User:MichaelBillington/Tor hardblocks are not the solution


 * Please add any ideas you may have to this

In light of recent events, some users have been trying to have tor hardblocked in order to prevent issues in the future. While it may seem at first to make sense, it is actually quite a bit more trouble than it's worth.

IP-based blocks do not affect admins
As of earlier this year, IP-based blocks no longer affect sysops. (see also bug 3706, for the bug report that resulted in this change implemented)

This would make hardblocking tor completely useless. A hijacked admin account can do a lot of damage, with or without its IP being blocked.

On a related note, a compromised admin account could easily undo the block, again making tor hardblocks useless at addressing the problem.

Legitimate contributors locked out
Over 100 million users in China cannot access this site without using open proxies. Tor, being an anonymity network, allows these users to view and edit the site while keeping them from being identified by the government.

Not only this, but there are a large number of editors who use tor for the sake of anonymity. Soft blocking the tor network has curbed abuse while allowing legitimate good-faith contributors to edit by registering an account from a non-tor IP.

The current method works just fine
Before bug 550 was resolved (users being unable to edit if their IP is blocked), editing from tor was near-impossible. Some Wikipedia editors were originally working on a way to make Wikipedia editable to tor users, but this was no longer necessary after 550 was resolved.

With the changes, it is not possible to register an account from tor, or to edit from tor while logged out. This has proven effective at stopping vandalism from the network.

However, the main page vandalism in the last few days was from tor, but as mentioned above, hardblocking tor can do nothing to stop that.

Other solutions
Instead of needlessly denying good faith users the ability to edit because of one vandal, we should be looking at other solutions. A variety of solutions have been proposed in various places, including:
 * Securing admin accounts, see bug 9816 (bug report was posted by AmiDaniel).
 * Desysopping inactive admins. (this has been discussed quite a bit in the past, but not implemented as of yet. Brought up on the mailing list by Chacor)
 * Running a password cracker internally, and protecting the site from password cracking attempts.
 * Requesting that people use secure passwords.