Ronald Beelaard wrote:
*** This post is intended for people with some basic
technical expertise ***
The facts:
1. Waerth has posted this
http://img151.imageshack.us/img151/8069/stillblocked1cv4.jpg as "evidence".
Everyone, at any place in the world, can find lists of open proxies that
have been blocked on nl:w: (see
http://nl.wikipedia.org/wiki/Categorie:Wikipedia:Open_proxies). An IP can be
picked from those lists and any browser can be configured to use that number
as proxy. The port is not published, but some ports could be obvious and
after some trial and error one could find a working combination. Regardless
the geo location of the IP tried as proxy. Make the screenshot and here you
are.
I don't think there's any need to start on the conspiracy theories. You
blocked several True Internet proxy IPs, such as 203.144.143.2,
203.144.143.3, 203.144.143.6, 203.144.143.7, 203.144.143.10,
203.144.144.163, 203.144.160.250 and 61.91.190.249.
2. Waerth has disclosed in the Dutch village pump this list
http://nl.wikipedia.org/wiki/Wikipedia:Lijst_van_geblokkeerde_exit_servers
to be my source for blocking "the whole of Thailand". However, this page
lists the exit nodes of cascaded open proxies as these are discovered by my
scanning program and is generated automatically. Besides the blocking of
these exit nodes is done by a bot with a standard phrase in the remark
field. The readable text is "Open proxy - Nadere informatie". The clickable
part brings you to:
http://nl.wikipedia.org/wiki/Wikipedia:Blockreason3
Cascaded open proxies? Do you mean to say that you are blocking these
secure ISP proxies because there is an open proxy behind them, on a
customer computer?
3. The screenshot above is NOT the result of being
blocked by one of the
exit nodes as referred to in 2 (btw a similar mechanism is used when
auto-blocking TOR exit nodes, obviously with slightly different text), but
the result of a manual block of a (normal) open proxy. Such type of open
proxies are only blocked in the case of noticed vandalism of any kind.
We often see vandalism from shared IPs. That's why we have the trusted XFF
list.
4. From a mail sent this morning by Waerth to various
people, I have derived
the originating IP. This IP is currently not and has never been blocked in
the past (except maybe autoblocks). Some weeks ago I've spent considerable
time to figure out what IP's could possibly be used by Waerth's provider as
a cache. One such IP has been unblocked then as a precaution, although it
was very unlikely this one could be the source of any trouble.
He's accessing the web through a load-balanced cluster of HTTP proxies. It
should be obvious that whatever IP address you see on mail is not going to
be the same as the one you see on Wikipedia, unless the XFF list is
properly configured.
Please read
http://meta.wikimedia.org/wiki/XFF_project if you haven't done
so already.
-- Tim Starling
