----- Forwarded message from Roger Dingledine <[EMAIL PROTECTED]> -----

From: Roger Dingledine <[EMAIL PROTECTED]>
Date: Tue, 27 Sep 2005 15:54:38 -0400
Subject: Re: Wikipedia & Tor
User-Agent: Mutt/1.5.9i

On Tue, Sep 27, 2005 at 11:18:31AM -0400, Paul Syverson wrote:
> On Tue, Sep 27, 2005 at 10:27:58AM -0400, Matt Thorne wrote:
> > everyone is so worried about it, but has any one ever been successfully been
> > able to use tor to effectively spam anyone?
> No. Cf.
> http://tor.eff.org/faq-abuse.html#WhatAboutSpammers

To be fair, this answer is yes. People have used Tor to deface Wikipedia
pages, along with Slashdot pages, certain IRC networks, and so on. I
think that counts as spam at least in a broad sense.

> A potential for cooperation is the proposal below for authenticated
> access to Wikipedia through Tor. I will not speak to any particular
> design here, but if Wikipedia has a notion of clients trusted to post
> to Wikipedia, it should be possible to work with them to have an
> authentication server that controls access to Wikipedia through Tor.

As I understand it, Jimmy is hoping that we will develop and maintain
this notion. We would run both "halves" of the Tor network, and when they
complain about a user, we would cut that user out of the authenticated

Jimmy and I talked about Tor-and-Wikipedia many months ago, and the
conclusion was that they (mediawiki) would be willing to try a variety of
technological solutions to see if they work (i.e. cut down on vandalism
and aren't too much of a burden to run). My favorite is to simply have
certain address classes where the block expires after 15 minutes or
so. Brandon Wiley proposed a similar idea but where the block timeout is
exponentially longer for repeated abuse, so services that are frequently
blocked will stay blocked longer. This is great. But somebody needs to
actually code it.

Wikipedia already needs this sort of thing because of AOL IPs -- they
have similar characteristics to Tor, in that a single IP produces lots
of behavior, some good some bad. The two differences as I understand
them are that AOL will cancel user accounts if you complain loudly enough
(but there's constant tension here because in plenty of cases AOL decides
not to cancel the account, so Wikipedia has to deal some other way like
temporarily blocking the IP), and that it's not clear enough to the
Wikipedia operators that there *are* good Tor users.

(One might argue that it's hard for Wikipedia to change their perception
and learn about any good Tor uses, firstly because good users will
blend in and nobody will notice, and secondly because they've prevented
them all from editing so there are no data points either way.)

So I've been content to wait and watch things progress. Perhaps we will
find a volunteer who wants to help hack the mediawiki codebase to be more
authentication-friendly (or have more powerful blocking config options).
Perhaps we'll find a volunteer to help build the blind-signature
pseudonymous authenticated identity management infrastructure that Nick
refers to. Perhaps the Wikimedia operators will increasingly get a sense
that Tor has something to offer besides vandalism. (I presume this thread
re-surfaced because Tor users and operators are periodically telling
Wikipedia that they don't like being blocked.) Maybe we will come to
the point eventually that it makes sense to do something different than
blocking the Tor IP addresses from editing Wikipedia. (Which, we should
all remember compared the Gentoo forum situation, is a great step above
blocking them from both reading and writing.)

It could be that we never reach that point. Certain services on the
Internet (like some IRC networks) that are really prone to abuse are
probably doing the right thing by blocking all Tor users (and all AOL
users, and all open proxies, and ...). And we want to keep Tor easy
to block, or we're really going to start getting the other communities
angry at us.

In summary, I'm not too unhappy with the status quo for now. Tor needs
way more basic development / usability work still. In the absence of
actual volunteers-who-code on the side of Tor _or_ Wikipedia to resolve
the problem, I'm going to focus on continuing to make Tor better, so
down the road maybe we'll be able to see better answers.


----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org";>leitl</a>
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

Attachment: signature.asc
Description: Digital signature

Reply via email to