[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: wikipedia vandalism



On Sat, Jan 22, 2005 at 05:17:07PM -0500, Roger Dingledine wrote:
> I took a brief look around the block policy at
> http://en.wikipedia.org/wiki/Wikipedia:Blocking_policy and the pointer
> to the February 2004 thread about anonymizers, but I didn't see any
> definitive answers to the thread on the list. (In fact, it seems you point
> to http://mail.wikipedia.org/pipermail/wikien-l/2004-February/010637.html
> which isn't even in the thread.)
Link fixed: http://mail.wikipedia.org/pipermail/wikien-l/2004-February/010605.html


> Could you summarize for us to reasons why
> Wikipedia doesn't want to require users _from Tor IPs_ to create accounts
> in order to edit pages?
Because vandals will just create an account, vandalise with it, get
blocked, create a new account, vandalise with it, etc.

> This is tricky to do from a technical standpoint, a) because we need to
> teach Tor about protocols and how to reach into the application-layer
> stream, and b) because Tor clients would need to predict what the
> application was going to do before it does it, in order to pick an exit
> node that will allow the operation. We'd like to consider implementing
> something like this down the road but it seems hard to get right without
> adding a lot of complexity (which is bad for security systems).
Ah yes of course, I hadn't thought of that. The other alternative
would be some way of specifying a connection as anonymous, at which
point the server can decide whether or not it wants to accept it or
handle it differently. It would have to happen at the IP level though,
so it's not going to happen in the foreseeable future (no evil bit
jokes please).

-- 
Frank v Waveren                                      Fingerprint: BDD7 D61E
fvw@[var.cx|stack.nl] ICQ#10074100                      5D39 CF05 4BFC F57A
Public key: hkp://wwwkeys.pgp.net/468D62C8              FA00 7D51 468D 62C8

Attachment: signature.asc
Description: Digital signature