On Mon, Jan 13, 2014 at 2:51 PM, Gryllida <gryll...@fastmail.fm> wrote:
> On Tue, 14 Jan 2014, at 3:32, Zack Weinberg wrote:
>>
>> I rather think it does. Assume a person under continual surveillance.
>> If they have to reveal their true IP address to Wikipedia in order to
>> register their editor account, the adversary will learn it as well,
>> and can then attribute all subsequent edits by that handle to that
>> person *whether or not* those edits are routed over an anonymity
>> network.
>
> Doesn't it get solved if, despite the "surveillance", the trust entity
> ("freenode opers" or "wikipedia checkusers") reveals the user's IP
> only under a court order?
No. The adversary doesn't need to talk to the "trust entity" to get the
user's IP. The adversary learns the IP by eavesdropping on the initial,
uncloaked network traffic between the user-to-be and the trusted entity.
Equally, in some contexts it is unacceptable for the trust entity to be
able to reveal the user's IP even under legal compulsion or threat of force.
>> To satisfy Applebaum's request, there needs to be a mechanism whereby
>> someone can edit even if *all of their communications with Wikipedia,
>> including the initial contact* are coming over Tor or equivalent.
>
> Rubbish. This makes a vandal inherently untrackable and unblockable.
This isn't necessarily so. In my previous message I mentioned one
technique that *should* be adequate to preventing vandals even when the
administrators do not and have never known their IP address of origin.
There are others in the literature, and if there are concrete reasons why
none of those techniques will work for Wikipedia, people want to know about
it.
zw
_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
