How to investigate Wikipedia edits

Leave a reply

By Ian Silvera (www.iansilvera.co.uk@ianjsilvera)

First, click on the ‘view history’ tab at the top right of the Wikipedia entry you are interested in. You should then be directed to a page that lists all the edits that have occurred on that entry. It looks like this: http://en.wikipedia.org/w/index.php?title=Paul_Bradshaw_(journalist)&action=history

Second, to identify if someone has been deleting unhelpful criticisms of an organisation or person on their Wikipedia entry, you could read through each edit, but with large Wikipedia entries this exercise would be too time-consuming. Instead, look for large redactions.

 To do this scan through the red coloured numbers in brackets. Low numbers such as (-700) mean that a reasonable amount of information has been deleted from the Wikipedia entry. Also, the date the Wikipedia entry was edited is located on the left-hand side of the page.

Once you’ve indentified a large passage that has been deleted, click on the user’s IP address listed in the centre of the page (unfortunately, if the user has an account with Wikipedia, you won’t be able to see their IP address — here the investigation may have to end).

You should now be directed to a page that lists all that user’s contributions on Wikipedia. For example, not many users have deleted content on Paul Bradshaw’s wiki, so I clicked on a Wikipedia user that removed two characters on Mr Bradshaw’s entry: http://en.wikipedia.org/wiki/Special:Contributions/193.60.133.202

Now click on the ‘diff’ button, located in the middle of the page, to check if the mystery editor did remove criticisms or unhelpful information.

You should now be directed to a comparison page which shows the Wikipedia entry before and after the deletion. For instance: http://en.wikipedia.org/w/index.php?title=Sony&diff=prev&oldid=378515677

Presuming that your mystery editor has deleted some valid criticisms or unhelpful information, it’s time to find them.

Locating

To find a person using their IP address you can use an IP locater. I use Neil Smith’s locater found on his website here: http://www.uk-osint.net/whoandwhere.html (just type the IP you’re interested in and press ‘search’).

Now, a lot of IP address are re-directed, many through Delaware, so IP locaters aren’t that accurate, but that’s not to say you may get lucky and the mystery editor’s internet provider may be a niche provider unlike BT, Virgin or the like (a computer service company that only does work for large businesses, for example). Even if the provider turns out to be BT or the like, Mr Smith’s IP locater is fused with Google Maps so you can zoom in and find the address of your mystery editor.

Returning to my example, I typed the IP address (193.60.133.202) of my mystery editor into the IP locater and identified the provider as Birmingham City University. So, clearly someone who has been using Birmingham City University’s computers on the 29th of July 2010‎ edited Mr Bradshaw’s Wikipedia entry — likely candidates include Paul Bradshaw or someone associated with Birmingham City University (an academic, PR Company or a student).

At this point of the investigation things become less technical – you will have to phone and confront the organisation or person you’re interested in with the information you’ve found.

Examples of Wikipedia investigations

Leave a Reply