On Tue, Sep 27, 2005 at 01:45:21PM -0700, Brian C wrote: [...] > The next-best idea I've heard so far is for Wikipedia to require those > coming from tor IPs to login, but the problem there is that then those > who really need anonymity most to post to Wikipedia wouldn't have it (or > at least not through tor.) Allow me to clarify this point, again. My apologies if you read my last post on this. Requiring anonymous users to log on to wikipedia is not a privacy problem per se; if Alice anonymously creates an account on Wikipedia named "xyzzy00", then Alice is still untraceable to her new (pseudonymous) account. If she needs her activities to be unlinked to each other, she can get unlinkability by creating multiple accounts (perhaps because "xyzzy00" edits articles about Alice's field of academic expertise, whereas "plover11" edits articles about the latest research on Alice's embarrassing disease). The problem, of course, is that requiring accounts is not in itself helpful; if accounts are unlinkable to each other, then an abusive user could keep creating new accounts ad infinitum. CAPTCHAs and other reverse turing tests are probably enough to prevent automated attacks, but a lot of abuse, I'm told, is users manually vandalizing pages. This isn't just for wikipedia, either: you don't need a bot to be really annoying on an IRC network. yrs, -- Nick Mathewson
Attachment:
pgp2I5c3z0BmJ.pgp
Description: PGP signature