On 3/19/06, - Essjay - essjaywiki@gmail.com wrote: ...
- Bug 550 deals with the issue of allowing users who have accounts to edit
even if thier IP is blocked. The solution for it is quite simple; it's actually three lines of code that can be written by anyone with minor PHP skill. It requires the following:
a) that the patch be enabled; b) that account creation from blocked IPs be disabled (to prevent the vandals from simply creating an account to sidestep the IP block) which to my knowledge is already enabled c) throttling account creation from IPs to x per day, currently 10 per day. This allows legit people to create accounts, but prevents vandals from creating 1000 sleeper accounts to use once the IP is blocked.
The devs are aware of the fix, and are not willing to enable it. The exact quote was that doing so is a "very very bad idea." It is thier opinion that it will be of no use, that the vandals will just create sleeper accounts and evade the blocks. I don't agree, but I'm not a developer either; I defer to thier expertise in the matter.
...
Essjay
Is that really their reason? That is *remarkably stupid* of them. I had thought there was a real reason; such lame excuses disgust me.
The whole idea of blocking, reverting and rollbacking and such like is to change the balance between the ease of vandalising and the ease of fixing vandalism in the favor of the latter. Likewise, the whole idea of blocking is to raise the costs of an attack on pages to the point where the vandal engages in fewer or none (at which point the fixing-vandalism comes into play). Ex. it is hard to vandalise a conventional website, and so it isn't done often, but it is easy to vandalise a wiki, so it is done often. Enabling that feature would raise the cost of vandalism from those IPs- even if they could still get around it (note that *all* blocks can be circumvented; it is just too troublesome for most vandals) by making sleeper accounts, that requires quite a bit of effort and planning, and waiting- all factors that considerably raise the cost of vandalism from those IPs, especially since the sleeper accounts would be indef blocked on surfacing, requiring the vandal to get even more sleeper accounts, costing ever more effort. It would be very useful.
~maru