Wikipedia globally blocks Apple Private Relay IP ranges from editing(meta.wikimedia.org) |
Wikipedia globally blocks Apple Private Relay IP ranges from editing(meta.wikimedia.org) |
[1] https://meta.wikimedia.org/wiki/Global_blocks
"Global blocks are technical actions performed to prevent an IP address or range of IP addresses from editing all Wikimedia wikis, for a fixed period of time or indefinitely. Global blocks disable account creation from the blocked IP by default, and can also prevent editing while logged in to an account."
Much easier to simply block posts/puts to certain paths from ip ranges in the ingress layer, before they ever reach the application and are authenticated.
There is a very real problem, even in technical circles, of wrong information being put on there.
In this example, it was always by an anonymous account.
How does the Wikimedia foundation attempt to handle this? I'm not suggesting I have ideas on what to do. But, this is a real debatable question they have to wrestle with.
Now it's linking to the discussion page. Which is definitely very interesting and useful, but probably not the page that was intended?
That said, there's nothing stopping me hacking a residential router to make my (anonymous) Wikipedia edits.
As usual it's a small misbehaving minority in the world who make it difficult to Have Nice Things.
Everything sounds like that is already the case? Is it not?
> Communities typically block edits from IP addresses that obscure individual users.
Hill, B. M. and Shaw, A. (2021) ‘The Hidden Costs of Requiring Accounts: Quasi-Experimental Evidence From Peer Production’, Communication Research, 48(6), pp. 771–795. doi: 10.1177/0093650220910345.
http://www.aaronsw.com/weblog/whowriteswikipedia
It turns out the long tail of anonymous editors is actually a force to be reckoned with. Or was at the time of writing, at least!
IDGAF one way or the other, but if you're going to be banning millions of users from editing via their IP, just commit to saying "We need to be able to identify you vandals, and a user account is the easiest way".
You're either true to a mission statement, or you should stop virtue signaling beliefs you don't hold with your mission statement.
Instead it's way past time they just attacked the problem directly with some flavor of more formalized cryptographic representation of time. Like just give new users a number to do prime factorization on tuned to a desired target, then sign the result. Ensure they need to do a few hours/days/whatever of crunching (could be graduated, a few hours gets you initial editing rights then you're expected to crunch a bit more over the following months to reach full user level). Scale over time with increasing processing power. Near zero cost to verify. Now even with hacked routers and so on it still always takes some time. For people who don't get banned it's a one-time cost, no problem, amortized over years/decades (Wikipedia is 21 years old now, and there are other older forums still around too). Anyone in the world can participate no money required, just a computer. But for attackers it's a constant burn. And it changes to calculations for things like soft bans too. If you've got a token representing a week's worth of compute built up over a few years and get a 48 hour ban, the incentive against ban evasion is high. It's not possible to build back up another token before the ban expires.
It's a shame there isn't some standard for this, no reason in principle a handful of authorities couldn't make chrono-tokens that any site could recognize and keep their own DB of. No permanent identity involved, no law enforcement, always the chance to start fresh, every site can choose whether to worry about other sites' bans or not (or contribute back their own or not). A token need not be tied to any account at all in fact. And no algorithms involved either, humans can take the driver's seat again because the cost equation is firmly back in moderators' favor and they have a dynamic tool to respond to abuse (they can just temporarily increase the time req during an attack surge as high as needed to quench it while not hurting long time users or even stopping new ones from signing up then lower it smoothly back down to let new people start faster as whatever caused the attack winds down).
It stinks we're into the 2020s and moderation doesn't really seem much different than the 90s.
Wikipedia doesn't block to punish individuals. It blocks to protect itself. There are plenty of ways around most blocks, like simply creating an account.
> Communities typically block edits from IP addresses that obscure individual users.
Surely they are aware that this is basically all IPs nowadays...?
If that's genuinely the policy then it should be almost equivalent to just requiring an account for all edits, so why not just do that?
the problem with accounts is that the editing history is public, making it impossible to keep even a pseudo-anonymous identity because everyone would know who i am based on what i edit.
didn't jimmy wales himself say that the editing and viewing history is sensitive personal data?
i don't mind wikipedia itself knowing my identity, just like i don't mind hackernews admins knowing who i am, but i'd like wikipedia to help me keep my identity hidden from the public.
I'm fairly certain that the GDPR believes an IP address is PII and imposes a bunch of fairly onerous restrictions on how network administrators are able to log and analyze them. So it doesn't seem like that ship has sailed at all. If anything it's been reinforced by actual law that it _does_ meaningfully identify someone.
It is very seldom in my experience the case that legislation tells us anything at all about what is true about technology.
- people who treat articles like their own fiefdoms and have obsessively memorized every sentence of policy and can drown an edit they don't like with subjective assertions that an edit violates a particular policy
- no-life basement neckbeards who do thousands and thousands of edits on subjects they couldn't possibly have knowledge or experience on and respond instantly to edits to "their" pages
Further, in disputes, it essentially comes down to who the rest of the community likes more. The ultimate ad hominem is that some random IP address vs an established 'wikipedian', even if the 'wikipedian' is full of shit? The wikipedian wins.
The page for AA is a great example. There's a dude who is completely unhinged and suppresses any negative information about AA, such as the problems with abuse, predation, and sexual assault. Or studies showing poor efficacy compared to science-based treatment.
I posted a HN comment as such and was more than a little surprised to come across a reply made barely a few hours later, apparently from that dude, accusing me of being someone he'd had a tiff with on wikipedia.
You look at the edit history and his behavior is clearly gatekeeping and enforcing a particular viewpoint. Yet, curiously, he's never been subject to any censure?
Look up anything even mildly controversial, e.g Gender, Marxism, Capitalism, Globalism, Election Laws, Freedom of Speech, Racism, and then compare 10 years ago to today, using archive.org or by looking at edit history. It feels like a parallel universe, as if history was totally re-written.
Add a time cost to accounts that is independent from IP or real identity. I gave a suggestion to factoring the product of primes, basically breaking crypto with far fewer bits then would ever be used in a real system to tune to time to a desired target. Another option would be to require a security key for anonymous editing of hot articles then ban the key if needed, which would essentially be a fairly anonymous proxy for money. Now attackers need to spend a key each ban. Although unlike just doing it purely for Wikipedia that might result in a market of "used, banned" keys which isn't really great. But they shouldn't do it via IP, they absolutely could do better.
1. Defenders use standard PCs and mobile phones. Attackers use GPUs, FPGAs and ASIC and run them in places where electricity is cheap.
For traditional hash algorithms this gives the attacker a thousandfold or so advantage. There has been some work on closing the gap in the context of crypto currencies, but I don't know how close they got.
2. It takes a phone (or even a PC) a long time to burn through $2.
3. Attackers have large botnets and don't pay for the electricity consumed by these.
Meanwhile, abusers just farm PoW solutions and make it negligible. You end up with a solution that’s even easier to farm than quick expiry captcha.
And your idea doesn’t stop you from having to implement moderation anyways. You have to do the same work.
>One is that you mainly punish honest users who have to install and run this PoW crapware just to make a small but legit edit.
I covered this. It's trivial in such a system to still have no-cost be the default, and ramp up only for certain criteria or during hot spells. Which is what I wrote. Also, an RSA cracker can run fine as javascript, no need to install anything. And legitimate users can build up over long periods. Further, how do IP bans, the existing default, line up with your "honest users" thing hmmmmm? You did at least read the title of this comment section right? You are aware that this is all in the context of something that is also a broad sledgehammer right?
>And your idea doesn’t stop you from having to implement moderation anyways.
I never suggested it did? Quite the contrary? Hello?
>You have to do the same work.
No, you don't have to the same work if attackers cannot attack as quickly and cheaply. Duh.
You mean like supporting use of pseudonymous accounts that don't require more than an email to register, just like HN? Wikipedia already does this. It's trivial to sign up with a throwaway email account. No one cares unless you try to abuse or game editing by making sockpuppets to sway debates.
They're also exploring how to mask IPs. https://meta.wikimedia.org/wiki/IP_Editing:_Privacy_Enhancem...
I think you fail to realize how slow low end devices that can use wikipedia is compared to the latest high performance processors.
I think they're already there.
> Proxy blocks are not targeted at individuals
There are italics on the original page.
I regularly throw accounts out in disgust at the political voting.
I use Britannica for anything that isn't celebrity/pop culture based now, I thought Wikipedia had killed off "proper" dictionaries but they're going in reverse. I enjoy the irony of that.
That doesn't seem all that unviable, at least specifically for Apple Private Relay IP ranges, is my point.
Most certainly not. The people in charge actually want it to be open. You are simply watching those ambitions splinter somewhat as they are beset by the crashing waves of the harsh reality that is the Internet.
But note that requiring authentication to edit doesn’t necessarily change anything about abuse, yet this thread seems to suggest that people think it does.
Just means you need to farm a POST /register. You can attach a one time use account to every abusive edit and it’s no big deal.
But yeah, the internet has changed over time, and it is not as nice a place as it used to be.
I think it's important that there are still sites where people don't need an account to be able to participate. Wikipedia is one of the last holdouts in the West, and they clearly are having some amount of trouble keeping it 100% that way.
Given that you need to prevent abuse, how would you propose to keep things (more) open?
I'm saying that by prioritizing the want of "no vandals" you are making want of "open to everyone" untenable. I'm sure their actual top priority is "the best, most accurate listing of information" and everything else is in service of that goal, but I don't really care.
My point stands: If you want anyone to be able to edit anywhere at any time, you can have that but you make trade-offs. Saying "vandals are bad and need to be stopped" is actually not an objective fact, it's a choice about what information you hold valuable.
The implementation of the blocking mechanism is IP addresses/ranges, which is imprecise (to say the least). But now you have to worry about abusive users bypassing your technical control by obscuring their IP addresses. So you block all IP ranges that implement e.g. CGNAT, VPNs, 464XLAT.
So now you're mass-blocking access to millions of people who have never shown any inkling of malicious intent due to rational technology choices by their service providers or due to a reasonable desire to protect their personal privacy.
If you're OK with blocking users in such an entirely capricious and arbitrary way, why not just insist on registration?
Your argument is as flawed as saying we shouldn't have email because spammers must be blocked.
There are indeed many classes of IP address which multiplex large numbers of users (mobile network exits, VPN exits, ISPs with CGNAT, some corporate web filtering systems, shared public wifi, tor, satellite ground station exits, residential proxies, ...).
However, claiming that "basically all" IPs are multiplexed is definitely wrong. A home or small office broadband line typically gets a dynamic-but-ephemerally-unique IP, same as it always did.
The effect of IPv6 on this isn't totally clear to me yet. If anything, as IPv6 deployment among ISPs increases, the trend seems to be for less multiplexing and not more.
IPs assigned to homes and small offices are still multiplexed. It's just a case of magnitude. (In other words, it's rare for a home or small office to contain just a single person.)
The policy as stated makes no sense, if they intend for it to be something like "more than 5 people per IP" they should just say so.
> The effect of IPv6 on this isn't totally clear to me yet. If anything, as IPv6 deployment among ISPs increases, the trend seems to be for less multiplexing and not more.
FWIW, every ISP I've used in the last ~10 years has delegated me an IPv6 prefix, resulting in each device in the network getting a unique IPv6 address. I've never seen any kind of NAT used in the wild for residential IPv6.
It's kind of the internet equivalent of keeping drug dealers out of your club by banning anyone who lives in a poor area. A lazy (and likely discriminatory) policy, but a simple one, and effective.
My current home broadband setup gives me the same IP address for months at a time, across router reboots. Advertisers love it, I'm sure.
> > Communities typically block edits from IP addresses that obscure individual users.
> Surely they are aware that this is basically all IPs nowadays...?
> If that's genuinely the policy then it should be almost equivalent to just requiring an account for all edits, so why not just do that?
With the shortage of IPv4 addresses and the lack of progression to IPv6 from many ISPs, we're likely going to see users unable to anonymously edit if they start blocking those behind a CGNAT.
In practice customers don't usually turn their routers off for very long, and many ISPs don't have an acute shortage of IPs (those that do have already moved to CGNAT), so it's pretty typical to keep your IP no matter how many times you reboot your router. If I'd leave it off for a month I'd be less sure I'd get the same IP.
Objectively: Not always. You're creating a tiered society. The argument is saying "Why do some people deserve freedom but not others?" It's great if you're part of the in-group, but exceedingly unjust if you're non-vandal bycatch due to the blanket bans. You can't have some democracy, it's all or none.
I'm unable to anonymously edit by default because I have T-mobile for my phone and internet services and there is a blanket ban on T-mobile IPs. This is the 3rd largest telcom in the US with about 108 million users. I'm going to assume that less than 1/10th of them are Wikipedia vandals, but a blanket ban has been put in place.
Explain how it's "good" that a random AT&T user can make an edit, but I (or another random T-mobile user) can't? Follow up, explain why making everyone who wants to edit register an account is a net bad if it's the only choice for millions of people?
*edited for typos
If trends continue, less people will be able to edit anonymously. This trend needs to be reversed so that as many people as possible can edit anonymously.
For example, as was pointed out elsewhere on this discussion, having blocking controls that tend to create a higher bar for people without home internet access means you're discriminating against groups that can only afford a personal mobile device, or only have internet access at a library, or come from a particular national origin, etc.
If you care about anonymous editing, creating underclasses that cannot have it seems an unlikely way to further your mission. It's effectively a form of red-lining.
I don't understand what your email analogy is getting at, so I'm going to leave that alone.
Just to be clear, your response to "disadvantaged people would likely have a hard time editing Wikipedia from an 'anon' IPs" is "take time and energy (finite resources that are in many cases more valuable than money) and travel somewhere to edit". This is...not a very good argument in your favor? Also, it makes the extremely bold assumption that the library (or whatever publicly available resource) is not IP banned itself because some vandal had the exact same thought.
>>I think it's important that there are still sites where people don't need an account to be able to participate.
Why? If this is important, why isn't it important for everyone? The point I, and other commenters have made, is that you shouldn't say "We care about a free and open internet" when what you mean is "We care about a free and open internet as long as nobody does anything we don't like and we're able to regulate it as we see fit".
These things are a binary, not a scale, despite what some people want to argue. When you start blanket bans that harm people who have done nothing wrong, you're taking a step towards authoritarian and away from pure openness. "The needs of the many outweigh the needs of the few" is pointedly saying "we are not prioritizing your needs" and that's what moderation is.
>>Given that you need to prevent abuse, how would you propose to keep things (more) open?
You're admitting defeat here, and showing how useless a word like "free" or "open" is. The site is not more or less open, it's open or closed for some. You being able to freely edit does nothing for my inability to freely edit. You can't average these things together and say "99% of people are free to do what they want" as if that was a meaningful statement for the people who can't. Moderation is antithetical to "free" or "open" speech. I'm for moderation, I just want people to stop pretending that you can have it both ways.
Unfortunately, as with everything, some people do abuse this facility. Some abuse it to place misinformation on wikipedia. Other people (like bored teenagers) might vandalize the wiki by deleting all the content on the page and replacing it with a pithy epithet. Then there are bots that skim the internet looking for mediawiki sites and filling them with adverts.
Sometimes you need to block these kinds of activity. Sometimes such abuse comes from a shared address or range, and sometimes such a block thus leads to (hopefully temporary) blocking of innocent bystanders. That is bad.
There are facilities in place to help prevent innocent bystanders from getting caught up. But it's a constant arms race. And if nothing is done at all, wikipedia would quickly cease to operate.
The community discussion is about this situation. Current internet trends have more people editing from behind proxies or shared IP addresses. If these trends continue, perhaps wikimedia will have to figure out new ways to fight abuse and while still allowing people to continue to edit anonymously. This is not something that has happened or will happen by itself. It takes and will take constant monitoring.
I don't think it's a good idea to then just go ahead abolish anonymous editing like some people suggest. Being anonymous on the internet is a great thing that should be a right. We need to continue to find ways to preserve anonymity (and pseudonymity!), and also continue to find ways to keep bad actors from ruining it for anyone else.
Having anonymous participants is orthogonal to whether your community is moderated by the way. In fact you can even have anonymous moderation (which has been a part of how wikipedia works) .
I just (ironically?) hate crusaders, and the type of people who proclaim (as wikipedia does) that they're Doing Their Best(tm) to adhere to their stated goal(pseudo-anon editing with IP based tracking) while doing something that undercuts that goal for millions (blanket IP bans).
I guess my ultimate complaint is that the continued mercy of the inability of the human mind to correlate all of its contents causes people to do things antithetical to what they say they want. That people refuse to live in nuance and continue to pretend they hold themselves to a higher standard that they frequently do not when pressed with any sort of complication.
I understand we live in a society and in order for it to function there are tradeoffs, and I'm not one of these "free speech has been completely killed by cancel culture" nutjobs, but I hate when people speak out of both sides of their mouth which is what Wikipedia does (IMO) when it comes to their moderation/contributor policy. Abolishing anon editing puts everyone on a level playing field (you want to contribute, you have to sign up).
Am I being Just or just Vindictive? IDK, and I'll admit that's open to interpretation. It just feels more fair to me to throw your hands up and admit that vandals are why we can't have nice things than to say APR users are collectively lesser than AT&T users. One feels defensibly, the other feels like logical contortion.