enabling read access via Tor shouldn't be an issue, however editing should not be allowed due to high volume of known abuse from that vector.

On Mon, Jun 5, 2017 at 1:43 PM, David Gerard dgerard@gmail.com wrote:

Editing may be a tricky one, particularly on en:wp, which has found Tor exit points to overwhelmingly be fountains of garbage, and automatically blocks them.

• d.

On 5 June 2017 at 18:30, David Cuenca Tudela dacuetu@gmail.com wrote:

...

I think that's an excellent idea and very much aligned with our

commitment

...

to provide free information also for those who are living under

unfavorable

...

conditions.

I personally endorse it.

Thanks Cristian for suggesting it.

Regards, Micru

On Jun 5, 2017 19:11, "Cristian Consonni" cristian@balist.es wrote:

...

Hi,

I have written a proposal about setting up an onion (hidden) service to serve Wikipedia over Tor:

https://meta.wikimedia.org/wiki/Grants:IdeaLab/A_Tor_ Onion_Service_for_Wikipedia

I was thinking about this and I also discovered that the Internet Archive is experimenting with a very similar idea: www.hackerfactor.com/blog/index.php?/archives/750- Freedom-of-Information.html

I would like to have some feedback on this, I am also in contact with the author of the aforementioned proxy which could be able to give some help in setting it up.

Thank you.

Cristian

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/

wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l

...

New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

Im not going to violate BEANS, but even allowing accounts to edit without further hurdles isn't going to work. Because of the anonymity that tor provides its fairly easy to cause widespread issues. When the vandals start actually using tactics the flood gates of TOR will cause massive issues cross wiki that requires steward level intervention on a regular basis.

On Mon, Jun 5, 2017 at 2:53 PM, Gabriel Thullen gabriel@thullen.com wrote:

I imagine registered users could edit through TOR. That is how it works with my school IP: anonymous edits are blocked, account creation as well, but you can sign in an edit.

On Mon, Jun 5, 2017 at 7:47 PM, John phoenixoverride@gmail.com wrote:

...

enabling read access via Tor shouldn't be an issue, however editing

should

...

not be allowed due to high volume of known abuse from that vector.

On Mon, Jun 5, 2017 at 1:43 PM, David Gerard dgerard@gmail.com wrote:

...

Editing may be a tricky one, particularly on en:wp, which has found Tor exit points to overwhelmingly be fountains of garbage, and automatically blocks them.

• d.

On 5 June 2017 at 18:30, David Cuenca Tudela dacuetu@gmail.com

wrote:

...

...

...

I think that's an excellent idea and very much aligned with our

commitment

...

to provide free information also for those who are living under

unfavorable

...

conditions.

I personally endorse it.

Thanks Cristian for suggesting it.

Regards, Micru

On Jun 5, 2017 19:11, "Cristian Consonni" cristian@balist.es

wrote:

...

...

...

...

Hi,

I have written a proposal about setting up an onion (hidden) service

to

...

...

...

serve Wikipedia over Tor:

https://meta.wikimedia.org/wiki/Grants:IdeaLab/A_Tor_ Onion_Service_for_Wikipedia

I was thinking about this and I also discovered that the Internet Archive is experimenting with a very similar idea: www.hackerfactor.com/blog/index.php?/archives/750- Freedom-of-Information.html

I would like to have some feedback on this, I am also in contact

with

...

...

...

...

the author of the aforementioned proxy which could be able to give

some

...

...

...

help in setting it up.

Thank you.

Cristian

---

Wikimedia-l mailing list, guidelines at:

https://meta.wikimedia.org/

...

...

...

...

wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/

mailman/listinfo/wikimedia-l

...

,

...

...

...

<mailto:wikimedia-l-request@lists.wikimedia.org?subject=

unsubscribe>

...

...

...

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/

wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l

...

New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/

mailman/listinfo/wikimedia-l,

...

...

mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

This conversation has gone in multiple directions. It started with reading Wikipedia through a hidden service. I am interested only in talking about editing Wikipedia with Tor.

I feel that the negativity in this thread against Tor is unwarranted and ignorant. I can confirm that Wikipedia needs its defense and should not open pathways to let problematic users vandalize Wikipedia. I dispute that there is any reason to believe that having a safe process for granting editing rights to certain vetted Tor users should be problematic. In fact, block exemptions are not granted in a reasonable way.

In discussions about Tor often I feel like users become wild and accusatory. When I hear harsh accusations, I often feel that they are coming from people who do not understand the proposals that have come in over the years for allowing Tor access to certain users. The big recurring idea is that users with registered accounts can request review for their wiki editing, or new accounts could be watched or sponsored by established users. If they pass review, they get to edit from Tor. If they do not pass review, then they cannot. Anyone who says, "No Tor, it would create a flood of bad edits" is probably unaware of what Tor advocates are requesting, or at least, I have never heard from anyone who has this view and who could have a conversation.

Here are some stories I have heard from established Wikipedia editors who want to edit with Tor:

- A well known LGBT+ activist and contributor to projects in the open movement lives in a country where being LGBT+ is a serious crime. - A person who is in the witness protection https://en.wikipedia.org/wiki/witness_protection program of their country and is willing to share government provided proof of their need for privacy has made a request for an en:Wikipedia:IP block exemption https://en.wikipedia.org/wiki/Wikipedia:IP_block_exemption, and was denied and cannot edit with Tor. - A major international conference in the open movement hosted a speaker and presenter who claimed to be a refugee from their own country and expected never to return, and claimed that editing Wikipedia was the primary factor in their government's persecution of them.

Restricting these kinds of users is sad and unnecessary. On-wiki and by email are not paths to reasonable conversation on this topic. If anyone wants to have conversation I would talk by phone or video chat. I also posted a lot about this on-wiki, but it is a lot to take in.

More reading -

RfC: Grant exemptions to users in good standing on request < https://en.wikipedia.org/wiki/Wikipedia_talk:IP_block_exemption#RfC:_Grant_e...

Partnership between Wikimedia community and Tor community < https://meta.wikimedia.org/wiki/Grants:IdeaLab/Partnership_between_Wikimedia...

On Tue, Jun 13, 2017 at 4:34 PM, John Erling Blad jeblad@gmail.com wrote:

Blocking a registered user on TOR is not different from blocking a registered user outside TOR.

5. jun. 2017 21.02 skrev "John" phoenixoverride@gmail.com:

...

Im not going to violate BEANS, but even allowing accounts to edit without further hurdles isn't going to work. Because of the anonymity that tor provides its fairly easy to cause widespread issues. When the vandals

start

...

actually using tactics the flood gates of TOR will cause massive issues cross wiki that requires steward level intervention on a regular basis.

On Mon, Jun 5, 2017 at 2:53 PM, Gabriel Thullen gabriel@thullen.com wrote:

...

I imagine registered users could edit through TOR. That is how it works with my school IP: anonymous edits are blocked, account creation as

well,

...

...

but you can sign in an edit.

On Mon, Jun 5, 2017 at 7:47 PM, John phoenixoverride@gmail.com

wrote:

...

...

...

enabling read access via Tor shouldn't be an issue, however editing

should

...

not be allowed due to high volume of known abuse from that vector.

On Mon, Jun 5, 2017 at 1:43 PM, David Gerard dgerard@gmail.com

wrote:

...

...

...

Editing may be a tricky one, particularly on en:wp, which has found Tor exit points to overwhelmingly be fountains of garbage, and automatically blocks them.

• d.

On 5 June 2017 at 18:30, David Cuenca Tudela dacuetu@gmail.com

wrote:

...

...

...

I think that's an excellent idea and very much aligned with our

commitment

...

to provide free information also for those who are living under

unfavorable

...

conditions.

I personally endorse it.

Thanks Cristian for suggesting it.

Regards, Micru

On Jun 5, 2017 19:11, "Cristian Consonni" cristian@balist.es

wrote:

...

...

...

> Hi, > > I have written a proposal about setting up an onion (hidden)

service

...

...

to

...

...

> serve Wikipedia over Tor: > > https://meta.wikimedia.org/wiki/Grants:IdeaLab/A_Tor_ > Onion_Service_for_Wikipedia > > I was thinking about this and I also discovered that the

Internet

...

...

...

...

...

> Archive is experimenting with a very similar idea: > www.hackerfactor.com/blog/index.php?/archives/750- > Freedom-of-Information.html > > I would like to have some feedback on this, I am also in contact

with

...

...

...

> the author of the aforementioned proxy which could be able to

give

...

...

...

some

...

...

> help in setting it up. > > Thank you. > > Cristian > > _______________________________________________ > Wikimedia-l mailing list, guidelines at:

https://meta.wikimedia.org/

...

...

...

> wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ > wiki/Wikimedia-l > New messages to: Wikimedia-l@lists.wikimedia.org > Unsubscribe: https://lists.wikimedia.org/

mailman/listinfo/wikimedia-l

...

,

...

...

> <mailto:wikimedia-l-request@lists.wikimedia.org?subject=

unsubscribe>

...

...

...

---

Wikimedia-l mailing list, guidelines at:

https://meta.wikimedia.org/

...

...

...

wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l

...

New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/

mailman/listinfo/wikimedia-l,

...

...

<mailto:wikimedia-l-request@lists.wikimedia.org?subject=

unsubscribe>

...

...

...

...

---

Wikimedia-l mailing list, guidelines at:

https://meta.wikimedia.org/

...

...

...

...

wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/

mailman/listinfo/wikimedia-l,

...

...

...

<mailto:wikimedia-l-request@lists.wikimedia.org?subject=

unsubscribe>

...

...

...

...

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/

mailman/listinfo/wikimedia-l,

...

...

...

mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

Nope.

Tor users needs `ip block exempt` or `global ip block exempt` to edit.

https://en.wikipedia.org/wiki/Wikipedia:IP_block_exemption seem to say so too. ("In highly exceptional circumstances, an editor may be permitted to edit anonymously, via Tor or another anonymizing proxy.")

-- Yongmin

Sent from my iPhone https://wp.revi.blog Please note that this address is list-only address and any non-mailing list mails will be treated as spam. Please use https://encrypt.to/0x947f156f16250de39788c3c35b625da5beff197a.

2017. 6. 6. 03:53 Gabriel Thullen gabriel@thullen.com 작성:

I imagine registered users could edit through TOR. That is how it works with my school IP: anonymous edits are blocked, account creation as well, but you can sign in an edit.

...

On Mon, Jun 5, 2017 at 7:47 PM, John phoenixoverride@gmail.com wrote:

enabling read access via Tor shouldn't be an issue, however editing should not be allowed due to high volume of known abuse from that vector.

...

On Mon, Jun 5, 2017 at 1:43 PM, David Gerard dgerard@gmail.com wrote:

Editing may be a tricky one, particularly on en:wp, which has found Tor exit points to overwhelmingly be fountains of garbage, and automatically blocks them.

• d.

...

On 5 June 2017 at 18:30, David Cuenca Tudela dacuetu@gmail.com wrote: I think that's an excellent idea and very much aligned with our

commitment

...

to provide free information also for those who are living under

unfavorable

...

conditions.

I personally endorse it.

Thanks Cristian for suggesting it.

Regards, Micru

...

On Jun 5, 2017 19:11, "Cristian Consonni" cristian@balist.es wrote:

Hi,

I have written a proposal about setting up an onion (hidden) service

to

...

...

...

serve Wikipedia over Tor:

https://meta.wikimedia.org/wiki/Grants:IdeaLab/A_Tor_ Onion_Service_for_Wikipedia

I was thinking about this and I also discovered that the Internet Archive is experimenting with a very similar idea: www.hackerfactor.com/blog/index.php?/archives/750- Freedom-of-Information.html

I would like to have some feedback on this, I am also in contact with the author of the aforementioned proxy which could be able to give

some

...

...

...

help in setting it up.

Thank you.

Cristian

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

,

...

...

...

mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/

wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l

...

New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

On 05/06/2017 22:19, Todd Allen wrote:

With the recent ruling about ISPs being allowed to collect and sell user data in the US, we're at "highly exceptional circumstances". Good Internet citizens allow anonymous participation. We can soft block them, but surely we can revert vandals and block their accounts.

If we can't even manage that, we have problems far deeper than Tor.

On 05/06/2017 22:34, Gabriel Thullen wrote:

I agree that sockpuppets are a real problem, but they manage fine

right now

without going through Tor. There are quite a few ways to connect up using different IPs as it is now, so the real problem remains: the

sockpuppeteers

themselves.

I understand your point of view and I am sympathetic to it. I also would like to find a solution to this problem right now, but what I have seen reading the past discussions is that in the last 10+ years our community has not been able to find a shared, workable proposal for allowing editing over Tor for everybody. In the end, I trust the opinion of those who have participated in the past discussions (with many very experienced users participating in them) to be better informed than myself on the topic of fighting sockpuppeteers, vandals and spammers.

At the same time, what I am proposing is dealing with a single problem at a time, and also a different thing. An onion service would be good regardless of the fact that it can be used just for reading or for reading and writing.

To the best of my knowledge, the current proposal shouldn't cause any disruption to the projects with our current policies (and, please, you are invited point out any issues you may see with it).

Also, if we see that this service is used then we may have an additional data point to reason about the opportunity of allowing editing over Tor. In other words, if we have many readers maybe we could have some editors, too, and it would be more justified to put some resources towards trying to solve this much harder problem.

Cristian

I agree that sockpuppets are a real problem, but they manage fine right now without going through Tor. There are quite a few ways to connect up using different IPs as it is now, so the real problem remains: the sockpuppeteers themselves.

Gabe

On Mon, Jun 5, 2017 at 10:20 PM, Cristian Consonni cristian@balist.es wrote:

On 05/06/2017 19:43, David Gerard wrote:

...

Editing may be a tricky one, particularly on en:wp, which has found Tor exit points to overwhelmingly be fountains of garbage, and automatically blocks them.

On 05/06/2017 19:47, John wrote:

...

enabling read access via Tor shouldn't be an issue, however editing

should

...

not be allowed due to high volume of known abuse from that vector.

On 05/06/2017 21:01, John wrote:

...

Im not going to violate BEANS, but even allowing accounts to edit without further hurdles isn't going to work. Because of the anonymity that tor provides its fairly easy to cause widespread issues. When the vandals

start

...

actually using tactics the flood gates of TOR will cause massive issues cross wiki that requires steward level intervention on a regular basis.

Allow me to reiterate that I am not proposing any change to the current policies regarding editing via Tor or other open proxies. Even with an onion service, anonymous editing will still be blocked and registered users will still need to apply for IP block exemption before being able to edit.

I have read several discussions on the topic (going back to 2006) and what I have understood from those is that the biggest issue with editing via Tor is sockpuppeting. Vandals and spammer could be handled (and blocked), sockpuppets would be much harder to identify. The problem is hard because it solving it requires to have a way to identify that two accounts with different IPs are related to the same real person without at the same time destroying the anonymity provided by Tor. There has been research on the topic (see, for example, Nymble[1]) but at the very least it would require some additional technical setup and testing.

With this proposal I am not trying to solve that problem.

I am just pointing out that:

1. having an onion service would increase the privacy of our readers and

the (very few) people who are already allowed to edit via Tor. 2. is harder to block access to an onion service than to wikipedia.org (you basically need to block all accesses to Tor, but there are ways to circumvent that, too[2]). 3. supporting privacy-enhancing technology is good and people may need it or maybe they will start using Tor more.

As it stands now, the biggest impact of this project (if it is successful) would be on operations and analytics.

Cristian

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

As far as I can tell (and from comments made in the past by actual Tor users), there is no problem whatsoever for Tor users to read Wikipedia while using Tor. Editing is a completely different situation - and well it should be, given the pure unadulterated trash that tends to come in whenever a Tor exit node is missed in the routine lockdowns.

I recognize the concerns about ISP tracking and what I assume most Wikimedians would consider inappropriate use of their browsing information. I understand why more and more Wikimedians are electing to use VPNs and other more secure methods of accessing the internet. But VPNs are also heavily abused - not just by socks, but by individuals who consciously and intentionally disrupt projects - and thus more and more of them are getting locked in "only accounts can edit" or even "only IPBE can edit" mode - often on a global basis, not just one individual wiki. It occurs to me that we can probably be more liberal in handing out IPBE - which covers both Tor users and VPN users. It's not an idea situation, since people have to establish their account history before anyone's going to hand them IPBE, but it is probably better than nothing. And yes, the place to ask is at Global IPBE, because getting IPBE on only one project is unhelpful if one also pitches in elsewhere (Wikidata, Commons, etc.).

Risker/Anne

On 5 June 2017 at 19:34, MZMcBride z@mzmcbride.com wrote:

Cristian Consonni wrote:

...

I have read several discussions on the topic (going back to 2006) and what I have understood from those is that the biggest issue with editing via Tor is sockpuppeting.

This Phabricator comment you found seems pretty useful: https://phabricator.wikimedia.org/T71333#728636.

And Faidon posted in November 2014 about the establishment of a Tor relay: https://lists.wikimedia.org/pipermail/wikitech-l/2014-November/079392.html

How does your proposal interact (if at all) with the existing Tor relay set up in late 2014?

It's unclear to me whether "Tor onion service" in this context is equivalent to a Tor exit node. I'm fairly sure setting up the latter has been discussed previously on wikimedia-l and/or wikitech-l.

MZMcBride

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

On 06/06/2017 02:10, Risker wrote:

As far as I can tell (and from comments made in the past by actual Tor users), there is no problem whatsoever for Tor users to read Wikipedia while using Tor.

Let me put it this way, I am sure that the WMF will always do its best to protect the privacy of our readers and editors. Alas, I am much more concerned by third parties trying to snoop on our users. We also know that this kind of surveillance happened and that's also why the WMF is currently engaged in a lawsuit against the NSA.

Using Tor to visit (i.e. read) wikipedia.org provides additional privacy and users can also circumvent blocks in their country, if necessary. Having an onion service gives similar benefits.

Furthermore, I think it is very important that major Internet websites provide themselves as an onion service. Even Facebook did it (at https://www.facebookcorewwwi.onion/) and there are good privacy and censorship-circumventing reasons for this[1]. I think that the least difference between the "privacy enhanced" (aka dark) net and the regular internet there is the more people will consider to use Tor. I think this is a good thing.

Frankly, I hate it when I hear Tor and onion services nominated by newspapers and newscasts only when talking about illegal activities. Then I remind myself that Snowden used Tor extensively and without it we probably would have not know about the NSA mass surveillance.

I think that having an onion service may be useful, but I also think that we could have it just because we should.

Editing is a completely different situation - and well it should be, given the pure unadulterated trash that tends to come in whenever a Tor exit node is missed in the routine lockdowns.

I understand the difficulties. Again, I don't think we should conflate the idea of providing Wikipedia as an onion service with the issues related to editing Wikipedia over Tor or open proxies.

[1]: https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs

On 07/06/2017 20:24, Alec Muffett wrote:

If it helps, I built an betatest onion for Wikipedia and all(?) the Wikimedia Foundation websites using EOTK* a few months ago, and documented the build process at:

https://github.com/alecmuffett/eotk/blob/master/docs.d/RUNBOOK.md

A basic test onion takes about 5..10 minutes to set up on Ubuntu or OSX/Homebrew.

A scalable full production loadbalanced deployment on some kind of cloud orse server(s) should take a day or two, plus time to buy an Onion SSL Certificate where appropriate.

Thanks Alec.

I would also point out the offer you made in a tutorial video for EOTK[1]:

"If anyone from Wikipedia or Wikimedia is watching this video I would gladly help you guys set one of this up officially because it is really cool"

It is. It also useful, mission-aligned, and important.

So, please read my proposal as "Take this offer from Alec Muffett"

Cristian

[1]: https://www.youtube.com/watch?v=HNJaMNVCb-U

On Wed, Jun 14, 2017 at 10:57 AM, Faidon Liambotis faidon@wikimedia.org wrote:

Just to mention a couple of issues: one of them is that we need MediaWiki to emit different URLs for e.g. upload.wikimedia.org resources to point to the onion address that we will designate for media.

That part reminds me a bit of https://phabricator.wikimedia.org/T156847, which is about outputting different addresses in links for the mobile site versus the desktop site. The same solution might work for both onion links and mobile site links.

hi Faidon,

On Wed, Jun 14, 2017 at 4:57 PM, Faidon Liambotis faidon@wikimedia.org wrote:

However, it hasn't been a priority for me or my team for these reasons:

• As long as communities feel so-and-so about Tor overall, and e.g. block edits from Tor users, it's hard to justify us in the Foundation investing more time into it, at the expense of other projects. It feels at odds with our communities' wishes a little bit.

the reason to think about some use of Tor for me, considering the mixed feelings about the technology in our community, would be in the app, and just for reading. If our app used Tor by default, all users in Turkey would magically find Wikipedia to work on their phones :)

Facebook app allows Tor, but not by default (because it kills notifications).

I believe that such a use of Tor would possibly be neutral to many people who otherwise oppose allowing editing through Tor.

dj

hi Alec,

On Wed, Jun 14, 2017 at 04:12:49PM +0100, Alec Muffett wrote:

I'd love to know more about the security issues in particular. Do please tell?

I don't recall finding a specific vulnerability, but last time I had a look at EOTK a while ago, it generated an nginx config that performed a series of steps to manipulate HTTP headers and body (HTML & Javascript) using (hard to audit) regexps. This is not a great security practice IMHO, as it can result in all kinds of unexpected output, especially with user-controlled untrusted input. It's the kind of thing that has runs the risk of generating XSS, header CRLF injection vulnerabilities etc.

More broadly, using regexps to manipulate content means that you either replace mentions of "upload.wikimedia.org" blindly, even legitimate/non-href ones like a mention of it in the article text, or you attempt to parse the syntax of HTML and Javascript with regexps, including quotes, escape sequences, comments etc. Neither are the right thing to do.

EOTK as I understand it also pre-generates an nginx config with a very specific site-specific configuration, such as CSP, TLS ciphers etc. These may are secure, but are the kind of settings we are paying a close attention to and manage ourselves, so delegating them to a tool like EOTK is not something we can do. That said, it may be possible to use EOTK to bootstrap our configuration and then remove the bits that we manually manage and care about, so I don't think this is by itself hindering our usage of it.

I would love to know more about what you see as the inhibitors - especially so that I can go fix them for the internet-community-at-large - however this decision is one for the Wikipedia community to take.

I'll still happily help if you decide "yes", but WMF should make and own the decision.

Note that there is a distinction between "the [e.g. English] Wikipedia community" and the WMF. We are all part of the same movement but the various wiki communities have decision-making capabilities of their own, especially when it comes to matters such as who's allowed to edit what, when and how. Allowing edits over Tor is not the kind of decision the Foundation can unilaterally make, while setting up the Onion service would be something that the Foundation would do, since it would just be part of our infrastructure and thus our mandate.

Granted, serving the site over an Onion service is orthogonal to being able to edit it, so it's something we may eventually do anyway, even if the situation around editing remains the same. It does limit its scope and usefulness though, and is thus a factor that contributes to our prioritization (or lack thereof).

Best, Faidon -- Faidon Liambotis Principal Engineer, Technical Operations Wikimedia Foundation

On 16 June 2017 at 19:12, Faidon Liambotis faidon@wikimedia.org wrote:

hi Alec,

Hi Faidon!

On Wed, Jun 14, 2017 at 04:12:49PM +0100, Alec Muffett wrote:

...

I'd love to know more about the security issues in particular. Do please tell?

I don't recall finding a specific vulnerability,

That's excellent!

but last time I had a look at EOTK a while ago, it generated an nginx config that performed a series of steps to manipulate HTTP headers and body (HTML & Javascript) using (hard to audit) regexps. This is not a great security practice IMHO, as it can result in all kinds of unexpected output, especially with user-controlled untrusted input. It's the kind of thing that has

runs the risk of generating XSS, header CRLF injection vulnerabilities

etc.

I concur; that's why I am working on an additional template which takes an all-or-nothing approach, where the regexps and expectations are much simpler to reason about.

More broadly, using regexps to manipulate content means that you either replace mentions of "upload.wikimedia.org" blindly, even legitimate/non-href ones like a mention of it in the article text, or you attempt to parse the syntax of HTML and Javascript with regexps, including quotes, escape sequences, comments etc. Neither are the right thing to do.

Depending upon expectations and threat-models, I can see that perspective.

EOTK as I understand it also pre-generates an nginx config with a very specific site-specific configuration, such as CSP, TLS ciphers etc. These may are secure, but are the kind of settings we are paying a close attention to and manage ourselves, so delegating them to a tool like EOTK is not something we can do.

Indeed.

Part of the point of EOTK being available on Github is the expectation that sites will fork it and tune it to meet their needs.

I am confident that Wikipedia are equipped and expert enough to tweak a NGINX cipher suite config without much fuss.

Request: whist we're here, I would be delighted to see/plagiarise the cipher suites that Wikipedia uses - could you point me at them, please?

Also, I suppose it's worth noting that - to a fair first approximation - anyone accessing a Wikipedia Onion is doing it from one of:

- Tor Browser - Orfox - Tails

…so the number of cipher suites which EOTK needs to optimise for, are actually quite small.

That said, it may be possible to use EOTK to bootstrap our configuration and then remove the bits that we manually manage and care about, so I don't think this is by itself hindering our usage of it.

Concur. There is nothing stopping you using it.

Note that there is a distinction between "the [e.g. English] Wikipedia community" and the WMF. We are all part of the same movement but the various wiki communities have decision-making capabilities of their own, especially when it comes to matters such as who's allowed to edit what, when and how.

I did not know that! That is very interesting, thank you. TIL.

Allowing edits over Tor is not the kind of decision the

Foundation can unilaterally make, while setting up the Onion service would be something that the Foundation would do, since it would just be part of our infrastructure and thus our mandate.

Understood. Is it safe to extrapolate this to (say) Wikibooks, also?

Are they likewise geographically distinct?

Granted, serving the site over an Onion service is orthogonal to being able to edit it, so it's something we may eventually do anyway, even if the situation around editing remains the same. It does limit its scope and usefulness though, and is thus a factor that contributes to our prioritization (or lack thereof).

Cristian is making a good case around this matter, so I will leave that to him for a while.

Thanks again!

- alec

ANother relevant academic article: --- "Chilling Effects: Online Surveillance and Wikipedia Use"[1]

«This article discusses the results of the first empirical study providing evidence of regulatory “chilling effects” of Wikipedia users associated with online government surveillance. The study explores how traffic to Wikipedia articles on topics that raise privacy concerns for Wikipedia users decreased after the widespread publicity about NSA/PRISM surveillance revelations in June 2013.» ---

This study has been covered by various articles in the press, here's for example one from "The Intercept" by Glenn Greenwald: --- «New Study Shows Mass Surveillance Breeds Meekness, Fear and Self-Censorship»[2]

A newly published study from Oxford’s Jon Penney provides empirical evidence for a key argument long made by privacy advocates: that the mere existence of a surveillance state breeds fear and conformity and stifles free expression. ---

Cristian

[1]: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2769645e [2]: https://theintercept.com/2016/04/28/new-study-shows-mass-surveillance-breeds...

Quick update, as this story went on Motherboard https://motherboard.vice.com/en_us/article/wikipedians-want-to-to-put-wikipe... ;-)

Aubrey

On Tue, Jun 6, 2017 at 12:22 PM, Cristian Consonni cristian@balist.es wrote:

On 06/06/2017 02:10, Risker wrote:

...

As far as I can tell (and from comments made in the past by actual Tor users), there is no problem whatsoever for Tor users to read Wikipedia while using Tor.

Let me put it this way, I am sure that the WMF will always do its best to protect the privacy of our readers and editors. Alas, I am much more concerned by third parties trying to snoop on our users. We also know that this kind of surveillance happened and that's also why the WMF is currently engaged in a lawsuit against the NSA.

Using Tor to visit (i.e. read) wikipedia.org provides additional privacy and users can also circumvent blocks in their country, if necessary. Having an onion service gives similar benefits.

Furthermore, I think it is very important that major Internet websites provide themselves as an onion service. Even Facebook did it (at https://www.facebookcorewwwi.onion/) and there are good privacy and censorship-circumventing reasons for this[1]. I think that the least difference between the "privacy enhanced" (aka dark) net and the regular internet there is the more people will consider to use Tor. I think this is a good thing.

Frankly, I hate it when I hear Tor and onion services nominated by newspapers and newscasts only when talking about illegal activities. Then I remind myself that Snowden used Tor extensively and without it we probably would have not know about the NSA mass surveillance.

I think that having an onion service may be useful, but I also think that we could have it just because we should.

...

Editing is a completely different situation - and well it should be, given the pure unadulterated trash that tends to come in whenever a Tor exit node is missed in the routine lockdowns.

I understand the difficulties. Again, I don't think we should conflate the idea of providing Wikipedia as an onion service with the issues related to editing Wikipedia over Tor or open proxies.

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

Apposite, but defective in a number of respects; also, explicitly advocacy for Tor editing without really addressing the objections to it (that it's 99+% a firehose of garbage).

Rather than me reading through several pages to pick out what you might mean, could you please quote the bits you consider particularly make a relevant point?

- d.

On 10 June 2017 at 15:30, Cristian Consonni cristian@balist.es wrote:

Hi,

I have found now this paper that seems relevant to this conversation:

Forte, Andrea, Nazanin Andalibi, and Rachel Greenstadt "Privacy, anonymity, and perceived risk in open collaboration: a study of Tor users and Wikipedians." Proceedings of Computer-Supported Cooperative Work and Social Computing (CSCW). Portland, OR. CSCW 17 (2017): 12. http://andreaforte.net/ForteCSCW17-Anonymity.pdf

Cristian

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

06.06.2017, 01:11, "Risker" risker.wp@gmail.com:

As far as I can tell (and from comments made in the past by actual Tor users), there is no problem whatsoever for Tor users to read Wikipedia while using Tor. Editing is a completely different situation - and well it should be, given the pure unadulterated trash that tends to come in whenever a Tor exit node is missed in the routine lockdowns.

Risker, example of "pure unadulterated trash" edits on Wikipedia, or are we just to take your word for it?

You know, how about two examples?

Trillium Corsage

FYI: Editing through tor is blocked for logged in users too, unless you have `ipblock-exempt`. (It's included in admins and IP Block Exemptions.)

On 2017-06-13 18:26, Dariusz Jemielniak wrote:

On Mon, Jun 12, 2017 at 7:22 PM, Trillium Corsage trillium2014@yandex.com wrote:

...

06.06.2017, 01:11, "Risker" risker.wp@gmail.com:

...

As far as I can tell (and from comments made in the past by actual Tor users), there is no problem whatsoever for Tor users to read Wikipedia while using Tor. Editing is a completely different situation - and well

it

...

should be, given the pure unadulterated trash that tends to come in whenever a Tor exit node is missed in the routine lockdowns.

well, editing through Tor when you are logged in is quite ok, right?

One thing that I've been thinking about recently would be defaulting to Tor in our mobile app - for reading, and for editing just for the logged in users.

Facebook app currently offers channeling through Tor, but not as default (mainly because it kills notifications, but we don't need them). If we defaulted to Tor traffic for our app, we would effectively make blocks transparent to most users. The advantage of this solution is that probably 99% of our regular readers will not switch to Tor if they have not used it before.

(just my 2 non-technical cents, possibly a stupid idea)

dj _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

Now that we have ascertained (again) that wikimedia-l is a ​poor channel for focused discussions about tech proposals, can we move this to Phabricator?

Hi,

On 14/06/2017 04:12, Risker wrote:

[...] Setting this up is not a technical "problem" to be solved (which is essentially what Phabricator is for). I will again reinforce: it's a social and ethical issue, and only once that is resolved would it be time to consider it a "technical problem".

It is also not social problem if we are just talking about reading and writing only for people who already have IF block exemption, IMHO.

Cristian

On 13/06/17 20:28, Gergő Tisza wrote:

Now that we have ascertained (again) that wikimedia-l is a ​poor channel for focused discussions about tech proposals, can we move this to Phabricator?

I filed https://phabricator.wikimedia.org/T168218

On 14/06/17 12:12, Risker wrote:

I see your point, Gergo, but in reality Phabricator is an even worse channel to discuss projects that are, essentially, social issues.

I'd rather you didn't discuss social issues on Phabricator. I filed the task for the technical part of the project.

-- Tim Starling

On 19/06/17 16:20, Rogol Domedonfors wrote:

I quite agree that Phabricator is not suitable for these discussions. Perhaps Tim would like to say where and how discussions between the Community and Foundation staff about the need for, and desirability of, projects like this should be held. After all, we all want projects to go ahead on the basis of Community input, don't we?

We've had community input in this thread, but I haven't actually seen any objection to this proposal raised that stands up to analysis. Maybe meta would provide a platform for more organised discussion.

Almost everyone talked about abuse potential, ignoring the fact that we already allow editing via Tor. Nothing actually changes in terms of abuse potential. The same people can edit, they can just use a different URL.

The only other argument I saw was that by doing this, we are supporting Tor, and Tor is evil. But the hidden service only handles traffic which is directed to the service. It does not support the network in general. Meanwhile, since 2014 we are operating a relay which routinely forwards traffic for script kiddies, terrorists and child pornographers, and nobody complains about that?

I think we should shut down the relay, which in my opinion is not mission-aligned, and set up the hidden service, which clearly is mission-aligned.

A hidden service provides a small security improvement compared to plain HTTPS, and is marginally more censorship-resistant than a VPN. Its privacy protection is not perfect, but it is probably better than any other existing solution (except of course [1] ;-). It is a small technical project, which provides a small benefit to security-conscious users.

-- Tim Starling

[1] https://en.wikipedia.org/wiki/Wikipedia:Wikipedia_Signpost/2016-04-01/Technology_report

Tim,

I'm taking your response as a rather lengthy way of saying that there is no convenient central location for discussions of the sort that ought to be taking place around this and other projects. Is that correct?

"Rogol"

On Mon, Jun 19, 2017 at 12:35 PM, Tim Starling tstarling@wikimedia.org wrote:

On 19/06/17 16:20, Rogol Domedonfors wrote:

...

I quite agree that Phabricator is not suitable for these discussions. Perhaps Tim would like to say where and how discussions between the Community and Foundation staff about the need for, and desirability of, projects like this should be held. After all, we all want projects to go ahead on the basis of Community input, don't we?

We've had community input in this thread, but I haven't actually seen any objection to this proposal raised that stands up to analysis. Maybe meta would provide a platform for more organised discussion.

Almost everyone talked about abuse potential, ignoring the fact that we already allow editing via Tor. Nothing actually changes in terms of abuse potential. The same people can edit, they can just use a different URL.

The only other argument I saw was that by doing this, we are supporting Tor, and Tor is evil. But the hidden service only handles traffic which is directed to the service. It does not support the network in general. Meanwhile, since 2014 we are operating a relay which routinely forwards traffic for script kiddies, terrorists and child pornographers, and nobody complains about that?

I think we should shut down the relay, which in my opinion is not mission-aligned, and set up the hidden service, which clearly is mission-aligned.

A hidden service provides a small security improvement compared to plain HTTPS, and is marginally more censorship-resistant than a VPN. Its privacy protection is not perfect, but it is probably better than any other existing solution (except of course [1] ;-). It is a small technical project, which provides a small benefit to security-conscious users.

-- Tim Starling

[1] https://en.wikipedia.org/wiki/Wikipedia:Wikipedia_Signpost/2016-04-01/ Technology_report

---

Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe

Hi,

On 19/06/2017 13:35, Tim Starling wrote:

The only other argument I saw was that by doing this, we are supporting Tor, and Tor is evil. But the hidden service only handles traffic which is directed to the service. It does not support the network in general. Meanwhile, since 2014 we are operating a relay which routinely forwards traffic for script kiddies, terrorists and child pornographers, and nobody complains about that?

On 19/06/2017 14:39, Faidon Liambotis wrote:

The flip side of this is to argue that the Tor network is predominantly used for illegimate, ethically bad uses, like the ones you mentioned. In that case, I don't see why we would want to spend any of our resources on it whatsoever and go anywhere near it. I obviously don't believe that, but that would be a consistent PoV that I'd happy to argue against and eventually oblige to, if that was the consensus we came to.

This is an interesting discussion and as Tor relay operator I have asked myself questions along this lines more than once. Here's some of my opinions on the matter.

There is a "mechanistic" view for which Tor is just a tool, as computers themselves, which can be used for good and bad. In other words, Tor is just a technological stack that provides end-to-end encryption for computers[1]. In this view, Tor is not much different from your modem and a node operator is not much different from your ISP or a provider of other internet services. Having been in the position of arguing with a VPS provider about running a Tor node on their network I have asked them why in their contract they can decline any responsibility with respect of the service they use and I can't do the same with respect to the user of the Tor network. In short, since Tor is a tool it can be used for good or bad and every user is responsible for her own use of the network.

On the other hand, I think that some people (myself included) decide to contribute to Tor because they see some inherent value in it and not just because it is a fun tool, freely available to use. To be fair, the Tor legal FAQs say this explicitly[2a]: --- Should I use Tor or encourage the use of Tor for illegal purposes?

No. Tor has been developed to be a tool for free expression, privacy, and human rights. It is not a tool designed or intended to be used to break the law, either by Tor users or Tor relay operators. ---

As Faidon points out the flip side of this argument is that you need also to consider the bad uses of the network.

You could use an utilitarian approach and try to weigh the goods against the bad. This is in general very difficult and probably varies very much from person to person.

In addition to that there is the fact that it is difficult to obtain data about the usage of Tor, here some sources: * a blog post from the Tor project "Some statistics about onions"[2b], which reports that (as of early 2015) "hidden service traffic is about 3.4% of total Tor traffic." * This talk from 31C3 (the Chaos Communication Congress of 2014) titled "Tor: Hidden Services and Deanonymisation"[2c] by Dr Gareth Owen of University of Portsmouth that conducted a survey of hidden services.

From this study it results that the largest proportion of Tor hidden

service traffic is by far child pornography. It may depend on the fact that there are association and public agencies that monitor this sites * This paper: "Content and popularity analysis of Tor hidden services."[2d] by Biryukov et al. A relevant quote: «We discovered a huge number of hidden services that are part of the “Skynet” botnet [...]. The number of hidden services with illegal content or devoted to illegal activities and the number of other hidden services (devoted to human rights, freedom of speech, anonymity, security, etc.) is almost the same;»

Instead, you can have a more proactive vision of your actions (or your community's actions) and think that you can try to get things better for the measure that you are able to do it. This is also coherent with what Faidon says that we contribute to the greater ecosystem of software to be "good Internet and Linux citizens".

Personally, the latter is the vision I relate the most and the reason for which I started contributing to the Tor network as a node operator.

Cristian

[1]: https://medium.com/@alecmuffett/tor-is-end-to-end-encryption-for-computers-t... [2a]: https://www.torproject.org/eff/tor-legal-faq.html.en [2b]: https://blog.torproject.org/blog/some-statistics-about-onions [2c]: https://media.ccc.de/v/31c3_-_6112_-_en_-_saal_2_-_201412301715_-_tor_hidden... [2d]: Biryukov, Alex, et al. "Content and popularity analysis of Tor hidden services." Distributed Computing Systems Workshops (ICDCSW), 2014 IEEE 34th International Conference on. IEEE, 2014.

On 06/06/2017 01:34, MZMcBride wrote:

And Faidon posted in November 2014 about the establishment of a Tor relay: https://lists.wikimedia.org/pipermail/wikitech-l/2014-November/079392.html

Thanks for the pointer, I did know that the WMF was operating a Tor relay but I didn't recall where to find the details.

How does your proposal interact (if at all) with the existing Tor relay set up in late 2014?

Relays (both middle relays or exit relays) and hidden services are separate parts of the Tor network, so I would say that this project does not intersect with the existing relays.

It's unclear to me whether "Tor onion service" in this context is equivalent to a Tor exit node. I'm fairly sure setting up the latter has been discussed previously on wikimedia-l and/or wikitech-l.

Can you point me towards this discussion? I wasn't able to find any reference to that.

In any case, an exit node and a hidden service are very different things.

Exit nodes are tor relays from where the traffic going to an internet website (on the "clearnet") emerges from the Tor network to the outside. They are more problematic to manage then non-exit relays because when somebody uses the Tor network for nefarious purposes such as spam the target website will see that this traffic is coming from the exit node.

An onion/hidden service is a website that is served only by the Tor network. See for example this proxy of the Internet Archive: http://archivecrfip2lpi.onion/ (you need to use the Tor Browser Bundle from https://torproject.org to be able to visit that address)

I put a simplified explanation on how Tor works and how a hidden service work on the proposal page[1], and a more detailed explanation of the difference between an exit node and an onion service[2].

Cristian

[1]: https://meta.wikimedia.org/wiki/Grants:IdeaLab/A_Tor_Onion_Service_for_Wikip... [2]: https://meta.wikimedia.org/wiki/Grants:IdeaLab/A_Tor_Onion_Service_for_Wikip...