Andre Engels wrote:
Before going to far-fetched solutions, we should first
agree that
there actually is a problem. Is there any actual evidence that there
are AOL-users vandalising us in such amounts that it becomes
bothersome from ever-changing IP addresses?
In a word: yes. I speak from personal experience here.
Because of the way that AOL runs their network, even a single user in a
single session will appear to edit from a wide number of different IPs.
More than this, they deliberately hide the IP addresses of their
customers, by not revealing it in the proxy headers. Even if you go to
HTTPS, you will still get a proxied connection. In effect, AOL is a
giant anonymizing server farm for its users - and some of them know it.
AOL hosts quite a lot of good users, as well as a fair few relatively
simple-minded vandals. However, it also hosts some seriously badly
behaved users who respond very badly to feedback, as they have not only
not been exposed to the idea of netiquette, but believe that once
they've bought the AOL service, they own the Internet. They then behave
in ways that would result in instant banning (edit warring, personal
abuse, threats), were they from any other ISP. This then wastes a lot of
admin time, as they struggle to clean up the mess generated by these
by-now incorrigible users. I've seen this scenario played out many times.
This makes it much more difficult to track down their edits; you have to
memorize the multiple AOL netblocks and grep recent changes for edits by
IP addresses within them, then inspect edits one by one until to try to
tell whether they are edits by the vandal, or by legitimate AOL users
(whose edits may also be coming via the same IP). This means that
vandal-wrangling against a determined AOL vandal is easily ten times
harder than that against a normal anon IP.
The same is true of recent cases of edits from schools networks, where
individual good editors are accompanied by vandals, and where the only
alternatives are to check edits one-by-one or to block the proxy or
whole netblock.
Implementing a scheme such as the one suggested (which is probably about
200 lines of code, assuming there is already native support for
something like SHA-1 in PHP) would greatly reduce the amount of admin
time and effort taken up in dealing with these problems.
We could also do similar forced cookie identification for networks
containing persistent vandals on dial-up or cable networks with dynamic
addressing.
-- N.