The reasoning here just seems perverse. WP wants to allow contributions by anonymous users, which seems noble. But it also realizes that it needs to be able to block some people from anonymous contribution "to protect itself".

The implementation of the blocking mechanism is IP addresses/ranges, which is imprecise (to say the least). But now you have to worry about abusive users bypassing your technical control by obscuring their IP addresses. So you block all IP ranges that implement e.g. CGNAT, VPNs, 464XLAT.

So now you're mass-blocking access to millions of people who have never shown any inkling of malicious intent due to rational technology choices by their service providers or due to a reasonable desire to protect their personal privacy.

If you're OK with blocking users in such an entirely capricious and arbitrary way, why not just insist on registration?

Not blocking anything is infeasible due to abuse, requiring registration is effectively blocking anonymous editing access for everyone. If you want anonymous editing, providing it to some is strictly better than providing it to none.

Your argument is as flawed as saying we shouldn't have email because spammers must be blocked.

>>If you want anonymous editing, providing it to some is strictly better than providing it to none.

Objectively: Not always. You're creating a tiered society. The argument is saying "Why do some people deserve freedom but not others?" It's great if you're part of the in-group, but exceedingly unjust if you're non-vandal bycatch due to the blanket bans. You can't have some democracy, it's all or none.

I'm unable to anonymously edit by default because I have T-mobile for my phone and internet services and there is a blanket ban on T-mobile IPs. This is the 3rd largest telcom in the US with about 108 million users. I'm going to assume that less than 1/10th of them are Wikipedia vandals, but a blanket ban has been put in place.

Explain how it's "good" that a random AT&T user can make an edit, but I (or another random T-mobile user) can't? Follow up, explain why making everyone who wants to edit register an account is a net bad if it's the only choice for millions of people?

*edited for typos

It is good that a random AT&T user can edit anonymously. It is bad that you can't. The "but" clause is a trap. You should be able to edit anonymously too.

If trends continue, less people will be able to edit anonymously. This trend needs to be reversed so that as many people as possible can edit anonymously.

Actually: if your premise is that you're an open access facility, then having arbitrary treatment of different users is a really excellent way of undermining that premise.

For example, as was pointed out elsewhere on this discussion, having blocking controls that tend to create a higher bar for people without home internet access means you're discriminating against groups that can only afford a personal mobile device, or only have internet access at a library, or come from a particular national origin, etc.

If you care about anonymous editing, creating underclasses that cannot have it seems an unlikely way to further your mission. It's effectively a form of red-lining.

I don't understand what your email analogy is getting at, so I'm going to leave that alone.

That's only because they're using weak authentication. If they required users to use something like WebAuthn, the bot problems would be significantly easier to deal with.

How come? Last I checked there was a devtool to create virtual authenticators. Unless there’s a way for wikipedia to permit only certain vendors like Yubico, akin to browsers trusting certain CAs, I don’t see how one couldn’t make a bot register thousands of accounts with virtual authenticators.

Yes, assertion for manufacturing source is part of WebAuthn.

True, but that would significantly increase the barrier for contributions, especially at the long tail. As always, it's a trade-off, not a black-or-white situation.