Re: [EMAIL PROTECTED]: Wikipedia Tor]
Speaking of pseudonymity... At 12:53 PM -0400 9/27/05, Somebody wrote: Argh! Not this again! Yes, again, and I'll keep repeating it until you get it. :-). No, anonymity is don't know who sent it. For some definitions of who. To paraphrase a famous sink-washing president, it depends on who you mean by who. :-) Examples are anonymizing remailers which give all incoming users the same outgoing name, or the Anonymous Coward comments in /. (Disregard for now details such as the /. admins being able to link an AC comment to an IP address.) Fine. Ignore the output thereof as noise, it's probably safe to do so. Though concordance programs are your friends. Behavior is biometric, after all. The words you use give you away, and can be filtered accordingly. Ask someone named Detweiller about that. Or, for that matter, Kaczynski. Or your trading patterns in market. Just like your fist, in telegraphy. Perfect pseudonymity is can't tie it to meatspace. See who, above. Since we haven't quite gotten AI down just yet, that's good enough for me, though I expect, like Genghis, and not True Names, we'll figure out that intelligence is an emergent property of *active* physical manifestation, and not a giant pile of data. Different communications from the same sender can be tied to each other. Examples include most of the free email services, and digitally signing a message sent through an anonymizer. Yup. That's what I mean by reputation, if I take your meaning right. Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: /. [How Chinese Evade Government's Web Controls]
Chinese Web Controls and Tor ... a subject I happen to have close personal experience with. Just took a three week vacation to Dali, China and after hitting the Great Firewall of China (tm), hopped over to the eff site, downloaded tor and privoxy, and 10 minutes later was up and running bypassing the supposed Great Firewall. While I was at it, grabbed i2p and punched right through also utilizing the i2p www proxy. As much as folk want to rail against Tor for allowing malicious users to mask their identity, it really does serve a higher purpose. As for the WSJ article, EFF or I2P really needs advertise better. Why pay local Chinese Internet Cafe owners when you can punch right through for free.
Re: [EMAIL PROTECTED]: Wikipedia Tor]
Quoting R.A. Hettinga [EMAIL PROTECTED]: At 8:43 AM -0700 9/27/05, James A. Donald wrote: In the long run, reliable pseudonymity will prove more valuable than reliable anonymity. Amen. And, at the extreme end of the curve, perfect psedudonymity *is* perfect anonymity. Character. I wouldn't buy anything from a man with no character if he offered me all the bonds in Christendom. -- J. Pierpont Morgan, Testimony to Congress, 1913. Reputation is *everything* folks. Damn good point. Now that I think of it, all the classic examples of anonymous publication were really pseudonymous. (Publius, et al) -- Roy M. Silvernail is [EMAIL PROTECTED], and you're not It's just this little chromium switch, here. - TFT SpamAssassin-procmail-/dev/null-bliss http://www.rant-central.com
Re: [EMAIL PROTECTED]: Re: Wikipedia Tor]
At 8:37 PM -0400 9/27/05, lists wrote: Building a TOR nymspace would be much more interesting and distributed. Since the first time I met Dingledine, he was talking pseudonymity, bigtime. I was curious when he went to play with onion routers, but maybe I'm not so surprised anymore... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: [EMAIL PROTECTED]: Re: Hello directly from Jimbo at Wikipedia]
Dont' agree here... From: Steve Furlong [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [EMAIL PROTECTED]: Re: Hello directly from Jimbo at Wikipedia] Date: Wed, 28 Sep 2005 09:41:34 -0400 On 9/28/05, Roy M. Silvernail [EMAIL PROTECTED] wrote: A Wikiwhiner wrote I have valid although perhaps unpopular contributions to make, and not only is my freedom to express myself limited, the quality of the material on Wikipedia suffers due to the absence of my perspective. Wow. Nice ego there. If someone I knew wrote some detailed Wiki entries about Telecom DCC control channel protocol throughputs and attacks, he could objectively state that there would be very few people in the world up to the task. He might also want to maintain anonymity. Shutting down this source of wiki entries means that the general flow of Wikipedia content has been altered slightly, but I would argue significantly. I see no material issue with an individual claiming that the absence of his posts to Wiki is significant, even if this is in fact untrue for his particular case. The ego is not material to the essential point. -TD
/. [How Chinese Evade Government's Web Controls]
Link: http://slashdot.org/article.pl?sid=05/09/27/1235203 Posted by: CmdrTaco, on 2005-09-27 13:37:00 [1]Carl Bialik from the WSJ writes China is moving to 'centralize all China-based Web news and opinion under a state regulator,' the Wall Street Journal reports, but determined citizens have found a way out of previous restrictions in what has become a cat-and-mouse game: '[2]Many Chinese Internet users, dismissing what they call government scare tactics, find ways around censorship. The government requires users of cybercafs to register with their state-issued ID cards on each visit, but some users avoid cybercaf registration by paying off owners. In response, the government has installed video cameras in some cafs and shut others. ... While certain words such as democracy are banned in online chat rooms, China's Web users sometimes transmit sensitive information as images, or simply speak in code, inserting special characters such as underscoring into typing.' Also noteworthy is that major portals seem to be cooperating with authorities' restrictions: 'Insiders who work for the big portal sites say they are already in regular contact with authorities about forbidden topics, such as the outlawed Falun Gong religious group, which their teams of Web editors pull off bulletin boards.' References 1. mailto:[EMAIL PROTECTED] 2. http://online.wsj.com/public/article/0,,SB112777213097452525-zRQZ3S8IZkZDPMZNay0R6RUfXOw_20060926,00.html?mod=blogs - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07100, 11.36820http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: [EMAIL PROTECTED]: Re: Wikipedia Tor]
Tyler Durden wrote: Sorry...I don't understand...why would psuedonymity services be provided within Tor? I find the concept of having both pseudonymous and anonymous traffic through TOR quite interesting. In some cases, you really do wish to just separate yourself from your meatspace identity but you may want the reputation of a bitspace identity; in other cases, you want to completely separate yourself from any identity. There are audited anonymizers that provide a form of pseudonymity, in that, they know who you are and can regulate your behavior accordingly. These are generally in the commercial space. Building a TOR nymspace would be much more interesting and distributed. TOR itself does not necessarily have to deal with this. There could be services flowing through TOR that provide this. However, TOR nodes implementing pseudonymous traffic for their own network seems more natural and easier to do. Entry/exit nodes, some nodes, all nodes, or whatever subset makes the most sense could then authenticate pseudonymous traffic and determine capabilities based on things like reputation. But, that was not a why. Anonymity has the property of removing responsibility from the actor for their actions, which is not always a good thing. I am sure TOR exit nodes are hit with the responsibility for those actors, which can lead to the end of exit nodes. At a minimum, pseudonymity can provide a degree of responsibility through reputation. Exit nodes could support either pseudo or anon, or both, depending on beliefs, risks, etc. Also, users could select anon or pseudo as needed. I like choice. Anyway, that is a why and an interesting topic, but TOR has other things to focus on. -Andrew
[EMAIL PROTECTED]: Re: Wikipedia Tor]
- Forwarded message from Roger Dingledine [EMAIL PROTECTED] - From: Roger Dingledine [EMAIL PROTECTED] Date: Tue, 27 Sep 2005 15:54:38 -0400 To: [EMAIL PROTECTED] Subject: Re: Wikipedia Tor User-Agent: Mutt/1.5.9i Reply-To: [EMAIL PROTECTED] On Tue, Sep 27, 2005 at 11:18:31AM -0400, Paul Syverson wrote: On Tue, Sep 27, 2005 at 10:27:58AM -0400, Matt Thorne wrote: everyone is so worried about it, but has any one ever been successfully been able to use tor to effectively spam anyone? No. Cf. http://tor.eff.org/faq-abuse.html#WhatAboutSpammers To be fair, this answer is yes. People have used Tor to deface Wikipedia pages, along with Slashdot pages, certain IRC networks, and so on. I think that counts as spam at least in a broad sense. A potential for cooperation is the proposal below for authenticated access to Wikipedia through Tor. I will not speak to any particular design here, but if Wikipedia has a notion of clients trusted to post to Wikipedia, it should be possible to work with them to have an authentication server that controls access to Wikipedia through Tor. As I understand it, Jimmy is hoping that we will develop and maintain this notion. We would run both halves of the Tor network, and when they complain about a user, we would cut that user out of the authenticated side. Jimmy and I talked about Tor-and-Wikipedia many months ago, and the conclusion was that they (mediawiki) would be willing to try a variety of technological solutions to see if they work (i.e. cut down on vandalism and aren't too much of a burden to run). My favorite is to simply have certain address classes where the block expires after 15 minutes or so. Brandon Wiley proposed a similar idea but where the block timeout is exponentially longer for repeated abuse, so services that are frequently blocked will stay blocked longer. This is great. But somebody needs to actually code it. Wikipedia already needs this sort of thing because of AOL IPs -- they have similar characteristics to Tor, in that a single IP produces lots of behavior, some good some bad. The two differences as I understand them are that AOL will cancel user accounts if you complain loudly enough (but there's constant tension here because in plenty of cases AOL decides not to cancel the account, so Wikipedia has to deal some other way like temporarily blocking the IP), and that it's not clear enough to the Wikipedia operators that there *are* good Tor users. (One might argue that it's hard for Wikipedia to change their perception and learn about any good Tor uses, firstly because good users will blend in and nobody will notice, and secondly because they've prevented them all from editing so there are no data points either way.) So I've been content to wait and watch things progress. Perhaps we will find a volunteer who wants to help hack the mediawiki codebase to be more authentication-friendly (or have more powerful blocking config options). Perhaps we'll find a volunteer to help build the blind-signature pseudonymous authenticated identity management infrastructure that Nick refers to. Perhaps the Wikimedia operators will increasingly get a sense that Tor has something to offer besides vandalism. (I presume this thread re-surfaced because Tor users and operators are periodically telling Wikipedia that they don't like being blocked.) Maybe we will come to the point eventually that it makes sense to do something different than blocking the Tor IP addresses from editing Wikipedia. (Which, we should all remember compared the Gentoo forum situation, is a great step above blocking them from both reading and writing.) It could be that we never reach that point. Certain services on the Internet (like some IRC networks) that are really prone to abuse are probably doing the right thing by blocking all Tor users (and all AOL users, and all open proxies, and ...). And we want to keep Tor easy to block, or we're really going to start getting the other communities angry at us. In summary, I'm not too unhappy with the status quo for now. Tor needs way more basic development / usability work still. In the absence of actual volunteers-who-code on the side of Tor _or_ Wikipedia to resolve the problem, I'm going to focus on continuing to make Tor better, so down the road maybe we'll be able to see better answers. --Roger - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07100, 11.36820http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: [EMAIL PROTECTED]: Re: Wikipedia Tor]
[yes, I know I'm preaching to the choir] - Forwarded message from Roger Dingledine [EMAIL PROTECTED] - A potential for cooperation is the proposal below for authenticated access to Wikipedia through Tor. I will not speak to any particular design here, but if Wikipedia has a notion of clients trusted to post to Wikipedia, it should be possible to work with them to have an authentication server that controls access to Wikipedia through Tor. As I understand it, Jimmy is hoping that we will develop and maintain this notion. We would run both halves of the Tor network, and when they complain about a user, we would cut that user out of the authenticated side. A non-good idea, as it goes against what Tor is all about. The problem to be overcome here really has nothing to do with Tor, as such. Wikipedia already needs this sort of thing because of AOL IPs -- they have similar characteristics to Tor, in that a single IP produces lots of behavior, some good some bad. So Wikipedia understands that the transport layer isn't to blame, yet they persist in asking for changes in the Tor transport to address the problem of malicious users? *groan* (One might argue that it's hard for Wikipedia to change their perception and learn about any good Tor uses, firstly because good users will blend in and nobody will notice, and secondly because they've prevented them all from editing so there are no data points either way.) That's not the perception they need to change. They need to realize that if an avenue for action without responsibility exists, someone will use it. Wikis get defaced all the time *without* AOL or Tor, because the philosophy allows anyone to edit. It is that philosophy that is in error, not the transport layers used by the vandals. Wiki, as someone mentioned to me in a private mail, is the SMTP of web publishing; it doesn't scale well in the presence of large concentrations of assholes. In summary, I'm not too unhappy with the status quo for now. Tor needs way more basic development / usability work still. In the absence of actual volunteers-who-code on the side of Tor _or_ Wikipedia to resolve the problem, I'm going to focus on continuing to make Tor better, so down the road maybe we'll be able to see better answers. Roger gets it. The Wikipedians don't. -- Roy M. Silvernail is [EMAIL PROTECTED], and you're not It's just this little chromium switch, here. - TFT SpamAssassin-procmail-/dev/null-bliss http://www.rant-central.com
Re: [EMAIL PROTECTED]: Re: Hello directly from Jimbo at Wikipedia]
On 9/28/05, Roy M. Silvernail [EMAIL PROTECTED] wrote: A Wikiwhiner wrote I have valid although perhaps unpopular contributions to make, and not only is my freedom to express myself limited, the quality of the material on Wikipedia suffers due to the absence of my perspective. Wow. Nice ego there. The status quo is not acceptable and we should work to find a solution. Leaving aside the qualitative discussion, let's remember that the freedom to express onesself does not imply the obligation for any other party to listen. Nor the obligation for any other party to provide you with a soapbox. Operate your own wiki if you don't like their decisions. Tor is transport layer. Authentication for a specific service (such as Wikipedia) is the responsibility of that service and belongs in the session layer. What Roy said. This Wikiwhiner might want to read up on the OSI model. Conveniently, there's a Wikipedia article on it: http://en.wikipedia.org/wiki/OSI_model An authenticated network and an anonymizing network are mutually exclusive. True enough, but to make it clear, an anonymizing network is not exclusive with an authenticated application. (Not necessarily so, anyway. I haven't checked into TOR, but there's no good reason an HTML hidden field couldn't provide session continuity for an anonymous web surfer.) -- There are no bad teachers, only defective children.
Re: [EMAIL PROTECTED]: Re: Hello directly from Jimbo at Wikipedia]
- Forwarded message from cypherpunk [EMAIL PROTECTED] - From: cypherpunk [EMAIL PROTECTED] Subject: Re: Hello directly from Jimbo at Wikipedia As an occasional Tor and Wikipedia user, let me add a couple of points. First, in case it is not obvious, the problem with the present system is that Tor users can no longer edit on Wikipedia. I have done so in the past, in what I like to think is a constructive manner, but cannot do so since this summer. I have valid although perhaps unpopular contributions to make, and not only is my freedom to express myself limited, the quality of the material on Wikipedia suffers due to the absence of my perspective. The status quo is not acceptable and we should work to find a solution. Leaving aside the qualitative discussion, let's remember that the freedom to express onesself does not imply the obligation for any other party to listen. Looking at the proposals for authentication servers and such, I see a major issue which is not being addressed. That is, how does the web server distinguish authenticated Tor users from unathenticated ones? If this is via a complicated protocol, there is no point as the servers won't use it. The problem at hand does not require authenticated Tor users. It requires authenticated Wikipedia users. This does not necessarily mean building complex authentication protocols into the Tor network, and having two classes of traffic flowing around. It could be that this authenticated Tor is a separate network. It only lets users in who are authenticated, and owns a specific set of IP addresses which servers can whitelist. The regular Tor exit nodes can be blacklisted as they are now. Tor is transport layer. Authentication for a specific service (such as Wikipedia) is the responsibility of that service and belongs in the session layer. An authenticated network and an anonymizing network are mutually exclusive. What does Wikipedia need? What is the minimum level of service they require? Presumably, it is similar to what they can get via ISPs, who also map many users to a fixed set of IP addresses. Wikipedia can complain to the ISP, and it will get back in some form to that user. No, Wikipedia needs to realize that the IP address correlation they enjoy outside of Tor is a happy accident, and that they should stop treating IP addressess as user credentials. If they want credentials, they need to implement them. -- Roy M. Silvernail is [EMAIL PROTECTED], and you're not It's just this little chromium switch, here. - TFT SpamAssassin-procmail-/dev/null-bliss http://www.rant-central.com
Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: Wikipedia Tor]]]
Quoting Alan Barrett [EMAIL PROTECTED]: - Forwarded message from Jimmy Wales [EMAIL PROTECTED] - We are not looking for a perfect solution. Yes, Wikis will be vandalized. We're prepared to deal with that, we do deal with that. But what I am seeking is some efforts to think usefully about how to helpfully reconcile our dual goals of openness and privacy. Wikipedia should allow Tor users to register Wikipedia nyms. Then they could block: Tor users trying to edit without a nym; Tor users trying to edit with a nym that has a bad reputation; and they could rate-limit Tor users trying to edit with a nym that has insufficient history to be classified as good or bad; while not blocking Tor users trying to edit with a nym that has a good reputation. s/Tor/all/g This is an excellent summation, except that there is no compelling reason to treat Tor-carried traffic differently than any other traffic. Credentialing and reputation tracking are good ideas, and should be applied universally. -- Roy M. Silvernail is [EMAIL PROTECTED], and you're not It's just this little chromium switch, here. - TFT SpamAssassin-procmail-/dev/null-bliss http://www.rant-central.com
RE: [EMAIL PROTECTED]: Re: Wikipedia Tor]
Sorry...I don't understand...why would psuedonymity services be provided within Tor? An external reputation/psuedonymity server would of course reduce a Tor users' anonymity to mere psuedonymity, but I don't see how it would do anything more, and who cares? If Wikipedia (or anyone) doesn't want to interact with the truly anonymous (as opposed to psuedonymous), then ah well. Solution: Wait and do nothing until someone (commericially) provides such services. Am I punchdrunk or stating the obvious? -TD From: Eugen Leitl [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [EMAIL PROTECTED]: Re: Wikipedia Tor] Date: Tue, 27 Sep 2005 21:57:50 +0200 - Forwarded message from Roger Dingledine [EMAIL PROTECTED] - From: Roger Dingledine [EMAIL PROTECTED] Date: Tue, 27 Sep 2005 15:54:38 -0400 To: [EMAIL PROTECTED] Subject: Re: Wikipedia Tor User-Agent: Mutt/1.5.9i Reply-To: [EMAIL PROTECTED] On Tue, Sep 27, 2005 at 11:18:31AM -0400, Paul Syverson wrote: On Tue, Sep 27, 2005 at 10:27:58AM -0400, Matt Thorne wrote: everyone is so worried about it, but has any one ever been successfully been able to use tor to effectively spam anyone? No. Cf. http://tor.eff.org/faq-abuse.html#WhatAboutSpammers To be fair, this answer is yes. People have used Tor to deface Wikipedia pages, along with Slashdot pages, certain IRC networks, and so on. I think that counts as spam at least in a broad sense. A potential for cooperation is the proposal below for authenticated access to Wikipedia through Tor. I will not speak to any particular design here, but if Wikipedia has a notion of clients trusted to post to Wikipedia, it should be possible to work with them to have an authentication server that controls access to Wikipedia through Tor. As I understand it, Jimmy is hoping that we will develop and maintain this notion. We would run both halves of the Tor network, and when they complain about a user, we would cut that user out of the authenticated side. Jimmy and I talked about Tor-and-Wikipedia many months ago, and the conclusion was that they (mediawiki) would be willing to try a variety of technological solutions to see if they work (i.e. cut down on vandalism and aren't too much of a burden to run). My favorite is to simply have certain address classes where the block expires after 15 minutes or so. Brandon Wiley proposed a similar idea but where the block timeout is exponentially longer for repeated abuse, so services that are frequently blocked will stay blocked longer. This is great. But somebody needs to actually code it. Wikipedia already needs this sort of thing because of AOL IPs -- they have similar characteristics to Tor, in that a single IP produces lots of behavior, some good some bad. The two differences as I understand them are that AOL will cancel user accounts if you complain loudly enough (but there's constant tension here because in plenty of cases AOL decides not to cancel the account, so Wikipedia has to deal some other way like temporarily blocking the IP), and that it's not clear enough to the Wikipedia operators that there *are* good Tor users. (One might argue that it's hard for Wikipedia to change their perception and learn about any good Tor uses, firstly because good users will blend in and nobody will notice, and secondly because they've prevented them all from editing so there are no data points either way.) So I've been content to wait and watch things progress. Perhaps we will find a volunteer who wants to help hack the mediawiki codebase to be more authentication-friendly (or have more powerful blocking config options). Perhaps we'll find a volunteer to help build the blind-signature pseudonymous authenticated identity management infrastructure that Nick refers to. Perhaps the Wikimedia operators will increasingly get a sense that Tor has something to offer besides vandalism. (I presume this thread re-surfaced because Tor users and operators are periodically telling Wikipedia that they don't like being blocked.) Maybe we will come to the point eventually that it makes sense to do something different than blocking the Tor IP addresses from editing Wikipedia. (Which, we should all remember compared the Gentoo forum situation, is a great step above blocking them from both reading and writing.) It could be that we never reach that point. Certain services on the Internet (like some IRC networks) that are really prone to abuse are probably doing the right thing by blocking all Tor users (and all AOL users, and all open proxies, and ...). And we want to keep Tor easy to block, or we're really going to start getting the other communities angry at us. In summary, I'm not too unhappy with the status quo for now. Tor needs way more basic development / usability work still. In the absence of actual volunteers-who-code on the side of Tor _or_ Wikipedia to resolve the problem, I'm going to focus on continuing to make Tor better, so down the road maybe we'll be able to
Re: [EMAIL PROTECTED]: Wikipedia Tor]
-- From: Tyler Durden [EMAIL PROTECTED] A very subtle attack, perhaps? If I were so-and-so, I consider it a real coup to stop the kinds of legitimate Wikipedia entries that might be made from Tor users. And if this is the case, you can bet that there are other obvious targets that have been hammered through Tor. In the long run, reliable pseudonymity will prove more valuable than reliable anonymity. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG wE/La87xersBx39sShMCS6TkdqJr6DSYslVdXZkf 4GY6BRCS/b8OBic0E/U36X+dc1UIs2oNAkWyXXCQB
Re: /. [How Chinese Evade Government's Web Controls]
What the heck are you doing there for three weeks? Buying some golden triangle goods? I hear it's beautiful, however, but it's not like you took a direct international flight there... -TD From: Peter Thoenen [EMAIL PROTECTED] To: Eugen Leitl [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: /. [How Chinese Evade Government's Web Controls] Date: Tue, 27 Sep 2005 11:48:31 -0700 (PDT) Chinese Web Controls and Tor ... a subject I happen to have close personal experience with. Just took a three week vacation to Dali, China and after hitting the Great Firewall of China (tm), hopped over to the eff site, downloaded tor and privoxy, and 10 minutes later was up and running bypassing the supposed Great Firewall. While I was at it, grabbed i2p and punched right through also utilizing the i2p www proxy. As much as folk want to rail against Tor for allowing malicious users to mask their identity, it really does serve a higher purpose. As for the WSJ article, EFF or I2P really needs advertise better. Why pay local Chinese Internet Cafe owners when you can punch right through for free.
Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: Wikipedia Tor]]]
- Forwarded message from Jimmy Wales [EMAIL PROTECTED] - We are not looking for a perfect solution. Yes, Wikis will be vandalized. We're prepared to deal with that, we do deal with that. But what I am seeking is some efforts to think usefully about how to helpfully reconcile our dual goals of openness and privacy. Wikipedia should allow Tor users to register Wikipedia nyms. Then they could block: Tor users trying to edit without a nym; Tor users trying to edit with a nym that has a bad reputation; and they could rate-limit Tor users trying to edit with a nym that has insufficient history to be classified as good or bad; while not blocking Tor users trying to edit with a nym that has a good reputation. This will require some changes to the MediaWiki software that Wikipedia uses. AFAIK, there's currently no way to rate-limit nyms that have insufficient history, and blocks on IP addresses are currently all or nothing. --apb (Alan Barrett)