Apple iCloud Private Relay

IP-Adressen waren das Haupt-Werkzeug, um andauernden Vandalismus und Missbrauch in Wikis zu verhindern — aus unterschiedlichen Gründen ändert sich jedoch die Verfügbarkeit und Verlässlichkeit von IP-Adressen. Die letzte Änderung ist das iCloud Private Relay von Apple. Es betrifft Safari-Nutzer mit einem kostenpflichtigen iCloud-Konto.

Diese neue Funktion kann bis Ende 2021 die IP-Adressen von 3-5% unserer Autoren verschleiern. Zehntausende Personen werden betroffen sein. Sie kann zu Problemen für die Gemeinschaften bei der Verhinderung von Vandalismus und Missbrauch führen. Es ist wahrscheinlich, dass andere Browser Apple folgen werden, wie sie es bereits in der Vergangenheit getan haben. Das Problem wird sich wahrscheinlich vergrößern.

Gemeinschaften sperren üblicherweise das Bearbeiten für IP-Adressen, die einzelne Benutzer verschleiern. Wenn diese Praxis für Benutzer des iCloud Private Relay weitergeführt wird, werden 3-5% aller Autoren im Laufe der nächsten Monate von einer Sperre betroffen sein. Dies betrifft auch angemeldete aktive Autoren, die möglicherweise nicht verstehen, weshalb sie gesperrt sind.

Wenn es zu diesen Änderungen kommt, müssen Benutzer mit erweiterten MediaWiki-Rechten, die Wikimedia Foundation (WMF) und andere zusammenarbeiten. Wir müssen lernen, wie die Sicherheit der Wikis gewährleistet werden kann, während es weiterhin für alle Benutzer mit guten Absichten Möglichkeiten zur Bearbeitung gibt.

Wir würden gerne mehr erfahren, was uns dabei helfen würde, einen Plan zu erstellen. Siehst du Probleme bezüglich der aktuellen globalen Sperren des iCloud Private Relay in deinem Wiki? Glaubst du, dass es wahrscheinlich ist, dass Autoren mit guten Absichten gesperrt werden? Die Situation kann sich in den nächsten Jahren verschärfen, wenn Chrome und Firefox den Zugriff auf IP-Adressen ebenfalls einschränken. Wenn dies passiert, handelt es sich um eine grundlegende Änderung dessen, wie das Internet funktioniert. Was glaubst du, auf welche Arten diese Änderung Wikis betreffen würde? Lass uns auf der Diskussionsseite darüber diskutieren!

• IP addresses are unique identifiers for a source of internet activity. They can belong to things like a phone, a wifi connection, or a corporate network. For most of the history of the internet, they could be used to roughly identify an internet user. They could also give information about that user’s location at the city level.
• Our communities rely on IP addresses as their core identity and security model.
  • Users have always been able to edit without logging in. Their IP address has been their sole form of identity—the way that they receive messages, are tracked, and are blocked.
  • For users who are logged in, IP addresses are the main tool for identifying persistent abusers. They can be blocked based on their IP logs.
  • In some cases, whole ranges of IP addresses are blocked for being persistent sources of abuse.

• The nature and availability of IP addresses is changing. With the advent of IPv6, IP addresses are more dynamic than before. This problem will only be worse in the future as more users come online.
• Additionally, IP addresses and user agent information have become personal data. Hiding them has become a service more and more internet users want.
• External market and government actions make these changes. They are not under the control of the Wikimedia movement or WMF.
• The Anti-Harassment Tools team at WMF has been looking into the issues surrounding IP addresses. It is building tools that may reduce the effect of these changes. But the work will not prevent IP addresses from becoming less useful over time.
• Apple is starting to provide a service called “iCloud Private Relay”. It masks the IP address of a Safari user such that they appear to be coming from a central pool of Apple IP addresses. It will apply to Safari browsing behavior on both desktop and mobile devices.
• iCloud Private Relay is available only for the willing iCloud+ subscribers (on an opt-in basis) and is labeled as “Beta”. This is likely to become a non-beta feature, then default (opt-out). It may also eventually be included in the operating system for free, as a similar service for how Mail is now free.
• These models can quickly spread. Once Apple makes this change, other browser providers like Google and Mozilla may remove browser information sent with requests as well. For example, after Google announced that Chrome will no longer send user agent info, Mozilla also announced that similar changes were in the works for Firefox browsers.

• We want administrators to feel safe and supported. The quality and reputation of Wikimedia projects needs to be protected. Marginalized editors who need protection should also be supported. Casual good faith participants should be able to edit on the browser and device of their choice. The loss of IP-as-identity challenges all these goals.
• When users of iCloud Private Relay attempt to edit, they will appear with one of the dedicated Relay IP addresses.
• Decisions around whom to block and why are made at a local community or global governance level. There are rare “office actions” to ban users. But in principle, blocking is an area with a long history of community self-governance. Large communities and global sysops have decided that “open proxies”, virtual private networks (VPNs), shared IP services, iCloud Relay, and similar services will be blocked on all wikis.^[1] The reason is that identity fraud is too easy to commit using them, since IPs are our identity model.
• Certain IP addresses are blocked from editing even by logged-in users. As a result, iCloud Private Relay will affect logged-in users as well.
• To estimate the potential effect, we looked at the edits coming through Safari browsers. Next, we combined them with estimates around the update of iCloud Private Relay.
  • In the last 90 days, 11.6% of logged-in editors edited with Safari and 17.7% of logged-out editors edited with Safari.
  • We used these numbers and estimated when iCloud Relay will become widespread. We believe 1.6% of logged-in editors and 2.5% of logged-out editors will be blocked in the month after iCloud Private Relay comes out for macOS.
  • When iCloud Relay becomes opt out, we estimate 4.6% of logged-in editors and 7.2% of logged-out editors will be blocked each month.
  • The usage of Safari for editing varies by wiki. Please see the accompanying table for numbers on the most and least affected wikis.
• The way to request an IP block exemption (IPBE) is not designed with large numbers or global groups in mind. Even a cautious estimate is that a few thousand logged-in editors will be blocked. This is far more than existing IPBE processes are set up for. If we don't change the way IPBE works, for those users it will be difficult to ask for and gain exemptions or explanations in their language. What's more, on small and medium wikis there may be no related policies. Also, communities of those wikis may not know how to help the affected users.

This table shows the usage of Safari browser for editing in select wikis in recent weeks. There are some with the most usage (Japanese, Swedish, and Norwegian Bokmål Wikipedias) and the least usage (Bengali and Hindi Wikipedias). Note that only a part of Safari users will use iCloud Private Relay.