subject:"Re\: \[Wikimedia\-l\] \[Advocacy Advisors\] WMF response to PRISM\?"

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

2013-07-17 Thread David Cuenca

On Wed, Jul 17, 2013 at 9:50 AM, Marc A. Pelletier  wrote:

>  That'd be easy to solve were it not for the fact that - on enwp at least
> - TOR has been (and is being) used almost exclusively for block evasion
> and vandalism.
>
> Interestingly enough(?), our desire for transparency and pseudonymity
> actually makes TOR directly harmful to our project, since our only means
> of protection left relies on being able to block according to the source
> of an edit.
>

One possible solution could be to allow Tor users to register and to edit
while registered, maybe the registry requirements could be higher to avoid
extreme sockpuppetry, and the edits could be flagged as "Tor edit" in all
change logs and user signature.

Micru
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

2013-07-17 Thread Risker

On 17 July 2013 10:06, David Cuenca  wrote:

> On Wed, Jul 17, 2013 at 9:50 AM, Marc A. Pelletier 
> wrote:
>
> >  That'd be easy to solve were it not for the fact that - on enwp at least
> > - TOR has been (and is being) used almost exclusively for block evasion
> > and vandalism.
> >
> > Interestingly enough(?), our desire for transparency and pseudonymity
> > actually makes TOR directly harmful to our project, since our only means
> > of protection left relies on being able to block according to the source
> > of an edit.
> >
>
> One possible solution could be to allow Tor users to register and to edit
> while registered, maybe the registry requirements could be higher to avoid
> extreme sockpuppetry, and the edits could be flagged as "Tor edit" in all
> change logs and user signature.
>
>
The biggest group expressing dismay about Tor being blocked are
non-administrator registered users who wish to use it.  Registration is not
really the key issue here.

Risker
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

2013-07-17 Thread Marc A. Pelletier

On 07/13/2013 01:00 AM, John Vandenberg wrote:
> The very first entry on prism-break is TOR, which is blocked on
> Wikimedia projects for editing, by explicit blocks and by the TorBlock
> extension, which is enabled on all wikis, even Chinese Wikipedia.

That'd be easy to solve were it not for the fact that - on enwp at least
- TOR has been (and is being) used almost exclusively for block evasion
and vandalism.

Interestingly enough(?), our desire for transparency and pseudonymity
actually makes TOR directly harmful to our project, since our only means
of protection left relies on being able to block according to the source
of an edit.

-- Coren / Marc


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

2013-07-12 Thread John Vandenberg

On Tue, Jul 9, 2013 at 4:07 PM, James Salsman  wrote:
> Would publicizing these free and open secure alternatives to commercial
> applications known to be under surveillance -- https://prism-break.org/ --
> be sufficiently aligned with out values?

Our values?  ...
Our practise.  No.

SSL is mandatory to avoid surveillance, but TOR is also quite important.

The very first entry on prism-break is TOR, which is blocked on
Wikimedia projects for editing, by explicit blocks and by the TorBlock
extension, which is enabled on all wikis, even Chinese Wikipedia.

https://www.mediawiki.org/wiki/Extension:TorBlock
https://zh.wikipedia.org/wiki/Special:Version

The mobile functionality is very unfriendly for privacy.

Loading a non-mobile HTTPS url (e.g.
https://en.wikipedia.org/wiki/1984), redirects the reader to the
mobile HTTP page.  If they clicked on a https link believing that
their browsing pattern was not able to be monitored, their reading
patterns are in clear text on the internet without them being informed
of this.  The EFF is pushing solutions to send readers from HTTP to
HTTPS sites, and WMF is sending readers from HTTPS to HTTP -
transparently.

https://bugzilla.wikimedia.org/show_bug.cgi?id=35215
(reported March 2012, last comment from WMF tech team in April 2013
indicates this may not be fixed soon)

Admins can bypass the Tor block, however logging in on Mobile is not easy.
In the mobile search type in special:userlogin.  The login screen
appears, and the 'sign in' button replies to the user that there was a
cookie error.

https://bugzilla.wikimedia.org/show_bug.cgi?id=31045
(reported 2011; closed as INVALID the same day)

When using the Orweb browser (part of the tor solution for Android),
trying to log in is even more difficult as you cant go to the Desktop
site without tying in a long url that bypasses the mobile site.

https://bugzilla.wikimedia.org/show_bug.cgi?id=51277
(reported by me today)

--
John Vandenberg

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

2013-07-09 Thread Federico Leva (Nemo)


Luis Villa, 09/07/2013 21:41:

I discussed this a bit yesterday in the talk page and will flesh that out
more, but the specific concern (raised here, on the blog, and in the talk
page) is that stopwatching is too US-focused. [...]


Have WMNYC and WMDC considered supporting it? It's unclear to me what 
kind of support is needed or useful apart from signing.


Nemo

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

2013-07-09 Thread Luis Villa

On Mon, Jul 8, 2013 at 11:07 PM, James Salsman  wrote:

> Luis Villa wrote:
> >...
> > I'll probably post some more details on the talk page in the next
> > day or two, but suffice to say that we continue to listen for options
> > that are aligned with our values and likely to have an impact on
> > the discussion.
>
> Luis, could you please help us understand the specific reasons that the
> proposed options (which seemed to be favored roughly 8 to 3 at the meta
> feedback page) aren't considered to be aligned with the values you're
> referring to?
>

I discussed this a bit yesterday in the talk page and will flesh that out
more, but the specific concern (raised here, on the blog, and in the talk
page) is that stopwatching is too US-focused. When counting those concerns
as anti-stopwatching votes, the ratio appears more balanced (and the
numbers are quite small, as well).

Would publicizing these free and open secure alternatives to
> commercial applications known to be under surveillance --
> https://prism-break.org/ -- be sufficiently aligned with out values?
>

Those are international in application so it would not have the same
particular problem. (I'm frankly skeptical that any particular set of tools
can protect someone from a determined government, so I have not looked very
hard at prism-break, but at least conceptually it would seem to be aligned.)

Luis

-- 
Luis Villa
Deputy General Counsel
Wikimedia Foundation
415.839.6885 ext. 6810

NOTICE: *This message may be confidential or legally privileged. If you
have received it by accident, please delete it and let us know about the
mistake. As an attorney for the Wikimedia Foundation, for legal/ethical
reasons I cannot give legal advice to, or serve as a lawyer for, community
members, volunteers, or staff members in their personal capacity.*
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

2013-07-08 Thread James Salsman

Luis Villa wrote:
>...
> I'll probably post some more details on the talk page in the next
> day or two, but suffice to say that we continue to listen for options
> that are aligned with our values and likely to have an impact on
> the discussion.

Luis, could you please help us understand the specific reasons that the
proposed options (which seemed to be favored roughly 8 to 3 at the meta
feedback page) aren't considered to be aligned with the values you're
referring to?

Would publicizing these free and open secure alternatives to
commercial applications known to be under surveillance --
https://prism-break.org/ -- be sufficiently aligned with out values?
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

Re: [Wikimedia-l] [Advocacy Advisors] WMF response to PRISM?

7 matches

Site Navigation

Mail list logo

Footer information