Jacob Applebaum made another remark about editing Wikipedia via tor this morning. Since it's been a couple months since the last tor bashing thread, I wanted to throw out a slightly more modest proposal to see what people think.
This is getting some interest from a few people: https://zyan.scripts.mit.edu/blog/rate-limiting-anonymous-accounts/
Which lays out a way for twitter to use an external, trusted identity provider to verify identifies / throttle requested, and then create an account in a way that neither twitter or the identity provider can link the account to the request (as long as you mitigate timing attacks).
What if we turn this around a bit and let the wiki establish identity and throttle, and open up an editing proxy that is accessible via tor which consumes the identities?
Basically: * Established wiki user who wants to use tor makes a blinded request (maybe public, maybe a private queue for some group with appropriate rights) for a tor-based account creation token. * User gets that blinded token signed if they're in good standing, and are limited to some number (3 total, not less than 6 months since the last request, or something like that). * User creates an account on the editing proxy via tor, and gives their unblinded token to the proxy. The proxy creates an account for them, and allows edits via OAuth token using that new account.
If the use turns it to be a spammer: * The anonymous account can be blocked like a normal account. The user is throttled on how many requests for accounts they can make. * If the proxy generates to much spam, a steward can revoke the key, and we all go home to think up the next experiment.
To make this happen, we need: * a light editing proxy (I already have a couple of those as demo OAuth apps) which is run by a *non-wmf* entity * something for normal users to download and run that does the blinding for them * work out how to address timing attacks if the volume of requestors is low enough that we can correlate request to first edit by the proxy.
Anyone interested in helping?
Is this conservative enough for those worried about the flood of tor spam, while being simple enough that the average editor would be able to understand and go through the process?