On Fri, Aug 23, 2013 at 4:38 PM, Tilman Bayer <tbayer(a)wikimedia.org> wrote:
On Fri, Aug 23, 2013 at 3:51 PM, Brion Vibber
<bvibber(a)wikimedia.org>
wrote:
I would strongly recommend a saner signup/account
moderation system for
"less trusted" network origins such as Tor nodes, though. The key is that
you have to actually allow creating an account from a Tor node in the
first
place, or you're limited to people who live
in "free internet" countries
or
have the money or clout to go abroad to create
their accounts...
Well yes, such a system would be nice to have, but as discussed
previously on this list, it's a hard problem to solve ("Can we help
Tor users make legitimate edits?",
http://www.gossamer-threads.com/lists/wiki/wikitech/323006 ).
Basically, the problem is that all the existing proposals would at
best provide a substitute for autoblocks, but not for Checkuser.
I would make the argument that Checkuser is a) ineffective and b) dangerous
to privacy: it's incapable of actually identifying people in the first
place if they make any effort to work around it, and it exposes network
locations of people who aren't explicitly hiding to a fairly large group of
people.
That we've built a bureaucracy around checking to see what IP addresses
people came from and banning them if they appear to be the same as a
previously-banned person is pretty freaky at best and at worst **doesn't
actually help** against anyone with the slightest incentive to game the
system.
I'd recommend some out-of-the-box thinking instead, perhaps:
* stop exposing IP addresses of any users at all (whether logged-in or
anonymous)
* replace "IP editing" with a simple solution for creating a consistent
anonymous identity with a minimum of effort (for example, automatically
create an ID cookie which links to an anonymous 'account' which you can
optionally turn into a registered, named, emailable user account in the
future, or discard and replace every time if you're super-anonymous!)
* have much, much better inter-user communication and moderation tools that
can prioritize attention on activity of new users, low-reputation users,
at-risk network origins or user-agents, etc without exposing individual IP
addresses to actual users on the site
No, making a good system is not going to be easy. It's going to be hard,
and require a lot of thinking. But I really hope we get to it.
Also, there is already
https://en.wikipedia.org/wiki/Wikipedia:Advice_to_users_using_Tor#Need_an_a…
(although I don't know how frequently/successfully it's being used
currently)
At best, that's not very user friendly (and the page strongly discourages
anybody to use it by reminding that it's only for trusted people under
'exceptional circumstances'). At worst, it exposes your shiny new login
over plaintext email, so negative actors can sniff the data and associate
your account with your person.
-- brion