Misplaced Pages

talk:Open proxies - Misplaced Pages

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

This is an old revision of this page, as edited by Mackan79 (talk | contribs) at 11:50, 22 June 2007 (Copying from Meta). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Revision as of 11:50, 22 June 2007 by Mackan79 (talk | contribs) (Copying from Meta)(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

Discussion, wordsmithing, etc. goes here. --EngineerScotty 21:29, 20 January 2006 (UTC)

No preemptive blocking

Seems like a pretty well-balanced article to me. But I oppose the policy. Open proxies should only be blocked if they are already eligible under existing blocking policy due to vandalism. No preemptive blocking. Deco 22:43, 20 January 2006 (UTC)

  • Currently, many Misplaced Pages admins (such as on the project mentioned in the article) do pre-emptively block proxies. Which is why it is important to clarify what the policy actually is. FWIW, I'm all in favor of blocking any open proxy; though in practice I agree with you that efforts should be focused on those proxies which are actually used for vandalism. --EngineerScotty 22:54, 20 January 2006 (UTC)
  • Why is it "required for our licence"? Since Misplaced Pages is collectively written, and that it accepts unlogged users, what are the differences for this matter betwen an unlogged user and a TOR user? Why are anonymous programs forbidden on Misplaced Pages, and where has this policy been decided? Has it been voted? If yes, can a new vote be submitted, what is the "policy on policies"? Tazmaniacs

WP:BP

It really isn't a good policy; it provides a false sense of security without really attacking the underlying problem. This is typical of hackerish works such as Misplaced Pages, which will continue to lack credibility in scholarly work or in industry. — Preceding unsigned comment added by 24.61.5.30 (talkcontribs)

This is a very well written piece, but on the other hand the message is already part of Misplaced Pages:Blocking_policy#Anonymous_and_open_proxies. Might I suggest you take this text and use it to improve that subheading? Dragons flight 02:14, 21 January 2006 (UTC)

Thanks for pointing out the link to WP:BP--initially, I proposed this because I couldn't find it anywhere. That said, I still think that having this policy as separate may be a good idea.

Why?

  • WP:BP is listed on Misplaced Pages:Policies_and_guidelines, but under the "restricted features" subheading. While ordinary users (like me) can read it, many won't.
  • WP:BP contains numerous clauses of the form "if user/IP X performs behavior Y and additional constraints Z are satisfied; then X may blocked for time t"; where Y is some behavior contrary to Misplaced Pages's rules; and Z usually is appropriate due process or warnings afforded to the user. For most cases, Y corresponds to an official policy on Misplaced Pages; which is explicitly documented as such. For open proxies, there is no corresponding policy page which clearly sets forth the policy; nothing to directly reference from Misplaced Pages:Policies and guidelines. In short, WP:BP is a policy describing when admins may/should block users; but it's not as well suited for informing users of what they may and may not do. The equivalent in law would be giving judges sentencing guidelines allowing jail time for offenses which are not prohibited in the statutes. Maybe I'm wearing my "lawyer" hat too tight on this point.
  • At any rate, no open proxies is certainly de facto policy; transparency suggests that it be de jure policy as well. If you dig around, you can find snippets of info which document the policy (many of which are summarized in the article). Perhaps this is worrying about minutiae, I don't know.

And not to be rude, Radiant, but I think your move to a redirect was premature--very little discussion has been had on the proposal so far. I'm reverting for now, and adding a few more links--if consensus is to make this a redirect, I'll happily go along. If you revert back (to a redirect) again, I'll leave it alone--but I ask that you allow a bit more discussion to take place first.

--EngineerScotty 18:32, 21 January 2006 (UTC)

Regardless of the decision here; I also recommend that certain other places on Misplaced Pages: open proxy, Template:blocked proxy, wikipedia:policies and guidelines explicitly state that 1) open proxies are disallowed; and 2) point to whatever location in Misplaced Pages (here or WP:BP formally documents that matter. --EngineerScotty 18:43, 21 January 2006 (UTC)

Foundation Issue Violation

This page violates the foundation issue that anyone may edit. Therefore it cannot ever be policy as far as I am aware.

Kim Bruning 19:25, 22 January 2006 (UTC)

It has been policy and will continue to be as long as Jimbo embraces it . Dragons flight 19:41, 22 January 2006 (UTC)
WP:NOP doesn't violate the rule that "anyone" can edit--anyone (other than banned users) may do so; they just need to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction. In other words, it's a restriction on where people can edit from; not who can edit. Obviously, there will be some individuals out there who, due to their particular circumstances, can only edit through an open proxy--persons in mainland China being one large category. (Note that the Chinese government can and does block access to open proxies outside the Great Firewall of China--as use of such proxies can be used to circumvent bans on what Beijing considers seditions content).
One thing that might be a good idea (and may be done, though I'm unaware of it, and it isn't "policy" as of today), is to allow logged-in users (or a subset thereof, screened for sockpuppets, vandals, banned users, and such) to edit from open proxies. Logging in--assuming a secure password--answers the security questions around open proxies. But that would be a new policy (or a policy change), rather than documentation of what already stands. --EngineerScotty 19:51, 22 January 2006 (UTC)
I've discussed this with some developers on IRC now. I understand it's a delicate balancing act. I am somewhat saddened that this is now policy. :-( Kim Bruning 20:22, 22 January 2006 (UTC)
Again, it's been policy for quite some time. The creation of this page did not create a new policy; it just documented and set forth a policy that already existed. In other words, nothing has changed here. --EngineerScotty 20:50, 22 January 2006 (UTC)
It actually doesn't violate that foundation issue. Anyone can edit. It just means you can't edit over an open proxy. Stevage 21:14, 23 January 2006 (UTC)
Yep. Any simple statement like "...anyone can edit" is obviously going to have exceptions and can't be taken literally at face value. Funny that no one has ever objected to the fact that a starving African or a person in a coma can't edit Misplaced Pages. Stevage 18:28, 24 January 2006 (UTC)
That's a little facetious. "Anyone can edit" plainly implies that anyone with access to the Web can edit Misplaced Pages - which isn't the case if open proxies are blocked, given that such proxies may be a person's only means of gaining Internet access. 217.34.39.123 15:21, 7 February 2007 (UTC)
"WP:NOP does not violate the rule that 'anyone' can edit - anyone... may do so; they just neede to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction." I understand that this policy has been enforced because of a "security risk". Can this "risk" be explained? Is there any vote concerning this (or other) policy? 212.112.231.83 18:18, 9 April 2006 (UTC)

amount of open proxies?

Just curious - about how many open proxies are there out in the wild? And about how much of them have been blocked? --Ixfd64 08:34, 27 February 2006 (UTC)

Registered users

I can't see why even a registered user (say, registered months, or even years ago, and contributed hundreds of times already) are still being blocked, just because the IP was a shared one. I acknowledge that it is necessary to do that due to vandalism issue, but please re-re-re-consider the registered users. A serious user should be unblocked regardless of which IP s/he uses. Thank you very much. --Hello World! 02:56, 9 March 2006 (UTC)

Registered users are regularly unblocked when they're affected by such a block. There's a feature request for the ability to block IPs without affecting registered users, but that's currently not possible. // Pathoschild (admin / ) 03:18, 9 March 2006 (UTC)
Has there been any progress implementing this "feature request for the ability to block IPs without affecting registered users"? I am regularly blocked (while logged in) when using Tor. Kenta2 23:31, 24 March 2007 (UTC)
I think that if Misplaced Pages established a policy of "trusted" logins, it would help with this problem. I would naturally assume that anonymous edits from open proxies wouldn't be allowed, but what if users who registered jumped through some extra hoops to ensure that they were legitamate? If we created a system where the normal, unauthenticated person on an open proxy can't make edits, but those who create an account with some extra hoops to jump through would be allowed. They would be trusted users on the system, and their edits would be trackable, yet their actual location can be from anywhere. Such a system could be implemented here, so that if a certain user connected through, or contributed from, an exit node or open proxy, as long as they authenticated, there would be something to track if something went wrong, while still protecting that person's right to privacy. :: Silivrenion 21:09, 22 August 2006 (UTC)

Open or anonymous

The policy states that open or anonymous proxies are currently not allowed to edit. That "or" seems a bit confusing. Are there proxies that are anonymous but not open? If these ‘restricted anonymous proxies’ do exist, is it allowed to use them for editing? How can someone identify such a proxy? Dart evader 10:51, 5 April 2006 (UTC)

An open proxy in one which is vulnerable to exploitation, usually by accident. An anonymising proxy is one which hides the identity of the user, but it may be a closed service; anonymising proxies aren't necessarily open. These are more difficult to find, since they aren't flagged by any scans, but they are often advertised or can be detected indirectly. // Pathoschild (/map) 17:30, 4 September 2006 (UTC)

stupid question: is a school IP considered an open proxy?

Can someone explain to me why the following IP's were indefinitely blocked as open proxies:

While similar IPs from the same range, also repositories for petty vandalism, were labelled school IPs and given mostly short-term blocks:

I'm currently trying to draft a template to put on all these IPs, and I need to know if I can use the No Open Proxies policy as justification for an indefinite block of the whole range. If these are not Open Proxies, then none of them should be blocked under this policy. If you have a better suggestion for how to stop vandalism from these IPs, please contribute to the discussion at: Misplaced Pages:Abuse reports#New Alerts#Internet for Learning--woggly 06:59, 15 May 2006 (UTC)

These are suspected zombie computers because they were used by a malicious zombie proxy bot. A few are blocked due to vandalism, but the others should not be since there's only circumstantial evidence that they're vulnerable. // Pathoschild (/map) 17:41, 4 September 2006 (UTC)

Hypocritical Policy

This policy of no open proxies seems to be one of the most contradictory policies which exists on this project, and as such this policy should be revoked. My reasoning is set out below:

  • It contradicts the foundation issue of the "ability of anyone to edit articles without registering"
  • It clearly hinders some contributors particularly those from the People's Republic of China and probably prevents some from contributing at all
  • It contradicts the policy of "Assume Good Faith"
  • It adopts the policy of " Assume Bad Faith"
  • It gives the administrators the power to block a wide range of IP addresses when there is no proof of vandalism as set out in the policy. This also makes a nonsense of the principle that all users should act as administrators (wikipedia:administrators).

I look forward to your comments Fornost 21:15, 6 August 2006 (UTC)

This page is Foundation policy, not a local policy, so it override any local policy such as Misplaced Pages:Vandalism. It does not prevent anyone from editing Misplaced Pages; users in censoring countries are free to use private, closed proxies or other bypassing or tunneling methods. It makes no good-faith or bad-faith assumption, but merely prohibits a particular method. Imagine a real-world policy that prohibits the use of armoured tanks for civilian transportation. This does not in any way impact anyone's right to travel, since they're free any of a large number of other vehicles. // Pathoschild (/map) 17:27, 4 September 2006 (UTC)
Imagine a fictional world policy where it's forbidden not to smile into every CCTV and where you might or might not get a job as a teacher, be allowed to travel into other countries or even spend the rest of your life in prison depending on your political opinion. This does not in any way impact anyone's right to say his opinion, since they're free to say what they want.--Rubik's Cube 01:32, 8 January 2007 (UTC)

Blocking Logged in Users

Why are users who have editing histories and are not new also being blocked from using proxies? It seems to me that if someone wishes to use tor or such and they are willing to log in they should be allowed to. This helps contribute to free speech. Why must wikipedia have my real IP on file? Nisanu 15:39, 4 September 2006 (UTC)

Each registered user's IP address is stored temporarily so that administrators can deal with abuse. A registered user's IP address can only be determined by a very small number of carefully selected users, and is automatically purged from the database after a set interval of under a few weeks. Allowing users to create accounts from open proxies goes against the spirit of the prohibition against open proxies, since it undermines that safeguard against abuse.
Recent changes to the software allow administrators to block an open proxy and disallow new account creation, while leaving existing accounts unblocked; whether to do so or not is a matter of individual opinion. If you wish to safeguard your IP address, you are free to use a personal, closed proxy. // Pathoschild (/map) 17:03, 4 September 2006 (UTC)
What I fail to understand is if I am a user with a history, why am I not allowed to use a proxy? I have already signed up without using a proxy. So wha tis the big deal with it? A legitimate reason to use a proxy that encrypts such as TOR is to prevent eavesdropping by an ISP or intermediary. It is not necessarily to hide from Misplaced Pages staff. You see the connection between the local computer and the remote proxy is encrypted. Another reason might be to help prevent against broad survalience whereby an entity does something such as "poll up a list of all people who accessed page X within the last year". I hold that user who has a helpful established history with wikipedia should not be prevented from using a proxy. If you do have problems with them, then you can suspend their account and they would no longer be able to use the proxy to edit. Using an open proxy should not be seen as abuse. Nor should it be construed to undermine safeguards when in reality it does no such thing. Nisanu 21:06, 7 December 2006 (UTC)
The problem is establishing whether a user has a legitimate history. It may be fine to allow you or any number of legitimate users in, but allowing registered users means that anyone who has merely registered an account is able to edit through these. This poses a problem with aged socks, etc., and it would only take one intelligent vandal to require that the open proxies be fully blocked to prevent it. —Centrxtalk • 22:36, 29 December 2006 (UTC)

Policy issue that needs to be addressed.

Please see . Should such servers be blocked? JoshuaZ 02:49, 8 September 2006 (UTC)

The discussion mentioned is now here. No, such servers should not be blocked, and yes, the issue needs to be addressed. Urgently. TheMadBaron 16:34, 5 November 2006 (UTC)

Tor

Same banned users and others that have "left" the project, are now using Tor (http://tor.eff.org/) . What can be done? ≈ jossi ≈ t@ 04:09, 14 September 2006 (UTC)

Legitimate uses for open proxies

There are many legitimate uses for open proxies. One notable example is China and its Great Firewall. With over a fifth of the world's population unable to edit Misplaced Pages via normal methods, this policy discriminates against a large percentage of the world's population. Secure.wikimedia.org does not offer as good privacy protection as, say, TOR for example. This is a problem, for users in China and elsewhere, who are worried about being persecuted for their edits. According to Misplaced Pages:Block#Personal_attacks_that_place_users_in_danger, "Blocks may be imposed where threats have been made or actions performed (including actions outside the Misplaced Pages site) that expose Misplaced Pages editors to political, religious, or other persecution by government, their employer, or anyone else." This policy is exposing Misplaced Pages editors to such prosecution. (And no, I'm not suggesting blocking anyone for following this policy, I'm suggesting changing the policy.) Not only users in China, but users in all governments that have restrictive laws (inclusive) or enforcement, as well as non-governments that monitor internet usage, for whatever reason. Yes, vandals and blocked users may use proxies too, but is the perfect state of Wikpedia's articles more important that people's lives and well-being?

If you think that editors who have such concerns simply shouldn't edit, isn't that against the spirit of the Foundation policy that anyone may edit? And doesn't it encourage systemic bias by discouraging editors from China and other places with restrictive goverments from editing, and discouraging the editing of controversial topics?

To make it absolutely clear, I strongly oppose this policy. I would support soft-blocking proxies such that anon IPs could not edit, but registered users could.

Armedblowfish (talk|mail) 01:07, 21 October 2006 (UTC)

Why indefinite blocking?

I have asked the same question at Misplaced Pages talk:WikiProject on open proxies. What is the reason for indefinitely blocking? These IPs are going to change at some point, and someone is going to have to take the time to unblock them all. Why not block for 1 year or 3 years? —Centrxtalk • 02:23, 21 October 2006 (UTC)

The wording and the default block length for the proxy template have since been changed. —Centrxtalk • 01:03, 25 May 2007 (UTC)

Are you trying to ban Thailand?

I strongly oppose the use of this policy to block positive contributions from established, registered users. Two of the biggest ISPs in Thailand, True internet and CS Loxinfo, have been blocked under this policy. I have to wonder what "open proxy" is supposed to suggest in this context.... these are paid services; I very much doubt that trying to use IPs such as 203.144.144.164 (True) and 203.146.247.78 (CS Loxinfo) through a proxy client would get anyone very far....

CS Loxinfo is Thailand's Biggest Internet Service Provider. It is operated by Shin Satellite, which holds a monopoly on satellite operation in the Kingdom of Thailand. I can't imagine that blocking such services is what this policy was intended to achieve.

The indiscriminate application of this policy has now made it extremely difficult for me to edit Misplaced Pages, and I presume that other Thailand based users must be having similar problems. I will persevere, for now, with other ISPs, in the full expectation that these, too, will eventually be blocked as "open proxies". Of course, if every ISP I can possibly use is going to be systematically blocked, I will eventually be obliged to take an extended wikibreak.... along with thousands of other users in the Kingdom... until the application of this policy is reconsidered. TheMadBaron 06:19, 5 November 2006 (UTC)

Solution of the problem: more action - more reaction

There is no need to block any open proxies. Instead of this You can maintain automagically (not, as now, manually) generated list of ip addresses that are most frequently used to vandalize Misplaced Pages. Let Wikipedians that are somehow more trusted (for example having at least x edits) report vandalisms from ips in a format that can be easily understood by Misplaced Pages computers. Those computers would count cases of vandalism and in situations when number of edits from some address that are vandalisms would in some period of time be greater than some value (let it be 1/month) they would put this address on a list of restricted (not blocked) addresses.

Not logged users making edit to some Misplaced Pages article from those restricted addresses would everytime have to first pass defenses set by Misplaced Pages (for example they would have to write in a form a long sequence of random letters that they would see on an image). If, despite of those measures, number of vandalisms in edits from some address would increase, defenses would be automagically toughen (the number of random letters to write in would be increased), and, inversely, when number of vandalisms in edits from some adress would decrease, defenses would be relaxed and the number of letters to write would be decreased (to 0, when number of vandalisms would drop below 1/month).

Simply speaking: it would give to users of all open proxies ability to edit Misplaced Pages, and Misplaced Pages ability to keep number of vandalisms made using open proxies on low level, with much less manual work.

Lukasz 2 February 2007

Users from China are banned by this policy

This policy effectively bans users from China. I've previously used Tor to circumvent the block, but it stopped to work after I updated Firefox to version 2.0. I think it's because the Switchproxy plug-in for Firefox doesn't work. Even Tor was not a good solution, because for most users it's too difficult to install. Anyway, I've not been able to access articles since then without using an open proxy. The alternative access to Misplaced Pages explained somewhere else ( https://secure.wikimedia.org/wikipedia/en/wiki) also doesn't work any more. I strongly oppose the ban, and I'm forced to breach it to even make this statement. —Babelfisch 03:33, 9 February 2007 (UTC)

There is no way to not have this ban. If open proxies were allowed, they would be repeatedly and endlessly used by vandals—and therefore blocked just as they are now. The only difference is that with this policy they are blocked before the vandalism. —Centrxtalk • 03:32, 16 February 2007 (UTC)
Correction: They are blocked whether there is vandalism or not. I also strongly oppose this policy. The number of good faith editors that are hit hard by it is too large to call it accidental any more. - Andre Engels 12:26, 19 February 2007 (UTC)
"There is no way not to have this ban"? There is no way not to exclude one fifth of the world population from Misplaced Pages? There is no way not to exclude a community of Internet users larger than in the United States? (On the number of Internet users in China, see Natalie Pace, China Surpasses U.S. In Internet Use, Forbes 2006; 100 million go online in China, BBC 2005)
There must be a way! Pre-emptively blocking such a large number of users is totally out of proportion. This policy exacerbates the systemic bias of Misplaced Pages. —Babelfisch 03:44, 25 February 2007 (UTC)

I agree with Babelfisch and Andre Engels that this is a huge problem. You are probably blocking more good faith editors than vandals with this policy. Note that these good faith editors even might have helped you vandal-hunting.--Grace E. Dougle 12:08, 25 February 2007 (UTC)

Because it only takes one vandal to make use of thousands of proxies to cause havoc, it makes no difference how many persons are affected by the block. Welcome to the technology age: one person has through technology more power than 100 million Chinamen manually reverting vandalism. —Centrxtalk • 19:02, 25 February 2007 (UTC)
Centrx, your racist slur is not appreciated. —Babelfisch 05:41, 22 March 2007 (UTC)
Huh? —Centrxtalk • 03:27, 31 March 2007 (UTC)
I've modified the word, since he indicates he didn't know it was offensive. Dmcdevit·t 06:30, 31 March 2007 (UTC)
How can you "modify" another user's contribution in the middle of a discussion? If he "doesn't know" that "Chinamen" is an offensive term, why "help" him by replacing "Chinamen" by "Chinese people"? This is ridiculous. —Babelfisch 07:47, 2 April 2007 (UTC)

As there seems to be no willingness to solve this problem on this discussion page, I've also started a discussion here: Misplaced Pages talk:Blocking policy#Softblock for Tor proxiesBabelfisch 07:29, 3 April 2007 (UTC)

Suggestion of proxy open parts of wikipedia

Could we create a second proxy open talk page or open the talk pages for proxies? This would allow many more user's to contribute (sourced information can be presented on the talk page and than inserted by users who can edit the article). Talk page's didn't seem to be sexy enough for most vandals, so I presume the chances of an increased misuse are comparably low. Wandalstouring 18:58, 25 February 2007 (UTC)

That becomes useless once it is used by vandalbots. —Centrxtalk • 18:59, 25 February 2007 (UTC)
And you can't use vandalbots on wikipedia without proxies? Besides if we use a seperate page it is quite simple to require a registration for edits. Wandalstouring 11:38, 26 February 2007 (UTC)
If you use vandalbots without proxies, the IP address or even range which it uses is blocked. If you use them with open proxies, there are thousands upon thousands of IP addresses of all designation which can be used endlessly, unless open proxies are blocked. —Centrxtalk • 17:22, 3 March 2007 (UTC)
I can see some potential value, although I'm not sure how much demand there would be. There are already many, many articles with no talk page activity so I'm not sure that adding a second talk page would gain much, particulalry since it would need the good graces of another user to transfer material across.
I'm not sure how it could be achieved, but I'm sure it could be worked into the mediawiki software.
ALR 20:37, 2 March 2007 (UTC)

"banned"

In other contexts, "banned" means that all such edits may be reverted on sight, regardless of 3RR. Can it be clarified that this does or does not mean that here? It's being argued elsewhere that it does (and, that, incidentally, if someone you edit war with later turns out to be an open proxy, your 3RR block can be overturned, even if you weren't "reverting open proxy edits" at the time): WP:ANI#Another section break --Random832 12:04, 14 May 2007 (UTC) I've made an edit suggesting an alternate wording. "Banned" is a term that has a specific meaning here and should not be used. --Random832 12:07, 14 May 2007 (UTC)

In the other usage, the person is banned. Here, the service or the IP address when an open proxy is banned. —Centrxtalk • 19:18, 18 May 2007 (UTC)
Is it or is it not "banned" in the sense of allowing unlimited reverts to any edit made via an open proxy (no matter how productive the edit might otherwise be)? I'm not being hypothetical; this wording _has_ been used to make that claim. --Random832 23:57, 15 June 2007 (UTC)

Stupid Policy

What next? Should we block all muslim users because they may vandalise certain pages? Should we block American IP addresses because they may vandalise and misspell words? Or how about blocking all Nigerian addresses as they could be used in scams and user page spam? This policy is stupid. The vast majority of vandalism I've detected on Wikibooks and Misplaced Pages comes from closed IP addresses and usernames. How much time is being wasted on this policy? As an administrator on Wikibooks I refuse to take any part in this joke policy. Xanucia 11:58, 3 June 2007 (UTC)

This policy affects no one who is not otherwise able to access the Internet. If you block these ethnic IP address that you have peculiarly chosen, you have blocked the person's primary and only IP address; if you block an open proxy, the person is free to use their primary Internet access. On the other hand, if you do not uniformly block these ethnic IP addresses, and a person using one vandalizes, the vandalism can be effectively stopped by blocking the ethnic IP address; but if you do not uniformly block open proxies, and a person using one vandalizes, they are perfectly capable of moving on to another open proxy, and another and another if you block them, leaving you to play Whac-A-Mole until all the open proxies are blocked anyway, thus resulting in the same result you tried to avoid by not blocking open proxies, but with a battle-field of vandalism in your wake. How much time would be wasted on reverting untraceable, unpreventable vandal bots if open proxies were not blocked? You consider it a joke because you do not understand it and have chosen a very poor analogy to try to make sense of it. —Centrxtalk • 21:38, 3 June 2007 (UTC)
Blocking all americuans seems reasonable to me : ) But here is my side of the issue we have this person A who goes to the library to find info about Eric lafleur and all he finds is a page that has been blanked and has a huge sign IS A COCK SUCKER now this person A has been through this before all he needs to do is to go to the history and reverse it, But then we have the person B who goes on the school computer goes to wikipedia and starts to vandalise wikipedia as fast as he can and replaces Eric laFleur with IS A COCK SUCKER now here we have a paradox(I think this is one please make the wiktionary explanation more understandable) If the person a in the library is blocked he cant reverse person B! But if you admins or who ever decides it decide to actually do activate this policy please dont make the same stupid mistake as they did on the finnish wikipedia that they blocked the talk ability also. Also dont bann libraries or net café's c'uzz I dont think anyone would go through the trouble of paying or reserving a computer just to go to wikip. and vandalise! O_z do you? Peacekeeper II 00:09, 10 June 2007 (UTC)
Oh and BTW theres more trouble in vandalising than blocking and reversing! O_0 Peacekeeper II 00:13, 10 June 2007 (UTC)

A general statement

I do not intend this to be a decree or anything overriding policy. This is merely a statement.

I think this policy is currently overbroad, in that it does not appear to take proper recognition of the incredible good we can do by working within reason to allow and encourage people who have special circumstances to be able to edit using anonymizing tools such as Tor. As I am told, we have recently switched from soft blocking Tor exit nodes (something I approve of, due to the incredible firehose of vandalism they can be otherwise) to hard blocking Tor exit nodes (something I do not approve of, since this totally forbids Tor users from editing Misplaced Pages at all, rather than merely imposing a 4 day waiting period on them).

I would like this policy to be (thoughtfully, slowly, and with due consideration for all valid viewpoints) revised a bit to include a stronger acknowledgment that editing via open proxies can be a valid thing to do.--Jimbo Wales 03:38, 4 June 2007 (UTC)

There is nothing that says editing from an open proxy is 'bad'. The ban is a technical matter, not like a ban of an individual user, though practically the only people who are ever noticed to be using open proxies are sockpuppets of banned users—others that happen to find and use open proxies do so without harassment. —Centrxtalk • 07:23, 4 June 2007 (UTC)

I do not know if I have changed my mind from this time. But I don't think so. I still support generally blocking anonymous proxies, but I support using soft blocks rather than hard blocks.--Jimbo Wales 03:41, 4 June 2007 (UTC)

I'm going to have to agree with this. I think our blanket "cannot use open proxies" policy is inherently a bad thing, at least in regards to Tor. While I will admit a good many vandals do use Tor, we also have a good many users (including all of China) who are unable to edit just because we said "sorry, we choose to not let you contribute." I think we're better off letting Tor be open and deal with vandalism/sockpuppetry as it comes along, rather than making an at-large ban and shutting out potentially constructive members of our community. ^demon 03:57, 4 June 2007 (UTC)
This is something I will have to agree with also. Soft blocking allows us to attribute edits ot a single username (hopefully), and the editor can be accountable for that, while allow us to effectively keep the shared stuff out. I think this is a good meeting in the middle. Some folk do have valid reason to be using a proxy, lets allow this type of editing, with a registered account. Navou 04:07, 4 June 2007 (UTC)
Does anyone have examples of when it would be a good thing to edit from open proxies, other than the examples that are always mentioned (living in China, certain other countries)? SlimVirgin 04:54, 4 June 2007 (UTC)
Slim, sure, see User:Armedblowfish, a member of WP:MEDCOM who is blocked due to his hosting of a tor exit node. —— Eagle101 08:41, 4 June 2007 (UTC)
Presumably he can stop hosting the tor exit node, but it would not be a problem to soft-block only this one particular IP address, unless of course a vandal discovers the "tor node that can never be banned". —Centrxtalk • 18:38, 4 June 2007 (UTC)
Contributing facts that could be seen as disturbing to employers, police, politicians, family, or friends in regions where Misplaced Pages is blocked is almost certainly more risky than doing the same in regions where it isn't. Starcare 19:40, 4 June 2007 (UTC)
That "hopefully" is not insignificant. It is trivial for someone to create a bunch of sockpuppets on a non-blocked IP and then bounce around on open proxies that are unaffected by autoblocks—in fact, they can set a bot to do it while they go to the beach. Soft-blocking does not force edits to be attributed to a single username. The people who use open proxies maliciously or to circumvent a block are the same people who will create a bunch of sockpuppets. They do the same thing without open proxies, but when checkusered they are easily identifiable as the original banned user and they are held up by autoblocks such that, even if they happen to have a dynamic IP address that is re-assigned on-demand it requires disconnecting from and reconnecting to the ISP, and which IP addresses are nevertheless usually contiguously range-blockable rather than scattered across the whole IP address space, and the person is ultimately if necessary correctable through the ISP. —Centrxtalk • 07:23, 4 June 2007 (UTC)

I could support the reverse of a soft block for Tor proxies, that is: disallow editing from logged-in users through open proxies. Tor proxies are already anonymized: there's no need to anonymize them further by allowing multiple-ID sockpuppetry through them. At least a user under a Tor IP makes it clear that he or she is using a proxy. Here's another idea in the same direction: edits that come from Tor notes should be clearly marked to non-checkusers as potentially suspect; that would allow people to use Tor to circumvent local government censorship, but still give us a chance to prevent large scale abuse. Kusma (talk) 08:50, 4 June 2007 (UTC)

Nothing in the software would allow these things at present, however, it might be reasonable to require that people editing through Tor make this known by a user category. That would make it pretty easy for non-checkusers to watch them. It might tread a little too close to WP:AGF, then again, maybe not. ··coelacan 23:38, 4 June 2007 (UTC)
A voluntary solution basically means we ask people nicely to declare all their sockpuppets. That is known not to work with abusive sockpuppeteers. AGF is not a suicide pact. If we do want to allow editing through open proxies, we need a technical way to flag them and think about the consequences this will have on policies such as the 3RR that become almost unenforceable. Kusma (talk) 05:39, 5 June 2007 (UTC)
I wasn't necessarily suggesting a voluntary solution. If it is important to keep track of who's using open proxies (and I'm not commenting on that importance one way or another), then we can have a clause that says "If you are using an open proxy, you must put your user page in this category or you will be blocked." We already do not have a technical means for dealing with open proxies automatically, and there are a great many of them that are unblocked. Anyone suspected of sockpuppeting can be put under CheckUser, as is the current system; if they are found to be using open proxies undeclared, that would be a violation. I'm not endorsing this, I'm offering it; if the community wants it I wouldn't oppose it. ··coelacan 06:16, 5 June 2007 (UTC)
  • Jimbo, if you can provide some data showing that anything other than a minuscule percentage of Tor use is something other than vandalism, you'll have a chance of changing the minds of the checkuser operators who deal with this issue on a daily basis. Anonymity is bad enough; but there's a difference between freedom and license, and open proxies are license to abuse. --jpgordon 13:54, 4 June 2007 (UTC)
"Anonymity is bad enough"?!? I am still astonished, after all the statistics comparing the contributions of anonymous contributors to their vandalism, that this attitude still exists. If that is how you really feel, why don't you work on Sanger's project instead? Starcare 19:36, 4 June 2007 (UTC)
Where can I find these statistics? The conventional wisdom as far as I can tell is that 90% of IP edits are vandalism. —Centrxtalk • 04:21, 5 June 2007 (UTC)
People get this bit of "conventionally wisdom" WP:PERENNIALly wrong because, even though 97% of vandalism comes from anonymous users, somewhere around 76% and 82% of anonymous edits are intended to improve the encyclopedia. It has not escaped my attention that the most recent statistical studies have set out to measure the former while ignoring the latter statistic. I find that very disappointing. Starcare 09:28, 5 June 2007 (UTC)

Whitelisting users

Now, I know that there is currently no technical means of 'whitelisting' users on en for using open proxies short of making them administrators (which is hardly a solution.) However, ignoring technical constraints, can anyone think of a reason why, at a bare minimum, individual users should not be able to make an appeal to an administrator to be exempt from NOP? The only case when I can see such a situation being advantageous to a user with a single registered, exempted account is when they're subject to a checkuser; and, in that case, the use of an open proxy would be enough to confirm any suspicions that lead to a checkuser in any case... a user who requests permission to use an open proxy for the purpose of sockpuppetry and vandalism would be shooting themselves in the foot by attracting extra attention. --Aquillion 03:09, 5 June 2007 (UTC)

  • We treat fixed IPs differently in some circumstances, but open proxies are the polar opposite. If we whitelisted open proxies I'd suggest that we make it time-limited, with a presumption of short periods. So if a known user needs to use an IP that's been identified as an open proxy then they could get it for a day. I don't think we should leave the IPs whitelisted for long unless of course they're no longer open proxies. ·:·Will Beback ·:· 07:16, 5 June 2007 (UTC)
    Oh, I don't think this is what is meant by the proposal. As I understand Aquillon's proposal, there would not be a whitelisting of IPs, but a whitelisting of certain users to use open proxies. Other users from the same IP would not get the same consideration. In the case of Tor, for instance, a user cannot predict or choose what their IP will be, and the IP will automatically and randomly change on intervals between ~2 and ~30 minutes. I understand it would be technically possible to hack the Tor client and force it to use a particular exit node, but programming is far beyond the expertise of almost every user, and I am pretty sure that the default Tor client does not offer such a function, not even optionally. ··coelacan 10:25, 5 June 2007 (UTC)
  • Allowing a whitelist for certain types of blocks sounds like a possible idea. Still, it remains unclear how we can protect the privacy of people who want to be on the whitelist and prevent abuse at the same time. It is not so difficult for people with existing accounts that want to start editing through an open proxy. But how should editors from China apply to become whitelisted, and how do we ensure we don't whitelist a dozen accounts for the same new user? Kusma (talk) 10:59, 5 June 2007 (UTC)

How do you distinguish between NAT and proxy?

I note above that nearly the entire country of Thailand was blocked from editing after just two blocks of ISPs. I submit that this policy, as it exists today, is firstly flawed in fundamental ways without hope of repair as can be seen from the definition of the words used in the policy, and secondly, not in accordance with any of the edicts of Jimbo Wales unless those edicts are themselves self-contradictory. Folks, we are running out of IPv4 space, and IPv6 hasn't been catching on. Given the nature of WHOIS and similar information, and popular, widespread, and increasing use of network address translation (NAT), this policy has and will continue to result in the banning of public WiFi and OPAC terminals, entire mobile telephone companies, entire ISPs, and huge regions. The accuracy of this method is likely to decrease.

We must ask: Is this policy worth preventing editing from public terminals, such as may be found in libraries? --James S.talk 15:31, 6 June 2007 (UTC)

NATs do not show up as open proxies on port scans or on proxy and spam blacklists. Thailand IPs, public WiFi, and libraries are blocked, if and when they are indeed blocked, because of repeated vandalism, not as open proxies. —Centrxtalk • 17:42, 6 June 2007 (UTC)
I know for a fact that public WiFi networks have been blocked as open proxies. Where is the procedure for deciding whether an address is an open proxy? 75.35.110.164 01:00, 7 June 2007 (UTC)
Which? Please let us know. --jpgordon 01:45, 7 June 2007 (UTC)
That was some time ago. I will test it and tell you if it's still blocked. Is there are procedure, or do people just wing it? --James S.talk 02:24, 7 June 2007 (UTC)
The distinction is quite simple: an open proxy allows anyone from "outside" its network to edit Misplaced Pages from its IP address; a NAT without any open proxy would only allow people from "inside" its network to do it. Of course, most times a NAT is blocked as an open proxy happen because one of the machines behind it is an open proxy, making the NAT external IP address the one used to edit Misplaced Pages. --cesarb 01:59, 7 June 2007 (UTC)
Does anyone believe that the accuracy of this method will increase? --James S.talk 02:25, 7 June 2007 (UTC)
What do you mean? This is a problem with any blocking. If someone behind a NAT is vandalizing repeatedly, the NAT would be blocked and you have the same collateral damage. IPs that repeatedly vandalize are blocked for long periods of time too. This has nothing to do with open proxies. —Centrxtalk • 18:46, 7 June 2007 (UTC)

How do you know whether an IP is a Tor node?

Is there a list of "well-known Tor nodes" somewhere? How would someone know that a series of edits by several different IPs were all from Tor? If they are "well known", and are prohibited from editing, why are they not permanently blocked?

Also, if

  1. A regular user makes a bad edit
  2. Bad edit is reverted by a Tor node
  3. Regular user reverts Tor node

Does that mean it is automatically against policy to revert back to the Tor node's version and we should keep the bad edit forever?

See User talk:Omegatron#Reverting my revert of a Tor exit node for a claim that this "is how it works" and that there are no exceptions. — Omegatron 19:45, 9 June 2007 (UTC)

There are lists of Tor nodes, I even gave you a link on your talk page nine days ago. Failing that you can just do a Google for the IP address, usually it will have been spotted on other Wiki projects in different languages. The Tor IPs change fairly rapidly, although it's possible to automatically block IPs from editing based on the well known Tor lists this isn't done here for some reason. Fnagaton 01:37, 10 June 2007 (UTC)
No, you're looking at it incorrectly because the Tor node edit is irrelevent since reverting a Tor node edit doesn't count towards 3RR and if the user's initial edit is bad then the subsequent revert (of the Tor node revert) will get reverted by an editor that isn't hiding behind a Tor node. The example you gave above is not the same as the situation involving your edit which you linked below. Fnagaton 01:37, 10 June 2007 (UTC)
In that situation ( User talk:Omegatron#Reverting my revert of a Tor exit node ) you used your revert to put back your own text that had already been reverted. You did two wrong things there 1) putting back text that had been changed by a Tor exit node and 2) edit warring by putting back your text that had already been reverted. Lets not forget your change was reverted by three different editors and was also noted for being of questionable behaviour. The Tor node edit can be reverted regardless of merit, so it is irrelevant that you think the Tor exit node made a "good edit" by putting your text back. A Tor node edit that just happens to put your text back would also tend to look like sock puppetry. Fnagaton 01:37, 10 June 2007 (UTC)
Tor nodes are most easily checked using ippages.com. Open proxies of other kinds are not identified there. I do not presently know of a comprehensive list of tor nodes, but you are welcome to try finding one and using it to block them all. Do note though that tor nodes are the open proxies that are most likely to change.
If a tor node reverts some vandalism then it is pointless to revert back to the vandalism on a point of procedure. If by "bad edit" you instead mean a change of content with which you disagree, then you should not edit war on behalf of a presumably banned user. —Centrxtalk • 00:34, 13 June 2007 (UTC)
The claim that was made is that reverting to a Tor user's version is automatically against policy. This is clearly wrong. If I revert to a previous version of an article, regardless of who originally created it, I am taking responsibility for that edit being the current version. — Omegatron 01:05, 13 June 2007 (UTC)
You are again missing the point that you were replacing your own text that had been reverted, not someone elses text. I correctly removed the text because it was added by a Tor proxy. So either you accept you are edit warring or if you claim ownership for replacing the text from the reverted anonymous proxy you accept you were the one using an open proxy to replace the text. Either way, your edit is wrong in the example I gave. Fnagaton 01:39, 17 June 2007 (UTC)
There is a comprehensive list of tor nodes at http://moria.csail.mit.edu:9031/ (the same list can be found at the other two directory servers; it's very up to date, and AFAIK all tor outproxies should be in it, since it's what Tor itself uses). We are only concerned about the nodes which are outproxies (aka "exit nodes") and which allow access to Misplaced Pages; so check the accept and reject lines before blocking (in particular, nodes which only have reject *:* are not outproxies and should not be blocked just for being in the directory). --cesarb 23:55, 15 June 2007 (UTC)

What could Chinese users really do?

Misplaced Pages prohibits open proxies due to the frequent abuse. On the other hand, users within PR China are censored and must use a means (like Tor) to bypass the great Firewall. If they are users with good intentions, how exactly can they get by that rule? I currently get the impression that many users consider NOP to be something that must be observed at all times, and frown upon the usage of Tor nodes no matter what.--Kylohk 15:57, 16 June 2007 (UTC)

TOR again

OK, it looks like the community is somewhat split on whether TOR should be permitted. Checkusers with experience of dealing with open proxies have highlighted areas of particular concern concerning sockpuppetry. What I'd like to see is if there's some way we could come to a satisfactory compromise which permits registered users to edit through TOR without the myriad of other problems, primarily sockpuppetry. My preference would be to see TOR nodes automatically softblocked (this is, preventing editing without an account (anonymous editing) and disabling account creation) blocked through the use of a dreaded admin bot on a daily basis. Former TOR nodes would be unblocked at the same time. It's clear checkusers believe that undetected open proxies are being used to create multiple accounts, so I would also propose a limit of 1 account registration per IP address per day. This difficulty in building up a sockpuppet "army" should help in dissuading mailicious editors from engaging in sockpuppetry as it would take a long period of time to build up a large sockpuppet army. TOR users unable to register an account would be required to e-mail unblock-en-l and have an account setup as is normal process at present for those on softblocked IP addresses. Unblock-en-l members should be permitted and encouraged to share information from e-mail headers with the checkusers here in the event of suspected abuse of an account. Nick 16:27, 16 June 2007 (UTC)

I definitely support this. Tackling an editor who uses Tor is not fun. :( Fnagaton 01:40, 17 June 2007 (UTC)
The part about using a bot to block TOR nodes seems oddly familiar. I certainly hope the community is less worried about a bot rising up against the admins and taking over than they were last year. We should see if Tawker is still interested in running such a bot, TOR blocking is monkey work. --Michael Billington (talk) 08:30, 17 June 2007 (UTC)
It wouldn't have to be a bot; in fact, it would be better to implement this as a MediaWiki extension. We could base the code on Torstatus, though as far as I can tell even that's in fact little more than a fairly thin wrapper around the directory features of the TOR client itself. —Ilmari Karonen (talk) 16:01, 19 June 2007 (UTC)
A softblocked tor node is equivalent to an unblocked tor node for the purposes of a vandal. —Centrxtalk • 17:42, 17 June 2007 (UTC)
  • I wonder if it would be useful to expire accounts that have been created but never used; a lot of the time, what we find when we CU is Tor IPs with lots of sleeper accounts. --jpgordon 17:51, 17 June 2007 (UTC)
It would be helpful to do that, because sleeper accounts are used to bypass semi-protection. SlimVirgin 18:15, 17 June 2007 (UTC)
The expiration time would have to be updated whenever the user reads Misplaced Pages while logged in, not just when editing, though. Otherwise, we'd be expiring the accounts of people who don't edit, but log in just to be able to, say, use a non-MonoBook skin. —Ilmari Karonen (talk) 16:07, 19 June 2007 (UTC)
Agree, has a bug report been filed with this suggestion yet? Navou 18:31, 17 June 2007 (UTC)
I also agree that this is worth investigating. semper fictilis 22:02, 17 June 2007 (UTC)
I also agree, fwiw. Fnagaton 07:42, 22 June 2007 (UTC)

bugzilla:10299 Navou 23:41, 17 June 2007 (UTC)

How to tell if an IP is an open proxy

Will someone please tell me how to tell if a IP is an open proxie on my talk page. Peace:)--Sir James Paul 00:13, 17 June 2007 (UTC)

I don't know if anyone will actually give this information here. The practice is somewhat, beany. However, a google search on the subject may be more, forthcoming. Best regards, Navou 01:00, 17 June 2007 (UTC)
DNSBLs, public open proxy lists, port scans. In the past, certain very distinctive edits have also been considered sufficient by themselves to identify an IP as an open proxy, although I made a small tweak to MediaWiki about 6 months ago that should have stopped at least a specific class of such proxies from editing in the first place (and I haven't personally seen any since, either, so I guess it probably does work). —Ilmari Karonen (talk) 16:14, 19 June 2007 (UTC)

Destructive-editing-resistant Tor unblocking

ArmedBlowfish, unable to edit because he runs a blocked Tor exit, has posted this to his talk page:

Destructive-editing-resistant Tor unblocking. --Tony Sidaway 06:31, 20 June 2007 (UTC)

Copying from Meta

I removed the language that says that we copy from Meta, because obviously we don't. I believe we should stay separate for now, until this issue is sorted out. Crum375 00:15, 22 June 2007 (UTC)

Isn't the whole point of the notice to let people know that we should ultimately be synchronizing them, though? I don't see how a conflict is a good reason to remove that.
Also, is there a reason to treat this as a rule violation? If we're accepting Jimbo's suggestion, it seems we should be amending to say these get blocked easily, but not that it will be treated as a violation itself. This makes sense to me for several reasons: 1. The main reason for this policy was vandalism and soft blocking solves that, 2. Sock puppeting can be revealed in other ways, and 3. People who try hard can sock puppet anyway, either just by doing it or by more sophisticated methods. Meanwhile, many people care deeply about privacy, and don't want anybody knowing their IP, while the idea of having people explain their reasons in detail to justify this is obviously unsatisfactory. Finally, practice seems to be to block the proxy rather than the person, which suggests we should want our policy consistent with what the checkusers are actually doing. So what goes the other way? Mackan79 01:20, 22 June 2007 (UTC)
Although vandalism is an important concern, often vandals are hit-and-run from some random address, and the open proxy ban will not help that much. The more important need for the open proxy ban is due to the recent infiltration of WP by sockpuppet admin accounts. Those are long term users with long term goals, and having the ban in place will help mitigate (though not directly solve) this problem. The 'need for privacy' is more than offset by WP's need for survival - with a number of rogue sockpuppet admin accounts, and potentially even checkusers in place, one can imagine the internal corruption and mayhem that can result. To this date, besides the Chinese dissidents issue, who are able to read WP via open proxies, I am not aware of any legitimate need for editing via open proxies. Crum375 01:31, 22 June 2007 (UTC)
When you really balance it, though, I'm just seeing very little accomplished by this policy. To break this down: if we're talking about the trojan admin situation, then, the cases where this would really kick in are ones where somebody has a suspicion on two accounts and raises enough evidence for a checkuser, but then that person gets off because they're using an open proxy. Yes? Well how about this: if that starts to becomes a problem, then checkusers could either report the use of an open proxy, or privately tell the person that their proxy will be blocked, and they will now have to find another means to edit Misplaced Pages. Would this address the problem? Mackan79 01:44, 22 June 2007 (UTC)
I am not an expert in this, but my guess would be that this would not be sufficient. I think the trojans are very shrewed operators, and they will use a variety of IP addresses. There may also be a large random traffic of open proxy influx, often it may not be instantly evident whether a given IP is an open proxy or not, so it may not be practical to start sending messages to all possible open proxies. Also, sometimes it may be prudent to lie in wait, in order to trap a large scale infiltration scheme, so it doesn't always make sense to alert the perpetrators immediately. In any case, I think the experts who are running CU on a routine basis and hunting the rogues should opine here, if they can. Crum375 01:55, 22 June 2007 (UTC)
Well the policy as it stands now allows for swift removal of changes made by any open proxy, regardless of the merit of those changes. This is an important part of enforcing against anonymous sock puppet activity and attempts to circumvent 3RR. Fnagaton 07:48, 22 June 2007 (UTC)
I think that would still make sense; the question is if it's necessary for established user accounts though. To Crum, it would still seem we're talking about a relatively small number of cases: those established accounts that have raised suspicions of sock puppetry and where a checkuser reveals them to be using TOR. I'm thinking a checkuser result to that effect would let the community deal with the situation without needing to hard block and ban all such users on sight (are you suggesting something else?). Mackan79 11:50, 22 June 2007 (UTC)