On 6/16/07, Anthony wikimail@inbox.org wrote:
On 6/16/07, zetawoof zetawoof@gmail.com wrote:
On 6/16/07, Rory Stolzenberg rory096@gmail.com wrote:
Please. Yes, theoretically, it's possible for someone to run multiple accounts. However, this is possible even without open proxies, and it's really not particularly difficult to tell that someone has sockpuppets if all of their accounts use open proxies, they all have the same voice, and they all do suspicious things together. Using open proxies doesn't block checkusers from finding sockpuppets, and it doesn't mean that the user's account will magically become compromised.
Sure it does. Editing through an open proxy exposes a user's account to compromise in the exact same way that editing on a public computer does.
Not if they use https. https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page
Most open web proxies don't support https. TOR does, but that still doesn't obviate the risk that the server could be spoofed by an exit node. The Wikimedia secure server is using a CACert key; on most web browsers, this generates a warning which is indistinguishable from the warning generated by an endpoint that's performing a man-in-the-middle attack.
To be sure, this is a problem that could theoretically be solved (by getting a proper certificate for the secure server). However, it remains the case that editing Wikipedia through an untrusted connection is unsafe, especially for an admin.