- The following discussion is an archived debate. Please do not modify it. Subsequent comments should be made in a new section. The result of the discussion was
Withdrawn by operator.
Operator: — madman bum and angel
Automatic or Manually Assisted: Automatic.
Programming Language(s): PHP.
Function Summary: Identifies anonymous edits made through the Tor anonymity network.
Edit period(s) (e.g. Continuous, daily, one time run): Continuous.
Edit rate requested: maxlag = 5.
Already has a bot flag (Y/N): Y.
Function Details: This task module will monitor recent changes (using the IRC feed) and queue the IP addresses of anonymous users making edits. Another thread will periodically check this queue using the TorDNSEL service, and any Tor exit nodes that have an exit policy permitting access to en.wikipedia.org:80 will be logged to an operator-configurable page, for sysops to review and softblock should they wish to do so.
Discussion[edit]
I have posted notice of this task request on the administrators' noticeboard and the WikiProject on open proxies talk page to make sure consensus is clear, though I may be overestimating the potential controversy of this task. — madman bum and angel 02:31, 14 November 2007 (UTC)
- Note there is already a bot operated by nl:User:RonaldB that checks for various types of proxies, not just TOR, and it's been running for at least a year on nlwiki, enwiki and meta at least - see Wikipedia:Open proxy detection and meta:Meta:Open proxy detection. Resurgent insurgent (as admin) 08:35, 14 November 2007 (UTC)
- On the French wikipedia there is a bot (fr:Utilisateur:Proxybot) that blocks open proxies (admin bot). The owner has blocked over 30,000 though the bot is recent, so he used a script on his normal account for most. It is still possible to connect to en.wikipedia through open proxies, I tried the other day with a random one, and could create an account through it (but it was blocked on the French one). Also looked like quite a few other users had been editing from it. See fr:Wikipédia:Administrateur/Proxybot for the French Proxybot's Request for adminship. The owner of the bot (see his block log (lol)) also searches the web for lists of open proxies and blocks them all indefinitely with a script on his account or through the new "Proxybot". Jackaranga 10:12, 14 November 2007 (UTC)
- Also I don't understand how you will be able to tell if it's an open proxy. How will you know which port to try to connect to ? Jackaranga 10:16, 14 November 2007 (UTC)
- Sorry one more thing, why soft block and not ACB block ? Jackaranga 10:19, 14 November 2007 (UTC)
- Thanks for your questions. The Tor anonymity network does not use rely on predefined port numbers (though it often uses standard ports); Tor clients create virtual circuits with the aid of the Tor Authority nodes. The task module does not need to attempt to connect through the node; it only needs to know that the node's exit policy, as given to the Authority, allows circuits to exit to en.wikipedia.org:80. As for a softblock versus a hardblock, that is of course at the reviewing administrator's discretion. — madman bum and angel 10:34, 14 November 2007 (UTC)
- Sorry one more thing, why soft block and not ACB block ? Jackaranga 10:19, 14 November 2007 (UTC)
- I think Cluebot checks for OP when he sees vandalism, and issue a !admin warning on IRC. It might be useful to check how User:Cobi implemented this functionality (it checks for TOR, but also for the other proxies), you might both benefit from that :). -- lucasbfr talk 13:03, 14 November 2007 (UTC)
- My observations with TOR are the following:
- Quite some exit (and onion) nodes are just there for trial, presumably by people trying out the TOR functionality as a whole. Hence their life time is relatively short.
- Therefore I changed my pro-active blocking strategy on nl:w with respect to TOR some time ago. Since then it takes care of an IP being a TOR exit node for at least a couple of days. Only then it is blocked (blocking btw is a batch process which I run 3 times a fortnight on the average). The blocking is indefinite, but if the IP is not seen as an exit node for a certain period of time, it is unblocked again.
- This revised strategy has resulted in zero edits by TOR exit nodes and zero complaints via OTRS (similar to: I was just trying TOR).
- On fr:w all TOR exit nodes are blocked for a period of 3 wks (if I remember well). This process is running every hour or so. It implies that also IP's just trying it out are blocked, although the block is automatically lifted after a while. See also this link for more explanation and possibly an answer why blocking 30,000 IP's imho is less meaningful. - Rgds RonaldB-nl 23:33, 15 November 2007 (UTC)
Withdrawn by operator. – Not likely to generate enough results to be useful to administrators. May experiment with it personally just to let me know what nodes may have been missed by other automated processes, but will only softblock in the case of vandalism. — madman bum and angel 05:50, 20 November 2007 (UTC)
- The above discussion is preserved as an archive of the debate. Please do not modify it. Subsequent comments should be made in a new section.