On Wed, Sep 28, 2005 at 11:10:32PM -0400, Paul Syverson wrote: > My guess is that it would not be hard for them to gather at least a > couple of puzzle server accounts per day. If not it is probably too > onerous for honest users wanting to post through Tor. Yes, that is probably correct, but I still think it is a useful result. The problem for Wikipedia and Tor is that Wikipedia cannot differentiate abusers from people who need legitimately need privacy, since Wikipedia blocks on IP address and Tor is an easy way to get another IP address. What needs to be done is to give Wikipedia a way to tell the difference between legitimate Tor users and abusers. The basis for my proposal is that abusers can currently get IP addresses quite easily, through open proxies, zombie machines or simply rebooting their ADSL modem, as well as through Tor. To mitigate abuse from Tor, the cost of committing abuse through Tor needs to be just higher than the cost of an abuser getting another IP address. This is not very high. Legitimate Tor users cannot just get a new IP address since some ways are illegal and they get less privacy through these than Tor provides. If Wikipedia abusers find it is easier to get another IP address than to solve a puzzle and use Tor, then Wikipedia will be able to tell that Tor users who have solved a puzzle are probably not abusers, and so can safely unban Tor IP addresses. Wikipedia can block the abusers through their current mechanisms. Whether this will work depends on the type of abuse that Wikipedia receives, and Jimbo is much more qualified to comment on this then me. Thanks, Steven Murdoch. -- w: http://www.cl.cam.ac.uk/users/sjm217/
Attachment:
pgpd4JEIORvUT.pgp
Description: PGP signature