on, is going to be who does the checking & approving of new user’s edits?

Just some of the details that would need to be worked out - a newbie has created their account & made 10 edits, which now need to be checked. What happens tomorrow? Can they make another 10 edits, or is their account blocked until those first 10 are checked & approved? “I’ve” only had time to check 5 out of those 10 - can they make another 10, or only 5?

Another option may be to only allow 1 user account per IP address, which would definitely disadvantage some power-users, or possibly prevent accounts from being set up via a VPN?

Please don’t get me wrong, it’s not a bad idea, just a lot of details to be worked out first!

Let’s get this knocked on the head straight away - no-one’s suggesting limited new users to 10 edits. A previous wave of vandalism of which this was a related block** had a few hundred changes per “first new edit” of each sockpuppet, and was relatively straightforward to deal with - we could set “new account limits” in that sort of area and we really wouldn’t inconvenience any genuine new users.

** that sockpuppet made 4 changesets with 123, 24, 2 and 633 changes in them.

In light of these numbers it seems to me that a fully automated system could have some benefit without requiring any volunteer time to review edits. For example, brand new accounts could be limited to 100 changes per changeset and 1000 changes per day. These limits could increase by 100 and 1000 respectively for each day of editing so by the 10th day they’d be at 1000 changes per changeset and 10,000 changes per day. After a certain number of days the limits could be removed. Tweak these numbers as appropriate to make sockpuppets frustrating to use, while not bothering genuine new users.

I’d suggest starting at something like 25 & 250 first day, 50 / 500 2nd, then 100 / 1000 3rd day?

Not too many new mappers are going to hit those limits right away, & as you say, it would slow the baddies down & give time for the rest of the community to spot & stop them.

I would prefer if we focus on mapping days since they are a bit harder to fake and earn…
Few examples:
0-20 editing days:

• Can’t modify wiki or names on elements that have wiki(this are usually important elements/places) that people target for vandalism
• Can’t edit admin_level 0-7

20-50 editing days:

• Can’t edit admin_level=0-2
• Can’t delete names

And if it becomes problem that people harvest such accounts to be used later, maybe once a day program can be ran on all accounts with 19 days of editing to detect if any of them is bot doing dummy changes just to get account to 20 days… It is not fun task but that feels like most reasonable way in my opinion.

We could also have “vouching system” where someone with 100+ editing days introducing OSM to friend could lift this limits on day 0 for friend…

To understand my perspective… I work at Microsoft and see too often admin borders changed by accounts with 0 days of expirience mostly accidently or fear New York name changing to something else…

To conquer malicious edits as discussed here there are two options:

Option 1: Restrict what or new users can edit, or how often they can edit. Like, allow them to add new information but disallow editing existing information. This will even work quite well with apps like StreetComplete, where mostly new information are added (there are exceptions, of course).
Option 2: Just restrict editing certain tags, like in this example restrict editing/removing of name:ru. This has very few side-effects but will be very effective against the current vandalism.

Of course there can be other vandalism where both options won’t have much effect, like fake drawings.

I like the completely open approach of OSM and I want OSM to stay an inclusive project. However, with enough ill intent it is possible to harm this project significantly. I guess the DWG is currently well busy with identifying and removing these malicious edits. Resulting in less time being available for other work.

Maybe we can agree on applying the limits for new users discussed here only for a certain duration until things have calmed down. Afterwards, they can be lifted to return back to the current no-limit status. If things get heated again (for whatever reason), then we have something at hand that we can apply immediately.

It would block anyone trying to map forest/lake/road/multiple buildings as their initial edits, what seems undesirable to me

Adding 6 square buildings is already: 6 * 4 = 24 nodes, 6 new ways - for 30 map changes in total. And it is a reasonable edit in the first day of mapping.

I would go with limit like 1000 changes per day for new accounts, later upgraded up to 50000 per day with bot-flagged accounts having no limit. Which should already put some limits on vandal scripts without harming true users.

But even 1000 changes per day would likely cause problems for say people attending workshops about OSM mapping.

Maybe even higher limits like 5000 changes/day for new accounts would be a better start? Something that basically never will hit even unusual newbies? And will put some pressure on vandal accounts starting from vandalising 9000 objects as the first edit?

I’m not quite convinced here. Are 1000 or 5000 bad changes / objects significantly better than 9000? I.e. is it really worth the effort? If the limit is 1000 or 5000 objects, then using multiple accounts will still allow to make 9000 bad edits very easily.

Unless there is also a limit regarding account creation. Creating multiple OSM accounts is not forbidden but maybe we can limit the account creation to 1 per day per email address.

this limit exists already

you already can create a single account for given email address, ever (though it is easy to get piles of disposable mails anyway)

Still 9 times more effort to setup accounts. Not a big barrier but always something.

And there were also annoying to revert broken imports adding broken stuff on even larger scale (original motivation for Limit number of edits per user and day · Issue #2342 · openstreetmap/openstreetmap-website · GitHub ).

There seems to be nothing left by that account, so thanks everyone for reverting!

A couple more that there are still objects last modified by, though, are SdfN5h5163 and dfn5h54563. Those accounts’ edits might need checking because in a couple of cases they seem to have edited the same object sequentially.

Love the discussion, thank to all the great replies.

I think the intent I had seems to be mirrored nicely; normal beginning editors will be able to do mapping without noticing the limits. Growing in permissions as their work progresses. Only the rare addicted-to-this person should hit ceilings.

What is important to me is the social part. The current group of mappers, and everyone commenting here, are self selected as people that are Ok figuring stuff out on their own. Finding that wiki, possibly even joining this forum or some chat. All without the UI giving any indication that this is possible or even useful.

This means we have ignored a large chunk of the population that is not so brave with their mapping efforts. We have a ‘I would like to get someone to review my edit’ checkbox which has no real-life effect of someone actually coming to review it in most cases.

The social part is underdeveloped and we self-selected our community to be filled with people that are Ok with that. The Dutch community is quite busy and has various social channels, which is awesome and I wish I found out about the earlier than I did. For instance.

So the numbers should be picked based much less on how much damage they can do, but much more about how much the edit should be team-approved. I see someone talking about editing a forest. Or mapping houses. These are great examples of things that people would appreciate help with. A quick review, a simple pointer to examples. ANY human interaction, really.
So, sure, you can increase the limits to allow the brave to add loads of stuff, and that may work in various cases. But it may also dramatically backfire with the work needing loads of love afterwards and some mappers will just leave instead of doing that.

The point is that the bigger the changes (area, points etc), the greater the risk of the person going in a different direction as the rest of the community is going.
And that is the reason for limiting their rights, not because of them being destructive but because it works better if we share the knowledge with new people. Propagate the culture, as it were.
The good part is, the vandalism is solved with the same approach without us explicitly aiming for that.

Someone mentioned StreetComplete, which has a great way of rewarding people by giving them some tokens of appreciation based on the work they did. It has no value or effect, but the social concept is known to the streetcomplete people.
I’m sure that the guys behind that project would be willing to join the conversation on combining their stuff into some ‘levels’ design we can make for the OSM database.

In that light, the limits should not be too high, its not about vandalism per-sé, it is about triggering a social and inclusive direction for the OSM teams.
And that means that this would not be a change in isolation. It would trigger more ways that make the mapping experience less about doing something in total isolation, which frankly is what it is today.
This limits on accounts would in my view be a trigger where the rest becomes something that fits and makes sense. Thus leading to a system of building community and onboarding to our culture.