[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Wikipedia & Tor



On Tue, Sep 27, 2005 at 06:27:54PM +0200, Eugen Leitl wrote:
> Wikipedia uses IP addresses for prestige tracking as there is no 
> further identification accessible to them.

Let us not forget that using IP addresses for this purpose is not some
magical default ordained from the architects of the Internet: it is the
conscious choice of Wikipedia to restrict its "prestige tracking" data
to routing information.

Indeed, Wikipedia could have opted to use the sort of end-to-end
verification that the rest of the world has come to use and endorse.
Wikipedia could have chosen to authenticate users.  Wikipedia could have
chosen to require new users to register by providing a credit card
number.  Wikipedia could have chosen to require new users to provide
some form of collateral up front.  Wikipedia could have chosen to
require new users to be recommended by an existing user, thus creating a
chain of potential blame leading to someone who could be punished for
wrongdoing.  Wikipedia could have chosen to screen all of the updates
before they are accepted, rather than putting faith in a fully-automated
process.  Arguably, any one of these possibilities would have been
sufficient if the salient goal were simply to avoid vandalism.

Instead, Wikipedia opted to entrust internet service providers with an
unwritten mandate to track their constituent users and provide a channel
by which abuse complaints would be met by unquestioning capitulation.
In so doing, Wikipedia made several implicit assumptions, among them (a)
that either routing information never lies or false positives are
acceptable, (b) that with the aid of ISPs, all IP addresses can be
resolved to individual humans, (c) all humans take responsibility for
every use of their respective IP addresses, (d) that ISPs will be
cooperative in either punishing users or disclosing subscriber
information in response to unsubstantiated abuse claims, and (e) that
the potential to track ISP usage using this method will be sufficient to
eliminate the vast majority of impecunious vandals and discourage the
vast majority of irresolute vandals.

If these assumptions seem ridiculous to you, that's because they are.
Nonetheless, we are expected to consider them reasonable.  We have seen
many instances in which the emergence of Tor has exposed the fragility
of systems designed with poor assumptions.  A recurring problem arising
from the lack of periodic PING requests on the Freenode IRC network is
one example; recurring vandalism to Wikipedia as the result of its poor
assumptions is another.

Geoff


Attachment: signature.asc
Description: Digital signature