[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hello directly from Jimbo at Wikipedia



Paul Syverson wrote:
> OK. I was letting out some frustration there. One of the main reasons
> for this is the raising of the standard spam red herring. You appear
> to have raised it again below, and I still don't understand why.  I
> take spam to mean the mass sending of unsolicited email. I don't want
> to get into quibbles about 'commercial' or criteria for what counts as
> solicited. But this does not seem to be what you are talking about at
> all.

What I'm talking about is people using Tor to post hundreds of random
links to chinese porn sites, that sort of thing.  It is
uncontroversially bad.  I'm not talking about borderline cases about
which one might quibble.

But you are right, I'm not talking about email spam.  I'm talking about
wiki spam.

> Yes we are, but that's not the only security you could implement, and
> I hope no one would suggest it. But getting someone else's IP address
> is no harder than getting someone else's credit card number. In fact
> much easier since they are explicitly not unique to individual people
> most of the time, and there are even less attempts to protect them
> than to protect credit card numbers. I think I can safely speak for
> the main Tor developers and designers when I say that We would be glad
> to work with you to develop Tor-compatible authentication mechanisms
> that are more appropriate qua authentication mechanisms than you now
> have. And you can rest assured that we would be at least as concerned
> about protecting the identity of those using it as you would be.

Make a practical suggestion.

We have no theoretical stupidities, by the way, about the issues with
using ip numbers for blocking.  It's a matter of simple practicality.
Blocking ips mostly works.

What else do you suggest we do?

Keep in mind that a core part of what we want to do is allow people to
edit instantly, without logging in.  We're willing to accept that some
of those people will post inappropriately.  We revert it, we block them
if they persist.  We accept this.

So if you're going to suggest that we require logins or referrals for
new users or anything along those lines, it's a nonstarter.

There is tension between privacy and openness.  So, let's look for some
solutions.

I haven't yet seen any response to my proposal, which I blogged about:
http://blog.jimmywales.com/ -- and I think it was posted to this list as
well.

--Jimbo