On Fri, Aug 23, 2013 at 4:38 PM, Tilman Bayer tbayer@wikimedia.org wrote:
On Fri, Aug 23, 2013 at 3:51 PM, Brion Vibber bvibber@wikimedia.org wrote:
I would strongly recommend a saner signup/account moderation system for "less trusted" network origins such as Tor nodes, though. The key is that you have to actually allow creating an account from a Tor node in the
first
place, or you're limited to people who live in "free internet" countries
or
have the money or clout to go abroad to create their accounts...
Well yes, such a system would be nice to have, but as discussed previously on this list, it's a hard problem to solve ("Can we help Tor users make legitimate edits?", http://www.gossamer-threads.com/lists/wiki/wikitech/323006 ). Basically, the problem is that all the existing proposals would at best provide a substitute for autoblocks, but not for Checkuser.
I would make the argument that Checkuser is a) ineffective and b) dangerous to privacy: it's incapable of actually identifying people in the first place if they make any effort to work around it, and it exposes network locations of people who aren't explicitly hiding to a fairly large group of people.
That we've built a bureaucracy around checking to see what IP addresses people came from and banning them if they appear to be the same as a previously-banned person is pretty freaky at best and at worst **doesn't actually help** against anyone with the slightest incentive to game the system.
I'd recommend some out-of-the-box thinking instead, perhaps: * stop exposing IP addresses of any users at all (whether logged-in or anonymous) * replace "IP editing" with a simple solution for creating a consistent anonymous identity with a minimum of effort (for example, automatically create an ID cookie which links to an anonymous 'account' which you can optionally turn into a registered, named, emailable user account in the future, or discard and replace every time if you're super-anonymous!) * have much, much better inter-user communication and moderation tools that can prioritize attention on activity of new users, low-reputation users, at-risk network origins or user-agents, etc without exposing individual IP addresses to actual users on the site
No, making a good system is not going to be easy. It's going to be hard, and require a lot of thinking. But I really hope we get to it.
Also, there is already
https://en.wikipedia.org/wiki/Wikipedia:Advice_to_users_using_Tor#Need_an_ac... (although I don't know how frequently/successfully it's being used currently)
At best, that's not very user friendly (and the page strongly discourages anybody to use it by reminding that it's only for trusted people under 'exceptional circumstances'). At worst, it exposes your shiny new login over plaintext email, so negative actors can sniff the data and associate your account with your person.
-- brion