[dev-context] Some more thoughts on this Wiki-sabotage problem....

Hans Hagen pragma at wxs.nl
Mon Oct 10 15:05:54 CEST 2005 

Brooks Moses wrote:

> So, the dust seems to have settled from that last batch of spamming.  
> I've got everything recovered, I think....  (Except for the pages that 
> need deleting.)
>
> Thus, a few thoughts:
>
> It occurs to me that the reason my "URGENT" emails haven't had any 
> response from the Wiki administrators is that you're all in Europe, 
> and probably in bed asleep right now!  Thus: Would it be useful to 
> give me administrative privileges on the Wiki, so that I could do 
> damage control if something like this arises again at this sort of hour?

sounds ok to me

> What, other than firefighting, is the right way to deal with this in 
> the future?  This particular attack consisted of (to date) three 
> different waves of about 50 edits each; most of these came from a 
> logged-in user, so I can't tell what IP addresses were being used, but 
> a number of the edits weren't logged in.  Those edits came, nearly 
> simultaneously, from several dozen different IP addresses, with only 
> one or two from each -- clearly, blocking by IP address is not going 
> to solve the problem.
>
hm, a pitty

> Incidentally, from that (and the actual character of the edits), I'm 
> fairly sure that what's going on is not a real user making the edits, 
> but a series of bots on a number of compromised computers.  I 
> seriously doubt the intent is sabotage as such; the intent appears to 
> be to add invisible links to the end of the Wiki pages, and the 
> text-deletion seems merely a side-effect of very badly-programmed bots.

maybe wiki's need some spam testing features; 

maybe an option is to use different internal tags (id in html pages) for the edit buttons and such so that bots cannot trigger the right sequences 

Hans 



-----------------------------------------------------------------
                                          Hans Hagen | PRAGMA ADE
              Ridderstraat 27 | 8061 GH Hasselt | The Netherlands
     tel: 038 477 53 69 | fax: 038 477 53 74 | www.pragma-ade.com
                                             | www.pragma-pod.nl
-----------------------------------------------------------------

More information about the dev-context mailing list