[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] CloudFlare

>> If you require accounts, invest time in better rollback systems
>> so that a single click makes the user and their contributions
>> disappear.
>> You keep ignoring that determined troublemakers can't be forced
>> to use a single account. Who is determined to creatively
>> deface user generated content will have no problem solving
>> many captchas or similar.
>> Thus, there *is* no one-click way to undo all the changes
>> of a troublemaker, as they don't come from a single account.

The use of multiple accounts is known. Again, enhance your systems
to make your administrative life easier... add a rollback and delete
function. Integrate it with your user feedback, rating and alert
systems. Be creative.

I don't know what's available on the WP backend as I'm not in that
space... but if life with WP means that, as a WP site admin, you're
stuck with using the article history, contributions and user pages
to manage abuse manually, then yeah, WP admins are at a disadvantage
and WP should meta up and enhance that part of the software for

> (And I guess you wouldn't want
> to tie accounts to mobile phone numbers or similar.)

I would provide that as an option to my users, not as a mandate for
all accounts on my site.

I think people here may be fixated on 100% coverage, this is
impossible. Acceptable losses and shit happens, we deal with it.
Similarly, we know we'll take out a few good users, but taking out
an entire class of them with the bathwater is just wrong.

In my experience using Tor, I'm seeing very little in the way of
advanced privacy preserving management schemes. The extant
OpenID/Twitter/FB schemes don't meet that. What I'm currently seeing
the most of is least-cost least-effort IP based blocking. I'm sorry
if my distaste for such cheap blunted tools that deny otherwise
good users merely for the fact that they use Tor offends you all.
I'm a sysadmin, user and community member too. I believe better
ways that also preserve users privacy and rights are possible and
I encourage everyone to create, find and deploy them. And if
ultimately one of those better ways, in combination, means that
after reaping win where I can that I must still sit there and spend
a little time every day triaging, I accept that and am willing to
do it. I suggest there's not yet enough advanced reaping, nor enough
acceptance and willingness.
tor-talk mailing list