Community Wishlist Survey 2017/Reading/Make Wikimedia accessible via Tor and/or I2P

◄ Back to Reading


  • Problem: Some countries aren't familiar with spreading free and open knowledge. The proofs of censoring Wikipedia and the Internet in China People's Republic is already known. Turkey has blocked the whole Wikipedia this year. Such a tries there will be also in the future.
  • Who would benefit: Theoretically any Wikipedia-reader concerned about their privacy while reading. More practically for readers from countries with strong censorship of the Internet and especially from those directly blocking Wikimedia projects.
  • Proposed solution: To make Wikipedia and maybe some other Wikimedia projects available read-only as Hidden Service of Tor, I2P eepsite or using any other convenient technology.
  • More comments: Wikimedia projects are of course accessible via Tor network already today, but as being on the normal Internet, the users have to use exit nodes which can theoretically (and some of them practically) attack them as well as the countries which they're trying to avoid. As Tor Hidden Sevices and I2P eepsites (which is technically the same only on different networks) are end-to-end encrypted, it's harder to attack the users from the middle. As these protocols don't support subdomains, it could be possible to use similar thing as was used on secure.wikimedia.org before introducing of TLS on the main domains.
  • Proposer: Venca24 (talk) 09:43, 16 November 2017 (UTC)[]

DiscussionEdit

  • And hosting on en:IPFS?--YFdyh000 (talk) 16:18, 28 November 2017 (UTC)[]
  • "the users have to use exit nodes which can theoretically (and some of them practically) attack them as well as the countries which they're trying to avoid." - This is not true. Exit nodes cannot maliciously modify Wikipedia content due to us using HTTPS and HSTS. Concerns about malicious exit nodes really only apply to plain HTTP sites. Quite frankly, in my opinion, creating an exit node is more of a political statement than anything else. The effect hidden tor nodes have on privacy, security or censorship resitence is minimal to non-existent. At most, an exit node could determine which domain traffic is going to (due to SNI), but they cannot link that information to the originator of the request. (That said, I like tor, and support creating an exit node for political reasons) BWolff (WMF) (talk) 23:15, 28 November 2017 (UTC)[]
    • CNNIC has issued root TLS certificates and this organization is under the influence of the government of People's Republic of China. Having this root certificate in computers, they can technically issue a certificate for any domain, or am I mistaken? I haven't find on HTTPS Everywhere site if it checks the certificates (like I think did the Observatory). --Venca24 (talk) 21:16, 29 November 2017 (UTC)[]
      • you're correct that a mitm via a misissued certificate or malicious/incompetent CA is an attack that a tor hidden service can prevent. (Of course a tor hidden service introduces a risk of a mitm by tricking users into viewing the wrong onion url because onion urls arent human readable. Id consider that a much easier to pull off attack than malicious CA attack). CNNIC is probably not the CA id worry about - afaik they are already untrusted by apple and google chrome and firefox only trusts certificates from them prior to 2015 (which is kind of meaningless as they could backdate but i digress). However your point still stands with other CAs. That said I think it would be very difficult to pull off this type of attack without being discovered - the moment the attacker is detected their root gets immediately distrusted and they go out of bussiness, so there is a strong economic incentive not to be involved. And it would be difficult to participate in the attack secretly because a tor exit node doesnt know where the traffic is coming from so the attacker cannot target the attack. Thus there is a high likelyhood that anyone doing such an attack for any length of time would be discovered. Once expect-CT header becomes available in browsers (hopefully soon) the risk of this attack goes down quite a bit. (expect-CT: tells browsers to only accept certificates that are in the public certificate transparency lists. This ensures that anyone can figure out all the valid certificates for a domain, preventing a malicious CA from secretly issuing a cert for a domain they are not supposed to). BWolff (WMF) (talk) 03:21, 1 December 2017 (UTC)[]
  • Additionally - "As these protocols don't support subdomains, it could be possible to use similar thing as was used on secure.wikimedia.org before introducing of TLS on the main domains". I can't speak as to I2P, but for tor this statement is untrue. Subdomains work like virtual hosts when using tor with HTTP(S). BWolff (WMF) (talk) 23:18, 28 November 2017 (UTC)[]
    • I didn't know, thanks. --Venca24 (talk) 21:16, 29 November 2017 (UTC)[]

VotingEdit

  •   Support Tim Landscheidt (talk) 20:12, 27 November 2017 (UTC)[]
  •   Support MichaelSchoenitzer (talk) 22:46, 27 November 2017 (UTC)[]
  •   Support NMaia (talk) 00:16, 28 November 2017 (UTC)[]
  •   Support Jc86035 (talk) 02:04, 28 November 2017 (UTC)[]
  •   Support Dvorapa (talk) 10:04, 28 November 2017 (UTC)[]
  •   Support Oscar_. (talk) · @ 11:42, 28 November 2017 (UTC)[]
  •   Support Jamez42 (talk) 12:27, 28 November 2017 (UTC)[]
  •   Support --Liuxinyu970226 (talk) 13:23, 28 November 2017 (UTC)[]
  •   Support--YFdyh000 (talk) 16:18, 28 November 2017 (UTC)[]
  •   SupportArkanosis 17:15, 28 November 2017 (UTC)[]
  •   Support Laboramus (talk) 20:47, 28 November 2017 (UTC)[]
  •   Support Gripweed (talk) 21:32, 28 November 2017 (UTC)[]
  •   Support Thomas Obermair 4 (talk) 23:06, 28 November 2017 (UTC)[]
  •   Support Shizhao (talk) 03:28, 29 November 2017 (UTC)[]
  •   Support Libcub (talk) 05:18, 29 November 2017 (UTC)[]
  •   Support Donald Trung (Talk 🤳🏻) (My global lock 🔒) (My global unlock 🔓) 11:18, 29 November 2017 (UTC)[]
  •   SupportTheDJ (talkcontribs) 16:38, 29 November 2017 (UTC)[]
  •   Support Venca24 (talk) 21:16, 29 November 2017 (UTC)[]
  •   Supportputnik 01:12, 30 November 2017 (UTC)[]
  •   Support Nocowardsoulismine (talk) 02:32, 30 November 2017 (UTC)[]
  •   Support A read only tor hidden service is a good first step to being supportive of the tor project. The real issue though is somehow reconciling abuse prevention with anonoymous editing over tor BWolff (WMF) (talk) 07:10, 30 November 2017 (UTC)[]
  •   Support Danii.3 (talk) 13:04, 30 November 2017 (UTC)[]
  •   Support Nizil Shah (talk) 18:38, 30 November 2017 (UTC)[]
  •   Support Sahaquiel9102 (talk) 21:48, 30 November 2017 (UTC)[]
  •   Support Barcelona (talk) 00:37, 1 December 2017 (UTC)[]
  •   Support Ypirétis (talk) 17:27, 1 December 2017 (UTC)[]
  •   Support Lofhi (talk) 17:36, 1 December 2017 (UTC)[]
  •   Support --Gratus (talk) 17:56, 1 December 2017 (UTC)[]
  •   Support There is a real danger that the entire log files could be stolen by a non democratic state and use this to kill political opponents who though that there were safe to contribute. Malosse (talk) 18:35, 1 December 2017 (UTC)[]
  •   Support Pamputt (talk) 18:51, 1 December 2017 (UTC)[]
  •   Support Ckoerner (talk) 21:53, 1 December 2017 (UTC)[]
  •   Support GrandCelinien (talk) 23:13, 1 December 2017 (UTC)[]
  •   Support Titou (talk) 12:29, 2 December 2017 (UTC)[]
  •   Support ~Cybularny Speak? 12:55, 2 December 2017 (UTC)[]
  •   Support Tom Ja (talk) 14:23, 2 December 2017 (UTC)[]
  •   Support Termininja (talk) 16:12, 2 December 2017 (UTC)[]
  •   Support Emir of Wikipedia (talk) 16:40, 2 December 2017 (UTC)[]
  •   Support Waldir (talk) 11:04, 3 December 2017 (UTC)[]
  •   Support TheNavigatrr (talk) 01:17, 4 December 2017 (UTC)[]
  •   Support --Jarekt (talk) 13:34, 4 December 2017 (UTC)[]
  •   Support --Tractopelle-jaune (talk) 18:18, 4 December 2017 (UTC)[]
  •   Support Fixer88 (talk) 20:58, 4 December 2017 (UTC)[]
  •   Support JAn Dudík (talk) 21:57, 4 December 2017 (UTC)[]
  •   Support Elmidae (talk) 19:21, 5 December 2017 (UTC)[]
  •   Support Read only B25es (talk) 13:02, 6 December 2017 (UTC)[]
  •   Support Of course: Wikimedia for all including people in areas with governments that hide just about all info not of themselves  Klaas `Z4␟` V:  22:40, 6 December 2017 (UTC)[]
  •   Support the wub "?!" 01:02, 7 December 2017 (UTC)[]
  •   Support Tacsipacsi (talk) 22:00, 7 December 2017 (UTC)[]
  •   Support Fano (talk) 11:56, 9 December 2017 (UTC)[]
  •   Support Psychoslave (talk) 08:38, 11 December 2017 (UTC)[]
  •   Support BugWarp (talk) 13:28, 11 December 2017 (UTC)[]