On Mar 10, 2015 12:05 PM, "Risker" <[email protected]> wrote: > > Thanks for your responses, Chris. Regardless of what processes are > proposed, I suspect that the strongest objections will be socially based > rather than technically based. Bawolff has a valid point, that success on > a smaller wiki may have an effect on the social perception of the use of > Tor on enwiki - but if it is started on another wiki, please ensure that > there is actual community agreement and that there are sufficient > administrators who are willing and able to promptly address any problems. > We may have 700 wikis, but really only about 50-60 of them have sufficient > daily activity and editorial community size to be able to manage any > problems that might arise from this. > > To my experience, the majority of experienced editors who are asking for > IPBE or something similar tend to be editing through VPNs that are > hard-blocked for various reasons (most commonly spamming and/or heavy-duty > vandalism - and if it's spamming, it's usually blocked at the global > level). There are some exceptions - particularly related to users working > from countries where there are entirely valid security concerns (we could > probably all recite the list). And IPBE does permit editing through Tor > now. Whether continuing with IPBE or providing an alternative, the user > would still have to persuade the same administrators/community members of > the legitimacy of their request. > > I cannot speak for the entire enwiki community (let alone any other > community) about whether or not there would be acceptance for the idea of a > user having two unlinked accounts, one "regular" account and one "Tor" one > - given my role as a Checkuser I'm exposed to a much higher frequency of > socking complaints than most community members - but given it's been darn > hard to keep the community from flat-out banning multiple unlined accounts, > I have my doubts it will be greeted with open arms, even if it "works" on > other wikis. (Pretty much the only exception that has received support is > "editing in a high risk topic area", so there *may* be some support). > Unfortunately, there's been plenty of history on enwiki of experienced > users having multiple accounts that were used inappropriately, including > administrator accounts, so that raises the bar even higher. > > Also....I'm a little unclear about something. If a "Tor-enabled" account > creates new accounts, will those accounts be able to edit through Tor, > too?
The account creation would come from the proxy, so the wiki would have to trust that the proxy is only handing out accounts to users who have been > > Risker/Anne > > On 10 March 2015 at 14:33, Chris Steipp <[email protected]> wrote: > > > On Tue, Mar 10, 2015 at 10:39 AM, Risker <[email protected]> wrote: > > > > > A few questions on this: > > > > > > > > > - So, this would result in the creation of a new account, correct? If > > > so, most of the security is lost by the enwiki policy of requiring > > > linking > > > to one's other accounts, and if the user edited in the same topic area > > > as > > > their other account, they're likely to be blocked for socking. (This > > > is a > > > social limitation on the idea, not a technical one.) > > > > > > > Registering a pseudonym through this process implies that you are an > > existing editor (we could even limit the process to only one pseudonym per > > existing account, so you know there's a 1-1 mapping), just not linking to > > which one you are. Do you think enwiki be open to considering that? > > > > > > > - Why would we permit more than one account? > > > > > > > I was originally thinking that if something happened (forgotten password, > > etc.), you could start over. But not a hard requirement. > > > > > > > - It's not usually experienced editors who seem to have an issue on > > > English projects; most of the huffing and puffing about Tor seems to > > > come > > > from people who are not currently registered/experienced editors, so > > the > > > primary "market" is a group of people who wouldn't meet the proposed > > > criteria. > > > > > > There may not be enough intersection between users who we have some trust > > in and those who want to edit via Tor. I'm hopeful that we can define > > "established" to be some group that is large enough that it will include > > productive editors who also should use Tor, but small enough to preclude > > spammers. I'm assuming if we start with some guideline, then we can adjust > > up (if there's too much spam) or down (if there aren't enough users) > > depending on the results. > > > > > > > > > > > - On reading this over carefully, it sounds as though you're proposing > > > what is essentially a highly technical IPBE process in which there is > > > even > > > less control than the project has now, particularly in the ability to > > > address socking and POV/COI editing. Am I missing something? > > > > > > > In a way it is, but there are couple advantages over IPBE as I see it: > > * Neither the WMF nor checkusers can correlate the identities, whereas with > > IPBE, it's possible that a checkuser can still see the IP that created the > > account requesting the IPBE. This is less control, but also less risk if > > the wmf/checkuser is coerced into revealing that information. > > * Hopefully it will be a less manual process, since the only manual (which > > could be automated if the right heuristics were found) step is confirming > > that the requesting user is "established". There's no further rights that > > have to be granted and maintained. > > > > It also give slightly more control in that: > > * We're not giving out the IPBE right > > * The whole system can be blocked (hopefully temporarily) with a single > > block or revoking the OAuth key, if there is ever a sudden flood of spam > > > > Admittedly, we could do all of this (except making the identities > > unlinkable) by having an edit-via-tor right that is different from IPBE, > > but the unlikability I think is important for our users. > > > > > > > > > > Risker/Anne > > > > > > On 10 March 2015 at 13:16, Giuseppe Lavagetto < [email protected]> > > > wrote: > > > > > > > Hi Chris, > > > > > > > > I like the idea in general, in particular the fact that only > > > > "established" editors can ask for the tokens. What I don't get is why > > > > this proxy should be run by someone that is not the WMF, given - I > > > > guess - it would be exposed as a TOR hidden service, which will mask > > > > effectively the user IP from us, and will secure his communication > > > > from snooping by exit node managers, and so on. > > > > > > > > I guess the righteously traffic on such a proxy would be so low (as > > > > getting a token is /not/ going to be automated/immediate even for > > > > logged in users) that it could work without using up a lot of > > > > resources. > > > > > > > > Cheers, > > > > > > > > Giuseppe > > > > > > > > _______________________________________________ > > > > Wikitech-l mailing list > > > > [email protected] > > > > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > > > > > > > _______________________________________________ > > > Wikitech-l mailing list > > > [email protected] > > > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > > > > > _______________________________________________ > > Wikitech-l mailing list > > [email protected] > > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > > > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
