Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Wikipedia: Wikitech

Can we help Tor users make legitimate edits?

 

 

First page Previous page 1 2 Next page Last page  View All Wikipedia wikitech RSS feed   Index | Next | Previous | View Threaded


sumanah at wikimedia

Dec 27, 2012, 4:26 PM

Post #1 of 26 (1286 views)
Permalink
Can we help Tor users make legitimate edits?

TL;DR: A few ideas follow on how we could possibly help legit editors
contribute from behind Tor proxies. I am just conversant enough with
the security problems to make unworkable suggestions ;-), so please
correct me, critique & suggest solutions, and perhaps volunteer to help.

The current situation:
https://en.wikipedia.org/wiki/Wikipedia:Advice_to_users_using_Tor_to_bypass_the_Great_Firewall#Need_an_account_.26_Tor_won.27t_let_you_create_one.3F
We generally don't let anyone edit or upload from behind Tor; the
TorBlock extension stops them. One exception: a person can create an
account, accumulate lots of good edits, and then ask for an IP block
exemption, and then use that account to edit from behind Tor. This is
unappealing because then there's still a bunch of in-the-clear editing
that has to happen first, and because then site functionaries know that
the account is going to be making controversial edits (and could
possibly connect it to IPs in the future, right?). And right now
there's no way to truly *anonymously* contribute from behind Tor
proxies; you have to log in. However, since JavaScript delivery is hard
for Tor users, I'm not sure how much editing from Tor -- vandalism or
legit -- is actually happening. (I hope for analytics on this and thus
added it to https://www.mediawiki.org/wiki/Analytics/Dreams .) We know
at least that there are legitimate editors who would prefer to use Tor
and can't.

People have been talking about how to improve the situation for some
time -- see http://cryptome.info/wiki-no-tor.htm and
https://lists.torproject.org/pipermail/tor-dev/2012-October/004116.html
. It'd be nice if it could actually move forward.

I've floated this problem past Tor and privacy people, and here are a
few ideas:

1) Just use the existing mechanisms more leniently. Encourage the
communities (Wikimedia & Tor) to use
https://en.wikipedia.org/wiki/Wikipedia:Request_an_account (to get an
account from behind Tor) and to let more people get IP block exemptions
even before they've made any edits (< 30 people have gotten exemptions
on en.wp in 2012). Add encouraging "get an exempt account" language to
the "you're blocked because you're using Tor" messaging. Then if
there's an uptick in vandalism from Tor then they can just tighten up again.

2) Encourage people with closed proxies to re-vitalize
https://en.wikipedia.org/wiki/Wikipedia:WOCP . Problem: using closed
proxies is okay for people with some threat models but not others.

3) Look at Nymble - http://freehaven.net/anonbib/#oakland11-formalizing
and http://cgi.soic.indiana.edu/~kapadia/nymble/overview.php . It would
allow Wikimedia to distance itself from knowing people's identities, but
still allow admins to revoke permissions if people acted up. The user
shows a real identity, gets a token, and exchanges that token over tor
for an account. If the user abuses the site, Wikimedia site admins can
blacklist the user without ever being able to learn who they were or
what other edits they did. More: https://cs.uwaterloo.ca/~iang/ Ian
Golberg's, Nick Hopper's, and Apu Kapadia's groups are all working on
Nymble or its derivatives. It's not ready for production yet, I bet,
but if someone wanted a Big Project....

3a) A token authorization system (perhaps a MediaWiki extension) where
the server blindly signs a token, and then the user can use that token
to bypass the Tor blocks. (Tyler mentioned he saw this somewhere in a
Bugzilla suggestion; I haven't found it.)

4) Allow more users the IP block exemption, possibly even automatically
after a certain number of unreverted edits, but with some kind of
FlaggedRevs integration; Tor users can edit but their changes have to be
reviewed before going live. We could combine this with (3); Nymble
administrators or token-issuers could pledge to review edits coming from
Tor. But that latter idea sounds like a lot of social infrastructure to
set up and maintain.


Thoughts? Are any of you interested in working on this problem? #tor on
the OFTC IRC server is full of people who'd be interested in talking
about this.

--
Sumana Harihareswara
Engineering Community Manager
Wikimedia Foundation

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


nemowiki at gmail

Dec 27, 2012, 9:13 PM

Post #2 of 26 (1248 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

I rather think that devs' time would be best spent ensuring that our
tools against Tor users and open proxies are effective and reliable.
Huge amounts of volunteers' time are spent combating abuse of them, with
inadequate tools.
See for instance:
https://bugzilla.wikimedia.org/show_bug.cgi?id=30716
https://bugzilla.wikimedia.org/show_bug.cgi?id=42438
https://bugzilla.wikimedia.org/show_bug.cgi?id=8475

As for legitimate users, probably the most useful thing to do would be
ensuring that the TorBlock extension shows an understandable error
message and sends people to a translatable page with instructions valid
for all language editions of our projects with current poliecies (most
projects will have none).

Nemo

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


jayvdb at gmail

Dec 27, 2012, 9:47 PM

Post #3 of 26 (1247 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

Add to that list the underlying XFF blocking bug.

https://bugzilla.wikimedia.org/show_bug.cgi?id=23343

Back on topic, is it necessary for good users seeking IP block exemption to
be checkusered? I doubt it.

IP block exemption is rarely given because it allows someone to keep
editing on their main account when a sock is blocked.

Tor exemption should be separate from IP block exemption.

John Vandenberg.
sent from Galaxy Note
On Dec 28, 2012 12:13 PM, "Federico Leva (Nemo)" <nemowiki [at] gmail> wrote:

> I rather think that devs' time would be best spent ensuring that our tools
> against Tor users and open proxies are effective and reliable. Huge amounts
> of volunteers' time are spent combating abuse of them, with inadequate
> tools.
> See for instance:
> https://bugzilla.wikimedia.**org/show_bug.cgi?id=30716<https://bugzilla.wikimedia.org/show_bug.cgi?id=30716>
> https://bugzilla.wikimedia.**org/show_bug.cgi?id=42438<https://bugzilla.wikimedia.org/show_bug.cgi?id=42438>
> https://bugzilla.wikimedia.**org/show_bug.cgi?id=8475<https://bugzilla.wikimedia.org/show_bug.cgi?id=8475>
>
> As for legitimate users, probably the most useful thing to do would be
> ensuring that the TorBlock extension shows an understandable error message
> and sends people to a translatable page with instructions valid for all
> language editions of our projects with current poliecies (most projects
> will have none).
>
> Nemo
>
> ______________________________**_________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/**mailman/listinfo/wikitech-l<https://lists.wikimedia.org/mailman/listinfo/wikitech-l>
>
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


jayvdb at gmail

Dec 27, 2012, 9:55 PM

Post #4 of 26 (1247 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On Dec 28, 2012 12:47 PM, "John Vandenberg" <jayvdb [at] gmail> wrote:
>
> Add to that list the underlying XFF blocking bug.
>
> https://bugzilla.wikimedia.org/show_bug.cgi?id=23343
>
> Back on topic, is it necessary for good users seeking IP block exemption
to be checkusered? I doubt it.
>
> IP block exemption is rarely given because it allows someone to keep
editing on their main account when a sock is blocked.

Hmm. I guess Tor does too ;)

> Tor exemption should be separate from IP block exemption.

..so ignore that comment ;)

> John Vandenberg.
> sent from Galaxy Note
>
> On Dec 28, 2012 12:13 PM, "Federico Leva (Nemo)" <nemowiki [at] gmail>
wrote:
>>
>> I rather think that devs' time would be best spent ensuring that our
tools against Tor users and open proxies are effective and reliable. Huge
amounts of volunteers' time are spent combating abuse of them, with
inadequate tools.
>> See for instance:
>> https://bugzilla.wikimedia.org/show_bug.cgi?id=30716
>> https://bugzilla.wikimedia.org/show_bug.cgi?id=42438
>> https://bugzilla.wikimedia.org/show_bug.cgi?id=8475
>>
>> As for legitimate users, probably the most useful thing to do would be
ensuring that the TorBlock extension shows an understandable error message
and sends people to a translatable page with instructions valid for all
language editions of our projects with current poliecies (most projects
will have none).
>>
>> Nemo
>>
>> _______________________________________________
>> Wikitech-l mailing list
>> Wikitech-l [at] lists
>> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


datzrott at alizeepathology

Dec 28, 2012, 4:44 AM

Post #5 of 26 (1240 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

>As for legitimate users, probably the most useful thing to do would be
>ensuring that the TorBlock extension shows an understandable error
>message and sends people to a translatable page with instructions valid
>for all language editions of our projects with current poliecies (most
>projects will have none).

I think this would be a great improvement to the situation. I personally use
Tor pretty regularly, but seldom go to Wikipedia when using Tor because I know
I'll be frustrated if I try to fix something.

Up until this discussion, I had no idea it was possible to request an exemption
to the Tor block.

Thank you,
Derric Atzrott


_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


bjorsch at wikimedia

Dec 28, 2012, 7:38 AM

Post #6 of 26 (1240 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On Thu, Dec 27, 2012 at 7:26 PM, Sumana Harihareswara
<sumanah [at] wikimedia> wrote:
> 3) Look at Nymble - http://freehaven.net/anonbib/#oakland11-formalizing
> and http://cgi.soic.indiana.edu/~kapadia/nymble/overview.php . It would
> allow Wikimedia to distance itself from knowing people's identities, but
> still allow admins to revoke permissions if people acted up. The user
> shows a real identity, gets a token, and exchanges that token over tor
> for an account. If the user abuses the site, Wikimedia site admins can
> blacklist the user without ever being able to learn who they were or
> what other edits they did. More: https://cs.uwaterloo.ca/~iang/ Ian
> Golberg's, Nick Hopper's, and Apu Kapadia's groups are all working on
> Nymble or its derivatives. It's not ready for production yet, I bet,
> but if someone wanted a Big Project....

A few things strike me there:

1: Is there one central PM and NM, or can there be multiple competing
PM and NM providers? If the latter, there's no indication of how easy
it is to set up a PM or NM. If the vandal can set up their own PM or
NM, they can easily pretend to be an entirely new person for each
edit, rendering the whole thing pointless.

2: It looks like Nymble allows us to block the person, but only for a
short period of time (less than one day by default) at the discretion
of the NM, since the "linking token" only works within one
"linkability window".

3: The inability to see what other edits the user did before being
blocked may also be a sticking point, as one of the first things many
do when reverting vandalism is to check Special:Contributions to see
if the user vandalized anything else at the same time.

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


ariel at wikimedia

Dec 28, 2012, 7:47 AM

Post #7 of 26 (1253 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

Στις 28-12-2012, ημέρα Παρ, και ώρα 10:38 -0500, ο/η Brad Jorsch έγραψε:
> On Thu, Dec 27, 2012 at 7:26 PM, Sumana Harihareswara
> <sumanah [at] wikimedia> wrote:
> > 3) Look at Nymble - http://freehaven.net/anonbib/#oakland11-formalizing
> > and http://cgi.soic.indiana.edu/~kapadia/nymble/overview.php . It would
> > allow Wikimedia to distance itself from knowing people's identities, but
> > still allow admins to revoke permissions if people acted up. The user
> > shows a real identity, gets a token, and exchanges that token over tor
> > for an account. If the user abuses the site, Wikimedia site admins can
> > blacklist the user without ever being able to learn who they were or
> > what other edits they did. More: https://cs.uwaterloo.ca/~iang/ Ian
> > Golberg's, Nick Hopper's, and Apu Kapadia's groups are all working on
> > Nymble or its derivatives. It's not ready for production yet, I bet,
> > but if someone wanted a Big Project....
>
> A few things strike me there:
>
> 1: Is there one central PM and NM, or can there be multiple competing
> PM and NM providers? If the latter, there's no indication of how easy
> it is to set up a PM or NM. If the vandal can set up their own PM or
> NM, they can easily pretend to be an entirely new person for each
> edit, rendering the whole thing pointless.
>
> 2: It looks like Nymble allows us to block the person, but only for a
> short period of time (less than one day by default) at the discretion
> of the NM, since the "linking token" only works within one
> "linkability window".
>
> 3: The inability to see what other edits the user did before being
> blocked may also be a sticking point, as one of the first things many
> do when reverting vandalism is to check Special:Contributions to see
> if the user vandalized anything else at the same time.
>

If we don't have the abiity to track down the user IP, what will we do
about socks via Tor? And here what I mean is, checkusers won't be able
to look at the edits of several apparently distinct users and be able,
for example, to verify that they came from the same small subnet of ips
from the same ISP.

Ariel



_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


qgil at wikimedia

Dec 28, 2012, 8:14 AM

Post #8 of 26 (1241 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

Sorry, just missing a bit of background:

What are the main use cases for people willing to use Tor while editing
Wikimedia sites?

--
Quim Gil
Technical Contributor Coordinator @ Wikimedia Foundation
http://www.mediawiki.org/wiki/User:Qgil

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


tbayer at wikimedia

Dec 28, 2012, 9:29 AM

Post #9 of 26 (1238 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On Fri, Dec 28, 2012 at 1:26 AM, Sumana Harihareswara <sumanah [at] wikimedia
> wrote:

> TL;DR: A few ideas follow on how we could possibly help legit editors
> contribute from behind Tor proxies. I am just conversant enough with
> the security problems to make unworkable suggestions ;-), so please
> correct me, critique & suggest solutions, and perhaps volunteer to help.
>
> The current situation:
>
> https://en.wikipedia.org/wiki/Wikipedia:Advice_to_users_using_Tor_to_bypass_the_Great_Firewall#Need_an_account_.26_Tor_won.27t_let_you_create_one.3F
> We generally don't let anyone edit or upload from behind Tor; the
> TorBlock extension stops them. One exception: a person can create an
> account, accumulate lots of good edits, and then ask for an IP block
> exemption, and then use that account to edit from behind Tor. This is
> unappealing because then there's still a bunch of in-the-clear editing
> that has to happen first, and because then site functionaries know that
> the account is going to be making controversial edits (and could
> possibly connect it to IPs in the future, right?). And right now
> there's no way to truly *anonymously* contribute from behind Tor
> proxies; you have to log in. However, since JavaScript delivery is hard
> for Tor users, I'm not sure how much editing from Tor -- vandalism or
> legit -- is actually happening. (I hope for analytics on this and thus
> added it to https://www.mediawiki.org/wiki/Analytics/Dreams .) We know
> at least that there are legitimate editors who would prefer to use Tor
> and can't.
>
> People have been talking about how to improve the situation for some
> time -- see http://cryptome.info/wiki-no-tor.htm and
> https://lists.torproject.org/pipermail/tor-dev/2012-October/004116.html

I'm probably one of the many "Wikipedia folks" mentioned there, as I had a
conversation about the issue with Roger Dingledine at 26C3 (where I
subsequently gave a talk about Checkuser and sockpuppets).
My impression back then was that while there was quite a lot of goodwill by
smart Tor people to help Wikipedia find a solution, they were assuming a
wrong threat model - basically just trying to reimplement IP autoblocks for
Tor users, while ignoring the kind of abuse that is the reason for the
existence of the Checkuser extension (and I am not confident that I was
able to change that with my talk). The linked October 2012 thread still
seems to assume that the problem is just "spammers using Tor".


. It'd be nice if it could actually move forward.
>
Thanks a lot for restarting this discussion, in any case. I would love to
see a solution that enables editing Wikipedia via Tor, but I strongly
recommend consulting Checkusers while developing it.


> I've floated this problem past Tor and privacy people, and here are a
> few ideas:
>
> 1) Just use the existing mechanisms more leniently. Encourage the
> communities (Wikimedia & Tor) to use
> https://en.wikipedia.org/wiki/Wikipedia:Request_an_account (to get an
> account from behind Tor) and to let more people get IP block exemptions
> even before they've made any edits (< 30 people have gotten exemptions
> on en.wp in 2012). Add encouraging "get an exempt account" language to
> the "you're blocked because you're using Tor" messaging. Then if
> there's an uptick in vandalism from Tor then they can just tighten up
> again.
>
> 2) Encourage people with closed proxies to re-vitalize
> https://en.wikipedia.org/wiki/Wikipedia:WOCP . Problem: using closed
> proxies is okay for people with some threat models but not others.
>
> 3) Look at Nymble - http://freehaven.net/anonbib/#oakland11-formalizing
> and http://cgi.soic.indiana.edu/~kapadia/nymble/overview.php . It would
> allow Wikimedia to distance itself from knowing people's identities, but
> still allow admins to revoke permissions if people acted up. The user
> shows a real identity, gets a token, and exchanges that token over tor
> for an account. If the user abuses the site, Wikimedia site admins can
> blacklist the user without ever being able to learn who they were or
> what other edits they did. More: https://cs.uwaterloo.ca/~iang/ Ian
> Golberg's, Nick Hopper's, and Apu Kapadia's groups are all working on
> Nymble or its derivatives. It's not ready for production yet, I bet,
> but if someone wanted a Big Project....
>
As Brad and Ariel point out, Nymble in the form described on the linked
project page does not seem to allow long-term blocks, and cannot deal with
dynamic IPs. In other words, it would only provide the analogue of
autoblock functionality for Tor users. The linked paper by Henry and
Goldberg is more realistic about these limitations, discussing IP addresses
only as one of several possible "unique identifiers" (V). From the
concluding remarks to that chapter, it seems most likely that they would
recommend "some form of PKI or government ID-based registration" for our
purposes.


> 3a) A token authorization system (perhaps a MediaWiki extension) where
> the server blindly signs a token, and then the user can use that token
> to bypass the Tor blocks. (Tyler mentioned he saw this somewhere in a
> Bugzilla suggestion; I haven't found it.)
>
> 4) Allow more users the IP block exemption, possibly even automatically
> after a certain number of unreverted edits, but with some kind of
> FlaggedRevs integration; Tor users can edit but their changes have to be
> reviewed before going live. We could combine this with (3); Nymble
> administrators or token-issuers could pledge to review edits coming from
> Tor. But that latter idea sounds like a lot of social infrastructure to
> set up and maintain.
>
>
> Thoughts? Are any of you interested in working on this problem? #tor on
> the OFTC IRC server is full of people who'd be interested in talking
> about this.
>
> --
> Sumana Harihareswara
> Engineering Community Manager
> Wikimedia Foundation
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
>



--
Tilman Bayer
Senior Operations Analyst (Movement Communications)
Wikimedia Foundation
IRC (Freenode): HaeB
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


sumanah at wikimedia

Dec 28, 2012, 9:36 AM

Post #10 of 26 (1238 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On 12/28/2012 11:14 AM, Quim Gil wrote:
> Sorry, just missing a bit of background:
>
> What are the main use cases for people willing to use Tor while editing
> Wikimedia sites?

The big one, as I see it (quoting from https://www.torproject.org/ ):
"Activists use Tor to anonymously report abuses from danger zones.
Whistleblowers use Tor to safely report on corruption." Iran, Burma,
and China come up a lot in these discussions. Also, sometimes editors
want to avoid surveillance from an ISP or employer.

https://www.torproject.org/about/torusers.html.en has more use cases for
Tor use generally.
--
Sumana Harihareswara
Engineering Community Manager
Wikimedia Foundation

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


dgerard at gmail

Dec 28, 2012, 9:39 AM

Post #11 of 26 (1238 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On 28 December 2012 17:36, Sumana Harihareswara <sumanah [at] wikimedia> wrote:

> The big one, as I see it (quoting from https://www.torproject.org/ ):
> "Activists use Tor to anonymously report abuses from danger zones.
> Whistleblowers use Tor to safely report on corruption." Iran, Burma,
> and China come up a lot in these discussions. Also, sometimes editors
> want to avoid surveillance from an ISP or employer.


The use case is not so much Wikipedia, then. Wikinews, however.


- d.

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


sumanah at wikimedia

Dec 28, 2012, 9:43 AM

Post #12 of 26 (1237 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On 12/28/2012 12:39 PM, David Gerard wrote:
> On 28 December 2012 17:36, Sumana Harihareswara <sumanah [at] wikimedia> wrote:
>
>> The big one, as I see it (quoting from https://www.torproject.org/ ):
>> "Activists use Tor to anonymously report abuses from danger zones.
>> Whistleblowers use Tor to safely report on corruption." Iran, Burma,
>> and China come up a lot in these discussions. Also, sometimes editors
>> want to avoid surveillance from an ISP or employer.
>
>
> The use case is not so much Wikipedia, then. Wikinews, however.

Commons and potentially Wikisource seem like possibilities as well. And
perhaps less English Wikipedia than the Farsi, Chinese, and Burmese
Wikipedias?

--
Sumana Harihareswara
Engineering Community Manager
Wikimedia Foundation

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


sumanah at wikimedia

Dec 28, 2012, 10:08 AM

Post #13 of 26 (1239 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On 12/28/2012 12:43 PM, Sumana Harihareswara wrote:
> On 12/28/2012 12:39 PM, David Gerard wrote:
>> On 28 December 2012 17:36, Sumana Harihareswara <sumanah [at] wikimedia> wrote:
>>
>>> The big one, as I see it (quoting from https://www.torproject.org/ ):
>>> "Activists use Tor to anonymously report abuses from danger zones.
>>> Whistleblowers use Tor to safely report on corruption." Iran, Burma,
>>> and China come up a lot in these discussions. Also, sometimes editors
>>> want to avoid surveillance from an ISP or employer.
>>
>>
>> The use case is not so much Wikipedia, then. Wikinews, however.
>
> Commons and potentially Wikisource seem like possibilities as well. And
> perhaps less English Wikipedia than the Farsi, Chinese, and Burmese
> Wikipedias?

By the way, I fiddled with the metrics at
https://metrics.torproject.org/users.html?table=censorship-events&start=2000-09-29&end=2012-12-28#censorship-events
and got this list of countries: China, United Republic of Tanzania,
Republic of Korea, Ethiopia, Philippines, Seychelles, Iran, Pakistan,
Gibraltar, and Bangladesh.

Freedom House on the countries & territories that are worst re: freedom
of expression:
http://www.freedomhouse.org/report/special-reports/worst-worst-2012-worlds-most-repressive-societies
: Equatorial Guinea, Eritrea, North Korea, Saudi Arabia, Somalia, Sudan,
Syria, Turkmenistan, Uzbekistan, Tibet, Western Sahara, Belarus, Burma,
Chad, China, Cuba, Laos, Libya, and the territory of South Ossetia.

--
Sumana Harihareswara
Engineering Community Manager
Wikimedia Foundation

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


bawolff+wn at gmail

Dec 28, 2012, 10:44 PM

Post #14 of 26 (1237 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

>IP block exemption is rarely given because it allows someone to keep
>editing on their main account when a sock is blocked.
>
>Tor exemption should be separate from IP block exemption.

Note - that's just a config setting away. The rights are already
separate rights, they just happen to be in the same group on
Wikimedia.

-bawolff

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


Platonides at gmail

Dec 29, 2012, 4:12 PM

Post #15 of 26 (1254 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On 28/12/12 18:29, Tilman Bayer wrote:
> On Fri, Dec 28, 2012 at 1:26 AM, Sumana Harihareswara wrote:
>> I've floated this problem past Tor and privacy people, and here are a
>> few ideas:
>>
>> 1) Just use the existing mechanisms more leniently. Encourage the
>> communities (Wikimedia & Tor) to use
>> https://en.wikipedia.org/wiki/Wikipedia:Request_an_account (to get an
>> account from behind Tor) and to let more people get IP block exemptions
>> even before they've made any edits (< 30 people have gotten exemptions
>> on en.wp in 2012). Add encouraging "get an exempt account" language to
>> the "you're blocked because you're using Tor" messaging. Then if
>> there's an uptick in vandalism from Tor then they can just tighten up
>> again.

This seems the right approach.


>> 2) Encourage people with closed proxies to re-vitalize
>> https://en.wikipedia.org/wiki/Wikipedia:WOCP . Problem: using closed
>> proxies is okay for people with some threat models but not others.


I didn't know about it. This is an interesting concept. It would be
possible to setup some 'public wikipedia proxys' (eg. by an European
chapter) and encourage its use.
It would still be possible to checkuser people going through that, but
a 2-tier process would be needed (wiki checkuser + proxy admin) thus
protecting from a rogue checkuser (Is that the primary concern of good
editors wishing to use proxys?). We could use that setup for gaining
information about usage (eg. it was 90% spam).


>> 3) Look at Nymble - http://freehaven.net/anonbib/#oakland11-formalizing
>> and http://cgi.soic.indiana.edu/~kapadia/nymble/overview.php . It would
>> allow Wikimedia to distance itself from knowing people's identities, but
>> still allow admins to revoke permissions if people acted up. The user
>> shows a real identity, gets a token, and exchanges that token over tor
>> for an account. If the user abuses the site, Wikimedia site admins can
>> blacklist the user without ever being able to learn who they were or
>> what other edits they did. More: https://cs.uwaterloo.ca/~iang/ Ian
>> Golberg's, Nick Hopper's, and Apu Kapadia's groups are all working on
>> Nymble or its derivatives. It's not ready for production yet, I bet,
>> but if someone wanted a Big Project....
>
> As Brad and Ariel point out, Nymble in the form described on the linked
> project page does not seem to allow long-term blocks, and cannot deal with
> dynamic IPs. In other words, it would only provide the analogue of
> autoblock functionality for Tor users. The linked paper by Henry and
> Goldberg is more realistic about these limitations, discussing IP addresses
> only as one of several possible "unique identifiers" (V). From the
> concluding remarks to that chapter, it seems most likely that they would
> recommend "some form of PKI or government ID-based registration" for our
> purposes.

Requiring a government ID for connecting through tor would be even worse
for privacy.

I completely agree that matching with the IP address used to request the
nymble token is not enough. Maybe if the tokens were instead based in
ISP+zone geolocation, that could be a way. Still, that would still miss
linkability for vandals which use eg. both their home and work connections.


> 3a) A token authorization system (perhaps a MediaWiki extension) where
> the server blindly signs a token, and then the user can use that token
> to bypass the Tor blocks. (Tyler mentioned he saw this somewhere in a
> Bugzilla suggestion; I haven't found it.)

Bug 3729 ?


>> Thoughts? Are any of you interested in working on this problem? #tor on
>> the OFTC IRC server is full of people who'd be interested in talking
>> about this.

This is a social problem. We have the tools to fix it (account creation
+ ip block exemption). If someone asked me for that (in a project where
I can) because they are censored by their government I would gladly
grant it.
That also means that when they replaced 'Jimbo' with 'penis', 5 minutes
after getting their account, I would notice and kick them out.
In my experience, far more people is trying to use tor in wikipedia for
vandalising than for doing constructive edits / due to local censorship.
Although I concede that it's probably the opposite on certain wikis I
don't edit.
The problem with global solutions are vandals abusing it.

"If I don't get caught on 10 edits I can edit through tor" is a candle
for vandals. Note that "I don't get caught" is different than "doing a
constructive edit".

An idea would be to force some recaptcha-style work before giving such
tokens, so even though we know they will abuse the system, we are still
using them as improving force (although the following vandalism could
still be worse than what we gained).


I also wonder if we are not aiming too high, trying to solve the
anonimity and traceability problems on the internet, while we have for
instance captchas forced to anons and newbies on a couple wikis due to a
bot vandalism done years ago (bug 41745).


_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


tylerromeo at gmail

Jan 4, 2013, 5:53 AM

Post #16 of 26 (1210 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On the topic of whether allowing Tor users to edit is a concern, I believe
so. Because of Tor blocks, it is sometimes extremely difficult, or even
impossible altogether, to edit Wikipedia for some users. I believe we
should give these users the opportunity to contribute rather than have them
punished because of others who misuse Tor for spamming/sockpuppeting.

As far as a solution goes, I have a complete codebase for
Extension:TokenAuth, which allows users to have MediaWiki sign a blinded
token, which can then be used to bypass a specific IP block in order to log
in and edit. It is almost ready; there are just a few functionality
problems with the JavaScript crypto library.

*--*
*Tyler Romeo*
Stevens Institute of Technology, Class of 2015
Major in Computer Science
www.whizkidztech.com | tylerromeo [at] gmail


On Sat, Dec 29, 2012 at 7:12 PM, Platonides <Platonides [at] gmail> wrote:

> On 28/12/12 18:29, Tilman Bayer wrote:
> > On Fri, Dec 28, 2012 at 1:26 AM, Sumana Harihareswara wrote:
> >> I've floated this problem past Tor and privacy people, and here are a
> >> few ideas:
> >>
> >> 1) Just use the existing mechanisms more leniently. Encourage the
> >> communities (Wikimedia & Tor) to use
> >> https://en.wikipedia.org/wiki/Wikipedia:Request_an_account (to get an
> >> account from behind Tor) and to let more people get IP block exemptions
> >> even before they've made any edits (< 30 people have gotten exemptions
> >> on en.wp in 2012). Add encouraging "get an exempt account" language to
> >> the "you're blocked because you're using Tor" messaging. Then if
> >> there's an uptick in vandalism from Tor then they can just tighten up
> >> again.
>
> This seems the right approach.
>
>
> >> 2) Encourage people with closed proxies to re-vitalize
> >> https://en.wikipedia.org/wiki/Wikipedia:WOCP . Problem: using closed
> >> proxies is okay for people with some threat models but not others.
>
>
> I didn't know about it. This is an interesting concept. It would be
> possible to setup some 'public wikipedia proxys' (eg. by an European
> chapter) and encourage its use.
> It would still be possible to checkuser people going through that, but
> a 2-tier process would be needed (wiki checkuser + proxy admin) thus
> protecting from a “rogue checkuser” (Is that the primary concern of good
> editors wishing to use proxys?). We could use that setup for gaining
> information about usage (eg. it was 90% spam).
>
>
> >> 3) Look at Nymble - http://freehaven.net/anonbib/#oakland11-formalizing
> >> and http://cgi.soic.indiana.edu/~kapadia/nymble/overview.php . It
> would
> >> allow Wikimedia to distance itself from knowing people's identities, but
> >> still allow admins to revoke permissions if people acted up. The user
> >> shows a real identity, gets a token, and exchanges that token over tor
> >> for an account. If the user abuses the site, Wikimedia site admins can
> >> blacklist the user without ever being able to learn who they were or
> >> what other edits they did. More: https://cs.uwaterloo.ca/~iang/ Ian
> >> Golberg's, Nick Hopper's, and Apu Kapadia's groups are all working on
> >> Nymble or its derivatives. It's not ready for production yet, I bet,
> >> but if someone wanted a Big Project....
> >
> > As Brad and Ariel point out, Nymble in the form described on the linked
> > project page does not seem to allow long-term blocks, and cannot deal
> with
> > dynamic IPs. In other words, it would only provide the analogue of
> > autoblock functionality for Tor users. The linked paper by Henry and
> > Goldberg is more realistic about these limitations, discussing IP
> addresses
> > only as one of several possible "unique identifiers" (§V). From the
> > concluding remarks to that chapter, it seems most likely that they would
> > recommend "some form of PKI or government ID-based registration" for our
> > purposes.
>
> Requiring a government ID for connecting through tor would be even worse
> for privacy.
>
> I completely agree that matching with the IP address used to request the
> nymble token is not enough. Maybe if the tokens were instead based in
> ISP+zone geolocation, that could be a way. Still, that would still miss
> linkability for vandals which use eg. both their home and work connections.
>
>
> > 3a) A token authorization system (perhaps a MediaWiki extension) where
> > the server blindly signs a token, and then the user can use that token
> > to bypass the Tor blocks. (Tyler mentioned he saw this somewhere in a
> > Bugzilla suggestion; I haven't found it.)
>
> Bug 3729 ?
>
>
> >> Thoughts? Are any of you interested in working on this problem? #tor on
> >> the OFTC IRC server is full of people who'd be interested in talking
> >> about this.
>
> This is a social problem. We have the tools to fix it (account creation
> + ip block exemption). If someone asked me for that (in a project where
> I can) because they are censored by their government I would gladly
> grant it.
> That also means that when they replaced 'Jimbo' with 'penis', 5 minutes
> after getting their account, I would notice and kick them out.
> In my experience, far more people is trying to use tor in wikipedia for
> vandalising than for doing constructive edits / due to local censorship.
> Although I concede that it's probably the opposite on ‘certain wikis’ I
> don't edit.
> The problem with global solutions are vandals abusing it.
>
> "If I don't get caught on 10 edits I can edit through tor" is a candle
> for vandals. Note that "I don't get caught" is different than "doing a
> constructive edit".
>
> An idea would be to force some recaptcha-style work before giving such
> tokens, so even though we know they will abuse the system, we are still
> using them as improving force (although the following vandalism could
> still be worse than what we gained).
>
>
> I also wonder if we are not aiming too high, trying to solve the
> anonimity and traceability problems on the internet, while we have for
> instance captchas forced to anons and newbies on a couple wikis due to a
> bot vandalism done years ago (bug 41745).
>
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
>
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


bawolff+wn at gmail

Jan 4, 2013, 5:44 PM

Post #17 of 26 (1209 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On Fri, Jan 4, 2013 at 9:53 AM, Tyler Romeo <tylerromeo [at] gmail> wrote:
[..]
> As far as a solution goes, I have a complete codebase for
> Extension:TokenAuth, which allows users to have MediaWiki sign a blinded
> token, which can then be used to bypass a specific IP block in order to log
> in and edit. It is almost ready; there are just a few functionality
> problems with the JavaScript crypto library.

That sounds really cool. However I'm not sure how it solves the
problem. If we allow people to get tokens signed that lets them bypass
the TOR blocks, we may as well just not hand out tor blocks in the
first place (if everyone can get a blinded token), or hand out the
overrides via IP block exempt group (If we limit who can get such
tokens).

-bawolff

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


risker.wp at gmail

Jan 4, 2013, 7:27 PM

Post #18 of 26 (1206 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On 4 January 2013 20:44, bawolff <bawolff+wn [at] gmail> wrote:

> On Fri, Jan 4, 2013 at 9:53 AM, Tyler Romeo <tylerromeo [at] gmail> wrote:
> [..]
> > As far as a solution goes, I have a complete codebase for
> > Extension:TokenAuth, which allows users to have MediaWiki sign a blinded
> > token, which can then be used to bypass a specific IP block in order to
> log
> > in and edit. It is almost ready; there are just a few functionality
> > problems with the JavaScript crypto library.
>
> That sounds really cool. However I'm not sure how it solves the
> problem. If we allow people to get tokens signed that lets them bypass
> the TOR blocks, we may as well just not hand out tor blocks in the
> first place (if everyone can get a blinded token), or hand out the
> overrides via IP block exempt group (If we limit who can get such
> tokens).
>
>
Bawolff has it right, pretty much. For legitimate users, an IPBE can be
handed out. We have very limited human resources on the projects themselves
to address the issuing of tokens and IPBEs now.

For me, this is largely a philosophical argument; yes, it would be in
keeping with the "everyone can edit" ethic to enable Tor editing. For a
very small number of WMF projects, it might attract a greater number of
editors; if the project itself wants to consider Tor editing appropriate,
it would be nice to find a way to exempt that project from the general
prohibition. On the other hand, for the vast majority of projects, it would
attract more problems and/or require excess attention from the limited
number of volunteers (ie, checkusers) who are qualified to determine if an
IPBE or "Tor token" is appropriate for a specific user. On some projects,
almost every single editor who has ever been found to use [not yet blocked]
Tor IPs was identified as such because of a legitimate concern about that
editor's behaviour.

Risker/Anne
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


aude.wiki at gmail

Jan 4, 2013, 7:44 PM

Post #19 of 26 (1207 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On Sat, Jan 5, 2013 at 4:27 AM, Risker <risker.wp [at] gmail> wrote:

>
>
> >
> Bawolff has it right, pretty much. For legitimate users, an IPBE can be
> handed out. We have very limited human resources on the projects themselves
> to address the issuing of tokens and IPBEs now.
>
> For me, this is largely a philosophical argument; yes, it would be in
> keeping with the "everyone can edit" ethic to enable Tor editing. For a
> very small number of WMF projects, it might attract a greater number of
> editors; if the project itself wants to consider Tor editing appropriate,
> it would be nice to find a way to exempt that project from the general
> prohibition. On the other hand, for the vast majority of projects, it would
> attract more problems and/or require excess attention from the limited
> number of volunteers (ie, checkusers) who are qualified to determine if an
> IPBE or "Tor token" is appropriate for a specific user. On some projects,
> almost every single editor who has ever been found to use [not yet blocked]
> Tor IPs was identified as such because of a legitimate concern about that
> editor's behaviour.
>

I hope we don't (but rarely, perhaps) checkuser accounts that are behaving
properly, so don't think we'd necessarily find many of the well-behaving
tor users.

Of course, we find the bad behavior accounts.

Cheers,
Katie





>
> Risker/Anne
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
>



--
@wikimediadc / @wikidata
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


sumanah at wikimedia

Sep 27, 2013, 4:40 PM

Post #20 of 26 (900 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

This is a quick followup to
http://www.gossamer-threads.com/lists/wiki/wikitech/323006 and partly in
keeping with the anti-vandalism discussion at
http://www.gossamer-threads.com/lists/wiki/wikitech/392727 as well.

On 12/27/2012 07:26 PM, Sumana Harihareswara wrote:
> TL;DR: A few ideas follow on how we could possibly help legit editors
> contribute from behind Tor proxies....
[snip]
> 4) Allow more users the IP block exemption, possibly even automatically
> after a certain number of unreverted edits, but with some kind of
> FlaggedRevs integration; Tor users can edit but their changes have to be
> reviewed before going live. We could combine this with (3); Nymble
> administrators or token-issuers could pledge to review edits coming from
> Tor. But that latter idea sounds like a lot of social infrastructure to
> set up and maintain.

From talking to Eleanor Saitta: could we do FlaggedRevs by IP space,
and/or by the intersection of IPs and topic space? Basically, let people
edit from Tor IPs (and/or whitelist or blacklist categories) as long as
those go through a FlaggedRevs-type process? And we could also do
FlaggedRevs on specific IP ranges, like blocks that are known to be
certain government office buildings.

--
Sumana Harihareswara
Engineering Community Manager
Wikimedia Foundation

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


arcane at live

Sep 27, 2013, 5:47 PM

Post #21 of 26 (902 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

I like this idea. Not every Tor user is vandal or troll, and assuming that all of them are by default is not assuming good faith. Some people are just really paranoid about their internet anonymity or live in restrictive countries (both of which I sympathize with), so this idea would let them edit in good faith while filtering out vandal/troll edits. It would also be a good idea to apply this to certain IP ranges like government/office buildings for similar reasons.

> Date: Fri, 27 Sep 2013 19:40:53 -0400
> From: sumanah [at] wikimedia
> To: wikitech-l [at] lists; ella [at] dymaxion
> Subject: Re: [Wikitech-l] Can we help Tor users make legitimate edits?
>
> This is a quick followup to
> http://www.gossamer-threads.com/lists/wiki/wikitech/323006 and partly in
> keeping with the anti-vandalism discussion at
> http://www.gossamer-threads.com/lists/wiki/wikitech/392727 as well.
>
> On 12/27/2012 07:26 PM, Sumana Harihareswara wrote:
> > TL;DR: A few ideas follow on how we could possibly help legit editors
> > contribute from behind Tor proxies....
> [snip]
> > 4) Allow more users the IP block exemption, possibly even automatically
> > after a certain number of unreverted edits, but with some kind of
> > FlaggedRevs integration; Tor users can edit but their changes have to be
> > reviewed before going live. We could combine this with (3); Nymble
> > administrators or token-issuers could pledge to review edits coming from
> > Tor. But that latter idea sounds like a lot of social infrastructure to
> > set up and maintain.
>
> From talking to Eleanor Saitta: could we do FlaggedRevs by IP space,
> and/or by the intersection of IPs and topic space? Basically, let people
> edit from Tor IPs (and/or whitelist or blacklist categories) as long as
> those go through a FlaggedRevs-type process? And we could also do
> FlaggedRevs on specific IP ranges, like blocks that are known to be
> certain government office buildings.
>
> --
> Sumana Harihareswara
> Engineering Community Manager
> Wikimedia Foundation
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


risker.wp at gmail

Sep 27, 2013, 6:05 PM

Post #22 of 26 (902 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On 27 September 2013 19:40, Sumana Harihareswara <sumanah [at] wikimedia>wrote:

> This is a quick followup to
> http://www.gossamer-threads.com/lists/wiki/wikitech/323006 and partly in
> keeping with the anti-vandalism discussion at
> http://www.gossamer-threads.com/lists/wiki/wikitech/392727 as well.
>
> On 12/27/2012 07:26 PM, Sumana Harihareswara wrote:
> > TL;DR: A few ideas follow on how we could possibly help legit editors
> > contribute from behind Tor proxies....
> [snip]
> > 4) Allow more users the IP block exemption, possibly even automatically
> > after a certain number of unreverted edits, but with some kind of
> > FlaggedRevs integration; Tor users can edit but their changes have to be
> > reviewed before going live. We could combine this with (3); Nymble
> > administrators or token-issuers could pledge to review edits coming from
> > Tor. But that latter idea sounds like a lot of social infrastructure to
> > set up and maintain.
>
> From talking to Eleanor Saitta: could we do FlaggedRevs by IP space,
> and/or by the intersection of IPs and topic space? Basically, let people
> edit from Tor IPs (and/or whitelist or blacklist categories) as long as
> those go through a FlaggedRevs-type process? And we could also do
> FlaggedRevs on specific IP ranges, like blocks that are known to be
> certain government office buildings.
>
>
I think perhaps there's a real disconnect between what Flagged Revisions
does and its purpose, as well as how widespread its use is. FR is not used
on 95% of Wikimedia projects. It is attached to specific pages (or entire
namespaces); it is not attached to either anonymous (IP) or registered
users. You're looking for some other type of software, some form of user
right if it is to be attached to specific users (either anonymous or
registered) that would....do what, exactly? Require that a project's
editors review every single edit from those IPs but not block them, no
matter how much junk they put in a project?

And again, any such use would be specific to each project. I would be very
disturbed if the WMF was to take it upon itself to start telling projects
they have to accept edits from IPs and ranges they've had extremely poor
experience with. AGF is not a suicide pact.

Risker/Anne
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


arcane at live

Sep 27, 2013, 6:36 PM

Post #23 of 26 (904 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

Hmm, I can see your point. Flagged Revs would be as much of hindrances on regular users as it would be on Tor users. I still think it should be permissable for Tor editors to submit legitimate edits in some way, but your points about the AGF policy and the purpose of Flagged Revs are duly noted.

> Date: Fri, 27 Sep 2013 21:05:29 -0400
> From: risker.wp [at] gmail
> To: wikitech-l [at] lists
> Subject: Re: [Wikitech-l] Can we help Tor users make legitimate edits?
>
> On 27 September 2013 19:40, Sumana Harihareswara <sumanah [at] wikimedia>wrote:
>
> > This is a quick followup to
> > http://www.gossamer-threads.com/lists/wiki/wikitech/323006 and partly in
> > keeping with the anti-vandalism discussion at
> > http://www.gossamer-threads.com/lists/wiki/wikitech/392727 as well.
> >
> > On 12/27/2012 07:26 PM, Sumana Harihareswara wrote:
> > > TL;DR: A few ideas follow on how we could possibly help legit editors
> > > contribute from behind Tor proxies....
> > [snip]
> > > 4) Allow more users the IP block exemption, possibly even automatically
> > > after a certain number of unreverted edits, but with some kind of
> > > FlaggedRevs integration; Tor users can edit but their changes have to be
> > > reviewed before going live. We could combine this with (3); Nymble
> > > administrators or token-issuers could pledge to review edits coming from
> > > Tor. But that latter idea sounds like a lot of social infrastructure to
> > > set up and maintain.
> >
> > From talking to Eleanor Saitta: could we do FlaggedRevs by IP space,
> > and/or by the intersection of IPs and topic space? Basically, let people
> > edit from Tor IPs (and/or whitelist or blacklist categories) as long as
> > those go through a FlaggedRevs-type process? And we could also do
> > FlaggedRevs on specific IP ranges, like blocks that are known to be
> > certain government office buildings.
> >
> >
> I think perhaps there's a real disconnect between what Flagged Revisions
> does and its purpose, as well as how widespread its use is. FR is not used
> on 95% of Wikimedia projects. It is attached to specific pages (or entire
> namespaces); it is not attached to either anonymous (IP) or registered
> users. You're looking for some other type of software, some form of user
> right if it is to be attached to specific users (either anonymous or
> registered) that would....do what, exactly? Require that a project's
> editors review every single edit from those IPs but not block them, no
> matter how much junk they put in a project?
>
> And again, any such use would be specific to each project. I would be very
> disturbed if the WMF was to take it upon itself to start telling projects
> they have to accept edits from IPs and ranges they've had extremely poor
> experience with. AGF is not a suicide pact.
>
> Risker/Anne
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


gryllida at fastmail

Sep 27, 2013, 8:25 PM

Post #24 of 26 (901 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On Sat, 28 Sep 2013, at 10:17, Arcane 21 wrote:
> I like this idea. Not every Tor user is vandal or troll, and assuming that all of them are by default is not assuming good faith.

To avoid endless abuse some services ask people to register from a non-TOR IP, and allow them to connect from TOR after registering.

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


tylerromeo at gmail

Sep 27, 2013, 9:27 PM

Post #25 of 26 (901 views)
Permalink
Re: Can we help Tor users make legitimate edits? [In reply to]

On Fri, Sep 27, 2013 at 7:40 PM, Sumana Harihareswara <sumanah [at] wikimedia
> wrote:

> From talking to Eleanor Saitta: could we do FlaggedRevs by IP space,
> and/or by the intersection of IPs and topic space? Basically, let people
> edit from Tor IPs (and/or whitelist or blacklist categories) as long as
> those go through a FlaggedRevs-type process? And we could also do
> FlaggedRevs on specific IP ranges, like blocks that are known to be
> certain government office buildings.
>

Unfortunately this would not solve the inherent problem with users editing
from Tor. The reason Tor editors are blocked is not just because of
vandalism. If that were the case, we'd just block anonymous editors and
allow logged in users to edit over Tor.

In other words, cleaning up vandalism from regular users vs. Tor users is
the same amount of work: you revert the vandalism and possibly block the
user. Like somebody else mentioned, FlaggedRevs is not related to the
editors as much as it is to the content. Vandalism still has to be removed
regardless of whether the page has FlaggedRevs. The only difference is that
other users won't see the vandalism because it will be hidden from them.

The reason Tor users are really blocked is because Tor allows users to hide
their actual IP address, which makes it difficult to IP-ban people from
editing and creating accounts, which is sometimes done for severe vandals.
Vandals can continue to switch IP addresses at will, create new accounts,
and continue vandalizing. The only way to avoid this issue is to force
users to associate themselves with a "real" IP address before anonymously
editing, but that kind of defeats the point of being anonymous in the first
place.

Ideas were thrown around of issuing an anonymous token. The idea is that
you generate a secret token, perform some crypto on that token to mask and
hide it, and then have Wikipedia sign the masked and hidden token. Because
of the nature of RSA, you can have Wikipedia sign the hidden token and then
later extract a signature for the real token. Then, when you switch to Tor,
you give the real signed token back to Wikipedia. This allows the site to
know that it previously authenticated the user without being able to link
it with the original IP address. Then, you do major rate-limiting, i.e.,
allowing a given IP address to request a signature once every week or
something. Now rather than blocking an IP address, you block the token, and
since the user can only get a token once a week, they're yet again limited
to using their real IP address.

However, as pointed out, this suffers from a number of issues: 1) a week is
a long time, and on a shared IP address it could be impossible to use; 2)
it requires a lot of client-side crypto, which has to be done in either
JavaScript or a custom client; 3) since the rate-limiting is the equivalent
of IP blocks, vandal IP addresses can never be blocked for more than a
week, which means the problem isn't truly solved. In the end, it comes down
to trying to balance the rate-limiting between usability and blocking
capability. I attempted an implementation of this a while ago, but
abandoned it due to lack of interest. If somebody thinks these goals are
surmountable, I'm sure we can resume discussion on it and maybe I can
resume implementation.

*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2016
Major in Computer Science
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

First page Previous page 1 2 Next page Last page  View All Wikipedia wikitech RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.