----- Forwarded message from Jimmy Wales ----- We are not looking for a perfect solution. Yes, Wikis will be vandalized. We're prepared to deal with that, we do deal with that. But what I am seeking is some efforts to think usefully about how to helpfully reconcile our dual goals of openness and privacy.

Wikipedia should allow Tor users to register Wikipedia nyms. Then they could block: Tor users trying to edit without a nym; Tor users trying to edit with a nym that has a bad reputation; and they could rate-limit Tor users trying to edit with a nym that has insufficient history to be classified as good or bad; while not blocking Tor users trying to edit with a nym that has a good reputation. This will require some changes to the MediaWiki software that Wikipedia uses. AFAIK, there's currently no way to rate-limit nyms that have insufficient history, and blocks on IP addresses are currently all or nothing. --apb (Alan Barrett)

----- Forwarded message from Jimmy Wales -----

From: Jimmy Wales Date: Tue, 27 Sep 2005 19:50:52 -0400 To: or-talk@freehaven.net Subject: Re: [roy@rant-central.com: Re: [arma@mit.edu: Re: Wikipedia & Tor]] User-Agent: Mozilla Thunderbird 1.0.2 (Macintosh/20050317) Reply-To: or-talk@freehaven.net

...

So Wikipedia understands that the transport layer isn't to blame, yet they persist in asking for changes in the Tor transport to address the problem of malicious users? *groan*

Actually, the transport layer *is* to blame. I don't know how much more clear I can be about it. Because Tor users are almost universally bad, because almost no good edits come out of the Tor network, we block them.

This is getting close to the 'agree to disagree' point, but I'll go one more round. No, the transport layer is not to blame. The malicious users are to blame. The subset of Tor users abusing Wikipedia may be "almost universally bad", but that is still a subset, and doesn't indight Tor itself.

If what you're saying is "I think it is fine for Wikipedia to block Tor," then you really aren't contributing productively to this conversation. There are some facts we know: we can usefully reduce the amount of anonymous grief we get by blocking Tor exit servers. So, this is what we are currently doing. I consider this unfortunate, but there you go.

What I'm saying is that Tor is designed to provide anonymity, and does this fairly well. That anonymity is at odds with the social contract where it provides an avenue for malicious action without responsibility, but that fact is not the fault of the anonymity or its enablers; it is the fault of the bad actors.

We are not looking for a perfect solution. Yes, Wikis will be vandalized. We're prepared to deal with that, we do deal with that. But what I am seeking is some efforts to think usefully about how to helpfully reconcile our dual goals of openness and privacy.

I don't say "privacy is wrong, so Tor should change their philosophy". I make no apologies for simply ignoring you if you say that "openness is wrong, so Wikipedia should change their philosophy."

I'm not saying openness is wrong. I'm saying it has its costs, which you obviously already recognize, and reducing those costs may require embracing a less-than-fully-open philosophy. That modification may include blocking Tor exit nodes, based on the behavior of bad actors. That's unfortunate, but expedient. But trying to force-fit pseudonymity on the Tor anonymity model is an attempt to shift your costs onto Tor.

...

Roger gets it. The Wikipedians don't.

What is it that we don't get?

That Tor is working as designed, and that the problem with bad actors using its cloak is a problem with the actors themselves. As Bob Hettinga noted elsewhere, "perfect pseudonymity *is* perfect anonymity". Arguably, perfect pseudonymity is a more useful construct, but it is a much harder problem than anonymity. And given that perfect pseudonyms are perfectly disposable, that still won't address the bad actor problem completely. Openness requires responsibility, and responsibility implies accountability, so the only "perfect" solution is 100% meatspace correlation to enable enforcement of the social contract. That might solve your vandalism problem, but it introduces other issues.

This thread started off because a Tor server complained to me about the blocking, and part of my response is that one beef I have is that some people in the Tor community seem very happy to simply stick their heads in the sand and pretend that "Wikipedians don't get it".

That's not helpful.

Those people are not sticking their heads in the sand. They're correctly noting that nothing is broken except the bad actors. -- Roy M. Silvernail is roy@rant-central.com, and you're not "It's just this little chromium switch, here." - TFT SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com