Thanks for your responses, Chris. Regardless of what processes are proposed, I suspect that the strongest objections will be socially based rather than technically based. Bawolff has a valid point, that success on a smaller wiki may have an effect on the social perception of the use of Tor on enwiki - but if it is started on another wiki, please ensure that there is actual community agreement and that there are sufficient administrators who are willing and able to promptly address any problems. We may have 700 wikis, but really only about 50-60 of them have sufficient daily activity and editorial community size to be able to manage any problems that might arise from this.
To my experience, the majority of experienced editors who are asking for IPBE or something similar tend to be editing through VPNs that are hard-blocked for various reasons (most commonly spamming and/or heavy-duty vandalism - and if it's spamming, it's usually blocked at the global level). There are some exceptions - particularly related to users working from countries where there are entirely valid security concerns (we could probably all recite the list). And IPBE does permit editing through Tor now. Whether continuing with IPBE or providing an alternative, the user would still have to persuade the same administrators/community members of the legitimacy of their request.
I cannot speak for the entire enwiki community (let alone any other community) about whether or not there would be acceptance for the idea of a user having two unlinked accounts, one "regular" account and one "Tor" one - given my role as a Checkuser I'm exposed to a much higher frequency of socking complaints than most community members - but given it's been darn hard to keep the community from flat-out banning multiple unlined accounts, I have my doubts it will be greeted with open arms, even if it "works" on other wikis. (Pretty much the only exception that has received support is "editing in a high risk topic area", so there *may* be some support). Unfortunately, there's been plenty of history on enwiki of experienced users having multiple accounts that were used inappropriately, including administrator accounts, so that raises the bar even higher.
Also....I'm a little unclear about something. If a "Tor-enabled" account creates new accounts, will those accounts be able to edit through Tor, too?
Risker/Anne
On 10 March 2015 at 14:33, Chris Steipp csteipp@wikimedia.org wrote:
On Tue, Mar 10, 2015 at 10:39 AM, Risker risker.wp@gmail.com wrote:
A few questions on this:
- So, this would result in the creation of a new account, correct? If
so, most of the security is lost by the enwiki policy of requiring linking to one's other accounts, and if the user edited in the same topic area as their other account, they're likely to be blocked for socking. (This is a social limitation on the idea, not a technical one.)
Registering a pseudonym through this process implies that you are an existing editor (we could even limit the process to only one pseudonym per existing account, so you know there's a 1-1 mapping), just not linking to which one you are. Do you think enwiki be open to considering that?
- Why would we permit more than one account?
I was originally thinking that if something happened (forgotten password, etc.), you could start over. But not a hard requirement.
- It's not usually experienced editors who seem to have an issue on
English projects; most of the huffing and puffing about Tor seems to come from people who are not currently registered/experienced editors, so
the
primary "market" is a group of people who wouldn't meet the proposed criteria.
There may not be enough intersection between users who we have some trust in and those who want to edit via Tor. I'm hopeful that we can define "established" to be some group that is large enough that it will include productive editors who also should use Tor, but small enough to preclude spammers. I'm assuming if we start with some guideline, then we can adjust up (if there's too much spam) or down (if there aren't enough users) depending on the results.
- On reading this over carefully, it sounds as though you're proposing
what is essentially a highly technical IPBE process in which there is even less control than the project has now, particularly in the ability to address socking and POV/COI editing. Am I missing something?
In a way it is, but there are couple advantages over IPBE as I see it:
- Neither the WMF nor checkusers can correlate the identities, whereas with
IPBE, it's possible that a checkuser can still see the IP that created the account requesting the IPBE. This is less control, but also less risk if the wmf/checkuser is coerced into revealing that information.
- Hopefully it will be a less manual process, since the only manual (which
could be automated if the right heuristics were found) step is confirming that the requesting user is "established". There's no further rights that have to be granted and maintained.
It also give slightly more control in that:
- We're not giving out the IPBE right
- The whole system can be blocked (hopefully temporarily) with a single
block or revoking the OAuth key, if there is ever a sudden flood of spam
Admittedly, we could do all of this (except making the identities unlinkable) by having an edit-via-tor right that is different from IPBE, but the unlikability I think is important for our users.
Risker/Anne
On 10 March 2015 at 13:16, Giuseppe Lavagetto glavagetto@wikimedia.org wrote:
Hi Chris,
I like the idea in general, in particular the fact that only "established" editors can ask for the tokens. What I don't get is why this proxy should be run by someone that is not the WMF, given - I guess - it would be exposed as a TOR hidden service, which will mask effectively the user IP from us, and will secure his communication from snooping by exit node managers, and so on.
I guess the righteously traffic on such a proxy would be so low (as getting a token is /not/ going to be automated/immediate even for logged in users) that it could work without using up a lot of resources.
Cheers,
Giuseppe
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l