2008/12/12 Thomas Dalton <thomas.dal...@gmail.com>: > 2008/12/12 Dan Collins <en.wp.s...@gmail.com>: >> On Fri, Dec 12, 2008 at 6:33 AM, Tomasz Ganicz <polime...@gmail.com> wrote: >>> Well, the story with IWF have shown that the current system of >>> blocking vandals by their IP has to be changed ASAP. In fact it is >>> causing a lot of problems even without action of IWF and other similar >>> wachdogs. There are more and more ISPs which uses single IP for all >>> their customers. Do you rember the story of blocking Quatar? Actually, >>> vast majority of ISPs use dynamic IP numbers, which also causes >>> serious problems with effective blocking vandals.My current ISP is >>> using dynamic IP. In my office there are around 200 people using >>> single IP. I guess all OTRS volunteers and checkusers knows the issue >>> very well. The IP blocking is terribly old fashioned - it has been >>> implemented at the time where most of the IP's represented single >>> PC's. Actually very few IP numbers are "personal". >> >> Do you have a suggestion? Not everyone uses XFF, certainly not ISPs >> with dynamic IPs, how would you suggest we block anonymous users? > > Indeed, I don't see any alternative way to block anonymous users. Even > forcing people to register wouldn't help since, without IP addresses, > we can't block account creation by people creating new accounts every > time one gets block. What we need to do is put pressure on ISPs to use > XFF whenever they are using proxies. The fact that people couldn't > edit during the block has nothing to do with censorship, it's just a > technical issue that can and must be fixed by ISPs.
This is probably off-topic for this list, but IP blocking is actually inefective in exactly the same way as it would be just blocking accounts. When you block a dynamic IP a vandal can reboot and he/she usually get new dynamic IP from his/her ISP. So you have to block another IP number. If the vandal is very determined, you have to finally block entire IP range, cutting off at least several hundreds other people, and even if you do this vandal can still go to internet caffe nearby which uses IP's from another ISP, so if you spot him/her you have to block IP of the caffe. In some extreme cases you finally end-up blocking IP ranges of all major ISP's from the area where vandal operates... Honestly saying I have no ready to use receipe how to replace IP blocking. But IWF case have just shown that in the future it has to be replaced by something smarter or we end up in blocking all major ISP's customers all over the world. -- Tomek "Polimerek" Ganicz http://pl.wikimedia.org/wiki/User:Polimerek http://www.ganicz.pl/poli/ http://www.ptchem.lodz.pl/en/TomaszGanicz.html _______________________________________________ foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
