Wikipedia talk:Open proxies/Archive 1

This page is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.

Seems like a pretty well-balanced article to me. But I oppose the policy. Open proxies should only be blocked if they are already eligible under existing blocking policy due to vandalism. No preemptive blocking. Deco 22:43, 20 January 2006 (UTC)

• Currently, many Wikipedia admins (such as on the project mentioned in the article) do pre-emptively block proxies. Which is why it is important to clarify what the policy actually is. FWIW, I'm all in favor of blocking any open proxy; though in practice I agree with you that efforts should be focused on those proxies which are actually used for vandalism. --EngineerScotty 22:54, 20 January 2006 (UTC)
  • Oppose all you like; pre-emptive blocking of open proxies is a longstanding policy, both for reasons of vandalism and for the problems it poses to attributing edits, which is required for our license. Radiant_>|< 12:16, 21 January 2006 (UTC)
    • Oh. I had no idea. In that case I support with reservations. :-) Deco 05:45, 22 January 2006 (UTC)
• Why is it "required for our licence"? Since Wikipedia is collectively written, and that it accepts unlogged users, what are the differences for this matter betwen an unlogged user and a TOR user? Why are anonymous programs forbidden on Wikipedia, and where has this policy been decided? Has it been voted? If yes, can a new vote be submitted, what is the "policy on policies"? Tazmaniacs
  • It is interesting that such questions do not get answers. Nisanu 15:40, 4 September 2006 (UTC)

It really isn't a good policy; it provides a false sense of security without really attacking the underlying problem. This is typical of hackerish works such as Wikipedia, which will continue to lack credibility in scholarly work or in industry. — Preceding unsigned comment added by 24.61.5.30 (talk • contribs)

This is a very well written piece, but on the other hand the message is already part of Wikipedia:Blocking_policy#Anonymous_and_open_proxies. Might I suggest you take this text and use it to improve that subheading? Dragons flight 02:14, 21 January 2006 (UTC)

• It's already covered there. I've done a redirect. Radiant_>|< 12:16, 21 January 2006 (UTC)

Thanks for pointing out the link to WP:BP--initially, I proposed this because I couldn't find it anywhere. That said, I still think that having this policy as separate may be a good idea.

Why?

• WP:BP is listed on Wikipedia:Policies_and_guidelines, but under the "restricted features" subheading. While ordinary users (like me) can read it, many won't.
• WP:BP contains numerous clauses of the form "if user/IP X performs behavior Y and additional constraints Z are satisfied; then X may blocked for time t"; where Y is some behavior contrary to Wikipedia's rules; and Z usually is appropriate due process or warnings afforded to the user. For most cases, Y corresponds to an official policy on Wikipedia; which is explicitly documented as such. For open proxies, there is no corresponding policy page which clearly sets forth the policy; nothing to directly reference from Wikipedia:Policies and guidelines. In short, WP:BP is a policy describing when admins may/should block users; but it's not as well suited for informing users of what they may and may not do. The equivalent in law would be giving judges sentencing guidelines allowing jail time for offenses which are not prohibited in the statutes. Maybe I'm wearing my "lawyer" hat too tight on this point.
• At any rate, no open proxies is certainly de facto policy; transparency suggests that it be de jure policy as well. If you dig around, you can find snippets of info which document the policy (many of which are summarized in the article). Perhaps this is worrying about minutiae, I don't know.

And not to be rude, Radiant, but I think your move to a redirect was premature--very little discussion has been had on the proposal so far. I'm reverting for now, and adding a few more links--if consensus is to make this a redirect, I'll happily go along. If you revert back (to a redirect) again, I'll leave it alone--but I ask that you allow a bit more discussion to take place first.

--EngineerScotty 18:32, 21 January 2006 (UTC)

Regardless of the decision here; I also recommend that certain other places on Wikipedia: open proxy, Template:blocked proxy, wikipedia:policies and guidelines explicitly state that 1) open proxies are disallowed; and 2) point to whatever location in Wikipedia (here or WP:BP formally documents that matter. --EngineerScotty 18:43, 21 January 2006 (UTC)

• Well sure, if this page is to be more expansive there's no harm in keeping it separate. You can flag it policy, by the way, because of precedent and practice. Radiant_>|< 22:32, 21 January 2006 (UTC)
  • In other words, all the normal procedures (which certainly would apply to a new policy) can be bypassed in this case? --EngineerScotty 06:18, 22 January 2006 (UTC)
    • Well, this is not a new proposal, it is an attempt to codify something that we've done for a long time, and that is frankly already covered in existing policy pages. Radiant_>|< 11:10, 22 January 2006 (UTC)
    • In that case, I'll go ahead and change this from {{proposed}} to {{policy}}. --EngineerScotty 18:27, 22 January 2006 (UTC)

This page violates the foundation issue that anyone may edit. Therefore it cannot ever be policy as far as I am aware.

Kim Bruning 19:25, 22 January 2006 (UTC)

It has been policy and will continue to be as long as Jimbo embraces it [1]. Dragons flight 19:41, 22 January 2006 (UTC)

WP:NOP doesn't violate the rule that "anyone" can edit--anyone (other than banned users) may do so; they just need to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction. In other words, it's a restriction on where people can edit from; not who can edit. Obviously, there will be some individuals out there who, due to their particular circumstances, can only edit through an open proxy--persons in mainland China being one large category. (Note that the Chinese government can and does block access to open proxies outside the Great Firewall of China--as use of such proxies can be used to circumvent bans on what Beijing considers seditions content).

One thing that might be a good idea (and may be done, though I'm unaware of it, and it isn't "policy" as of today), is to allow logged-in users (or a subset thereof, screened for sockpuppets, vandals, banned users, and such) to edit from open proxies. Logging in--assuming a secure password--answers the security questions around open proxies. But that would be a new policy (or a policy change), rather than documentation of what already stands. --EngineerScotty 19:51, 22 January 2006 (UTC)

I've discussed this with some developers on IRC now. I understand it's a delicate balancing act. I am somewhat saddened that this is now policy. :-( Kim Bruning 20:22, 22 January 2006 (UTC)

Again, it's been policy for quite some time. The creation of this page did not create a new policy; it just documented and set forth a policy that already existed. In other words, nothing has changed here. --EngineerScotty 20:50, 22 January 2006 (UTC)

It actually doesn't violate that foundation issue. Anyone can edit. It just means you can't edit over an open proxy. Stevage 21:14, 23 January 2006 (UTC)

• Some people are more "anyone" than others. Radiant_>|< 15:24, 24 January 2006 (UTC)

Yep. Any simple statement like "...anyone can edit" is obviously going to have exceptions and can't be taken literally at face value. Funny that no one has ever objected to the fact that a starving African or a person in a coma can't edit Wikipedia. Stevage 18:28, 24 January 2006 (UTC)

That's a little facetious. "Anyone can edit" plainly implies that anyone with access to the Web can edit Wikipedia - which isn't the case if open proxies are blocked, given that such proxies may be a person's only means of gaining Internet access. 217.34.39.123 15:21, 7 February 2007 (UTC)

"WP:NOP does not violate the rule that 'anyone' can edit - anyone... may do so; they just neede to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction." I understand that this policy has been enforced because of a "security risk". Can this "risk" be explained? Is there any vote concerning this (or other) policy? 212.112.231.83 18:18, 9 April 2006 (UTC)

Just curious - about how many open proxies are there out in the wild? And about how much of them have been blocked? --Ixfd64 08:34, 27 February 2006 (UTC)

I can't see why even a registered user (say, registered months, or even years ago, and contributed hundreds of times already) are still being blocked, just because the IP was a shared one. I acknowledge that it is necessary to do that due to vandalism issue, but please re-re-re-consider the registered users. A serious user should be unblocked regardless of which IP s/he uses. Thank you very much. --Hello World! 02:56, 9 March 2006 (UTC)

Registered users are regularly unblocked when they're affected by such a block. There's a feature request for the ability to block IPs without affecting registered users, but that's currently not possible. // Pathoschild (_admin / ^talk) 03:18, 9 March 2006 (UTC)

Has there been any progress implementing this "feature request for the ability to block IPs without affecting registered users"? I am regularly blocked (while logged in) when using Tor. Kenta2 23:31, 24 March 2007 (UTC)

I think that if Wikipedia established a policy of "trusted" logins, it would help with this problem. I would naturally assume that anonymous edits from open proxies wouldn't be allowed, but what if users who registered jumped through some extra hoops to ensure that they were legitamate? If we created a system where the normal, unauthenticated person on an open proxy can't make edits, but those who create an account with some extra hoops to jump through would be allowed. They would be trusted users on the system, and their edits would be trackable, yet their actual location can be from anywhere. Such a system could be implemented here, so that if a certain user connected through, or contributed from, an exit node or open proxy, as long as they authenticated, there would be something to track if something went wrong, while still protecting that person's right to privacy. :: Silivrenion 21:09, 22 August 2006 (UTC)

The policy states that open or anonymous proxies are currently not allowed to edit. That "or" seems a bit confusing. Are there proxies that are anonymous but not open? If these [hypothetical] ‘restricted anonymous proxies’ do exist, is it allowed to use them for editing? How can someone identify such a proxy? Dart evader 10:51, 5 April 2006 (UTC)

An open proxy in one which is vulnerable to exploitation, usually by accident. An anonymising proxy is one which hides the identity of the user, but it may be a closed service; anonymising proxies aren't necessarily open. These are more difficult to find, since they aren't flagged by any scans, but they are often advertised or can be detected indirectly. // [admin] Pathoschild (^talk/_map) 17:30, 4 September 2006 (UTC)

Can someone explain to me why the following IP's were indefinitely blocked as open proxies:

• 62.171.194.4 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.12 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.44 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)

While similar IPs from the same range, also repositories for petty vandalism, were labelled school IPs and given mostly short-term blocks:

• 62.171.194.5 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.6 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.7 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.8 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.9 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.10 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.11 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.13 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.36 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.37 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.38 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.39 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.40 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.41 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.42 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.43 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
• 62.171.194.45 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)

I'm currently trying to draft a template to put on all these IPs, and I need to know if I can use the No Open Proxies policy as justification for an indefinite block of the whole range. If these are not Open Proxies, then none of them should be blocked under this policy. If you have a better suggestion for how to stop vandalism from these IPs, please contribute to the discussion at: Wikipedia:Abuse reports#New Alerts#Internet for Learning--woggly 06:59, 15 May 2006 (UTC)

These are suspected zombie computers because they were used by a malicious zombie proxy bot. A few are blocked due to vandalism, but the others should not be since there's only circumstantial evidence that they're vulnerable. // [admin] Pathoschild (^talk/_map) 17:41, 4 September 2006 (UTC)

This policy of no open proxies seems to be one of the most contradictory policies which exists on this project, and as such this policy should be revoked. My reasoning is set out below:

• It contradicts the foundation issue[2] of the "ability of anyone to edit articles without registering"
• It clearly hinders some contributors particularly those from the People's Republic of China and probably prevents some from contributing at all
• It contradicts the policy of "Assume Good Faith"
• It adopts the policy of " Assume Bad Faith"
• It gives the administrators the power to block a wide range of IP addresses when there is no proof of vandalism as set out in the policy. This also makes a nonsense of the principle that all users should act as administrators (wikipedia:administrators).

I look forward to your comments Fornost 21:15, 6 August 2006 (UTC)

This page is Foundation policy, not a local policy, so it override any local policy such as Wikipedia:Vandalism. It does not prevent anyone from editing Wikipedia; users in censoring countries are free to use private, closed proxies or other bypassing or tunneling methods. It makes no good-faith or bad-faith assumption, but merely prohibits a particular method. Imagine a real-world policy that prohibits the use of armoured tanks for civilian transportation. This does not in any way impact anyone's right to travel, since they're free any of a large number of other vehicles. // [admin] Pathoschild (^talk/_map) 17:27, 4 September 2006 (UTC)

Imagine a fictional world policy where it's forbidden not to smile into every CCTV and where you might or might not get a job as a teacher, be allowed to travel into other countries or even spend the rest of your life in prison depending on your political opinion. This does not in any way impact anyone's right to say his opinion, since they're free to say what they want.--Rubik's Cube 01:32, 8 January 2007 (UTC)

Agreed. And agreed with the underlying point, too. -- Thesocialistesq/M.lesocialiste 04:59, 24 July 2007 (UTC)

Why are users who have editing histories and are not new also being blocked from using proxies? It seems to me that if someone wishes to use tor or such and they are willing to log in they should be allowed to. This helps contribute to free speech. Why must wikipedia have my real IP on file? Nisanu 15:39, 4 September 2006 (UTC)

Each registered user's IP address is stored temporarily so that administrators can deal with abuse. A registered user's IP address can only be determined by a very small number of carefully selected users, and is automatically purged from the database after a set interval of under a few weeks. Allowing users to create accounts from open proxies goes against the spirit of the prohibition against open proxies, since it undermines that safeguard against abuse.

Recent changes to the software allow administrators to block an open proxy and disallow new account creation, while leaving existing accounts unblocked; whether to do so or not is a matter of individual opinion. If you wish to safeguard your IP address, you are free to use a personal, closed proxy. // [admin] Pathoschild (^talk/_map) 17:03, 4 September 2006 (UTC)

What I fail to understand is if I am a user with a history, why am I not allowed to use a proxy? I have already signed up without using a proxy. So wha tis the big deal with it? A legitimate reason to use a proxy that encrypts such as TOR is to prevent eavesdropping by an ISP or intermediary. It is not necessarily to hide from Wikipedia staff. You see the connection between the local computer and the remote proxy is encrypted. Another reason might be to help prevent against broad survalience whereby an entity does something such as "poll up a list of all people who accessed page X within the last year". I hold that user who has a helpful established history with wikipedia should not be prevented from using a proxy. If you do have problems with them, then you can suspend their account and they would no longer be able to use the proxy to edit. Using an open proxy should not be seen as abuse. Nor should it be construed to undermine safeguards when in reality it does no such thing. Nisanu 21:06, 7 December 2006 (UTC)

The problem is establishing whether a user has a legitimate history. It may be fine to allow you or any number of legitimate users in, but allowing registered users means that anyone who has merely registered an account is able to edit through these. This poses a problem with aged socks, etc., and it would only take one intelligent vandal to require that the open proxies be fully blocked to prevent it. —Centrx→talk • 22:36, 29 December 2006 (UTC)

Please see [3]. Should such servers be blocked? JoshuaZ 02:49, 8 September 2006 (UTC)

The discussion mentioned is now here. No, such servers should not be blocked, and yes, the issue needs to be addressed. Urgently. TheMadBaron 16:34, 5 November 2006 (UTC)

Same banned users and others that have "left" the project, are now using Tor (http://tor.eff.org/) . What can be done? ≈ jossi ≈ t • @ 04:09, 14 September 2006 (UTC)

There are many legitimate uses for open proxies. One notable example is China and its Great Firewall. With over a fifth of the world's population unable to edit Wikipedia via normal methods, this policy discriminates against a large percentage of the world's population. Secure.wikimedia.org does not offer as good privacy protection as, say, TOR for example. This is a problem, for users in China and elsewhere, who are worried about being persecuted for their edits. According to Wikipedia:Block#Personal_attacks_that_place_users_in_danger, "Blocks may be imposed where threats have been made or actions performed (including actions outside the Wikipedia site) that expose Wikipedia editors to political, religious, or other persecution by government, their employer, or anyone else." This policy is exposing Wikipedia editors to such prosecution. (And no, I'm not suggesting blocking anyone for following this policy, I'm suggesting changing the policy.) Not only users in China, but users in all governments that have restrictive laws (inclusive) or enforcement, as well as non-governments that monitor internet usage, for whatever reason. Yes, vandals and blocked users may use proxies too, but is the perfect state of Wikpedia's articles more important that people's lives and well-being?

If you think that editors who have such concerns simply shouldn't edit, isn't that against the spirit of the Foundation policy that anyone may edit? And doesn't it encourage systemic bias by discouraging editors from China and other places with restrictive goverments from editing, and discouraging the editing of controversial topics?

To make it absolutely clear, I strongly oppose this policy. I would support soft-blocking proxies such that anon IPs could not edit, but registered users could.

— Armedblowfish (talk|mail) 01:07, 21 October 2006 (UTC)

I have asked the same question at Wikipedia talk:WikiProject on open proxies. What is the reason for indefinitely blocking? These IPs are going to change at some point, and someone is going to have to take the time to unblock them all. Why not block for 1 year or 3 years? —Centrx→talk • 02:23, 21 October 2006 (UTC)

The wording and the default block length for the proxy template have since been changed. —Centrx→talk • 01:03, 25 May 2007 (UTC)

I strongly oppose the use of this policy to block positive contributions from established, registered users. Two of the biggest ISPs in Thailand, True internet and CS Loxinfo, have been blocked under this policy. I have to wonder what "open proxy" is supposed to suggest in this context.... these are paid services; I very much doubt that trying to use IPs such as 203.144.144.164 (True) and 203.146.247.78 (CS Loxinfo) through a proxy client would get anyone very far....

CS Loxinfo is Thailand's Biggest Internet Service Provider. It is operated by Shin Satellite, which holds a monopoly on satellite operation in the Kingdom of Thailand. I can't imagine that blocking such services is what this policy was intended to achieve.

The indiscriminate application of this policy has now made it extremely difficult for me to edit Wikipedia, and I presume that other Thailand based users must be having similar problems. I will persevere, for now, with other ISPs, in the full expectation that these, too, will eventually be blocked as "open proxies". Of course, if every ISP I can possibly use is going to be systematically blocked, I will eventually be obliged to take an extended wikibreak.... along with thousands of other users in the Kingdom... until the application of this policy is reconsidered. TheMadBaron 06:19, 5 November 2006 (UTC)

There is no need to block any open proxies. Instead of this You can maintain automagically (not, as now, manually) generated list of ip addresses that are most frequently used to vandalize Wikipedia. Let Wikipedians that are somehow more trusted (for example having at least x edits) report vandalisms from ips in a format that can be easily understood by Wikipedia computers. Those computers would count cases of vandalism and in situations when number of edits from some address that are vandalisms would in some period of time be greater than some value (let it be 1/month) they would put this address on a list of restricted (not blocked) addresses.

Not logged users making edit to some Wikipedia article from those restricted addresses would everytime have to first pass defenses set by Wikipedia (for example they would have to write in a form a long sequence of random letters that they would see on an image). If, despite of those measures, number of vandalisms in edits from some address would increase, defenses would be automagically toughen (the number of random letters to write in would be increased), and, inversely, when number of vandalisms in edits from some adress would decrease, defenses would be relaxed and the number of letters to write would be decreased (to 0, when number of vandalisms would drop below 1/month).

Simply speaking: it would give to users of all open proxies ability to edit Wikipedia, and Wikipedia ability to keep number of vandalisms made using open proxies on low level, with much less manual work.

Lukasz 2 February 2007

This policy effectively bans users from China. I've previously used Tor to circumvent the block, but it stopped to work after I updated Firefox to version 2.0. I think it's because the Switchproxy plug-in for Firefox doesn't work. Even Tor was not a good solution, because for most users it's too difficult to install. Anyway, I've not been able to access articles since then without using an open proxy. The alternative access to Wikipedia explained somewhere else ( https://secure.wikimedia.org/wikipedia/en/wiki) also doesn't work any more. I strongly oppose the ban, and I'm forced to breach it to even make this statement. —Babelfisch 03:33, 9 February 2007 (UTC)

There is no way to not have this ban. If open proxies were allowed, they would be repeatedly and endlessly used by vandals—and therefore blocked just as they are now. The only difference is that with this policy they are blocked before the vandalism. —Centrx→talk • 03:32, 16 February 2007 (UTC)

Correction: They are blocked whether there is vandalism or not. I also strongly oppose this policy. The number of good faith editors that are hit hard by it is too large to call it accidental any more. - Andre Engels 12:26, 19 February 2007 (UTC)

"There is no way not to have this ban"? There is no way not to exclude one fifth of the world population from Wikipedia? There is no way not to exclude a community of Internet users larger than in the United States? (On the number of Internet users in China, see Natalie Pace, China Surpasses U.S. In Internet Use, Forbes 2006; 100 million go online in China, BBC 2005)

There must be a way! Pre-emptively blocking such a large number of users is totally out of proportion. This policy exacerbates the systemic bias of Wikipedia. —Babelfisch 03:44, 25 February 2007 (UTC)

Use TCPioneer to access the WP without changing the IP address. IntegerSequences (talk | contribs) 01:09, 22 December 2022 (UTC)

I agree with Babelfisch and Andre Engels that this is a huge problem. You are probably blocking more good faith editors than vandals with this policy. Note that these good faith editors even might have helped you vandal-hunting.--Grace E. Dougle 12:08, 25 February 2007 (UTC)

Because it only takes one vandal to make use of thousands of proxies to cause havoc, it makes no difference how many persons are affected by the block. Welcome to the technology age: one person has through technology more power than 100 million Chinamen manually reverting vandalism. —Centrx→talk • 19:02, 25 February 2007 (UTC)

Centrx, your racist slur is not appreciated. —Babelfisch 05:41, 22 March 2007 (UTC)

Huh? —Centrx→talk • 03:27, 31 March 2007 (UTC)

I've modified the word, since he indicates he didn't know it was offensive. Dmcdevit·t 06:30, 31 March 2007 (UTC)

How can you "modify" another user's contribution in the middle of a discussion? If he "doesn't know" that "Chinamen" is an offensive term, why "help" him by replacing "Chinamen" by "Chinese people"? This is ridiculous. —Babelfisch 07:47, 2 April 2007 (UTC)

As there seems to be no willingness to solve this problem on this discussion page, I've also started a discussion here: Wikipedia talk:Blocking policy#Softblock for Tor proxies —Babelfisch 07:29, 3 April 2007 (UTC)

Could we create a second proxy open talk page or open the talk pages for proxies? This would allow many more user's to contribute (sourced information can be presented on the talk page and than inserted by users who can edit the article). Talk page's didn't seem to be sexy enough for most vandals, so I presume the chances of an increased misuse are comparably low. Wandalstouring 18:58, 25 February 2007 (UTC)

That becomes useless once it is used by vandalbots. —Centrx→talk • 18:59, 25 February 2007 (UTC)

And you can't use vandalbots on wikipedia without proxies? Besides if we use a seperate page it is quite simple to require a registration for edits. Wandalstouring 11:38, 26 February 2007 (UTC)

If you use vandalbots without proxies, the IP address or even range which it uses is blocked. If you use them with open proxies, there are thousands upon thousands of IP addresses of all designation which can be used endlessly, unless open proxies are blocked. —Centrx→talk • 17:22, 3 March 2007 (UTC)

I can see some potential value, although I'm not sure how much demand there would be. There are already many, many articles with no talk page activity so I'm not sure that adding a second talk page would gain much, particulalry since it would need the good graces of another user to transfer material across.

I'm not sure how it could be achieved, but I'm sure it could be worked into the mediawiki software.

ALR 20:37, 2 March 2007 (UTC)

In other contexts, "banned" means that all such edits may be reverted on sight, regardless of 3RR. Can it be clarified that this does or does not mean that here? It's being argued elsewhere that it does (and, that, incidentally, if someone you edit war with later turns out to be an open proxy, your 3RR block can be overturned, even if you weren't "reverting open proxy edits" at the time): WP:ANI#Another section break --Random832 12:04, 14 May 2007 (UTC) I've made an edit suggesting an alternate wording. "Banned" is a term that has a specific meaning here and should not be used. --Random832 12:07, 14 May 2007 (UTC)

In the other usage, the person is banned. Here, the service or the IP address when an open proxy is banned. —Centrx→talk • 19:18, 18 May 2007 (UTC)

Is it or is it not "banned" in the sense of allowing unlimited reverts to any edit made via an open proxy (no matter how productive the edit might otherwise be)? I'm not being hypothetical; this wording _has_ been used to make that claim. --Random832 23:57, 15 June 2007 (UTC)

What next? Should we block all muslim users because they may vandalise certain pages? Should we block American IP addresses because they may vandalise and misspell words? Or how about blocking all Nigerian addresses as they could be used in scams and user page spam? This policy is stupid. The vast majority of vandalism I've detected on Wikibooks and Wikipedia comes from closed IP addresses and usernames. How much time is being wasted on this policy? As an administrator on Wikibooks I refuse to take any part in this joke policy. Xanucia 11:58, 3 June 2007 (UTC)

This policy affects no one who is not otherwise able to access the Internet. If you block these ethnic IP address that you have peculiarly chosen, you have blocked the person's primary and only IP address; if you block an open proxy, the person is free to use their primary Internet access. On the other hand, if you do not uniformly block these ethnic IP addresses, and a person using one vandalizes, the vandalism can be effectively stopped by blocking the ethnic IP address; but if you do not uniformly block open proxies, and a person using one vandalizes, they are perfectly capable of moving on to another open proxy, and another and another if you block them, leaving you to play Whac-A-Mole until all the open proxies are blocked anyway, thus resulting in the same result you tried to avoid by not blocking open proxies, but with a battle-field of vandalism in your wake. How much time would be wasted on reverting untraceable, unpreventable vandal bots if open proxies were not blocked? You consider it a joke because you do not understand it and have chosen a very poor analogy to try to make sense of it. —Centrx→talk • 21:38, 3 June 2007 (UTC)

Blocking all americuans seems reasonable to me : ) But here is my side of the issue we have this person A who goes to the library to find info about Eric lafleur and all he finds is a page that has been blanked and has a huge sign IS A COCK SUCKER now this person A has been through this before all he needs to do is to go to the history and reverse it, But then we have the person B who goes on the school computer goes to wikipedia and starts to vandalise wikipedia as fast as he can and replaces Eric laFleur with IS A COCK SUCKER now here we have a paradox(I think this is one please make the wiktionary explanation more understandable) If the person a in the library is blocked he cant reverse person B! But if you admins or who ever decides it decide to actually do activate this policy please dont make the same stupid mistake as they did on the finnish wikipedia that they blocked the talk ability also. Also dont bann libraries or net café's c'uzz I dont think anyone would go through the trouble of paying or reserving a computer just to go to wikip. and vandalise! O_z do you? Peacekeeper II 00:09, 10 June 2007 (UTC)

Oh and BTW theres more trouble in vandalising than blocking and reversing! O_0 Peacekeeper II 00:13, 10 June 2007 (UTC)

I do not intend this to be a decree or anything overriding policy. This is merely a statement.

I think this policy is currently overbroad, in that it does not appear to take proper recognition of the incredible good we can do by working within reason to allow and encourage people who have special circumstances to be able to edit using anonymizing tools such as Tor. As I am told, we have recently switched from soft blocking Tor exit nodes (something I approve of, due to the incredible firehose of vandalism they can be otherwise) to hard blocking Tor exit nodes (something I do not approve of, since this totally forbids Tor users from editing Wikipedia at all, rather than merely imposing a 4 day waiting period on them).

I would like this policy to be (thoughtfully, slowly, and with due consideration for all valid viewpoints) revised a bit to include a stronger acknowledgment that editing via open proxies can be a valid thing to do.--Jimbo Wales 03:38, 4 June 2007 (UTC)

There is nothing that says editing from an open proxy is 'bad'. The ban is a technical matter, not like a ban of an individual user, though practically the only people who are ever noticed to be using open proxies are sockpuppets of banned users—others that happen to find and use open proxies do so without harassment. —Centrx→talk • 07:23, 4 June 2007 (UTC)

I do not know if I have changed my mind from this time. But I don't think so. I still support generally blocking anonymous proxies, but I support using soft blocks rather than hard blocks.--Jimbo Wales 03:41, 4 June 2007 (UTC)

I'm going to have to agree with this. I think our blanket "cannot use open proxies" policy is inherently a bad thing, at least in regards to Tor. While I will admit a good many vandals do use Tor, we also have a good many users (including all of China) who are unable to edit just because we said "sorry, we choose to not let you contribute." I think we're better off letting Tor be open and deal with vandalism/sockpuppetry as it comes along, rather than making an at-large ban and shutting out potentially constructive members of our community. ^demon^{[omg plz]} 03:57, 4 June 2007 (UTC)

This is something I will have to agree with also. Soft blocking allows us to attribute edits ot a single username (hopefully), and the editor can be accountable for that, while allow us to effectively keep the shared stuff out. I think this is a good meeting in the middle. Some folk do have valid reason to be using a proxy, lets allow this type of editing, with a registered account. Navou 04:07, 4 June 2007 (UTC)

Does anyone have examples of when it would be a good thing to edit from open proxies, other than the examples that are always mentioned (living in China, certain other countries)? SlimVirgin ^(talk) 04:54, 4 June 2007 (UTC)

Slim, sure, see User:Armedblowfish, a member of WP:MEDCOM who is blocked due to his hosting of a tor exit node. —— Eagle101^{Need help?} 08:41, 4 June 2007 (UTC)

Presumably he can stop hosting the tor exit node, but it would not be a problem to soft-block only this one particular IP address, unless of course a vandal discovers the "tor node that can never be banned". —Centrx→talk • 18:38, 4 June 2007 (UTC)

Contributing facts that could be seen as disturbing to employers, police, politicians, family, or friends in regions where Wikipedia is blocked is almost certainly more risky than doing the same in regions where it isn't. Starcare 19:40, 4 June 2007 (UTC)

That "hopefully" is not insignificant. It is trivial for someone to create a bunch of sockpuppets on a non-blocked IP and then bounce around on open proxies that are unaffected by autoblocks—in fact, they can set a bot to do it while they go to the beach. Soft-blocking does not force edits to be attributed to a single username. The people who use open proxies maliciously or to circumvent a block are the same people who will create a bunch of sockpuppets. They do the same thing without open proxies, but when checkusered they are easily identifiable as the original banned user and they are held up by autoblocks such that, even if they happen to have a dynamic IP address that is re-assigned on-demand it requires disconnecting from and reconnecting to the ISP, and which IP addresses are nevertheless usually contiguously range-blockable rather than scattered across the whole IP address space, and the person is ultimately if necessary correctable through the ISP. —Centrx→talk • 07:23, 4 June 2007 (UTC)

I could support the reverse of a soft block for Tor proxies, that is: disallow editing from logged-in users through open proxies. Tor proxies are already anonymized: there's no need to anonymize them further by allowing multiple-ID sockpuppetry through them. At least a user under a Tor IP makes it clear that he or she is using a proxy. Here's another idea in the same direction: edits that come from Tor notes should be clearly marked to non-checkusers as potentially suspect; that would allow people to use Tor to circumvent local government censorship, but still give us a chance to prevent large scale abuse. Kusma (talk) 08:50, 4 June 2007 (UTC)

Nothing in the software would allow these things at present, however, it might be reasonable to require that people editing through Tor make this known by a user category. That would make it pretty easy for non-checkusers to watch them. It might tread a little too close to WP:AGF, then again, maybe not. ··coelacan 23:38, 4 June 2007 (UTC)

A voluntary solution basically means we ask people nicely to declare all their sockpuppets. That is known not to work with abusive sockpuppeteers. AGF is not a suicide pact. If we do want to allow editing through open proxies, we need a technical way to flag them and think about the consequences this will have on policies such as the 3RR that become almost unenforceable. Kusma (talk) 05:39, 5 June 2007 (UTC)

I wasn't necessarily suggesting a voluntary solution. If it is important to keep track of who's using open proxies (and I'm not commenting on that importance one way or another), then we can have a clause that says "If you are using an open proxy, you must put your user page in this category or you will be blocked." We already do not have a technical means for dealing with open proxies automatically, and there are a great many of them that are unblocked. Anyone suspected of sockpuppeting can be put under CheckUser, as is the current system; if they are found to be using open proxies undeclared, that would be a violation. I'm not endorsing this, I'm offering it; if the community wants it I wouldn't oppose it. ··coelacan 06:16, 5 June 2007 (UTC)

• Jimbo, if you can provide some data showing that anything other than a minuscule percentage of Tor use is something other than vandalism, you'll have a chance of changing the minds of the checkuser operators who deal with this issue on a daily basis. Anonymity is bad enough; but there's a difference between freedom and license, and open proxies are license to abuse. --jpgordon^∇∆∇∆ 13:54, 4 June 2007 (UTC)

"Anonymity is bad enough"?!? I am still astonished, after all the statistics comparing the contributions of anonymous contributors to their vandalism, that this attitude still exists. If that is how you really feel, why don't you work on Sanger's project instead? Starcare 19:36, 4 June 2007 (UTC)

Where can I find these statistics? The conventional wisdom as far as I can tell is that 90% of IP edits are vandalism. —Centrx→talk • 04:21, 5 June 2007 (UTC)

People get this bit of "conventionally wisdom" WP:PERENNIALly wrong because, even though 97% of vandalism comes from anonymous users, somewhere around 76% and 82% of anonymous edits are intended to improve the encyclopedia. It has not escaped my attention that the most recent statistical studies have set out to measure the former while ignoring the latter statistic. I find that very disappointing. Starcare 09:28, 5 June 2007 (UTC)

Now, I know that there is currently no technical means of 'whitelisting' users on en for using open proxies short of making them administrators (which is hardly a solution.) However, ignoring technical constraints, can anyone think of a reason why, at a bare minimum, individual users should not be able to make an appeal to an administrator to be exempt from NOP? The only case when I can see such a situation being advantageous to a user with a single registered, exempted account is when they're subject to a checkuser; and, in that case, the use of an open proxy would be enough to confirm any suspicions that lead to a checkuser in any case... a user who requests permission to use an open proxy for the purpose of sockpuppetry and vandalism would be shooting themselves in the foot by attracting extra attention. --Aquillion 03:09, 5 June 2007 (UTC)

• I'd be curious to hear any arguments against such a tech fix. --jpgordon^∇∆∇∆ 03:37, 5 June 2007 (UTC)

• We treat fixed IPs differently in some circumstances, but open proxies are the polar opposite. If we whitelisted open proxies I'd suggest that we make it time-limited, with a presumption of short periods. So if a known user needs to use an IP that's been identified as an open proxy then they could get it for a day. I don't think we should leave the IPs whitelisted for long unless of course they're no longer open proxies. ·:·Will Beback ·:· 07:16, 5 June 2007 (UTC)

  Oh, I don't think this is what is meant by the proposal. As I understand Aquillon's proposal, there would not be a whitelisting of IPs, but a whitelisting of certain users to use open proxies. Other users from the same IP would not get the same consideration. In the case of Tor, for instance, a user cannot predict or choose what their IP will be, and the IP will automatically and randomly change on intervals between ~2 and ~30 minutes. I understand it would be technically possible to hack the Tor client and force it to use a particular exit node, but programming is far beyond the expertise of almost every user, and I am pretty sure that the default Tor client does not offer such a function, not even optionally. ··coelacan 10:25, 5 June 2007 (UTC)

• Allowing a whitelist for certain types of blocks sounds like a possible idea. Still, it remains unclear how we can protect the privacy of people who want to be on the whitelist and prevent abuse at the same time. It is not so difficult for people with existing accounts that want to start editing through an open proxy. But how should editors from China apply to become whitelisted, and how do we ensure we don't whitelist a dozen accounts for the same new user? Kusma (talk) 10:59, 5 June 2007 (UTC)

I note above that nearly the entire country of Thailand was blocked from editing after just two blocks of ISPs. I submit that this policy, as it exists today, is firstly flawed in fundamental ways without hope of repair as can be seen from the definition of the words used in the policy, and secondly, not in accordance with any of the edicts of Jimbo Wales unless those edicts are themselves self-contradictory. Folks, we are running out of IPv4 space, and IPv6 hasn't been catching on. Given the nature of WHOIS and similar information, and popular, widespread, and increasing use of network address translation (NAT), this policy has and will continue to result in the banning of public WiFi and OPAC terminals, entire mobile telephone companies, entire ISPs, and huge regions. The accuracy of this method is likely to decrease.

We must ask: Is this policy worth preventing editing from public terminals, such as may be found in libraries? --James S. → talk 15:31, 6 June 2007 (UTC)

NATs do not show up as open proxies on port scans or on proxy and spam blacklists. Thailand IPs, public WiFi, and libraries are blocked, if and when they are indeed blocked, because of repeated vandalism, not as open proxies. —Centrx→talk • 17:42, 6 June 2007 (UTC)

I know for a fact that public WiFi networks have been blocked as open proxies. Where is the procedure for deciding whether an address is an open proxy? 75.35.110.164 01:00, 7 June 2007 (UTC)

Which? Please let us know. --jpgordon^∇∆∇∆ 01:45, 7 June 2007 (UTC)

That was some time ago. I will test it and tell you if it's still blocked. Is there are procedure, or do people just wing it? --James S. → talk 02:24, 7 June 2007 (UTC)

The distinction is quite simple: an open proxy allows anyone from "outside" its network to edit Wikipedia from its IP address; a NAT without any open proxy would only allow people from "inside" its network to do it. Of course, most times a NAT is blocked as an open proxy happen because one of the machines behind it is an open proxy, making the NAT external IP address the one used to edit Wikipedia. --cesarb 01:59, 7 June 2007 (UTC)

Does anyone believe that the accuracy of this method will increase? --James S. → talk 02:25, 7 June 2007 (UTC)

What do you mean? This is a problem with any blocking. If someone behind a NAT is vandalizing repeatedly, the NAT would be blocked and you have the same collateral damage. IPs that repeatedly vandalize are blocked for long periods of time too. This has nothing to do with open proxies. —Centrx→talk • 18:46, 7 June 2007 (UTC)

Is there a list of "well-known Tor nodes" somewhere? How would someone know that a series of edits by several different IPs were all from Tor? If they are "well known", and are prohibited from editing, why are they not permanently blocked?

Also, if

1. A regular user makes a bad edit
2. Bad edit is reverted by a Tor node
3. Regular user reverts Tor node

Does that mean it is automatically against policy to revert back to the Tor node's version and we should keep the bad edit forever?

See User talk:Omegatron#Reverting my revert of a Tor exit node for a claim that this "is how it works" and that there are no exceptions. — Omegatron 19:45, 9 June 2007 (UTC)

There are lists of Tor nodes, I even gave you a link on your talk page nine days ago. Failing that you can just do a Google for the IP address, usually it will have been spotted on other Wiki projects in different languages. The Tor IPs change fairly rapidly, although it's possible to automatically block IPs from editing based on the well known Tor lists this isn't done here for some reason. Fnagaton 01:37, 10 June 2007 (UTC)

No, you're looking at it incorrectly because the Tor node edit is irrelevent since reverting a Tor node edit doesn't count towards 3RR and if the user's initial edit is bad then the subsequent revert (of the Tor node revert) will get reverted by an editor that isn't hiding behind a Tor node. The example you gave above is not the same as the situation involving your edit which you linked below. Fnagaton 01:37, 10 June 2007 (UTC)

In that situation ( User talk:Omegatron#Reverting my revert of a Tor exit node ) you used your revert to put back your own text that had already been reverted. You did two wrong things there 1) putting back text that had been changed by a Tor exit node and 2) edit warring by putting back your text that had already been reverted. Lets not forget your change was reverted by three different editors and was also noted for being of questionable behaviour. The Tor node edit can be reverted regardless of merit, so it is irrelevant that you think the Tor exit node made a "good edit" by putting your text back. A Tor node edit that just happens to put your text back would also tend to look like sock puppetry. Fnagaton 01:37, 10 June 2007 (UTC)

Tor nodes are most easily checked using ippages.com. Open proxies of other kinds are not identified there. I do not presently know of a comprehensive list of tor nodes, but you are welcome to try finding one and using it to block them all. Do note though that tor nodes are the open proxies that are most likely to change.

If a tor node reverts some vandalism then it is pointless to revert back to the vandalism on a point of procedure. If by "bad edit" you instead mean a change of content with which you disagree, then you should not edit war on behalf of a presumably banned user. —Centrx→talk • 00:34, 13 June 2007 (UTC)

The claim that was made is that reverting to a Tor user's version is automatically against policy. This is clearly wrong. If I revert to a previous version of an article, regardless of who originally created it, I am taking responsibility for that edit being the current version. — Omegatron 01:05, 13 June 2007 (UTC)

You are again missing the point that you were replacing your own text that had been reverted, not someone elses text. I correctly removed the text because it was added by a Tor proxy. So either you accept you are edit warring or if you claim ownership for replacing the text from the reverted anonymous proxy you accept you were the one using an open proxy to replace the text. Either way, your edit is wrong in the example I gave. Fnagaton 01:39, 17 June 2007 (UTC)

There is a comprehensive list of tor nodes at http://moria.csail.mit.edu:9031/ (the same list can be found at the other two directory servers; it's very up to date, and AFAIK all tor outproxies should be in it, since it's what Tor itself uses). We are only concerned about the nodes which are outproxies (aka "exit nodes") and which allow access to Wikipedia; so check the accept and reject lines before blocking (in particular, nodes which only have reject *:* are not outproxies and should not be blocked just for being in the directory). --cesarb 23:55, 15 June 2007 (UTC)

Wikipedia prohibits open proxies due to the frequent abuse. On the other hand, users within PR China are censored and must use a means (like Tor) to bypass the great Firewall. If they are users with good intentions, how exactly can they get by that rule? I currently get the impression that many users consider NOP to be something that must be observed at all times, and frown upon the usage of Tor nodes no matter what.--Kylohk 15:57, 16 June 2007 (UTC)

OK, it looks like the community is somewhat split on whether TOR should be permitted. Checkusers with experience of dealing with open proxies have highlighted areas of particular concern concerning sockpuppetry. What I'd like to see is if there's some way we could come to a satisfactory compromise which permits registered users to edit through TOR without the myriad of other problems, primarily sockpuppetry. My preference would be to see TOR nodes automatically softblocked (this is, preventing editing without an account (anonymous editing) and disabling account creation) blocked through the use of a dreaded admin bot on a daily basis. Former TOR nodes would be unblocked at the same time. It's clear checkusers believe that undetected open proxies are being used to create multiple accounts, so I would also propose a limit of 1 account registration per IP address per day. This difficulty in building up a sockpuppet "army" should help in dissuading mailicious editors from engaging in sockpuppetry as it would take a long period of time to build up a large sockpuppet army. TOR users unable to register an account would be required to e-mail unblock-en-l and have an account setup as is normal process at present for those on softblocked IP addresses. Unblock-en-l members should be permitted and encouraged to share information from e-mail headers with the checkusers here in the event of suspected abuse of an account. Nick 16:27, 16 June 2007 (UTC)

I definitely support this. Tackling an editor who uses Tor is not fun. :( Fnagaton 01:40, 17 June 2007 (UTC)

The part about using a bot to block TOR nodes seems oddly familiar. I certainly hope the community is less worried about a bot rising up against the admins and taking over than they were last year. We should see if Tawker is still interested in running such a bot, TOR blocking is monkey work. --Michael Billington (talk) 08:30, 17 June 2007 (UTC)

It wouldn't have to be a bot; in fact, it would be better to implement this as a MediaWiki extension. We could base the code on Torstatus, though as far as I can tell even that's in fact little more than a fairly thin wrapper around the directory features of the TOR client itself. —Ilmari Karonen (talk) 16:01, 19 June 2007 (UTC)

A softblocked tor node is equivalent to an unblocked tor node for the purposes of a vandal. —Centrx→talk • 17:42, 17 June 2007 (UTC)

• I wonder if it would be useful to expire accounts that have been created but never used; a lot of the time, what we find when we CU is Tor IPs with lots of sleeper accounts. --jpgordon^∇∆∇∆ 17:51, 17 June 2007 (UTC)

It would be helpful to do that, because sleeper accounts are used to bypass semi-protection. SlimVirgin ^(talk) 18:15, 17 June 2007 (UTC)

This has been a concern of mine for some time as well. Given that the definition of "established user" is an account that has been in existence for more than four days, bypassing semi-protection is trivial: nothing more than a matter of creating multiple accounts in anticipation of later blocking. A number of innocent users would certainly be swept up in the dragnet, so an appeals process would have to be established. I'm not sure which existing committee, if any, would be equipped to enforce this provision; perhaps a new body would need to be created. --Nonstopdrivel 16:54, 23 June 2007 (UTC)

The expiration time would have to be updated whenever the user reads Wikipedia while logged in, not just when editing, though. Otherwise, we'd be expiring the accounts of people who don't edit, but log in just to be able to, say, use a non-MonoBook skin. —Ilmari Karonen (talk) 16:07, 19 June 2007 (UTC)

Agree, has a bug report been filed with this suggestion yet? Navou 18:31, 17 June 2007 (UTC)

I also agree that this is worth investigating. semper fictilis 22:02, 17 June 2007 (UTC)

I also agree, fwiw. Fnagaton 07:42, 22 June 2007 (UTC)

bugzilla:10299 Navou 23:41, 17 June 2007 (UTC)

Will someone please tell me how to tell if a IP is an open proxie on my talk page. Peace:)--Sir James Paul 00:13, 17 June 2007 (UTC)

I don't know if anyone will actually give this information here. The practice is somewhat, beany. However, a google search on the subject may be more, forthcoming. Best regards, Navou 01:00, 17 June 2007 (UTC)

DNSBLs, public open proxy lists, port scans. In the past, certain very distinctive edits have also been considered sufficient by themselves to identify an IP as an open proxy, although I made a small tweak to MediaWiki about 6 months ago that should have stopped at least a specific class of such proxies from editing in the first place (and I haven't personally seen any since, either, so I guess it probably does work). —Ilmari Karonen (talk) 16:14, 19 June 2007 (UTC)

ArmedBlowfish, unable to edit because he runs a blocked Tor exit, has posted this to his talk page:

Destructive-editing-resistant Tor unblocking. --Tony Sidaway 06:31, 20 June 2007 (UTC)

I removed the language that says that we copy from Meta, because obviously we don't. I believe we should stay separate for now, until this issue is sorted out. Crum375 00:15, 22 June 2007 (UTC)

Isn't the whole point of the notice to let people know that we should ultimately be synchronizing them, though? I don't see how a conflict is a good reason to remove that.

Also, is there a reason to treat this as a rule violation? If we're accepting Jimbo's suggestion, it seems we should be amending to say these get blocked easily, but not that it will be treated as a violation itself. This makes sense to me for several reasons: 1. The main reason for this policy was vandalism and soft blocking solves that, 2. Sock puppeting can be revealed in other ways, and 3. People who try hard can sock puppet anyway, either just by doing it or by more sophisticated methods. Meanwhile, many people care deeply about privacy, and don't want anybody knowing their IP, while the idea of having people explain their reasons in detail to justify this is obviously unsatisfactory. Finally, practice seems to be to block the proxy rather than the person, which suggests we should want our policy consistent with what the checkusers are actually doing. So what goes the other way? Mackan79 01:20, 22 June 2007 (UTC)

Although vandalism is an important concern, often vandals are hit-and-run from some random address, and the open proxy ban will not help that much. The more important need for the open proxy ban is due to the recent infiltration of WP by sockpuppet admin accounts. Those are long term users with long term goals, and having the ban in place will help mitigate (though not directly solve) this problem. The 'need for privacy' is more than offset by WP's need for survival - with a number of rogue sockpuppet admin accounts, and potentially even checkusers in place, one can imagine the internal corruption and mayhem that can result. To this date, besides the Chinese dissidents issue, who are able to read WP via open proxies, I am not aware of any legitimate need for editing via open proxies. Crum375 01:31, 22 June 2007 (UTC)

When you really balance it, though, I'm just seeing very little accomplished by this policy. To break this down: if we're talking about the trojan admin situation, then, the cases where this would really kick in are ones where somebody has a suspicion on two accounts and raises enough evidence for a checkuser, but then that person gets off because they're using an open proxy. Yes? Well how about this: if that starts to becomes a problem, then checkusers could either report the use of an open proxy, or privately tell the person that their proxy will be blocked, and they will now have to find another means to edit Wikipedia. Would this address the problem? Mackan79 01:44, 22 June 2007 (UTC)

I am not an expert in this, but my guess would be that this would not be sufficient. I think the trojans are very shrewed operators, and they will use a variety of IP addresses. There may also be a large random traffic of open proxy influx, often it may not be instantly evident whether a given IP is an open proxy or not, so it may not be practical to start sending messages to all possible open proxies. Also, sometimes it may be prudent to lie in wait, in order to trap a large scale infiltration scheme, so it doesn't always make sense to alert the perpetrators immediately. In any case, I think the experts who are running CU on a routine basis and hunting the rogues should opine here, if they can. Crum375 01:55, 22 June 2007 (UTC)

Well the policy as it stands now allows for swift removal of changes made by any open proxy, regardless of the merit of those changes. This is an important part of enforcing against anonymous sock puppet activity and attempts to circumvent 3RR. Fnagaton 07:48, 22 June 2007 (UTC)

I think that would still make sense; the question is if it's necessary for established user accounts though. To Crum, it would still seem we're talking about a relatively small number of cases: those established accounts that have raised suspicions of sock puppetry and where a checkuser reveals them to be using TOR. I'm thinking a checkuser result to that effect would let the community deal with the situation without needing to hard block and ban all such users on sight (are you suggesting something else?). Mackan79 11:50, 22 June 2007 (UTC)

I see there is a more involved discussion on m:WM:NOP. Should the issue not be resolved there? It seems many people are supporting the adjustment. Mackan79 15:22, 22 June 2007 (UTC)

I have to say, I am somewhat shocked by the attitude I can perceive here. While I would agree that the policy shouldn't be updated here until the meta version achieves consensus (which seems to be happening (perhaps has happened already!)), I don't like Crum's statement above that "we remain separate from meta". Whether he, or anyone else, likes it or not, we are bound by foundation policy as written on meta, and cannot violate it in our actions here (that is: we cannot have a substantially different "local" version of the policy). People who disagree with the meta changes should argue discuss argue about them on the meta talk page, because when that policy is accepted over there, it will become binding policy across all Wikimedia projects, including this one. The English Wikipedia may be the biggest project controlled by the Wikimedia Foundation, but this size does most certainly not give it the right to ignore foundation policy based on the opinions of perhaps a dozen influential (loud?) users. I appreciate that no one has directly suggested this yet, but I can see the potential for a rift developing over this issue, hence the reason for my comment here. Martinp23 10:10, 25 June 2007 (UTC)

I think you should change the rule so that it is that open-proxies are blocked for non-registered users by default but if vandalism it can be blocked for registered users as well. Some people might want to (or be required to) use a open-proxy system. Not everybody is --zzo38(<font color=#7799FF face=Wingdings>[[User_talk:Zzo38|*]]</font>)[[User:Zzo38/sand|?]] 20:36, 23 June 2007 (UTC)

We have no way to ensure that the users being allowed are actually established users. Vandals can, and do, register dozens of accounts and then use them via open proxies. —Centrx→talk • 17:07, 28 June 2007 (UTC)

Why are we doing this instead of just soft-blocking? This seems to be incoveniencing serious users more than anything else, and I know of at least one user who edits from a country where his edits would be highly problematic. Forcing such users to not use open proxies is unfair to them and unhelpful to the project. Furthermore, I don't see general evidence to back up the claim that this policy in fact has consensus behind it. Many people, including Jimbo, dislike this. JoshuaZ 14:58, 28 June 2007 (UTC)

Checkusers, who consistently discover vandals and banned users using registered accounts via open proxies, seem to uniformly disagree. —Centrx→talk • 17:09, 28 June 2007 (UTC)

I believe I may have thought of a way out of this mess. Thoughts, improvements, objections, etc. welcome. Many admins have a PGP key listed. If the Mediawiki software could be changed so that an administrator could grant ipblock-exempt to non-admins (without granting adminship, of course), we could implement a system similar to this:

• User emails admin and tells him/her where to find the user's PGP key. (If the user need be tremendously concerned for his/her privacy, they can of course encrypt this email.)
• Admin emails user back with a message encrypted to that PGP key, containing a simple question ("what is the sum of four plus four", "who is the current President of the United States", something they make up off the cuff. Should be different each time.)
• User decrypts the message and emails the admin back the answer to the encrypted question, proving themself the legitimate owner of the key in question.
• Admin grants the user's account ipblock-exempt (or creates an account on the user's behalf with ipblock-exempt if they don't already have one), and notes that they have confirmed the user's key.

I believe this would be a way to allow, say, a billion or so users who can't currently edit to do so (and anyone in China familiar with TOR is likely also very familiar with PGP), while preventing vandalism and sockpuppetry. Thoughts? Seraphimblade ^{Talk to me} 18:29, 28 June 2007 (UTC)

There is a bootstrapping problem for editors who start editing but we will probably have that in any system. This should deal with most of the problems. JoshuaZ 01:56, 29 June 2007 (UTC)

I'm not sure; the question seems to be what happens to people who for whatever reason don't do this. Would we then be hardblocking and banning those accounts themselves? Mackan79 02:05, 29 June 2007 (UTC)

Well, this way, we could continue to hardblock the Tor IPs (I don't think we should block accounts who do happen to use an unblocked TOR proxy), but have a way to allow those willing to authenticate themselves to an admin to edit anonymously without opening ourselves up to tons of vandalism and sockpuppetry by people registering massive numbers of accounts through the nodes. Seraphimblade ^{Talk to me} 03:39, 29 June 2007 (UTC)

How would your suggestion prevent sockpuppetry, SB? SlimVirgin ^(talk) 03:41, 29 June 2007 (UTC)

The user's PGP key would be listed with their account, and they'd be confirmed as the legitimate owner of it. (I suppose, in theory, they could have and keep track of several keys, but this would make it a serious pain and limit its scope). PGP keys also list the version of PGP and platform it's on with the public key, so I would presume an admin who gets several requests in a row with the exact same version and platform might raise an eyebrow. We can never really specifically prevent all sockpuppetry, not so long as wifi hotspots exist, but this would make puppeting at least as hard as going down to your local library or coffee house to edit on your puppet. It wouldn't prevent all sockpuppetry, but it would raise the level of difficulty to "at least as hard as doing it some other way". Seraphimblade ^{Talk to me} 03:54, 29 June 2007 (UTC)

I wasn't talking about preventing all sockpuppetry, which is clearly impossible. I meant how would it prevent or reduce the sockpuppetry that currently takes place by people using open proxies? SlimVirgin ^(talk) 03:56, 29 June 2007 (UTC)

SlimVirgin, are you familiar with how PGP works? Seraphimblade ^{Talk to me} 03:58, 29 June 2007 (UTC)

Only vaguely. The thing that caught my eye is that you're relying on admins to verify it, is that right? That's your weak link right there. We have admins who repost deleted material to Wikitruth, Wikipedia Review, and now Wikiabuse. One admin actually changed a hard-blocked open proxy to a soft block, and then CharlotteWebb went on to use it, and I'm assuming there's a connection between them because of that and other issues. Giving admins the power to allow trusted users to use Tor means the admins themselves would have to be trusted, and sadly we've moved beyond that point. SlimVirgin ^(talk) 04:02, 29 June 2007 (UTC)

That's why I suggested PGP keys. As I said, for one person to keep track of more than a couple PGP keys would be a serious pain in the ass for them. It would be enough of a speed bump that it would be easier for them to sock using wardriving or public access points. And remember, the admins doing this have to be PGP users themselves, meaning they have to have their own valid keys. We could even have only some admins (say, those who're willing to identify themselves to the Foundation much like checkusers are required to) allowed to make such verifications. I'd be willing to do that. Seraphimblade ^{Talk to me} 04:06, 29 June 2007 (UTC)

We do have people running multiple admin accounts, which must be a serious pain, yet they're motivated enough to do it. I would worry that the only people who would want to use this system would be people out to cause problems, and they'd find admins willing to help them; or would have admin accounts themselves that could do it. SlimVirgin ^(talk) 04:49, 29 June 2007 (UTC)

SlimVirgin, I'm not suggesting that my option here would make sockpuppetry by that method impossible. I'm aware that it indeed would not. I am, however, asserting that it would make it at least as difficult as doing it by a number of other means that we cannot realistically prevent, and would indeed leave more of a trail than many of those other ways. Seraphimblade ^{Talk to me} 05:07, 29 June 2007 (UTC)

It's the last bit that confuses me. Confirming that a PGP key is yours doesn't leave a real trail. You could have several, just as you could have several accounts. What does tend to leave a trail (not invariably, but usually) is an IP address, which is why some people don't want to use their own. I'm not convinced that there are one billion Chinese editors just itching to get at us (and if there were, would it be a good thing if they started?). As I see it, most Tor use is for mischief making, and I don't think PGP keys would change much, if anything. SlimVirgin ^(talk) 05:23, 29 June 2007 (UTC)

(indent reset) "Would it be a good thing if they started?" Well of course it would! We're talking about a fifth of the world's population, many of whom speak English quite well, who can assist with countering a good deal of systemic bias, translating and using Chinese sources, translating articles to Chinese-language projects, are intimately familiar with the culture of the most populous country on the planet, so on, so on, so on. If there's any conceivable way we can make that happen, yes, it would be a tremendous benefit to the project, and if we can make the risk of sockpuppetry low and the effort required to do it high, I think we should weigh that tremendous benefit against that. And quite honestly, I find the low risk and high effort requirement of sockpuppetry through this method not to hold a candle to the tremendous benefit of having such a pool of editors available where otherwise they would not be. Seraphimblade ^{Talk to me} 05:41, 29 June 2007 (UTC)

I think that having PGP authentication will have little impact on the current trend of sock admin accounts, and allowing more liberal open proxy policies will encourage this even more. If WP is corrupted from the inside by trojans and rogue admins, all the Chinese editors combined will not be able to fix this problem. We must have a strong foundation to build on - you can't add a billion more users when your basic foundation is shaky, and making it shakier won't help. Crum375 05:54, 29 June 2007 (UTC)

I think it's a little wiki-, Western-, and English-language-centric to imagine that Chinese editors will have an overwhelming interest in editing the English Wikipedia, or any other. And we're not here to save the world; we have to learn how to save ourselves first. SlimVirgin ^(talk) 05:57, 29 June 2007 (UTC)

Lots of people in non-English-speaking countries want to edit on EN, because it is so prominent and because participating here is perceived as a more effective way of engaging in international discourse. And not everyone in China is Chinese, just as not everyone here in Korea is Korean. ;-) -- Visviva 13:37, 4 July 2007 (UTC)

..."trend"? Gracenotes^T § 12:57, 29 June 2007 (UTC)

Yeah, trend. Never mind that so far there have been precisely zero (0) cases of users controlling multiple administrator accounts simultaneously. SlimVirgin said something, so it must be true – Gurch 18:37, 5 July 2007 (UTC)

WP:AGF, WP:CIV. Crum375 18:51, 5 July 2007 (UTC)

WP:STOP BANNING CONSTRUCTIVE CONTRIBUTORS IN AN ATTEMPT TO FIX A PROBLEM THAT DOESN'T EXIST. – Gurch 20:00, 5 July 2007 (UTC)

We're getting a bit off-topic here, unless Crum375's rejoinder is meant to be an argument. Crum375, I believe that you're bringing up this trend in a good faith attempt to keep Wikipedia from harm. I assume that you have evidence, and that is a good starting point, I think. Gracenotes^T § 00:23, 7 July 2007 (UTC)

Are people here really arguing against having Chinese editors? Honestly, I find the suggestion problematic simply because I'd put a very high premium on creating rules that self-function, without making people jump through hoops. If people feel the need to edit through open proxies, I'm skeptical that making them email and sign up with an admin is something they'll be ready to do. I'm also not entirely sure what Slim or Crum are suggesting, though. Are you wanting to ban all such users? Hard-block their addresses? Just disallow them from becoming admins? It doesn't seem any of these are particularly good solutions. Mackan79 06:28, 29 June 2007 (UTC)

Well, unfortunately, anyone unwilling to authenticate him/herself directly probably shouldn't be editing through an open proxy. If it's the case that admins can't be trusted, we could do this through crats, OTRS representatives—it could certainly be tweaked to ensure that we have trustworthy parties in charge of it, and I would want no less. But at the very least, this would give some avenue around the Great Firewall for Chinese editors, and some avenue for operators of Tor exit nodes or users who are simply concerned about tracking or privacy to edit Wikipedia. Excluding a class of users (especially when that exclusion numbers in the billions) will inevitably contribute to systemic bias. Even an imperfect solution to that issue will help to counteract the problem. PGP, however, would allow an editor concerned about privacy (and in many cases, such a concern would have a direct bearing on his or her safety) to maintain confidential communication at all stages of the process. Seraphimblade ^{Talk to me} 13:01, 29 June 2007 (UTC)

Back to the PGP idea, actually Seraphimblade, there may be a place for public key encryption in connection with this problem. However, creating a dozen or more keys is very fast and very simple. A malevolent user could easily have two or three accounts up and running in no time and still there is no way to follow the. I do appreciate the work you and everyone is adding here. JodyB _talk 04:47, 5 July 2007 (UTC)

Open proxy servers are a dime a dozen... it would not be feasible to ban them all. As a result, it seems like the checking for proxy servers takes place after the vandalism. My question is, what makes the vandalism different if it was from a non-open-proxy IP or if it was from an open proxy IP? I hear the argument that vandals can use open proxies to repeatedly vandalize Wikipedia, but this policy does nothing to prevent that -- only as grounds for banning once they have been seen vandalizing WP. By that point, whatever damage they were going to do is done, and they'll just move on to another proxy... and even if they weren't using a proxy, their vandalism spree would get them banned anyway.

Given the fact that the proxy check is made after the vandalism, this policy seems useless. .V. _[Talk|Email] 10:09, 7 July 2007 (UTC)

What about users who are using it to create and use sockpuppet accounts, which are then groomed to become admin accounts? This allows us to try to thwart such schemes. Ironically, such users often engage in vandal-fighting, which is the easiest and quickest way to build up a large edit count, without collecting any adversaries along the way. Crum375 13:24, 7 July 2007 (UTC)

How often does that happen? It seems like we'd be sacrificing loads of possible new contributors (including the entirety of China) for some speculative scenario that's happened maybe once. And besides, if someone's willing to go through all that trouble (months and months of work for this), they could just as easily find a private proxy. It doesn't seem as if this policy would be effective at countering this concern. .V. _[Talk|Email] 20:24, 7 July 2007 (UTC)

The entirety of China, like any other editors, are welcome to read Wikipedia via anon-proxy, so we keep no information secret from them. The only issue is, do we want to allow people with repressive governments to edit in a way that will corrupt our system and potentially destroy our integrity? I say no, we start with a sound foundation, and then we build on it, or else end up with nothing. How often do trojan admins plot to corrupt this site? They are right now, and we need every tool at our disposal to stop them. Crum375 20:30, 7 July 2007 (UTC)

It seems unfair to categorize all Chinese editors as people who will "corrupt our system" just because of their government. I understand your primary concern is trojan admins, but to my knowledge, if an admin goes rogue, it gets corrected fairly quickly. I'm certain that just fixing the vandalism when it arises is preferable to blocking a whole group of users from editing the encyclopedia that "anyone can edit." .V. _[Talk|Email] 20:40, 7 July 2007 (UTC)

In my opinion vandalism is not the main reason for banning proxy editing. Accountability is, and specifically for admins, since admins wield stronger tools, and can harm the project significantly. Vandals are typically easy to handle, regardless of their IP. I did not say Chinese editors will corrupt our system - please re-read. My point is that by removing our proxy ban defense, we will then allow the real culprits, such as trojan admins, to corrupt our site. That is a steep price, that someone has likened to leaving one's doors wide open, so that the neighbor's cats can come in to have some cream. We allow anyone to edit Wikipedia, but not from a proxy IP, and not at the cost of destroying what we are building. Crum375 20:50, 7 July 2007 (UTC)

I'm not sure I believe that NOP really does anything when it comes to this. People looking to get an admin account through sockpuppetry can just use one many, many, many available private proxies that won't be checked by NOP. They could even just get a new IP address (even if they have a static IP, it will change eventually.) The usefulness of this policy does not seem to match up to the detriment. .V. _[Talk|Email] 21:01, 7 July 2007 (UTC)

(outdent) Let's not get too deeply into WP:BEAN territory, and just note that for now there is a strong correlation between trojan accounts and proxy IP use. Losing this important tool will make it harder to track them, and at this point it's a steep price to pay. We focus primarily on our safety and integrity, which translates into our survival, then we can look for ways to bring more people into the fold. Crum375 21:12, 7 July 2007 (UTC)

Is there proof of this strong correlation? .V. _[Talk|Email] 01:22, 8 July 2007 (UTC)

Crum, can you specify what the prohibition is accomplishing which the revised wording wouldn't? That might help us work around this. Mackan79 07:22, 8 July 2007 (UTC)

After nearly three weeks of favourable comments (linked from the local page), I've implemented the rewritten version of m:No open proxies. The change explains the rationale and need for the policy, and clarifies that the policy specifically seeks to prevent abuse. (While legitimate use is obviously impacted by open proxy blocks, this is incidental and accounts should not be punished for making legitimate use of proxies.)

This is not a major change in the policy, since it is the traditional interpretation used by the MetaProject on open proxies. If the English Wikipedia community wants a more restrictive policy (ie, blocking legitimate accounts that have edited from open proxies), we can of course append the desired limitations to the Foundation policy. —{admin} Pathoschild 21:09:21, 07 July 2007 (UTC)

I believe that en-WP needs to form its own consensus about this issue. Crum375 04:05, 8 July 2007 (UTC)

I agree with Crum, but would also say that I'm simply amazed that a page at meta can be protected and then an administrator there can just completely change the policy from one that prohibits the use of open proxies to one that says that users may use them freely until blocked. Maybe there's something I don't understand about how meta works, but to me, that's like protecting WP:3RR and then having an administrator rewrite it to say that you may not revert more than five times in a 24-hour period. I don't mean any disrespect to Pathoschild, as people at meta said that it's okay for admins to make substantial edits (as opposed to grammar corrections) in protected pages (protected because of edit warring, not vandalism), so obviously I'm just not familiar with meta. I didn't bother to protest there, until I saw Pathoschild's edit summary here mentioning consensus there, as I thought there's little point in protesting if admins are allowed to do that. But I want to state here that I'm not happy with the change, and I find myself convinced by the points made by Mackensen, Connel Mackenzie, and SlimVirgin. ElinorD (talk) 07:29, 8 July 2007 (UTC)

You misunderstand or misrepresent what happened on Meta. There was discussion on the Meta talk page, and I rewrote the policy page to address the points raised in discussion without removing the 'this wording is disputed' note. I added a comment to the talk page explaining what I changed and asking for feedback, which was almost unanimously favourable. This includes a number of en-Wikipedians, who followed the link from Wikipedia:No open proxies. After three weeks of near-unanimity, I removed the 'disputed' note on Meta and updated the enwiki page.

The Meta page was protected to stop unproductive reverting between two users, ElinorD above and Crum375. (As I was not participating in the revert war, I did not consider the protection relevant to my edits— discussion on the talk page seems to confirm this.) These two users also began revert warring on enwiki when I implemented the new version. Please discuss your objections productively rather than revert warring; the exact wording at any precise moment is not terribly important when it has a "disputed!" warning prefixed anyway. —{admin} Pathoschild 03:38:05, 09 July 2007 (UTC)

I fail to see how the Meta page could have been protected to stop "unproductive reverting" between me and Crum375. First of all, I'm in full agreement with Crum375. Secondly, and more importantly, I have never even edited (let alone reverted) that page. I did, however, use the talk page to express my dissatisfaction with admins editing the page to completely change the meaning, while it was locked, but, as SlimVirgin has suggested, I gave up, since there was nothing I could do about it. (By the way, I wonder why it's still locked if consensus has been reached.)

I also disagree that the protection was irrelevant to your edits because you hadn't participated in the revert war. The revert war was because one side wanted to make the policy more lenient and another side didn't. The page was locked for that reason, and then you stepped in and made the policy more lenient. In fact, you made it even more lenient than the lenient version that one party to the edit war had attempted. I accept that the Meta rules are different from the rules here, but I think it's extremely odd.

As for your accusation that I began revert warring on the page at en after you implemented the so-called "consensus" version, I reverted once after you implemented it. Gurch, who agrees with your version, reverted three times, using insulting edit summaries such as well, everyone on this project either agrees with it, doesn't care or gave up arguing with SlimVirgin long ago... apart from you evidently... so why not?[4] and yada yada adminpuppets yada yada trojan sock armies yada yada think of the slimvirgins yada yada 20% of the world's population is banned from editing the "encyclopedia that anyone can edit" yada yada[5] so I'm a little puzzled as to why you single out me as one engaged in unproductive revert warring. ElinorD (talk) 15:02, 9 July 2007 (UTC)

Pathoschild, what happened was that the page was protected because of a revert war. Then admins turned up and rewrote it while it was protected. I don't know whether meta rules are different from ours, but regardless, it doesn't mean the current version on meta has consensus, because most people were prevented from contributing. SlimVirgin ^{(talk)(contribs)} 05:27, 9 July 2007 (UTC)

ElinorD, I apologize for the mistake; I was tired and misread the edit history.

Regarding the protection, it was implemented to stop the revert war, not prohibit constructive edits related to the discussion. Had the edits been constructive attempts to reach consensus, rather than revert to The Right Version, I don't think the page would have been protected. I posted a message on the talk page for public feedback after my edits, where numerous users (including non-administrators) supported the changes. If you think it should be unprotected, I suggest a note on the talk page or a message for the protecting administrator.

The consensus I mentioned was not achieved by changing a protected page and unilaterally declaring agreement— see the discussion about the rewrite. —{admin} Pathoschild 02:56:10, 10 July 2007 (UTC)

You rewrote a protected policy that others were not able to edit. You can't claim the result is consensus, Pathoschild. The page needs to be unprotected and returned to the version before your edits. SlimVirgin ^{(talk)(contribs)} 03:42, 10 July 2007 (UTC)

Slim, if your position is that Meta should rule, why have you not argued your position over there? You're arguing over here against something that happened over there, and now saying we need to go back to what they had previously over there, without participating in the substantive discussion in either place. This doesn't seem productive. Mackan79 11:10, 10 July 2007 (UTC)

Given that so much of the huffing and puffing about users daring to "violate" this policy has been related to its status as a meta/foundation "policy," which it is not now if it ever was, it's difficult to see why we have to go through this again. -- Visviva 08:00, 8 July 2007 (UTC)

"What about users who are using it to create and use sockpuppet accounts, which are then groomed to become admin accounts?"

There is absolutely no evidence whatsoever that any user has, or has ever had, control of multiple administrator accounts simultaneously, open proxies or not. Like all other groundless accusations, it should be ignored – Gurch 22:09, 8 July 2007 (UTC)

It isn't true that there is "absolutely no evidence whatsoever." It's just that you personally aren't aware of it. SlimVirgin ^{(talk)(contribs)} 22:21, 8 July 2007 (UTC)

Could you make us aware of it? .V. _[Talk|Email] 22:22, 8 July 2007 (UTC)

Very well, I'll rephrase. There is absolutely no evidence available to the community that any user has, or has ever had, control of multiple administrator accounts simultaneously. Since the community decides policy, not SlimVirgin and a bunch of her friends, anything that they know and aren't prepared to tell us (or are just making up) is irrelevant – Gurch 22:26, 8 July 2007 (UTC)

Last I looked, SlimVirgin and a bunch of her friends are part of the community also. --jpgordon^∇∆∇∆ 22:47, 8 July 2007 (UTC)

Really? Well, that is good news. I was getting the impression we were some kind of subordinates – Gurch 22:53, 8 July 2007 (UTC)

Alright, jpgordon, let's say "the whole community", then. I asked SlimVirgin at one point to send me any such evidence privately, and received no response. SlimVirgin and others are indeed part of the community, but "the community" as a whole they are not. If it's known for sure that some admins are Trojans, why in the hell are they still admins? And if it's unclear or the evidence isn't convincing enough for that, why is that continually trotted out as fact? Seraphimblade ^{Talk to me} 23:41, 8 July 2007 (UTC)

Well, wait, which assertion are we talking about here? The implied one in "What about users who are using it to create and use sockpuppet accounts, which are then groomed to become admin accounts?"? or the quite different one answered by There is absolutely no evidence whatsoever that any user has, or has ever had, control of multiple administrator accounts simultaneously? --jpgordon^∇∆∇∆ 00:02, 9 July 2007 (UTC)

I was talking about the continued assertion, without any evidence provided whatsoever, that there are Trojan and/or sockpuppet admin accounts right under our noses, right now. When I had good reason to believe an admin account was operating sockpuppets, I didn't go make vague assertions but refuse to back them up, I forwarded my suspicions and evidence on to the ArbCom. However, the "(multiple|Trojan) admin" bit is continually stated as though it's indisputable, current fact, not a hypothetical scenario. So my question is: If someone has hard, indisputable evidence that this is happening, why haven't they taken action, to get rid of the sockpuppeting or Trojan admin(s)? And if such evidence does not exist, why is it being presented as fact, rather than as a hypothetical scenario? It is hard, indisputable fact that this policy prevents over a billion people from editing, despite the fact that they have not behaved in any way deserving of such a ban. "The encyclopedia anyone can edit (unless they seriously abuse the privilege)" is reasonable. "The encyclopedia anyone can edit (unless they live in the wrong country)" seems much less so. Seraphimblade ^{Talk to me} 01:45, 9 July 2007 (UTC)

Per recent comments, it seems this policy has a number of problems which could be fixed by the proposed change. First, as .V. points out, the ban doesn't block vandals any more than soft-blocking would. Second, if we're talking about sock-puppetry, the prohibition language still only affects those situations where evidence has been presented and a checkuser has been run against a particular individual, who then turns out to be using an open proxy. The problem is that doesn't appear to have ever happened, and even if it did the use of an open proxy in that situation would seem sufficient evidence itself. Third, the prohibition language has never been enforced, and there doesn't appear to be an intention to enforce it. Fourth, the policy would apparently prevent about a fifth of the world's population from editing. Finally, although people are now saying this would require some great discussion to change, and while I agree with Elinor that the process at meta seems strange, it doesn't appear any such concensus ever supported the policy in the first place. In any case, it seems quite a few people are supporting the change, while the reasons against it remain unclear.Mackan79 23:18, 8 July 2007 (UTC)

I described the reasons for the current policy at some length above. I agree with you that vandalism alone is not a good justification for it. OTOH, by having this ban in place, we can make life harder for trojan admin accounts. Letting a fifth of the world's population come and edit here, assuming they were willing and able to do that (they can currently access WP via proxy with no restriction), at the cost of corrupting our integrity and possibly destroying the project, is too high a price to pay, in my opinion. In any case, it seems we are going around in circles on this Talk page. This is clearly an important policy, and changing it requires a community wide consensus. Crum375 23:49, 8 July 2007 (UTC)

How does it make life harder for them? Mackan79 23:59, 8 July 2007 (UTC)

We already had this discussion above. Suffice it to say, per WP:BEAN, that there is a strong correlation between trojan activities and anon proxies. Crum375 00:06, 9 July 2007 (UTC)

Well, unless this is being done by the foundation itself, I don't see how that suffices. You're saying this makes it harder for trojan admins, without any explanation of how, when it doesn't appear the policy has any way of doing so. Are you saying the reasons for this are entirely secret? This seems particularly hard to accept when Jimbo has suggested he'd like to see the wording change. Mackan79 00:11, 9 July 2007 (UTC)

Is there proof of this strong correlation? .V. _[Talk|Email] 00:15, 9 July 2007 (UTC)

Just a reminder that, if WP:BEANS is an issue, there is always Special:Emailuser. I think that it would be a great idea for Crum375 to e-mail the evidence to a trusted member of the community who currently has a contrary position. Cheers, Gracenotes^T § 00:20, 9 July 2007 (UTC)

"make life harder for trojan admin accounts".... WTF? WHAT 'trojan admin accounts'? – Gurch 11:25, 9 July 2007 (UTC)

• GFDL compliance: attributed to User:Arbortender on Meta Wiki (http://meta.wikimedia.org) on the page "Talk:No open proxies" (http://meta.wikimedia.org/wiki/Talk:No_open_proxies); User:Duff on en-wiki

I've been banned today, on english wikipedia, after having discovered and installed TOR this morning, in response to a 9th circuit court decision re: warrantless spying on internet use. Coincidentally, I proudly received my very first Barnstar, the Barnstar of Diligence, just a couple of days ago, after having invested countless hours improving a page that was important to me, so as to learn about the political system in my new State, Oregon. I haven't been involved in anything remotely controversial on wikipedia, until now. I found the wikipedia page on TOR, read it, found no warning of any sort therein that might have indicated that use of the software would have this outcome, installed it, and voila...screwed myself out of wikipedia. Pretty bogus.

Prior to today, I had never even heard of the 'policy', if it even is one, nor of open proxies, and had no idea of the controversy surrounding this topic, which has apparently been raging for months, no, years. I opened a useraccount here at WM today, in order to participate in the discussion, which I hope has not been closed yet. I can't participate in the discussion at English Wikipedia, because I'm banned. When I tried to post here at WM, earlier, I also got an IP banned notice. I've jumped through some of the hoops asked of me to rescind the ban, but have been unsuccessful so far, so as suggested there, I finally sent an email to Jimbo, requesting special consideration. Neither of the admins who banned me bothered to return my email direct to them, which was also suggested.

I am (or was) a regular contributor at English Wikipedia, as User:Duff and I now want to use TOR to help protect my privacy. I would be user:duff here too, for clarity, but that name was taken. Here, I'm arbortender. Also, for what it's worth, I'm posting now through TOR, so if that means I'll be banned here too, again, so be it. I have never used any 'sockpuppet' identity on wikipedia, although a scant few of my posts in the past have gone in under an IP without my realizing that I wasn't logged in yet. I never did one of those extended periods as an IP poster before getting an account, because I wanted an account, and back then, I wasn't afraid of the unconstitutional powers my government has now asserted. Now, I am sure that anything at all is possible.

I've got more important responsibilities than to spend hours hammering out such things as encyclopedic posting policies and debating whether I should be banned, so I'll have to leave that to you folks. If you don't want me and people like me to post because I/we might do something bad, then I'm going to move on to some other project where my efforts will be both fruitful and appreciated, and my efforts at privacy and preservation of essential liberties are respected and accommodated. No sorrow. If you can come up with a way to ban bad stuff from people who aren't logged in, or to ban admin sockpuppetry, those sound like good things. If that means people like me can't contribute, again, so be it. I basically just wanted to ring in as one of the apparently many benign & productive users who will be reluctantly walking away from wikipedia because of this issue. Be well. Good Luck. -Arbortender 07:33, 8 July 2007 (UTC)

--Gracenotes^T § 00:17, 9 July 2007 (UTC)

• Banned? In what way is he banned? He made a choice to use an access method that is prohibited on Wikipedia. He was not forced to make that choice. He can edit any time he wants. --jpgordon^∇∆∇∆ 00:29, 9 July 2007 (UTC)
  • According to this description, his use of this access method does not seem like a choice; it seems like a legal necessity. Gracenotes^T § 00:42, 9 July 2007 (UTC)
    • Which part of his post indicates that? SlimVirgin ^{(talk)(contribs)} 00:43, 9 July 2007 (UTC)

I believe he's expressing concern with giving out his IP address based on the court's decision, not saying he has to do it. Mackan79 00:58, 9 July 2007 (UTC)

• • • • (response to SlimVirgin) Quote: "in response to a 9th circuit court decision". I see that there are two interpretations to this: that he saw a court case and decided to protect himself, or that he did it as a direct response to a court case in which he was involved. Either way, he did nothing wrong, at least outside of the jurisdiction of this Wikipedia policy, as it is currently written. (Comment: it appears as though the former is the case. My thanks to Mackan79 for informing me about this. I apologize if this has caused any confusion. 01:12, 9 July 2007 (UTC))
      • It is actual cases like this, rather than murmurings about admin sockpuppetry (which I expect shall become a straw man soon), that should be considered when evaluating the long-term worth of this policy to this project. If someone wants to draft a fleshed-out scenario wherein trashing this policy could result in the destruction of Wikipedia, please e-mail it to me, and I'll e-mail back a scenario wherein the dynamics of this policy could do the same. Gracenotes^T § 01:10, 9 July 2007 (UTC)

There are those who are legitimately concerned with privacy, especially given such poor decisions by the courts. And that's just in America, where there are some well-founded fears of surveillance. In other countries, maintaining privacy and anonymity may have a direct and immediate impact on one's safety. Those are facts. They can be backed up. While I will assume good faith to every degree I can, I will not do so to the point of believing serious assertions with far-reaching consequences in the total absence of hard evidence. Given one harm which is factual, concrete, and provable, and another "harm" which is vague, unproven, and hysterical, I will go for solving the concrete harm—and that means softblocking. If someone is willing to actually show evidence, publically or privately, I will of course reconsider my position as appropriate. Seraphimblade ^{Talk to me} 02:06, 9 July 2007 (UTC)

I agree, and hope others will either explain themselves better or assist in fixing the policy. Mackan79 06:37, 9 July 2007 (UTC)

What harm is "is vague, unproven, and hysterical"? Fnagaton 11:16, 9 July 2007 (UTC)

The 'harm' that we would supposedly suffer every day from sockpuppet admin accounts if Tor users were not banned. Frankly, even if there were any such things, I still don't see why they would use open proxies. Draws far too muh attention. They'd just edit from the same IP and not make their edits so obvious as to attract a checkuser out for a spot of fishing... – Gurch 11:30, 9 July 2007 (UTC)

One point brought up by Arbortender is that s/he read Tor (anonymity network) and didn't see any link to a policy indicating that users may not edit Wikipedia from through Tor. I'm going to add a small section to the article linking Wikipedia:No open proxies. Please discuss/revert if you don't like it. See also Talk:Tor (anonymity network)#Editing of Wikipedia through Tor. -- Flyguy649 ^talk _contribs 15:47, 9 July 2007 (UTC)

I'm going to keep saying this. This policy bans millions of people from editing Wikipedia to address a problem that doesn't exist – Gurch 11:27, 9 July 2007 (UTC)

There is a very real problem with anonymous Tor users vandalising pages though. Fnagaton 12:56, 9 July 2007 (UTC)

And? Vandalism from proxies pales into insignificance when compared to the level of vandalism from high schools. Do we ban anyone who edits from there? No – Gurch 12:57, 9 July 2007 (UTC)

The vandalism from high schools is not directly relevant to the problem of anonymous proxy users using for example something like Tor. Fnagaton 13:26, 9 July 2007 (UTC)

This is true, but I don't think anyone is proposing that known open proxies be left entirely open unblocked; rather the question is whether the blocks should cover registered users as well.

IMO, a more pertinent question in re softblocking might be: is the behavior of creating massive numbers of sleeper accounts and pushing them through softblocked proxies sufficiently common/destructive to warrant the current policy of blanket bans? I assume there are documented cases of this behavior; with all respect to WP:DENY, can we get some links to AIV discussions or the like? -- Visviva 13:30, 9 July 2007 (UTC)

I think it's very likely that admin sockpuppets exist -- the system is far too easy to game -- but open proxies are not a significant part of the problem, nor is hard-banning anyone who uses an open proxy going to help solve it. More apropos would be the suggestion which SV made on Meta (I think), that enwp admins be required to confirm their identity with the Foundation. Unfortunately that very reasonable suggestion seems to be going nowhere. -- Visviva 13:30, 9 July 2007 (UTC)

Anthony suggested a variation of this in response to a conversation about the trustworthiness of someone who is not willing to provide personal information (in this case, to the Foundation, a.k.a. someone who decides to CheckUser him or her). SlimVirgin then argued that the approach probably wouldn't work, noting that treating adminship as no big deal is harmful to Wikipedia. I responded why I thought it could be effective, and SlimVirgin replied that she would not be against the idea in principle, but had reasonable concerns about implementation. A bit later, Anthony replied to SlimVirgin's aforementioned comment including the "no big deal" argument. Then the conversation between SlimVirgin and me got a bit off-track as we discussed the merits and disadvantages of considering adminship a big deal; although in satirical form, my main concern with this position is expressed here. Gracenotes^T § 16:43, 9 July 2007 (UTC)

Ah, thanks. I salute anyone with the courage to sift through the daily volume of the EN mailing list. Even foundation-L is generating about 10 digests a day right now. Just for reference, the Meta discussion, which I think slightly predates the mailing-list one, is at meta:Talk:CheckUser_policy#Proposal_to_conduct_random_checks_on_RfAs. -- Visviva 13:48, 10 July 2007 (UTC)

If nobody can publicly explain what the current policy accomplishes at the expense of disallowing 1/5 of the world's population and all those others with privacy concerns leading them to use Tor from editing, and if Jimbo has suggested that he'd like to see the policy change from hard blocking to soft blocking, then it seems to me the policy language is ready to be changed accordingly. To avoid edit warring, I'll give anyone an additional chance to explain here why that's wrong. Mackan79 16:06, 9 July 2007 (UTC)

There are adequate reasons already explained to stop Tor users from editing from anonymous accounts. Fnagaton 16:33, 9 July 2007 (UTC)

Do these reasons apply to people who have registered accounts? I'm not sure which reasons you mean. (E.g., did you oppose this version?) Mackan79 16:37, 9 July 2007 (UTC)

Fnagaton, I don't think anyone's disagreed that Tor proxies should be softblocked (disallowed from editing anonymously). The question is whether they should be hardblocked (even registered accounts may not edit through them). As to the question of people creating hundreds of accounts, we've already solved one banned vandal (Ararat arev) who made hundreds of accounts through proxies and used them to duck semi-protection. But we didn't solve that by hardblocking proxies, he just found more. Instead, he went away once a captcha started being required for account creation. That means anyone who wants to create hundreds of vandal socks must do it by hand, only to have them indef blocked as soon as they make an edit that clearly reveals who it is. (We could also consider Royalguard11's proposal that autoconfirmation require a certain number of edits, not just an age.) There are ways to address this issue without shutting out privacy-conscious and Chinese users. Seraphimblade ^{Talk to me} 17:55, 9 July 2007 (UTC)

And yet the best SlimVirgin can come up with is "Nobody from China wants to edit the English Wikipedia anyway". Yeah, bullshit. Pick any large country that doesn't practise Internet censorship (yet), and you'll find dozens of prolific contributors right here, on this language edition. There are well over a BILLION people in China. Trust me, if access to Wikipedia wasn't blocked, the Chinese-language edition would be fast catching up with the English one by now - and we would benefit, both directly and indirectly from it. Yet she dismisses banning of the world's largest country with a wave of the hand. Incredible – Gurch 17:15, 9 July 2007 (UTC)

Would absolutely agree. And not only would this be of benefit to the Chinese-language Wikipedia, but many people in China speak both English and Chinese quite well. I believe we would benefit tremendously from allowing Chinese editors. Even if we presume that only one in a hundred thousand people in China would be interested in editing Wikipedia, that's over a thousand editors we're shutting out! And I'd bet the actual ratio is a good bit higher than that. I've seen tons of good editors here from non-English-speaking countries, not to mention that the English Wikipedia is not the only Wikipedia, and indeed those in other languages, if anything, are in more need of help from those who speak their language natively. I would love to see Chinese Wikipedia catch up to English in size and scope, and I would certainly love to see English cover Chinese topics more comprehensively and thoroughly, with good use of Chinese-language sources as well as English-language ones. Who better to do that then those who speak both languages and are intimately familiar with the culture of the most populous country on the face of the planet? Seraphimblade ^{Talk to me} 17:49, 9 July 2007 (UTC)

If one in a hundred thousand people in China would be interested in editing Wikipedia, that's over ten thousand editors we're shutting out. Yes, most people in China don't have Internet access. Yes, most people like to follow the law. Yes, most people don't understand how to configure Tor and yes, most people don't have any particular reason to edit the English Wikipedia. But that's the case in the United States, too. While more people have Internet access there, there is less need for a service such as Tor because Wikipedia isn't censored by the government. Yet people still use it, and still have a desire to edit Wikipedia with it.

Anyway, forget China. This policy is causing existing prolific contributors to leave, and it's not just one or two "problem" users. Another one went yesterday. I say again, the two stated rationales for this policy are simply not good enough.

One, vandalism, is something we tolerate, and always have tolerated. We could cut vandalism to a fraction of its current level by preventing anonymous editing altogether. But we don't do that. Wikipedia was built by anonymous contributions, the whole principle behind it rests on the ability of anyone to edit. So preventing any constructive editing in the name of vandalism prevention is unacceptable. What's more, vandalism occurs by the bucketload with or without this policy. It does not reduce the level of vandalism significantly.

The second, this whole "adminpuppet" thing, just gets more ridiculous by the day. Despite the continued lack of a single incidence of it, it has now been turned into a "problem" which this policy is supposed to solve. We thus have two "issues":

• Multiple administrator accounts under the control of the same user. This has never occured, so far as we know.
• Constructive contributors unable to continue contributing because of this policy. This happens all the time.

These are in fact completely separate things. Arguments have repeatedly been made that this policy "protects us" from the problem of multiple administrator accounts under the control of the same user – as if it guarantees that this won't happen. But it doesn't; not by a long way. Such a thing could be done with or without open proxies.

Those of you who seem to thing Wikipedia would "fail" if editing through Tor was allowed, you're welcome to find out. Go and fork the project, disable anonymous ediitng, and require all administrators to disclose their identities to you. But there is no way that that is going to happen here. That's not what Wikipedia is about – Gurch 18:35, 9 July 2007 (UTC)

Wikipedia isn't about letting anyone vandalise using anonymous proxies. Fnagaton 23:39, 9 July 2007 (UTC)

Wikipedia also isnt' about letting people exploit AOL to vandalize. But that isn't a reason to ban all AOL users. Bladestorm 04:00, 10 July 2007 (UTC)

But it would be a reason to not allow edits from those IPs unless an account was created. Fnagaton 08:48, 10 July 2007 (UTC)

Yep. Absolutely. So why don't we do the same with proxies? – Gurch 09:49, 10 July 2007 (UTC)

It's a technical issue. The list of IPs from say for example Tor changes quite rapidly. It is possible to parse an automatically generated list of Tor exit nodes and dynamically issue such blocks, but it would require some coding for a bot that is trusted to parse such a list and issue those blocks. The last time it was discussed I seem to remember the idea being shot down. Fnagaton 11:04, 10 July 2007 (UTC)

Huh? What's that got to do with anything. Banning Tor now requires hard-blocking each Tor IP address individually. Soft-blocking it instead would require soft-blocking each Tor IP address individually. No harder, or easier; precisely the same. Yes, if Tor IP addresses went un-blocked by mistake, people could edit anonymously with them. But that's the case now. So again, no change – Gurch 18:56, 11 July 2007 (UTC)

The technical ability exists but when it was discussed to actually implement it there was push-back. Fnagaton 10:54, 12 July 2007 (UTC)

Maybe we should Digg / Slashdot WP:NOP and create International Outrage about how China is blocked from editing? (:P) --Iamunknown 17:56, 9 July 2007 (UTC)

We all hate straw polls, but occasionally they are useful. Because there have been many references to consensus in debates here, I have concluded that a straw poll would be a reasonably acceptable effort to confirm what this consensus is.

• Wikipedia:No open proxies/Poll

Please do not vote yet, but feel free to voice any objections to the structure or wording of the straw poll (or yell at me for coming up with such a stupid idea) on its talk page. But kindly do not make possibly controversial changes without discussion. I hope that everyone can make this poll as painless and useful as possible by not being a dick. Gracenotes^T § 19:22, 9 July 2007 (UTC)

I think you have more experience with policy debates than I do; my impression would be that we're better off with informed opinions here, considering the somewhat technical nature of the problem. For instance, you put under possible comments that hard blocking means a person using an open proxy can't edit, when really it only means they can't use that open proxy and need to find another one. It also glosses the question of whether anyone even needs an open proxy to sockpuppet, etc. Of course you had to simplify the issue to make a straw poll, but that also seems problematic, no? Mackan79 20:06, 9 July 2007 (UTC)

Crum375 has commented that discussion on the talk page is going around in circles, and I agree. This seems like a necessary evil; the goal should be to make it as not-evil as possible. You are right about the users are prohibited from editing via open proxies vs. open proxies should merely be blocked issue, which is covered in the first question of the straw poll. I shall remove it from the second, if I can. The sockpuppetry issue is one of the reasons I suggested that a participant in the straw poll should review this talk page. Gracenotes^T § 20:29, 9 July 2007 (UTC)

Unfortunately, that's the one thing I can agree with Crum on. However, if we do hold such a straw poll, I think we'll need someone to present the views of those who currently cannot edit due to the proxy blocks. NYBrad did this at the arbitration case, we might ask if he'd be willing to do so again. (Or they could post their views to their talk page, so anyone can confirm.) As to the poll itself, I think it may be the only effective way to gauge consensus on the matter, as discussion here does seem to be going in circles, and (absent a presentation of actual evidence by those claiming admin sockpuppetry etc.), no one appears likely to change their mind on either side. Seraphimblade ^{Talk to me} 21:09, 9 July 2007 (UTC)

---

Alright, let's ask the question that's seeming to become the subject of an edit war here. Should the wording of the policy be focused on users (i.e., that a user who is editing through a proxy is doing something wrong, even if they're not using the proxy to do anything which would otherwise be prohibited such as sock or vandalize), or on the proxies themselves (proxies may be blocked as soon as they're found to be proxies, but we don't condemn users of proxies provided that the editors who do happen to use an unblocked proxy don't use them for disruptive purposes)? The current version at Meta seems to reflect the latter, the current version here seems more to reflect the former. Seraphimblade ^{Talk to me} 03:47, 10 July 2007 (UTC)

My personal opinion is that, if anything, it's the proxies themselves that should be treated as the problem. (I think even that would be somewhat unfair, but, again, "if anything") The notion of treating a user like a vandal or disruptive influence just because they happen to share characteristics with other "editors" is unsettling. There are numerous incredibly valid reasons for wanting to use proxies. Even if that practice is disallowed, it still isn't fair (or appropriate) to treat people with a need to protect their privacy as being the exact same as vandals. In short, nobody should be treated like they're being disruptive unless they're actually being actively disruptive. Bladestorm 03:58, 10 July 2007 (UTC)

The problem has always been the proxies themselves, and never the users. Open proxies have been abused several times for mass block evasion; if there's something wrong on the user's side, it's the block evasion, not the use of a proxy. That abuse is why open proxies are blocked indefinitely. --cesarb 04:10, 10 July 2007 (UTC)

It's worth noting that the change on Meta was supported by an overwhelming majority of the ENWP users who commented there (8:2 by my count), was initially proposed by an ENWP user (me), and as far as I can tell no substantive reasons have been given for believing that the "punitive" interpretation was ever anything but a misunderstanding. Some interesting points were raised regarding whether admin use of open proxies is problematic, but frankly I don't see that there is a direct link between that issue and this one -- particularly since, if I'm not mistaken, admins can edit from hardblocked IPs anyway; any solution to admin use would have to begin with the removal of that particular setting. -- Visviva 13:36, 10 July 2007 (UTC)

My thinking here is quite simple. No, the act of editing through a proxy is not inherently wrong. So the policy should address the treatment of proxies, and be silent on users. (As a hypothetical, an internet expert in a household or business might decide that use of anonymizing proxies for web access is in the best interest of that household/business, and configure the router/network to use them all the time. Another member of the household/business may not even be aware that they are automatically using an open proxy.) We can preventatively block open proxies when found due to the trouble we've had in the bast with intentional vandals. But if there is no evidence that a particular user is being problematic in their own edits, their use of a proxy is not good reason to assume that blocking the user will prevent any damage to Wikipedia. Consider again, the statistics on vandalism and IP editors. A large majority of vandalism edits are from IPs, while simultaneously a large majority of IP edits are good edits. The same can be true of open proxies; and when we have a registered user using an open proxy there is both a way and a reason to consider their edit history as a separately identifiable group of edits from those of other registered users or anonymous editors of open proxies, even of the same open proxy network. By all means, continue to block (in some fashion), the proxies on sight. But don't let the policy say or imply that a user using a proxy is thereby violating policy. The user is not violating policy, and we need to change the wording of policy to reflect this existing consensus, no matter how much a small handful of people argue otherwise. GRBerry 22:28, 11 July 2007 (UTC)

So, one of the problems with dealing with existing cases where people are using proxies is that, when there is a reason to use them, one tends to not want to discuss that reason. (In general, when someone is going through something difficult or scary, they tend to not want to make themselves feel even more vulnerable by disclosing information about it)
So, I thought it might be interesting to talk about just what could be done, in some cases, with nothing more than an IP address.
Checkusers are, theoretically, the only ones with access to IP information, but that doesn't really guarantee safety of the information. For example, one of CW's ip addresses was mentioned right on the AN/I page. Granted, that was probably also a (non-tor) proxy as well, but it does remind one that checkusers, of course, are only human. If one's personal safety or mental health were depending on it, one might be less than enthusiastic about the notion of trusting that a human will be forever perfect and flawless in their every action, without ever making a single mistake.
In my case, here's what you can do with just the log of my IP addresses:

1. Find out the country, province, city, school, building, block, and precise personal office that I primarily use to edit.
2. With just that information, it would be a trivial matter to find out my full name.
3. Since I'm listed in the phone book, you could then find my home address and phone number.
4. It would then be a trivial matter to find my picture and know exactly what I looked like. (The graduation photos are posted right outside the department. You only need to know the alphabet to find my picture)
5. Between the three IPs that would appear most in the log, you could determine my precise travel patterns, and exactly how often I travel to the US, as well as for how long.
6. You could then even, if you for some reason wanted to, find out my girlfriend's car's make, model and colour, and license plate number. (I don't know how much information can be found out from that. Presumably not a lot)

In short, if anyone had the desire, they could learn exactly who I was, where I was going, and who the people closest to me were all within no more than two days.
Of course, I'm not personally particularly concerned about that. (Which is probably why I don't edit with proxies or anything like that)
However, ex-spouses can be a problem. Fact is, they do sometimes track people down and make their lives miserable. Stalkers could be an equally severe problem. Heck, even people wanting to "out" editors on websites could be a major problem. And we allll know of certain somebodies who have tried to reveal the realworld identities of editors. Imagine if, just if, for some reason, one of those somebodies were to be able to get their hands on the wrong IP logs, and started posting the full names, phone numbers, and home addresses of several editors.
And imagine if those editors had wanted to protect their privacy, but they'd been told that they weren't allowed, just because some users of proxies could theoretically abuse the system and, gasp, abuse it to no greater extent than AOL is already abused. Personally, I'd have a hard time telling someone that seeing their home address on an attack site wasn't a big deal, or was for the greater good (of boosting the perception of better vandalism control). Bladestorm 04:33, 10 July 2007 (UTC)

Hey, don't worry. The same people who are responsible for this policy will make the utmost efforts to ensure that no links to the attack site outing you will be posted on wikipedia. --Elian ^Talk 16:54, 10 July 2007 (UTC)

Uh, I honestly couldn't tell... was that a joke? (I sooo suck at telling people's moods) Bladestorm 16:55, 10 July 2007 (UTC)

Sorry, I can't tell you either. I meant it as a joke but after reading the last lengthy debates on wikien-l it seems to me that people really mean it. --Elian ^Talk 17:08, 10 July 2007 (UTC)

Considering there seems to be pretty broad agreement on the talk page for this change, with the exception of Crum and Slim who appear to have stopped participating here, would either please explain what they would like to see happen here to develop a concensus? Mackan79 11:18, 10 July 2007 (UTC)

I can't see consensus for these changes. What is it exactly about the current version that you object to? As you want to make the change, the onus is on you to argue for it. SlimVirgin ^{(talk)(contribs)} 12:16, 10 July 2007 (UTC)

What is it we object to? Uh... how about the continued banning of constructive contributors, and the complete lack of any rationale for the policy? – Gurch 12:38, 10 July 2007 (UTC)

The change has been supported for a whole number of different reasons, I'm surprised you haven't seen this. See my most recent five point list here. In any case, one problem with the current policy is that it prevents about a billion people from editing. Is that not a concern? Mackan79 12:47, 10 July 2007 (UTC)

Maybe we need a straw poll after all. In common with the great majority of editors who commented on Meta, I support Pathoschild's change of the Meta page and I support this page being kept in sync with Meta. Frankly I'm bewildered by the objections. -- Visviva 13:55, 10 July 2007 (UTC)

The question is simply what a straw poll will accomplish beyond where we are now. It seems pretty clear that most who have looked here have voiced in favor of the change, but that Slim and Crum are continuing to object; thus I'm hoping they can offer a little more detail on what they'd like to see happen, rather than just to go through a lot of different things. Slim also just said the onus was on those seeking the change to present the reasons why, so it seems our explanations have now put the onus back on her. Mackan79 15:06, 10 July 2007 (UTC)

For the record I agree with SlimVirgin and don't agree with changing this policy from this version, certainly until all the issues have been discussed and not just the sock admin issue. I certainly do not see anything like the "pretty broad agreement" claimed by Mackan79. I look at the Meta history and see the change is mostly due to the one man band changes by Pathoschild, a steamroller aproach to changing the text, so I gave up writing on there since it was obvious Pathoschild wasn't listening. Fnagaton 17:22, 10 July 2007 (UTC)

And these "other issues" are...? – Gurch 18:47, 10 July 2007 (UTC)

For example weakening the guideline text so much that it becomes possible to edit without creating an account while using Tor or some other ISP like AOL which has a large amount of IPs used for vandalism. The ability to preemptive block systems like Tor need to be strengthened in these situations. Fnagaton 19:17, 10 July 2007 (UTC)

Strengthened? As compared to the current situation? Is that even possible? Anyway, nobody was suggesting Tor be unblocked completely. Either reduce the blocks to anonymous-only, or stop treating administrators like some elite class and prevent them from editing through open proxies too – Gurch 21:20, 10 July 2007 (UTC)

Yes strengthened, like the automatic blocking of anonymous edits by those on the Tor exit node list. Also removing the wording "Open proxies are banned from editing Wikimedia projects" would be an example of weakening the guideline text, as I mentioned in my previous post. Fnagaton 21:29, 10 July 2007 (UTC)

Fnagaton, how would saying "Open proxies will be blocked from editing as soon as they're discovered" rather than "Users are forbidden to...", weaken the guideline? That still leaves open blocking through other technological means (such as use of the TOR list) if the developers wish to include such functionality, and certainly still allows admins to block proxies as always. All it does is shift the focus to the proxies rather than the users of the proxies, which is what it seems there's pretty strong consensus to do. The ArbCom also appears ready to rule that an editor who is well-known to have used proxies is still an editor in good standing and is welcome to return anytime, so it seems they agree that simple use of a proxy is not in itself punishable. (That still leaves open the question of whether we should hardblock or softblock, but neither the Meta nor English version specifically address that subject, so that's a moot question as far as that edit goes.) But either version of the policy allows for anonymous editing from a proxy to be disabled. Seraphimblade ^{Talk to me} 21:34, 10 July 2007 (UTC)

The language used is weaker especially since automatically blocking the Tor list isn't implemented. For example "as soon as they're discovered" is not as strong as "Open proxies are banned" because the former is vague. Since it's not as strong then it makes the guideline weaker. Fnagaton 22:15, 10 July 2007 (UTC)

Firstly, we do implement policies according to common sense. But finding an IP address on a known-reliable list of TOR proxies is just as good a method of discovery as any, and we can (and do) block them this way already. If an automated way to do this could be established, rather than admins checking and blocking, that would be fine too. If we say "we can block proxies as soon as we know they are", it doesn't matter how we found out or how the technical side of the blocks are implemented. Seraphimblade ^{Talk to me} 22:23, 10 July 2007 (UTC)

Currently though an automatic method isn't implemented therefore changing the text to "as soon as they're discovered" is considerably weaker than "Open proxies are banned". Which is one of the reasons why I don't agree with changing the text to the weaker form. Fnagaton 22:26, 10 July 2007 (UTC)

Fnagaton, would it resolve the problem if we added a sentence saying such users should register therir accounts? That could read:

Open or anonymising proxies may be blocked for any period at any time. While this may affect legitimate users, they are not the intended targets and may freely use proxies until those are blocked. For this reason, individuals relying on open proxies are free to register an account, in which case they will remain able to edit. No restrictions are placed on reading Wikipedia through an open or anonymous proxy.

I'm not sure if that resolves your concern; one problem is that it seems you're actually wanting something that isn't in the policy currently, to say that checkusers will proactively seek out and block open proxies whether any problems have been found or not. I don't know if checkusers do that now, but it would seem they'd be just as able with the new wording as the old. The only problem with saying "banned" is that it suggests even registered users are violating policy, which is what we're trying to address. Mackan79 22:34, 10 July 2007 (UTC)

Although it's an improvement it doesn't give give a clear message like the old text. Something like "Open proxies are banned from editing Wikimedia projects except when a user account is logged in." i.e. If someone tries to edit without an account and they're using a Tor IP (or other blacklist) that edit is banned or blocked. Fnagaton 22:41, 10 July 2007 (UTC)

How about this:

Open or anonymising proxies may be blocked for any period at any time. While this may affect legitimate users, they are not the intended targets. For this reason, individuals relying on open proxies are free to register an account, in which case they will remain able to edit. No restrictions are placed on reading Wikipedia through an open or anonymous proxy.

That removes that they're free to edit in the meanwhile, so it only says you're ok if you register. Re "that edit is banned or blocked," it seems to me that goes beyond even what we do now (this would mean all edits are retroactively undone?). I see you're saying the one language is stronger than the other, but in practice, it would still seem the blocking could be done just as proactively or reactively under either. Mackan79 22:51, 10 July 2007 (UTC)

Sorry that's still not quit quite for me. It's the case currently (with the "banned" text) that if someone edits without an account with an IP that belongs to Tor then that edit is "from a banned user" which then means according to 3RR policy it is not against 3RR to revert those changes regardless of the merit of those changes. Without such strong language about being banned it means someone without an account could use Tor to edit war and editors would be in danger of falling foul of 3RR while legitimately reverting the Tor user. You see it was a favorite tactic of a banned user to use Tor and then file bogus 3RR reports when they saw their changes being reverted. Fnagaton 23:11, 10 July 2007 (UTC)

I don't believe you'd find yourself doing so well if you reverted good-faith edits just because they were made through TOR. I would not accept that as a 3RR exemption, and I don't believe too many would. Seraphimblade ^{Talk to me} 23:30, 10 July 2007 (UTC)

In the example I gave the edits were definitely not good faith edits however to someone just looking at the 3RR report without background knowledge the edits may appear to be have been "good" but in fact they were sock puppet Tor edits made by someone pushing their POV. Fnagaton 09:47, 11 July 2007 (UTC)

Fnagaton, so your concern is that under the current language people are not limited by 3RR in reverting anonymous open proxies, but under the proposed change they would be? Does this happen, that known open proxies make borderline edits which people aren't able to revert? In general, it would seem that the vast majority would be vandalism, which isn't subject to 3RR anyway. Mackan79 01:49, 11 July 2007 (UTC)

Yes unfortunately I've seen it happen with User:Sarenne doing exactly that. Fnagaton 09:47, 11 July 2007 (UTC)

It looks like he's been banned, though, and I presume not based on the language of this policy. Honestly, I don't care what the policy is for anonymous open proxies, who could be "banned" or not; it just seems a bit odd to have this language for what appears to be a very rare situation, and with other solutions available, and as an indirect way around the 3RR that many people wouldn't accept anyway (as SB pointed out, if you're reverting what look like good faith edits simply because someone was an open proxy, people will probably object). That's to say, we could have a policy saying "Open proxies are banned from editing Wikimedia projects except when a user account is logged in"; it just wouldn't seem very natural, since the practice has never really been to seek them out and punish them anyway. Mackan79 10:35, 11 July 2007 (UTC)

In the current example the language of the policy about proxy edits being banned was helpful in reverting the hundreds of similar edits made by that user in many tens of articles. The user was eventually banned for massive and obvious abuse of anonymous editing through Tor proxies however if the user had been more subtle the problem might not have been spotted so quickly. Which is why I still think it is best to make it very clear that edits without an account while using Tor are banned from Wikipedia regardless of the merit of those edits. Also the policy has been about banning edits from anonymous proxies since the text "Open proxies are banned from editing Wikimedia" has been in the policy for a while now. It's the recent changes that have tried to remove it and which has been causing some pushback from editors. Fnagaton 10:48, 11 July 2007 (UTC)

Well, I'm trying to work this into the proposal, but am finding it somewhat difficult. My last suggestion:

Open or anonymising proxies may be blocked for any period at any time. While this may affect legitimate users, they are not the intended targets. For this reason, individuals relying on open proxies are free to register an account, in which case they will remain able to edit. No restrictions are placed on reading Wikipedia through an open or anonymous proxy.

So my goal here is basically the same as Jimbo's suggestion, which is to switch from hard-blocking to soft-blocking open proxies. You're suggesting we still need to retain a presumption toward reverting edits by anonymous open proxy users, I just can't see how to make that a natural part of the policy. It also occurs to me: you're saying this helped in reverting hundreds of edits afterwards, but in that case 3RR wouldn't have been an issue, since he's already out of the picture. Would the same actions not have been possible in any case? Mackan79 12:11, 11 July 2007 (UTC)

In the example I'm thinking of the user was not banned at the time of large numbers of open proxy edits containing very similar edits that the user was infamous for. So at the time the wording was useful for reverting during the period when the bad edit attacks were being made despite the attempts of that "anonymous" user to file spurious 3RR reports. By using Tor without an account logged in the user was very effective in avoiding 3RR violation and accusations of sock puppetry because using Tor left no direct IP address evidence it was the same person. Combine this with the fact that on the surface those edits did not appear as normal obvious vandalism and it was extremely difficult for editors with accounts to combat those bad edits and not fall foul of 3RR by reverting those Tor edits. The user only eventually got banned because after a period of time it became obvious that even though the Tor edits were without a logged in account they were so numerous and the change comments so similar that it was only one user behind it. It was only the mistake of the user by making hundreds of such edits in tens of articles that made it so obvious. In the start the user would only make a few edits every day using Tor but over a period of time the user had ramped up their edits to be hundreds in many articles on related subjects. A more subtle Tor edit campaign by one user without an account in a smaller section of articles may not be spotted for quite some time. That's why I still think it is a jolly good idea to not allow edits from proxies unless there is a real user account in good standing. Fnagaton 12:36, 11 July 2007 (UTC)

Ok, that does make some sense, thanks for the explanation. Next shot, then: would it help if we said users should register an account (rather than "are free to")? The other option would be "are required to," but still seems a bit overdone, since hopefully we wouldn't need to go after people who really are just helping the project. I'd think either one could be useful in the situation you're describing though. Mackan79 12:50, 11 July 2007 (UTC)

I'd prefer "are required to" as in "users who wish to use an anonymous proxy are required to register an account". Fnagaton 13:16, 11 July 2007 (UTC)

Ok, do others have opinions on this? Mackan79 13:38, 11 July 2007 (UTC)

I am not convinced by the arguments presented. As an editor that spends time in RC patrol and the noticeboards, I am unwilling to consider at this point any lessening on enforcement of this policy. ≈ jossi ≈ (talk) 00:39, 11 July 2007 (UTC)

Jossi, the only question is how the policy applied to registered users helps serve that purpose. My understanding is that very little of the vandalism comes from registered users, while those accounts can be banned themselves. Is this not accurate? Mackan79 01:54, 11 July 2007 (UTC)

A vandal, POV pusher, etc, can easily create multiple accounts, use TOR and get away with murder... ≈ jossi ≈ (talk) 02:01, 11 July 2007 (UTC)

In terms of vandalism? I'm wondering if creating a load of accounts to do this isn't just as difficult as finding new unblocked open proxies. Is there any other way we could address that without blocking editors from China, and anyone else who may have a valid privacy concern? Mackan79 02:10, 11 July 2007 (UTC)

I do appreciate the concern about editors from China, and I do not have any brilliant ideas how to resolve it (although it would be possible for the Foundation to create an "open proxy" with geolocation, allowing proxy access only from a specific TLD such as .cn). But the issue of privacy I do not get. IP addresses are not visible unless you have the checkuser bit, and logs are deleted after 2 months. The privacy policy of WP, covers this already. If editors are paranoid about their IP being disclosed, they should not edit, or do so from an Internet Kiosk. ≈ jossi ≈ (talk) 02:16, 11 July 2007 (UTC)

Well, without even getting into those other editors then: On the one hand, you're saying it's possible the new policy could be used to create multiple vandal accounts, even though I think you have to concede that this would take some effort and can be done with some effort anyway. On the other hand, we are preventing the world's most populous country from editing the encyclopedia that anyone is supposed to be able to edit. I suppose I'm having a hard time seeing how one wouldn't be willing to test what the consequences will actually be. Mackan79 03:34, 11 July 2007 (UTC)

As I said, if providing access to Chinese editors is important to the project (which I believe it is), we could explore a technical solution such as the one I proposed above. Put online an open proxy managed by the foundation (or by a willing and trustworthy editor that want to do this) that allows access only to people coming to it from the .cn TLD (this can be easily done, I have done similar access-by-TLD implementations. This is called in tech parlance as ""IP delivery based on geolocation".) We then whitelist that proxy so it cannot be blocked. It can be done and will resolve this issue, without compromising Wikipedia and the current no open proxies policy. ≈ jossi ≈ (talk) 03:48, 11 July 2007 (UTC)

With all respect, this doesn't strike me as satisfactory. As far as I can see, you're proposing a rather elaborate technical solution, which assumes this will happen, assumes people will want to use it, and dismisses the privacy concerns of anyone else. All because it's possible people would abuse the new policy, without any evidence or even solid explanation why they would? I'm afraid I still don't understand how you can be sure hard-blocking vs soft-blocking is doing so much good, when the evidence of productive editors being lost is already real. Mackan79 04:30, 11 July 2007 (UTC)

Jossi, surely you're aware that all you need to do in that case is find a Chinese proxy, then log in through the "approved" proxy. (This does work, there's occasionally something I want to watch on the BBC site, and they geolocate it so only people in Britain can see, so I've made myself British for an hour or two more than once.) China is most certainly also not the only totalitarian regime from which privacy must be maintained to ensure an editor's safety. That also presumes a lot—that the Foundation would be willing and able to do so (or that a user can be found who is sufficiently trustworthy, sufficiently technically competent, and has the ability to handle that much traffic). If that happens, great, and at that point we can evaluate the situation with such a thing in place. But for now, let's deal with what we have in front of us at this moment, not with what might or might not be done at some point in the future. And what we've got right now is the real, concrete harm of over a billion people being de facto blocked from editing (not to mention some known-good contributors concerned about their privacy), vs. some nebulous bogeyman of "multiple sockpuppet admin accounts", which has never actually happened. Yes, yes, I know, a few people just know for sure it has happened and is going on as we speak. While I'll assume good faith as much as possible, I can't believe that one without seeing the evidence, and if the evidence is strong enough to treat as positive knowledge, why aren't there desysoppings happening? No one's answered that yet, nor has one single request for presentation of evidence rather than assertion been met with anything but further assertion and a total lack of evidence. To be quite blunt, either put your evidence on the table or quit expecting people to believe you, and quit saying "It's true, it's happening as we speak!" but refusing to back that up. Seraphimblade ^{Talk to me} 05:28, 11 July 2007 (UTC)

WTF is all this about multiple vandal accounts? Nobody ever suggested we should re-enable account creation via Tor. Just allow already-registered users to edit it. So I don't see how that could be an issue – Gurch 11:00, 11 July 2007 (UTC)

Someone can easily create numerous accounts on their primary ISP and then use those accounts via Tor, and then continue to do so ad infinitum. They would not even be hindered by autoblocks. —Centrx→talk • 19:16, 11 July 2007 (UTC)

Yep. Or they can create numerous accounts on their primary ISP and then use those accounts via their primary ISP. They would not even be hindered by autoblocks (unless they got through so many IPs that they got reassigned the same one again within 24 hours, which is pretty damn unlikely) – Gurch 15:17, 13 July 2007 (UTC)

Wikipedia is totaly censored by a community of 859 administrators. Administrators introduce (and support) one another, so any idea that differentiates their weltanschauung can hardly survive from censorship. In whatever country you are, no matter how much this country censors its citizens, you can always find a proxy to bypass state's censorship. But if you wan to find a proxy to bypass the censhorship of the 859 wikipedia admins and write something which is against their will, this is imposible! Wikipedia censors have already discover before you every possible open proxy, and have already blocked it. Wikipedia, with the help of its 859 admins who support and introduce one another, is one of the most censored places in the whole world! And the important thing is that these 859 people are not selected as censors because they are certified as real persons and not as sockpuppets, they are not 859 randomly selected real persons. These 859 people are nominated as admins because they are friends of the system, and they ready to support the censorship it produces. Asidehands 21:51, 10 July 2007 (UTC)

Ranting aside, I note a number of administrators here, including myself, who do in fact wish to take measures to allow non-abusive editing through open proxies. Seraphimblade ^{Talk to me} 22:24, 10 July 2007 (UTC)

If you want to stop wikipedia censorship, you have to ban all 859 admin gang, then ask every wikipedian to present a PGP key. Then, everyone who wishes to be certified as a real person, s/he has to participate to a local meeting somewhere, where REAL persons, wearing hoods or not, will show their PGP key and will certify that the others' PGP key realy belongs to a real person and it is not a sockpuppeteer PGP key. Then, after creating this tree of trust of real persons you have to select randomly 859 real persons and make them admins. This is the only way to prevent the censorship that is produced by the self-supporting-sockpuppeteer admin gang we have today. Chance and beeing a real person should be the two and only criteria for someone to become an admin. Any other criterion, such as voting or supporting, produces censorship.

And the problem of vandalism can very easily be solved if you add a rating system to the history of the articles and to the parts of the articles. Then let anyone who wishes to sort the history of the articles (and the article parts) according to the ratings of the (real persons) admins. See? The solution against vandalism is simple. Ratings. No bans, no open proxy hunting, no admins who hurt and humiliate wikipedians, no vandals. Actually most of the vandals exist and live because the programmers gang, who created and supports the admins gang, do not want to accept this simple solution of rating (and sorting) instead of banning.

Regarding rating the history of the article, this is simple to imagine and implement. Regarding rating a part of an article, I imagine a mechanism where someone could paint the article with colors, paint black the part of the article s/he dislikes tottaly, paint white the article's part s/he likes tottaly, and paint tones of grey the rest of the article. Then the article's rating will appear as the average of all people's paintings. Asidehands 23:17, 10 July 2007 (UTC)

Back to the top of the this discussion:

Why are anonymous programs forbidden on Wikipedia, and where has this policy been decided? Has it been voted? If yes, can a new vote be submitted, what is the "policy on policies"? Tazmaniacs

It is interesting that such questions do not get answers. Nisanu 15:40, 4 September 2006 (UTC)

Asidehands 00:17, 11 July 2007 (UTC)

You can shout, but do not expect anyone to reply. I have placed some pointers on your talk page. ≈ jossi ≈ (talk) 00:33, 11 July 2007 (UTC)

If there is noone who can reply to the above simple questions, this means that the whole project is irrational. As you said in your homepage, maybe wikipedia is a project designed to keep records of the behavior of the people, or a project that fools people and makes them think that it is an encyclopedia everyone can edit (which is the biggest lie an online community ever said), so that they can trust, like the did with TV the old times, its content. A content that in reality represents the weltanschauung of 859 log-rolling admins and not everyone's POV, neither NPOV (NPOV can either be defined as the average of everyone's POV or alternatively can remain maliciously undefined in order to support someone's weltanschauung). As long as the project seems irrational and there is noone who can answer rational questions, is joining the vandals and destroying it a rational answer?.Asidehands 08:02, 11 July 2007 (UTC)

Well, you could always participate constructively in the discussion. I would think that would be the most rational course of action, and also one which might actually persuade people to listen to what you say, because right now, you're quite frankly making a fool of yourself. Seraphimblade ^{Talk to me} 08:32, 11 July 2007 (UTC)

As long as the project seems irrational and there is noone who can answer rational questions, is joining the vandals and destroying it a rational answer? ... Go ahead and make my day... Wikipedia is stronger than any vandal. ≈ jossi ≈ (talk) 23:12, 11 July 2007 (UTC)

It was a question, I didnt answer a yes or a no. You have 859 admins. Do you have any idea how many the vandals are? Asidehands 07:33, 12 July 2007 (UTC)

One admin can block and revert many, many vandals per day. Really, vandals probably don't care about getting blocked—the main argument I can make against it is they're wasting their time. Jossi is quite correct, we're far stronger than any vandal or group thereof. Seraphimblade ^{Talk to me} 07:39, 12 July 2007 (UTC)

You are not stronger than any vandal. You are very very weak. And in the near future, when technology and the people will overcome the stupid limitation of the IP addresses (obviously limited IP addresses have been designed for comercial reasons, in order for some smart guys to buy and sell and gain profit from this nothing), and when everyone will be able to choose his unique IP based on whatever number s/he wishes, then the vandals will destoy you. This is not a distant future. That day you will be forced to stop the stupidity of blocking IP addresses, and you will accept ratings as the only solution. But it will be too late for your community then... Asidehands 10:06, 13 July 2007 (UTC)

Ok, per discussion above I see two proposals to modify the version here.

1. Open or anonymising proxies may be blocked for any period at any time. While this may affect legitimate users, they are not the intended targets. For this reason, individuals who wish to use open proxies should register an account, in which case they will remain able to edit. No restrictions are placed on reading Wikipedia through an open or anonymous proxy.

2. Open or anonymising proxies may be blocked for any period at any time. While this may affect legitimate users, they are not the intended targets. For this reason, individuals who wish to use open proxies are required to register an account, in which case they will remain able to edit. No restrictions are placed on reading Wikipedia through an open or anonymous proxy.

Any thoughts on the validity of either of these? Mackan79 20:20, 11 July 2007 (UTC)

Well, you need to insert "anonymous-only" after "may be blocked", else everyone will ignore it. And the two versions mean the same thing, no petty squabbling over words please – Gurch 20:36, 11 July 2007 (UTC)

Anonymous-only blocking is as ineffective against long-term abusers as not blocking at all. —Centrx→talk • 20:38, 11 July 2007 (UTC)

Even when account creation is disabled? How so? – Gurch 21:46, 11 July 2007 (UTC)

They create the accounts using unblocked IP addresses. Open proxy blocking is not 100% effective, and in addition they can use their primary non-open-proxy IP addresses to create accounts. Checkusers repeatedly find vandals using soft-blocked open proxies with registered accounts. All it takes is a couple of open proxies, or just your own IP address, that are not blocked to account creation, and you have a dozen vandal accounts that are not affected even by autoblocks. —Centrx→talk • 21:54, 11 July 2007 (UTC)

You give someone a week—15 minutes per day—and he can create a hundred vandal accounts that even a checkuser won't be able to stop—unless open proxies are fully blocked. —Centrx→talk • 22:02, 11 July 2007 (UTC)

Is this not somewhat speculative? What happens when 5 vandals in a row show up from the same open proxy -- could a checkuser not then hard-block that open proxy? Otherwise, it seems you're talking about the same thing of a person using multiple open proxies, which they're just as capable of doing currently. I'd think if there's any agreement that it might be useful to let China or other privacy-minded individuals edit, we'd at least be willing to test what happens rather than assume it would be something we couldn't control. Mackan79 22:15, 11 July 2007 (UTC)

All it takes is a couple of open proxies, or just your own IP address, that are not blocked to account creation, and you have a dozen vandal accounts that are not affected even by autoblocks.

So disable account creation on open proxies. And the fact that you can do the same thing with your own IP address only demonstrates that open proxies are irrelevant.

and he can create a hundred vandal accounts that even a checkuser won't be able to stop

"Won't be able to stop"? As soon as those accounts vandalise, they are blocked indefinitely with account creation disabled. A checkuser is run because the edits all look similar, so account creation is also disabled on any responsible IP addresses that got past the blocks, and now the accounts' creator is stuck. They can find another IP address and start again, of course, in which case we block that. Just like with any other vandals. Again, open proxies are irrelevant – Gurch 22:39, 11 July 2007 (UTC)

Not so, Gurch. The occasional vandal is not my concern. I have been 'round the block enough times to have seen the most unbecoming behavior by those people that want to bend WP to their own designs, and allowing open proxies is such a huge hole that that I do not even want to contemplate the unintended negative consequences resulting from it. It leaves us without a recourse. ≈ jossi ≈ (talk) 00:14, 12 July 2007 (UTC)

I'm sorry, I still don't follow you. What are these "unintended negative consequences" so dreadful you can't bear to contemplate them? If you mean vandalism and sockpuppetry, so what? We deal with such things by the bucketload with or without open proxies – Gurch 12:32, 12 July 2007 (UTC)

The current crosswiki policy advocates fully blocking proxies, so that not even registered users can edit from them. (The contested issue is that it doesn't advocate retroactively blocking any account that edited from a proxy before it was blocked.) —{admin} Pathoschild 21:42:07, 11 July 2007 (UTC)

Right, there's also a suggestion to move to (or return to) soft-blocking rather than hard-blocking though, to make the whole thing more consistent, see above. Mackan79 22:15, 11 July 2007 (UTC)

I hear you Mackan, but I still disagree. ≈ jossi ≈ (talk) 23:13, 11 July 2007 (UTC)

Alright Jossi, let's ask once again. Who did this? How did they use proxies to do it, and how would having hardblocked proxies have stopped them in a world of insecure wireless nodes, countless net cafes, and AOL? I keep seeing the assertion that softblocked proxies will lead to (and have led to) terrible, catastrophic results. Has it happened? If so, when and how? And if not, let's treat the assertion properly, as speculation rather than fact. Why is it that the moment I ask for actual evidence the thread where that request is made goes silent? Seraphimblade ^{Talk to me} 07:29, 12 July 2007 (UTC)

I am reading with interest the complexity of this issue as explained by User_talk:Armedblowfish. Once I understand this better I will comment. ≈ jossi ≈ (talk) 16:14, 12 July 2007 (UTC)

It appears we currently have two questions: 1. Should the checkusers hardblock or softblock open proxies, and 2. Should registered users who are willing to navigate the blocks be seen as violating policy. Per Pathoschild, the m:NOP policy currently seems to allow either type of blocking under question 1, but does not make users in violation of policy under question 2.

From what I understand, the checkuser practice may actually be similar to the meta policy, to hard block when necessary and maybe to softblock in other situations. If that's true, that would seem to me a fair way to continue, while simply changing per the meta policy that users who choose to navigate this won't be considered in violation of policy. I believe this would also be consistent with Jimbo's suggestion of making clearer that there may be valid reasons to use Tor, while leaving latitude to the checkusers, and allowing protective action where necessary. Thoughts? Mackan79 16:11, 12 July 2007 (UTC)

The technical problem does not involve just hard-blocking vs. soft-blocking. There is the ipblock-exempt permission, which could be put into effect today if the developers would merely commit an extension (this permission basically means that a Tor exit node can be hard-blocked and users with this permission may still edit through it); the only problem is that the developers want to build a modular and flexible permissions-handling special page, instead of tacking one on for every permission. Currently, there is Makesysop and Makebot. I think that we should consider function over form until form is available, but that's just my opinion. This extension, or any future one, does not solve the problem of editors being discriminated against and maligned on their RfAs, which is your second question. Gracenotes^T § 19:46, 12 July 2007 (UTC)

Do the developers have a timeline on when they will have the more modular permission-handling? ≈ jossi ≈ (talk) 20:02, 12 July 2007 (UTC)

Gracenotes, correct me if I'm wrong, but that would seem consistent with changing to the meta policy then, which would continue to allow checkusers and/or developers to move toward more efficient ways of blocking people or letting them through. With that change, we still wouldn't specify exactly how the blocking is to take place, but hope that those in the know would find their ways of dealing with it. The change then might be somewhat symbolic, but would reflect the clear lack of concensus for a "policy" of focusing on editors who use these (as opposed to the actual checkuser practice of focusing on the proxies themselves) that seems to have been slipped through a bit of a year ago without any great discussion, but which the community also now seems not to support. Mackan79 13:18, 13 July 2007 (UTC)

...continue to allow checkusers and/or developers to move toward more efficient ways of blocking people or letting them through

Uh, no thanks. I don't want the checkusers moving anywhere, especially not if it involves "more efficient ways of blocking people". They can stop banning constructive contributors before they get any more power to fish around with – Gurch 15:13, 13 July 2007 (UTC)

I'm only talking about the current m:NOP, which doesn't give more power or take it away, but at least puts the focus back in the right place. You supported the meta policy, no? Mackan79 15:19, 13 July 2007 (UTC)

The method by the exemptions are going to be dished out are another issue. The ability to give and remove exemptions is probably going to be available to admins, who have the power to unblock Tor nodes anyway (not to say they wouldn't be reversed). Ideally, the process would go like this: 1. The person mails the unblock mailing list in this fashion:

from:      address <address@example.com>
to:        Unblock requests <unblock-en-l@lists.wikimedia.org> 
date:      May 19, 2024 17:25
subject:   [unblock-en-l] request for Tor unblock
mailed-by: lists.wikimedia.org

Hi; I'm an individual who uses Tor for privacy reasons. I would like to register on the English Wikipedia with the user name [username]. The Tor exit node that I currently use has the IP address of xxx.xxx.xxx.xxx. I can be contacted at email@example.com. Thanks in advance,

[address].

The IP address itself will be very dynamic, and the only real reason for listing it is to provide some kind of proof that the person is using Tor. Then, an admin will 2. notify the mailing list that he/she is taking care of it and 3. try to create the account. If it can't be created because it already exists, the admin will 3a. contact the user and notify him/her to e-mail back a new one. If the account can be created, the admin will 3b. create it, setting the e-mail address to the e-mail of the Tor user, and the password to something reasonably unguessable. Then an admin will 4. add the user to the ipblock-exempt list and 5. have MediaWiki reset the password by e-mailing the Tor user. If a user doesn't use his/her account after two weeks, it will be blocked with the block summary "Your acount-using time has expired", or something similar, and the user will be removed from the ipblock-exempt list. This is to prevent abuse of Tor accounts. This is only a rough sketch of an idea; the talk page of an IP address can be used as well, but that's a problem, since talk pages of open proxy IPs are often semi-protected due to abuse.

Why so complicated? Well, Jimbo himself distinguished between the "dissident really needing anonymity" and the "lunatic on crack" (link). "Good" Tor users care about their privacy and will suffer many things to keep it. From slow internet connections due to many layers of encryption, to going through a human-based process to get an account here. Armedblowfish suggested having the user write a draft of an article before he/she is given an account (see, for example, {{2ndchance}}). While article-writing is not everyone's strong point, the idea that an earnest user of Tor is willing to prove that he/she can be trusted (not expecting them to jump through a ridiculous number of hoops, of course) is a useful one. We must also never forget WP:AGF, and even if it cannot apply to open proxies (as supporters of this version of the policy claim), it should apply to individuals, to some extent—an element that is sorely missing from the policy as it now stands. Gracenotes^T § 19:43, 13 July 2007 (UTC)

Strongly oppose this policy. We must not prevent our editors from the People's Republic of China from editing Wikipedia. Period. Due to the Blocking of Wikipedia in mainland China, open proxies are usually the only way they may contribute--an indispensible lifeline for them. Badagnani 20:15, 12 July 2007 (UTC)

Huh? What we oppose is the policy page as it is currently written (and enforced by SlimVirgin and Crum), not a proposal – Gurch 20:55, 12 July 2007 (UTC)

Why should we support users in China as opposed to the Chinese government, IMO that is wrong. I hhad heard wikipedia is now allowed in China but if it isnt its not for us to subvert the Chinese government. IMO, SqueakBox 20:59, 12 July 2007 (UTC)

Er... please try to remain rational. Allowing users to edit through open proxies is hardly "subverting the Chinese government" – Gurch 21:02, 12 July 2007 (UTC)

Note that if we "supported" the Chinese government, we'd shut down Wikipedia; they don't want it, remember? – Gurch 21:03, 12 July 2007 (UTC)

Based on the discussion here, on m:NOP, and on recent RfAs, it looks pretty clear to me that there is not concensus for the current statement of policy, specifically to the extent it suggests that policy targets users rather than the proxies themselves. If so, it seems we should be looking for appropriate ways to amend it to regain status as an undisputed policy.

It seems to me the changes at meta are probably the most modest way of bringing the policy together with what the checkusers have said, Jimbo has said, and the community seems to support. While it doesn't take sides in hard-blocking vs. soft-blocking, it clearly states that open proxies may be blocked at any time. Thus, I'm wondering: if people oppose this wording, would they support something else? Unless some other option is presented, I'd think we should switch to the meta policy, both because it is the meta policy and because it seems the most accurate description of what the community actually does. Mackan79 14:05, 16 July 2007 (UTC)

It seems to me that the only logical thing to do is allow open proxies. The detriments of barring them seem higher than the benefits, and banning all open proxies seems to be against "Assume good faith." Assuming that an editor from an open proxy has malicious intent is like assuming that a user from a particular country must have a malicious intent/POV. This is especially true given that anything done with an open proxy can be done with a closed proxy or without any proxy at all. Anyway, the next best option is the meta version. It seems like the meta version is in accord with Wikipedia's goals while this version is not. By the way, has anyone discovered any proof of the "strong correlation" that I asked for about half-way up the page? I was on vacation for a while. .V. _[Talk|Email] 21:59, 17 July 2007 (UTC)

"Assume good faith" doesn't mean always assuming good faith when there is evidence to the contrary. Fnagaton 15:19, 18 July 2007 (UTC)

How is using a proxy de facto evidence of bad faith? .V. _[Talk|Email] 19:06, 18 July 2007 (UTC)

Your question not relevant to what I wrote and it is a loaded question logical fallacy. Fnagaton 20:19, 18 July 2007 (UTC)

My original post was regarding open proxies. If your statement was in reference to anything other than open proxies, I'm not sure how relevant it is to this page. Obviously, if there is evidence to the contrary, AGF may not apply. Might I ask, what were you talking about? .V. _[Talk|Email] 02:33, 19 July 2007 (UTC)

Well there is obvious evidence to the contray so as such absolute use of AGF, which is what you proposed, doesn't apply. Fnagaton 15:01, 19 July 2007 (UTC)

I never said that AGF is absolute. I only said that open proxies are not evidence of bad faith, so we should assume good faith on the part of editors who contribute using those proxies. .V. _[Talk|Email] 16:14, 19 July 2007 (UTC)

We do assume good faith on their part. That's why we block the proxies but in general let the users be. --jpgordon^∇∆∇∆ 16:55, 19 July 2007 (UTC)

That's why I support the meta version of this policy, although I do not believe that blocking Open Proxies is a good idea at all. .V. _[Talk|Email] 17:25, 19 July 2007 (UTC)

You wrote and I quote "banning all open proxies seems to be against "Assume good faith."". To which I replied ""Assume good faith" doesn't mean always assuming good faith when there is evidence to the contrary.". Since there is evidence to the contray it is not against AGF. For example, it is very easy for someone to scream about AGF with their main account and also be using open proxies without logging in to make their changes and circumvent policy. Should I AGF just because someone screams about it? The answer is of course no. Fnagaton 18:29, 19 July 2007 (UTC)

I think you're missing the "assume" part of it. .V. _[Talk|Email] 14:15, 20 July 2007 (UTC)

Not at all, there is no need to assume good faith when evidence shows there is bad faith. Fnagaton 16:41, 20 July 2007 (UTC)

Okay. Do you have any evidence in mind? .V. _[Talk|Email] 18:15, 20 July 2007 (UTC)

As an example try looking at the actions of banned User:Sarenne and the associated sock puppet report where the user was using Tor to circumvent 3RR policy while at the same time removing warnings claiming there were "Too many bad faith accusations, too much bad faith" i.e. against AGF. In this case it was not against AGF because there was an enormous amount of anonymous proxy use. Fnagaton 18:54, 20 July 2007 (UTC)

The only references to good/bad faith I could find on the talk page was in regard to an accusation of vandalism. That has nothing to do with open proxies. .V. _[Talk|Email] 22:16, 20 July 2007 (UTC)

It has everything to do with open proxies and you should examine the sock puppet report and actually look at those changes because most of the changes were not what is known as obvious vandalism such as swearing or changing the page to contain random characters. The user was making what appeared to be "constructive" changes but were actually incorrect changes that the user couldn't make with his main account because he would be then be blocked for 3RR. If you look at the sock puppet report and the talk pages of those IP in the sock puppet report the IPs used are Tor exit nodes. The user would whine about AGF with his main account and continue to use anonymous proxies to circumvent 3RR. Fnagaton 07:37, 21 July 2007 (UTC)

Fnagaton, I see your argument, it just doesn't strike me as very practical. If our question is currently whether to adopt the meta policy, you still have the language saying that proxies can be blocked at any time. While it wouldn't then go out of its way to say all such users are therefore banned, it seems pretty clear that idea has never had wide support anyway, while other means of reverting vandalism or even borderline vandalism seem to exist. I like for people to agree, but it's also hard when we're arguing back and forth in these general terms. Can I ask again what your feeling is on the meta policy? Is it a fair compromise? It seems like it still accomplishes most of what you're looking for. Mackan79 23:56, 20 July 2007 (UTC)

The language is not strong enough. Allowing edits without a logged in account through open proxies causes more harm than good and the practice should be blocked. Fnagaton 07:37, 21 July 2007 (UTC)

I have some trouble with AGF in this context, simply because the whole idea of policy is I think more to allow that assumption than itself to practice it. "If men were angels...", and all that. The problem here is I think much more your second part that this stronger language doesn't seem to accomplish much of anything, while we know that some people do have good faith reasons for using open proxies, including all of China. In any case, the lack of concensus for the "users are prohibited" concept seems pretty clear, which raises the question of why it is in the policy. I'd suggest again that unless someone can get a concensus for that idea that it should be changed to the meta version, or anything better that someone can come up with. Mackan79 02:59, 19 July 2007 (UTC)

Given the following ruling by ArbCom in the Charlottewebb case, specifically:

2) The Wikimedia Foundation prohibits editing from open proxies; these may be blocked at any time for a significant duration. At the same time, users editing from open proxies do not face sanction solely for that act; their behaviour from those proxies must be taken into consideration. This constitutes an acknowledged 'gap' in policy: proxies are prohibited from editing, but those who use them are not.

and the finding that Charlottewebb is an editor in good standing despite having edited through proxies, the discussion here and at Meta, and the total failure by anyone claiming that tremendous harm has already been done to provide any evidence of that, I've changed this back to the Meta policy. There is no consensus that users who edit through proxies should face any sanction or be considered "banned" themselves, and the ArbCom has indeed specifically found that they should not. Seraphimblade ^{Talk to me} 00:06, 21 July 2007 (UTC)

I agree that conforming to meta policy represents consensus. GRBerry 01:25, 21 July 2007 (UTC)

I as well. I'm also not sure when "consensus" became a basis for reverting against multiple people without discussion, which seems somewhat odd. Mackan79 02:51, 21 July 2007 (UTC)

As far as I am concerned, the "policy" tag should be removed from this page and replaced with a "policy in development" or "guideline" tag. Or nothing. Asserting we have anything like "consensus" around this policy is the height of absurdity, and all policies must be grounded in wide consensus (WP:Policy#How_are_policies_started.3F, for reference.) There are at least 15 established, credible users here who have voiced opposition to this policy as it stands. The only thing that prevents me personally from removing the policy tag is the recognition that doing so would be regarded as needlessly disruptive and in poor taste, and the near-certainty that it would be reverted. So I'll ask a general question before I change the page: Can you honestly tell me that there is a consensus, and if not, can you honestly tell me this ought be called policy?

Now, on to the policy itself. It is almost absurdly self-defeating. Jimmy Wikipedia will avoid editing from an open proxy because of this policy, even if it is in the best interests of the community and the site; even if it's the only thing that allows him to edit. But Joey Vandal will edit from an open proxy anyway, because he doesn't care anything for policy in the first place. Rather than imposing reasonable limits on proxies, then, it cuts off their positive use in the name of fighting negative forces. The WikiProject on open proxies can continue its work against vandalism, and this policy can even be salvaged if it is changed to reflect the concerns that have been brought up ("No open proxies beyond necessity" or somesuch), but as it stands, I strongly oppose this. -- Thesocialistesq/M.lesocialiste 05:29, 24 July 2007 (UTC)

The Foundation has authorized the blocking of proxies, and to some degree that will always be necessary, at least in terms of softblocks—a vandalbot using rotating proxies can cause a significant amount of damage. At the same time, some very good editors and many potential editors from oppressive countries only can (or only will) edit through proxies due to privacy concerns, or in at least one case the editor is a TOR exit node operator. There are also certainly many countries out there where editing without use of anonymization is impossible, or is a threat to the safety of the editor. For the moment, my suggestion is to softblock proxies as a matter of course, with hardblocks applied only by checkusers and only when abuse is actually occurring with significant numbers of registered accounts. There's also a feature request in to allow the ability to grant the "ipblock-exempt" permission (which allows an account to edit even from hardblocked IP addresses) by admins or bureaucrats. Currently, admins gain this ability, but there is no way to grant it without granting full adminship. Seraphimblade ^{Talk to me} 06:33, 24 July 2007 (UTC)

"softblock proxies as a matter of course" == Preemptive soft-blocking? Fnagaton 16:15, 24 July 2007 (UTC)

This was never a Foundation policy. The board had nothing to do with its creation, as far as I'm aware. Gracenotes^T § 02:25, 25 July 2007 (UTC)

Foundation level policies can not be overridden at the local project level. They can be made stricter at the local project level, or interpreted as to how they actually apply to that project, but not overrridden. And, if the Foundation policy allows for it (e.g. - in the area of fair use), the local project can develop specific standards. GRBerry 18:20, 24 July 2007 (UTC)

A Foundation policy is not a suicide pact. And the Foundation does not constitute an infallible Cabal. It is up to us, the community, to forge substantive and wide consensus on our own policies. The fact that we haven't built such a consensus on this policy demonstrates that we're in dereliction of our duty to implement an open proxies policy as required by the board, not that we're necessarily bound to accept the page as it exists now as policy. On the English Wikipedia, English Wikipedia directives about crafting policy are the ones that count. Evidently, there is no consensus, and I've been given no clear reason why something should be policy in the absence of consensus, so I'm going to go ahead and change the tag. -- The_socialist ^talk? 14:29, 26 July 2007 (UTC)

Yes, a Foundation policy can be a suicide pact. If the board chooses to create policy, it is in its jurisdiction to enforce it, even if the policy will result in the "suicide" of Wikipedia. NOP is not foundation policy, as far as I know, at least not by any standard process (but what it prescribed was once standard practice, before soft-blocking was even an option). I'm sure we can all agree: NOP has a complicated history. Frankly, it would be better if we trashed it and started from square one. But the version we currently have is in line with ArbCom rulings. Now, an ArbCom ruling is not a suicide pact, since ArbCom does not have judicidal review and cannot override policy. But ArbCom rulings are a good starting point, even though their case-by-case nature can limit scalability. Wikipedians have (on meta) agreed that the version there is fine. That's not a good argument for the version here, but it's a fact that should be taken into account. It appears as though a working consensus is in favor of the meta version. "Working consensus" is just that: not wrapped in a pretty package.

About the meta version more specifically: Pathoschild rewrote the policy to be scalable, and for every wiki to implement it (if that wiki so chooses) in a manner appropriate to it. But in my opinion, copying and pasting is not the best idea. What we need to do here, again in my opinion, is to establish a concrete process for dealing with open proxies, then make it policy, and if it needs to be changed, change it later in that order. This ArbCom ruling appears to scale well and looks like a good starting, so we need to develop a process first, and then implement it. (Note the order, rouge admins.) The best solution is hard-blocking proxies and giving ipblock-exempt permissions to users on a case-by-case basis. But the developers are either too farsighted or too nearsighted (or as I suspect, both) to commit the code. Gracenotes^T § 20:16, 26 July 2007 (UTC)

The Meta page states specifically "This page provides information about prohibition on open proxies on Meta and other Wikimedia projects." That sounds more or less like a foundation-level policy to me.

But what you said about the Meta page itself gets to the point: "Pathoschild rewrote the policy...for every wiki to implement it (if that wiki so chooses) in a manner appropriate to it." It's up to us to implement it in a unique, sane, project-specific way that includes a broad consensus from Wikipedians. We substantially agree: There is no broad consensus, this needs to be re-written, and it's down to us: our hands aren't tied by the Foundation. -- The_socialist ^talk? 09:59, 27 July 2007 (UTC)