On Tue, Sep 10, 2013 at 9:04 AM, Petr Bena <benapetr(a)gmail.com> wrote:
I absolutely endorse this request. Forcing SSL was one
of silliest
things that could happen. Most of wikimedia developers and technicians
are working with most modern technologies in the world, but I can
imagine in other parts of world people are working on something what
people in modern parts of world can see only in museum.
What is actually a point in having SSL enforced? Do you realize that
most of traffic to / from wikipedia doesn't matter to anyone (hackers
/ governments / spies). It's not a facebook where people collect tons
of private content. Wikipedia is meant to share free knowledge, why do
we need to encrypt that?
I'll address this first. There are two issues that turning on https for
logins solves:
1) People reuse passwords[1]. So sending the cleartext passwords is not
good. That is why we enforce https for the actual login page, and the
submission of your password, but then have a preference to go back to http.
2) Non-repudiation of edits. If the user is logging in over http, or they
use Wikipedia while logged in over http, then it's trivial (e.g.,
firesheep) for an attacker on the network to make edits on behalf of that
user. That's why we default the preference on.
There are plenty of ways that a government-scale attacker can subvert
these, but turning on https for the login and logged in users makes it
significantly more difficult for the most common attackers.
On Tue, Sep 10, 2013 at 9:49 AM, Amir Ladsgroup <ladsgroup(a)gmail.com>
wrote:
Hello!
I recently closed a huge [[w:fa:ویکیپدیا:نظرخواهی برای استفاده از
اساسال
برای ویکیپدیای فارسی|RfC]] about using SSL in
Persian Wikipedia which
mainly runs by Iranian users.
First off, huge thanks for running this!
Iran is the number one target in PRISM surveillance program (Further
information:
https://bit.ly/17N57rx) and long history of arresting,
torturing and murdering internet activists (case in point [[w:en:Sattar
Beheshti|Sattar Beheshti]]) or even family members of internet activists
(case in point Yashar Khameneh) leaves no doubt on intention of Iranian
government on surveillance and control of Iranian people. You can find a
very long list in human rights defendants organizations (Breaching
privacy
of Iranian people is one of the very few things
that both Iran and US
governments agree about it) so we are sure we need to switch to SSL but
using SSL in Iran has its own problems. Iranian authorities block SSL IP
of
some sites that they have blocked in non-SSL mode
either it's blocked
completely or partially, these sites includes facebook, twitter, and
until
recently Wikipedia. Wikipedia is not blocked in
Iran but about 400
articles
of Persian Wikipedia (and some other sites like
the whole Hebrew
Wikipedia)
are blocked for viewing the complete list of the
articles which are
mainly
about politics, religion, or sexology go to
[[w:fa:رده:صفحههای فیلترشده
در
ایران]]. Access to Wikipedia in SSL is open since
August 25. Speed of
internet in Iran is one of the slowest in the world and it's not a big
deal
about loading pages of Wikipedia but variance of
internet speed is too
high
and we will fail in our main goal on providing
free knowledge for people
who don't have easy access to knowledge, people like middle or elementary
school students who are living in countryside and problem of internet
access becomes even worse when the government makes speed of internet on
SSL so low that time of opening a simple page becomes like 4 times higher
when people try to use SSL, It's mainly because of encouraging people not
to use SSL or even we can consider intention of decryption of SSL data.
Scammed SSL certificates attack (Further information:
https://bit.ly/1dXl5Ub) which happened two years ago shows us how much
the government desires to
control people. Another problem is sometimes specially when there is a
crisis in politics or in the country in general (which happens three or
four times every year) access to any site outside of HTTP layer is
impossible and all of other protocols even IRC happens to be blocked out
of
nowhere.
Community of Persian Wikipedia (readers and writers) are strongly against
enforced SSL because of the issues I talked about it above and in other
hand they worry about privacy and not letting the governments breach
their
privacy
Here is my suggestions and requests based on what
Persian Wikipedia and
Iranian Wikimedians in general agree:
*It's very important to let people choose their protocol, There is
consensuses that the community agrees on SSL as default for logged in
users
but they are really insisting on making the
protocol an arbitrary option
and It seems It's not enabled in WMF projects except
mediawiki.org (in
[[m:HTTPS]] you can find the documentation about disabling SSL but as far
as I checked It's not possible and I couldn't find the option in my
preferences maybe It's a bug)
This is currently how we have https enforced for IP's that appear to come
from Iran. We don't require https for these users, however, if they are
browsing on https, or click the "use secure connection" link on the login
page, they will be protected by https.
The preference is actually hidden for Iran/China IP's, because we thought
it would cause more confusion, since the preference is overridden by the
geoip data. However, if you feel like that should be visible, we can
certainly show it.
For everyone interested in how we structure enforcing https for logins,
logged in connections, and exempt users, please give input on
https://www.mediawiki.org/wiki/Requests_for_comment/Login_security
*In order to encourage people to use SSL and increase
their safety of
editing in Wikipedia we need to speed up loading
of Wiki pages I suggest
web designers and other experts come and help on optimizing Wikipedia
specially Persian language projects. We warmly welcome any ideas about
increasing safety.
This is something I resonate with-- security must be usable, or, as you
mention later, people will circumvent it. So yes, I'd love to see better
design to make the https experience faster for people in Iran and other
rule areas.
*Because of
the experience of the past community thinks It's very
probable
that SSL access to Wikipedia in Iran will be
blocked several times and
even
maybe every block won't take more than one
week but It will happen. So we
need to be very flexible and fast in cases like this in future So hereby
I
ask people who are in charge of SSL in WMF to be
prepared and be able to
switch to from SSL to non-SSL and switch back easily and rapidly in cases
of SSL blocking in Iran.
*Lack of documentation in safety issues put Iranian lives in danger, I
can
give you an example. Insisting on SSL is good but
because of speed or
other
issues of SSL some people use proxy even they are
using SSL, what they do
when they want to bypass blocking in HTTP layer and speed of loading
increases. It's very dangerous because data will not be encrypted until
reception in proxy computer and that means easy information for the
government with delusion of safety, SSL in this case becomes harmful not
useful. We need to complete documentation and let people know about the
safety.
I agree this is very much. I'm not sure what the training should look like,
but I'm more than happy to work with you guys to generate advice /
documentation.
I'm sending this mail to wikitech-l because I think Iranian people need
help of technical people who can do something about the SSL issue
Best
--
Amir
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
[1] -
http://www.lightbluetouchpaper.org/2011/02/09/measuring-password-re-use-emp…