On 5/18/06, Alphax (Wikipedia email) alphasigmax@gmail.com wrote:
Tim Starling wrote:
HTTPS does not protect anonymity for editors. Neither does Tor. Low-latency encryption methods suffer a common flaw: an attacker can correlate timestamps and message lengths with the size and posting time of an edit. With ordinary HTTPS you can also correlate the destination address. You could almost say that encryption is useless for sending data which will be public 200ms after it arrives.
Now, if there was a way to silently lock the article and delay the database update/timestamping for a few seconds...
The Mediawiki code goes out of its way to make it extremely hard to edit Wikipedia anonymously. If you want to allow anonymous editing, a start would be a check box which says "post this anonymously".
Anthony