I agree that sockpuppets are a real problem, but they manage fine right now
without going through Tor. There are quite a few ways to connect up using
different IPs as it is now, so the real problem remains: the sockpuppeteers
themselves.
Gabe
On Mon, Jun 5, 2017 at 10:20 PM, Cristian Consonni <cristian(a)balist.es>
wrote:
On 05/06/2017 19:43, David Gerard wrote:
Editing may be a tricky one, particularly on
en:wp, which has found
Tor exit points to overwhelmingly be fountains of garbage, and
automatically blocks them.
On 05/06/2017 19:47, John wrote:
enabling read access via Tor shouldn't be an
issue, however editing
should
not be allowed due to high volume of known abuse
from that vector.
On 05/06/2017 21:01, John wrote:
Im not going to violate BEANS, but even allowing
accounts to edit without
further hurdles isn't going to work. Because of the anonymity that tor
provides its fairly easy to cause widespread issues. When the vandals
start
actually using tactics the flood gates of TOR
will cause massive issues
cross wiki that requires steward level intervention on a regular basis.
Allow me to reiterate that I am not proposing any change to the current
policies regarding editing via Tor or other open proxies. Even with an
onion service, anonymous editing will still be blocked and registered
users will still need to apply for IP block exemption before being able
to edit.
I have read several discussions on the topic (going back to 2006) and
what I have understood from those is that the biggest issue with editing
via Tor is sockpuppeting. Vandals and spammer could be handled (and
blocked), sockpuppets would be much harder to identify. The problem is
hard because it solving it requires to have a way to identify that two
accounts with different IPs are related to the same real person without
at the same time destroying the anonymity provided by Tor. There has
been research on the topic (see, for example, Nymble[1]) but at the very
least it would require some additional technical setup and testing.
With this proposal I am not trying to solve that problem.
I am just pointing out that:
1. having an onion service would increase the privacy of our readers and
the (very few) people who are already allowed to edit via Tor.
2. is harder to block access to an onion service than to
wikipedia.org
(you basically need to block all accesses to Tor, but there are ways to
circumvent that, too[2]).
3. supporting privacy-enhancing technology is good and people may need
it or maybe they will start using Tor more.
As it stands now, the biggest impact of this project (if it is
successful) would be on operations and analytics.
Cristian
[1]:
https://cgi.soic.indiana.edu/~kapadia/nymble/overview.php
[2]:
https://www.torproject.org/docs/pluggable-transports
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/
wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>