[cyphrpunk@gmail.com: Re: Hello directly from Jimbo at Wikipedia]
----- Forwarded message from cypherpunk <cyphrpunk@gmail.com> -----
----- Forwarded message from cypherpunk <cyphrpunk@gmail.com> -----
From: cypherpunk <cyphrpunk@gmail.com>
Subject: Re: Hello directly from Jimbo at Wikipedia
As an occasional Tor and Wikipedia user, let me add a couple of points.
First, in case it is not obvious, the problem with the present system is that Tor users can no longer edit on Wikipedia. I have done so in the past, in what I like to think is a constructive manner, but cannot do so since this summer. I have valid although perhaps unpopular contributions to make, and not only is my freedom to express myself limited, the quality of the material on Wikipedia suffers due to the absence of my perspective. The status quo is not acceptable and we should work to find a solution.
Leaving aside the qualitative discussion, let's remember that the freedom to express onesself does not imply the obligation for any other party to listen.
Looking at the proposals for authentication servers and such, I see a major issue which is not being addressed. That is, how does the web server distinguish "authenticated" Tor users from unathenticated ones? If this is via a complicated protocol, there is no point as the servers won't use it.
The problem at hand does not require "authenticated" Tor users. It requires authenticated Wikipedia users.
This does not necessarily mean building complex authentication protocols into the Tor network, and having two classes of traffic flowing around. It could be that this authenticated Tor is a separate network. It only lets users in who are authenticated, and owns a specific set of IP addresses which servers can whitelist. The regular Tor exit nodes can be blacklisted as they are now.
Tor is transport layer. Authentication for a specific service (such as Wikipedia) is the responsibility of that service and belongs in the session layer. An authenticated network and an anonymizing network are mutually exclusive.
What does Wikipedia need? What is the minimum level of service they require? Presumably, it is similar to what they can get via ISPs, who also map many users to a fixed set of IP addresses. Wikipedia can complain to the ISP, and it will get back in some form to that user.
No, Wikipedia needs to realize that the IP address correlation they enjoy outside of Tor is a happy accident, and that they should stop treating IP addressess as user credentials. If they want credentials, they need to implement them. -- Roy M. Silvernail is roy@rant-central.com, and you're not "It's just this little chromium switch, here." - TFT SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com
On 9/28/05, Roy M. Silvernail <roy@rant-central.com> wrote: A Wikiwhiner wrote
I have valid although perhaps unpopular contributions to make, and not only is my freedom to express myself limited, the quality of the material on Wikipedia suffers due to the absence of my perspective.
Wow. Nice ego there.
The status quo is not acceptable and we should work to find a solution.
Leaving aside the qualitative discussion, let's remember that the freedom to express onesself does not imply the obligation for any other party to listen.
Nor the obligation for any other party to provide you with a soapbox. Operate your own wiki if you don't like their decisions.
Tor is transport layer. Authentication for a specific service (such as Wikipedia) is the responsibility of that service and belongs in the session layer.
What Roy said. This Wikiwhiner might want to read up on the OSI model. Conveniently, there's a Wikipedia article on it: http://en.wikipedia.org/wiki/OSI_model
An authenticated network and an anonymizing network are mutually exclusive.
True enough, but to make it clear, an anonymizing network is not exclusive with an authenticated application. (Not necessarily so, anyway. I haven't checked into TOR, but there's no good reason an HTML hidden field couldn't provide session continuity for an anonymous web surfer.) -- There are no bad teachers, only defective children.
Dont' agree here...
From: Steve Furlong <demonfighter@gmail.com> To: cypherpunks@jfet.org Subject: Re: [cyphrpunk@gmail.com: Re: Hello directly from Jimbo at Wikipedia] Date: Wed, 28 Sep 2005 09:41:34 -0400
On 9/28/05, Roy M. Silvernail <roy@rant-central.com> wrote:
A Wikiwhiner wrote
I have valid although perhaps unpopular contributions to make, and not only is my freedom to express myself limited, the quality of the material on Wikipedia suffers due to the absence of my perspective.
Wow. Nice ego there.
If someone I knew wrote some detailed Wiki entries about Telecom DCC control channel protocol throughputs and attacks, he could objectively state that there would be very few people in the world up to the task. He might also want to maintain anonymity. Shutting down this source of wiki entries means that the general flow of Wikipedia content has been altered slightly, but I would argue significantly. I see no material issue with an individual claiming that the absence of his posts to Wiki is significant, even if this is in fact untrue for his particular case. The ego is not material to the essential point. -TD
Oh...-that's- your point:
No, Wikipedia needs to realize that the IP address correlation they enjoy outside of Tor is a happy accident, and that they should stop treating IP addressess as user credentials. If they want credentials, they need to implement them.
Well, is it reasonable to expect a creature to evolve to an environment that doesn't exist yet? On the other hand, I don't think the number of Tor IP addresses is anywhere near its hockeystick yet, and when it comes it will be changing far too fast for them to block. So they will ultimately have to change their model, methinks. -TD
participants (4)
-
Eugen Leitl -
Roy M. Silvernail -
Steve Furlong -
Tyler Durden