Dear list members, I read with interest the article on `Great canon'; and, as an immediate stop-gap measure, recommend:
Policy: Advise every Wikipedia user to install `HTTPS Everywhere'. Reference: <https://en.wikipedia.org/wiki/HTTPS_Everywhere>. Sincerely Yours, Kent On Tue, Apr 14, 2015 at 8:01 AM, <[email protected]> wrote: > Send Wikitech-l mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Wikitech-l digest..." > > > Today's Topics: > > 1. Re: Another reason to consider forcing https (Ryan Lane) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 13 Apr 2015 13:27:13 -0700 > From: Ryan Lane <[email protected]> > To: Wikimedia developers <[email protected]> > Subject: Re: [Wikitech-l] Another reason to consider forcing https > Message-ID: > <CALKgCA2u2qWuNK9J7sPSN56_=Cpne_TKNUP_FFe= > [email protected]> > Content-Type: text/plain; charset=UTF-8 > > On Sat, Apr 11, 2015 at 7:44 PM, Brian Wolff <[email protected]> wrote: > > > On Apr 11, 2015 1:18 PM, "Pine W" <[email protected]> wrote: > > > > > > https://citizenlab.org/2015/04/chinas-great-cannon/ > > > > > > Pine > > > _______________________________________________ > > > Wikitech-l mailing list > > > [email protected] > > > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > > > > A surprisingly bold move on China's part. > > > > Im not sure if what is talked about applies directly to Wikipedia. Seems > > the goal was to try to compel github to remove specific content "hostile" > > to China's censorship interests, without china itself getting blocked, > > which might happen if DDOS was comming entirely from China IPs (since > > blocking github angers local programmers). To do that they needed to > > intercept connections inbound to servers in China, which doesn't apply to > > us as our servers are mostly in US (and despite various abuses of the NSA > > so often talked about, it is hard to imagine the US would ever consider > so > > blatently misusing other people's computers in a ddos-via-mitm-js > attack). > > Of course one never knows if future attacks might target outbound > > connections from China, or if some other group might try to do something > > similar (again hard to imagine, and it seems like there are very few > > entities other than China who could get away with this, but im still kind > > of shocked that China did this) > > > > - > > > > The most interesting aspect of the report (imo) from the context of > > Wikipedia is, to quote: > > > > "The attack on GitHub specifically targeted these repositories, possibly > in > > an attempt to compel GitHub to remove these resources. GitHub encrypts > all > > traffic using TLS, preventing a censor from only blocking access to > > specific GitHub pages. In the past, China attempted to block Github, but > > the block was lifted within two days, following significant negative > > reaction from local programmers." > > > > So because github encrypted everything with https (and thus blocking is > an > > all or nothing afair), and because it was very popular, China was > unwilling > > to block it entirely despite a small portion being objectionable. > > > > I don't really know what the status of wikipedia in China is, or how > > popular it is, but its conceivable that we could be in a similar > position. > > Food for thought. > > > > > The only reason we remain unblocked is because we don't force SSL. > Wikipedia is relatively unused in China. If it was blocked, there'd be no > major public outcry. > > - Ryan > > > ------------------------------ > > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > > > End of Wikitech-l Digest, Vol 141, Issue 24 > ******************************************* > _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
