On Wed, Oct 1, 2014 at 9:57 AM, Derric Atzrott <[email protected] > wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I was curious if any of you here might have any ideas? How can we verify > that > a person is who they say they are, and block them if they are abusive in > such > a way that it is at least difficult for them to evade the block, but that > does > not impose a requirement so high as to be prohibitive to those who aren't > causing issues? > Is there any mechanism available by which, e.g., known & trusted editors could request Tor access for specific login credentials/accounts, and Tor only allowed for those accounts? This would also help to address Derric's interest in allowing users from repressive regimes without allowing the vast amounts of destructive edits that have so far come from Tor. Since Wikimedia accounts are designed to be at least quasi-anonymous, placing a request for Tor access through the Wikimedia messaging system should not in itself reveal one's identity. so one way to get one of these accounts would be, as many of us do, create a regular (non-Tor) account, perform a good number of simple, non-destructive edits (cleaning up already-marked items on WP pages, for example), and then to request a special Tor account. maybe if this works for established editors, a trial could be run to allow a limited number of new accounts through Tor to be set up, again by personal request, and edits allowed only through those approved accounts, allowing the Wikimedia software to carefully watch over these accounts for destructive editing and blocking them if this happens. People would therefore not be allowed to automatically create accounts in Tor in Wikimedia projects, nor to edit without logging in, but if the method works, a certain amount of editing over Tor could be possible. the overhead in approving accounts would be relatively low, and a limited number could be created, so that not a great deal of oversight would be necessary. Perhaps even a secure messaging facility could be created to request such accounts (if it doesn't exist already). As long as the basic mechanism is to allow only certain accounts to use Tor, I presume that Tor itself would make spoofing those accounts difficult. I would presume that a Tor-based Wikimedia account opened solely by messaging Wikimedia securely would be relatively hard to track down to a specific individual (especially if it eventually becomes possible to request these without first becoming a trusted editor), but I may not be thinking through all the possibilities. -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
