On Tue, Sep 10, 2013 at 9:04 AM, Petr Bena benapetr@gmail.com wrote:
I absolutely endorse this request. Forcing SSL was one of silliest things that could happen. Most of wikimedia developers and technicians are working with most modern technologies in the world, but I can imagine in other parts of world people are working on something what people in modern parts of world can see only in museum.
What is actually a point in having SSL enforced? Do you realize that most of traffic to / from wikipedia doesn't matter to anyone (hackers / governments / spies). It's not a facebook where people collect tons of private content. Wikipedia is meant to share free knowledge, why do we need to encrypt that?
I'll address this first. There are two issues that turning on https for logins solves: 1) People reuse passwords[1]. So sending the cleartext passwords is not good. That is why we enforce https for the actual login page, and the submission of your password, but then have a preference to go back to http. 2) Non-repudiation of edits. If the user is logging in over http, or they use Wikipedia while logged in over http, then it's trivial (e.g., firesheep) for an attacker on the network to make edits on behalf of that user. That's why we default the preference on.
There are plenty of ways that a government-scale attacker can subvert these, but turning on https for the login and logged in users makes it significantly more difficult for the most common attackers.
On Tue, Sep 10, 2013 at 9:49 AM, Amir Ladsgroup ladsgroup@gmail.com wrote:
Hello! I recently closed a huge [[w:fa:ویکیپدیا:نظرخواهی برای استفاده از
اساسال
برای ویکیپدیای فارسی|RfC]] about using SSL in Persian Wikipedia which mainly runs by Iranian users.
First off, huge thanks for running this!
Iran is the number one target in PRISM surveillance program (Further information: https://bit.ly/17N57rx) and long history of arresting, torturing and murdering internet activists (case in point [[w:en:Sattar Beheshti|Sattar Beheshti]]) or even family members of internet activists (case in point Yashar Khameneh) leaves no doubt on intention of Iranian government on surveillance and control of Iranian people. You can find a very long list in human rights defendants organizations (Breaching
privacy
of Iranian people is one of the very few things that both Iran and US governments agree about it) so we are sure we need to switch to SSL but using SSL in Iran has its own problems. Iranian authorities block SSL IP
of
some sites that they have blocked in non-SSL mode either it's blocked completely or partially, these sites includes facebook, twitter, and
until
recently Wikipedia. Wikipedia is not blocked in Iran but about 400
articles
of Persian Wikipedia (and some other sites like the whole Hebrew
Wikipedia)
are blocked for viewing the complete list of the articles which are
mainly
about politics, religion, or sexology go to [[w:fa:رده:صفحههای فیلترشده
در
ایران]]. Access to Wikipedia in SSL is open since August 25. Speed of internet in Iran is one of the slowest in the world and it's not a big
deal
about loading pages of Wikipedia but variance of internet speed is too
high
and we will fail in our main goal on providing free knowledge for people who don't have easy access to knowledge, people like middle or elementary school students who are living in countryside and problem of internet access becomes even worse when the government makes speed of internet on SSL so low that time of opening a simple page becomes like 4 times higher when people try to use SSL, It's mainly because of encouraging people not to use SSL or even we can consider intention of decryption of SSL data. Scammed SSL certificates attack (Further information: https://bit.ly/1dXl5Ub) which happened two years ago shows us how much the government desires to control people. Another problem is sometimes specially when there is a crisis in politics or in the country in general (which happens three or four times every year) access to any site outside of HTTP layer is impossible and all of other protocols even IRC happens to be blocked out
of
nowhere.
Community of Persian Wikipedia (readers and writers) are strongly against enforced SSL because of the issues I talked about it above and in other hand they worry about privacy and not letting the governments breach
their
privacy
Here is my suggestions and requests based on what Persian Wikipedia and Iranian Wikimedians in general agree: *It's very important to let people choose their protocol, There is consensuses that the community agrees on SSL as default for logged in
users
but they are really insisting on making the protocol an arbitrary option and It seems It's not enabled in WMF projects except mediawiki.org (in [[m:HTTPS]] you can find the documentation about disabling SSL but as far as I checked It's not possible and I couldn't find the option in my preferences maybe It's a bug)
This is currently how we have https enforced for IP's that appear to come from Iran. We don't require https for these users, however, if they are browsing on https, or click the "use secure connection" link on the login page, they will be protected by https.
The preference is actually hidden for Iran/China IP's, because we thought it would cause more confusion, since the preference is overridden by the geoip data. However, if you feel like that should be visible, we can certainly show it.
For everyone interested in how we structure enforcing https for logins, logged in connections, and exempt users, please give input on https://www.mediawiki.org/wiki/Requests_for_comment/Login_security
*In order to encourage people to use SSL and increase their safety of
editing in Wikipedia we need to speed up loading of Wiki pages I suggest web designers and other experts come and help on optimizing Wikipedia specially Persian language projects. We warmly welcome any ideas about increasing safety.
This is something I resonate with-- security must be usable, or, as you mention later, people will circumvent it. So yes, I'd love to see better design to make the https experience faster for people in Iran and other rule areas.
*Because of the experience of the past community thinks It's very
probable
that SSL access to Wikipedia in Iran will be blocked several times and
even
maybe every block won't take more than one week but It will happen. So we need to be very flexible and fast in cases like this in future So hereby
I
ask people who are in charge of SSL in WMF to be prepared and be able to switch to from SSL to non-SSL and switch back easily and rapidly in cases of SSL blocking in Iran. *Lack of documentation in safety issues put Iranian lives in danger, I
can
give you an example. Insisting on SSL is good but because of speed or
other
issues of SSL some people use proxy even they are using SSL, what they do when they want to bypass blocking in HTTP layer and speed of loading increases. It's very dangerous because data will not be encrypted until reception in proxy computer and that means easy information for the government with delusion of safety, SSL in this case becomes harmful not useful. We need to complete documentation and let people know about the safety.
I agree this is very much. I'm not sure what the training should look like, but I'm more than happy to work with you guys to generate advice / documentation.
I'm sending this mail to wikitech-l because I think Iranian people need help of technical people who can do something about the SSL issue Best -- Amir _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
[1] - http://www.lightbluetouchpaper.org/2011/02/09/measuring-password-re-use-empi...