zetawoof wrote:
Most open web proxies don't support https. TOR does, but that still doesn't obviate the risk that the server could be spoofed by an exit node. The Wikimedia secure server is using a CACert key; on most web browsers, this generates a warning which is indistinguishable from the warning generated by an endpoint that's performing a man-in-the-middle attack.
That's a pretty well-disguised insult there. (I'm assuming you did not mean it as such.)
If someone knows how to use Tor, I would think they at least have a clue how to verify a certificate. The warning is only indistinguishable if you either ignore it or are incredibly dense. Your argument defeats itself.
To be sure, this is a problem that could theoretically be solved (by getting a proper certificate for the secure server). However, it remains the case that editing Wikipedia through an untrusted connection is unsafe, especially for an admin.
This demonstrates a fundamental misunderstanding of how asymmetric cryptography works.