On 9/27/07, Brock Weller brock.weller@gmail.com wrote: [snip]
But i don't use it on the pedia. Because it's not allowed. That's the rules as they are now. You know this, i know this.
It isn't against the rules to use open proxies with English Wikipedia, nor even against them to edit from open proxies. Rather, the standing and well justified practice is to block them when we find them because they are used for trouble.
The distinction is subtle but important.
If there existed an open proxy which was an attractive tool for abuse we wouldn't block it. No such beast exists yet, but they are possible.
For example, http://www.lunkwill.org/src/nym/Readme proposes a system which would allow us to give people tokens whenever they donate over a threshold amount to us or perhaps other participating non-profits. The token could be used to enable tor editing from a single account. This way creating vandal accounts would cost $25 (or whatever) each. Probably a reasonable enough solution, and the pseudoanomity of the user is strongly preserved.
Or another example, http://petworkshop.org/2007/papers/PET2007_preproc_Nymble.pdf uses many of the same cryptographic constructs as above but creates a system where we could block IPs without ever being able to tell exactly what they were.
Now that armedblowfish is rate limited perhaps he'll have some time to work on developing the software needed to make one these into reasonable options.
But regardless, this is being dragged off topic.
If it's that off-topic then don't reply on list. ;)
I should have made a finer distinction, i admit, the user will not be punished, nor should they be, but open proxies, when known, are blocked. Against the rules seemed the best way to phrase it :) it's an artifact of language, not a policy misunderstanding :)
On 9/27/07, Gregory Maxwell gmaxwell@gmail.com wrote:
On 9/27/07, Brock Weller brock.weller@gmail.com wrote: [snip]
But i don't use it on the pedia. Because it's not allowed. That's the rules as they are now. You know this, i know this.
It isn't against the rules to use open proxies with English Wikipedia, nor even against them to edit from open proxies. Rather, the standing and well justified practice is to block them when we find them because they are used for trouble.
The distinction is subtle but important.
If there existed an open proxy which was an attractive tool for abuse we wouldn't block it. No such beast exists yet, but they are possible.
For example, http://www.lunkwill.org/src/nym/Readme proposes a system which would allow us to give people tokens whenever they donate over a threshold amount to us or perhaps other participating non-profits. The token could be used to enable tor editing from a single account. This way creating vandal accounts would cost $25 (or whatever) each. Probably a reasonable enough solution, and the pseudoanomity of the user is strongly preserved.
Or another example, http://petworkshop.org/2007/papers/PET2007_preproc_Nymble.pdf uses many of the same cryptographic constructs as above but creates a system where we could block IPs without ever being able to tell exactly what they were.
Now that armedblowfish is rate limited perhaps he'll have some time to work on developing the software needed to make one these into reasonable options.
But regardless, this is being dragged off topic.
If it's that off-topic then don't reply on list. ;)
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
On 9/27/07, Brock Weller brock.weller@gmail.com wrote:
I should have made a finer distinction, i admit, the user will not be punished, nor should they be, but open proxies, when known, are blocked. Against the rules seemed the best way to phrase it :) it's an artifact of language, not a policy misunderstanding :)
I do edit from an open proxy. It's not blocked, and I won't reveal the IP since nobody but me seems to be using it.
There you have,somebody is known to be editing from an open proxy and not getting blocked :P
On 9/27/07, Gregory Maxwell gmaxwell@gmail.com wrote:
If there existed an open proxy which was an attractive tool for abuse we wouldn't block it. No such beast exists yet, but they are possible.
For example, http://www.lunkwill.org/src/nym/Readme proposes a system which would allow us to give people tokens whenever they donate over a threshold amount to us or perhaps other participating non-profits. The token could be used to enable tor editing from a single account. This way creating vandal accounts would cost $25 (or whatever) each. Probably a reasonable enough solution, and the pseudoanomity of the user is strongly preserved.
Or just sell accounts with ipblock-exempt for $25 in e-gold.
Now that armedblowfish is rate limited perhaps he'll have some time to work on developing the software needed to make one these into reasonable options.
The nym software has already been developed and tested. http://en.wikipedia.org/wiki/User:Lunkwill/nym The problem isn't developing the software, it's 1) getting a developer to accept the patch, and 2) getting someone to turn it on.
The fact that you know about nym makes me surprised you didn't already know that.
Hmm. "On 27 April 2007, a federal grand jury in Washington, D.C. indicted e‑Gold Ltd and its owners on charges of money laundering, conspiracy, and operating an unlicensed money transmitting business." The fact that I know about e-gold makes me surprised I didn't already know that. :)
On 9/27/07, Anthony wikimail@inbox.org wrote:
The nym software has already been developed and tested. http://en.wikipedia.org/wiki/User:Lunkwill/nym The problem isn't developing the software, it's 1) getting a developer to accept the patch, and 2) getting someone to turn it on.
The fact that you know about nym makes me surprised you didn't already know that.
I knew it was mostly done, I didn't realize it had actually been proposed on WP before. Though it still needs some development work, since the current version of the software breaks SSL support for users without client certs, and it needs updated against the current codebase.
There are also some little security gotchas with the current approach like the client must "Wait a random interval sufficient to foil transaction time correlations". ... which no one is going to do because given the expect account creation rates that time required might be days. :)
The proposal needs a few other features: for example, the NYM server should probably download the enwiki block list and refuse to issue a token for IP addresses which are already blocked. I think that it should also be made possible to log in when using one of the NYM certs so the people could continue to use named psedonyms they already have established (and storing the NYM ID as the users IP).
And there a lot of open questions.. how often should the nym server reissue tokens for an IP (ever? if not what about IPs changing? yearly?) should NYM certs only be allowed for tor users? How do you prevent your client from sending your nym cert when you've turned off tor? (thus compromising your IP).
On 9/28/07, Gregory Maxwell gmaxwell@gmail.com wrote:
And there a lot of open questions.. how often should the nym server reissue tokens for an IP (ever? if not what about IPs changing? yearly?) should NYM certs only be allowed for tor users? How do you prevent your client from sending your nym cert when you've turned off tor? (thus compromising your IP).
And this includes a mix of technical and policy issues, so if it's going to be implemented it's going to need support both from the devs and from the community.
On 9/27/07, Stephen Bain stephen.bain@gmail.com wrote:
And this includes a mix of technical and policy issues, so if it's going to be implemented it's going to need support both from the devs and from the community.
Well, anybody who has learned anything from all those "stable versions" discussions will not be holding any breath.
—C.W.