On 10/2/14, Kevin Wayne Williams kwwilliams@kwwilliams.com wrote:
Derric Atzrott schreef op 2014/09/30 6:08:
Hello everyone, [snip] There must be a way that we can allow users to work from Tor. [snip more]
I think the first step is to work harder to block devices, not IP addresses. One jerk with a cell phone cycles through so many IP addresses so quickly in such active ranges that our current protection techniques are useless. Any child can figure out how to pull his cable modem out of the wall and plug it back in.
Focusing on what signature we can obtain from (or plant on) the device and how to make that signature available to and manageable by admins is the key. Maybe we require a WMF supplied app before one can edit from a mobile device. Maybe we plant cookies on every machine that edits Wikipedia to allow us to track who's using the machine and block access to anyone that won't permit the cookies to be stored. There are probably other techniques. The thing to remember is that the vast majority of our sockpuppeteers are actually fairly stupid and the ones that aren't will make their way past any technique short of retina scanning. It doesn't matter whether a blocking technique allows a tech-savvy user to bypass it somehow. Anything is better than a system that anyone can bypass by turning his cable modem off and on.
Once we have a system that allows us to block individual devices reasonably effectively, it won't matter whether those people are using Tor to get to us or not.
KWW
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
So all we need is either: A) Magic browser fingerprinting with no (or almost no) false positives when used against everyone in the world. With the fingerprinting code having at most access to javascript to run code (but preferably not even needing that) and it has to be robust in the face of the user being able to maliciously modify the code as they please. B) tamper proof modules inside every device to uniquely identify it. (Can we say police state?)
Arguably those aren't making the assumption that "[users] are actually fairly stupid". But even a simplified version of those requirements, such as, must block on per device basis, must involve more work than unpluging a cable modem to get unblocked, dwells into the territory of absurdly hard.
Although perhaps there are some subset of the population we could use additional methods on. Cookies are pretty useless (If you think getting a new IP is easy, you should see what it takes to delete a cookie). Supercookies (e.g. Evercookie ) might be more useful, but many people view such things as evil. Certain browsers might have a distinctive enough fingerprint to block based on that, but I doubt we'd ever be able to do that for all browsers. These things are also likely to be considered "security vulnrabilities", so probably not something to be relied on over long term as people fix the issues that allow people to be tracked this way.
Once we have a system that allows us to block individual devices reasonably effectively, it won't matter whether those people are using Tor to get to us or not
If you can find a way to link a tor user to the device they are using, then you have essentially broken Tor. Which is not an easy feat.
--bawolff
p.s. Obligatory xkcd https://xkcd.com/1425/