[dev-context] Re: Some more thoughts on this Wiki-sabotage
bmoses at stanford.edu
Mon Oct 10 20:51:47 CEST 2005
At 02:15 AM 10/10/2005, Patrick Gundlach wrote:
> > What, other than firefighting, is the right way to deal with this in
> > the future?
>When I woke up this morning, I thought that I can just reinstall a
>database backup from the day before the attack started. This would
>make any of our reverting lost, but also the spam. Was there any
>'good' change in the wiki since the last few days? I guess, no.
That seems like a good idea, indeed. Here's what I found for "good" changes:
I made a tiny typo correction on the Installation Hints page (a period
after the 2004 in the "General Hints" section.)
On Oct. 6, an anonymous user (220.127.116.11) changed the Typescripts page
to add "[gentium]" to the first \typescripts line in the first example of
each section, making them
% load mapfile
\starttypescript [map] [gentium] [\defaultencoding]
% and then use that data within the typescript:
\starttypescript [map] [gentium] [ec,texnansi,8r,t5,t2a,t2b,qx]
Other than those -- which will be easy to put back if needed -- the most
recent "real" change was Taco's extra information on User:Taco/Bib on
> > be to add invisible links to the end of the Wiki pages, and the
> > text-deletion seems merely a side-effect of very badly-programmed
> > bots.
>Actually, I think that the page deletion is part of the game. I have
>no clue what to do with the spamming. So far it was quite ok to remove
>the spamming by hand. But this is beyond manual work that can be done
>in a minute or two. I could make only logged-in users change pages and
>validate the email address or approve new users by hand. But this,
>IMO, violates the principal that makes the wiki so efficient.
Indeed; I agree.
I'm pretty sure that this could have been blocked after the fact if we had
the ability to block on certain bits of text in the edit -- for instance,
nearly all of these edits were adding a "<div>" tag, so blocking text
containing "<div>" tags would probably have stopped it. (Ideally, we'd do
the blocking after the text gets wikified, so that any "<div>" tags in code
blocks get converted to "%lt;div>" and thus not blocked....)
Incidentally, if you do a Google search on the bits of text that this
spammer is including ("WTHPD1"), you'll find thousands of other Wikis that
have identical additions.
More information about the dev-context