comments etc by suspended users are shown in the web UI

While I agree that it would be useful (though extremely difficult) for administrators to manually specify the automatic reversion of all changes by a user (as suggested in Bug 520413), I don't think that all changes by all users suspended for abuse should be automatically reverted.

Besides the problem that you allude to (that an account could be wrongly disabled and later re-enabled), I see four problems with automatically reverting all changes by suspended users:

(1) Some users might contribute significantly, and then their login credentials could be obtained by a spammer or otherwise abusive user. If you contributed to numerous projects in numerous ways over a period of years (or even if you contributed just once to one project), and then you logged in on a computer infected with malware and got your Launchpad identity stolen and abusively used by a third party, I doubt you'd want all your contributions to disappear overnight. The other contributors, and end users, who benefited from your contributions would probably be pretty unhappy about that too.

(2) There is another plausible, though much more unlikely, case, in which a user who contributes significantly becomes abusive. That could certainly justify suspending their account and reverting many of the changes they made on Launchpad (the abusive ones), but it would not justify reverting the others (the non-abusive ones that actually contribute).

(3) Such a feature, and (to a slightly lesser extent) the feature requested in Bug 520413, would arguably have politically bad consequences within the community. Erasing the impact of a user is currently difficult and has to be done through positive actions of other users (who can be credited, and thus also blamed, for doing so). That makes it less likely that personal attacks will escalate into the inappropriate labeling of an unpopular user as being sufficiently abusive to warrant suspending; it also makes it less likely that angry users will delete other users' edits to get back at them. I am not suggesting that such behavior is a major risk on Launchpad, but it is a real risk, and I think that the potential benefit of better protecting our community from abusive users should be weighted against the possible harm of giving people powerful ammunition with which to make bad situations worse.

(4) Automatically reverting all changes by users suspended for abuse would actually constitute a security vulnerability. Besides the obvious exploit of targeting committers of security fixes on code.launchpad.net for identity theft and spamming with their identity to get their security fixes automatically reverted, there's an additional, more subtle possible attack: A user could create a Launchpad account, fix one or more security vulnerabilities in one or more Launchpad-hosted projects, and then, after a substantial duration, act abusively until his/her account is suspended. Then the security vulnerabilities, long ago believed (correctly) to have been fixed, would come alive again, and he/she would know about their exploitability long before anyone else would likely figure it out.

(Of course, that illustrates one of the problems with the claim in Bug 5...

There are problems with this suggestion. The reasons for suspension are more complex then presupposed. I think this report is trying to address the issue where a spammer registers an Lp profile and spams bugs and questions. This is less than 50% for the suspensions I have done.

I more commonly suspend a user who has lost control of his gmail or yahoo account. There legitimate bug and answer comments going back many years. Only the recent comments are problematic. We unsuspend the user once he confirms he has reset his passwords and flush caches. When the user is active again, the spam messages will also be visible.

There is a very small set of users who were suspended for rude behaviour. Not all their comments were inappropriate.

This issue overlaps with other issues we understand much better. Suspended users should not appear in the UI. We have several bugs tracking merged, deactivated, and suspended users that appear in the UI (subscribers, proposed members) etc. I talked with Stuart about this. We think we want a garbo job cleans up these artefacts in the data. Merged can happen immediately, deactivated within a day, and suspended in 15 days. We want to permit users to flag comments as spam, we want to change IMessage to permit ~registry and ~admins to hide comments. The act of hiding a comment could also suspend the user in the same action.

I certainly understand that there are issues with the suggestion; I'd
like to figure out a way to get rid of the *hours* of work involved in
deal with the '< 50%' of cases where the user was nothing but a spam
bunny.

-Rob

As is discussed in the spam bugs, we could add an action to all messages flag inappropriate comments. I think users that signed the Ubuntu CoC and have karma or standing does the extra action of hiding the message.

It seems like you could make use of the fact that there is normally a
moment in time where an account goes bad, and hide every comment
created after that moment.

Are you sure there is normally such a moment? When a user loses *control* of their account, they can often still log on and use it...it's just that the bad guys (or their malware) can log on and use it too.

The affected users send 1-5 emails to bug or question, then the account is dormant for weeks or months before another volley of spam. The spammer/malware is not using the website. The was a time last year when the spammers were using Launchpad, but Launchpad was changed to not make indexable links.
Several users reported they had a js virus/malware in their browser cache that gave some one access to their email service.

Since Ubuntu-SSO integration has broken email reactivation, DB surgery is required to restore a suspended Launchpad user. I contact the affected user and ask him to verify that he has changed his passwords and cleared his browser caches. If the user does not respond in 2 days, I suspend him.