[dev-context] Re: Some more thoughts on this Wiki-sabotage problem....

Brooks Moses bmoses at stanford.edu
Mon Oct 10 20:51:47 CEST 2005

Hello, Patrick!

At 02:15 AM 10/10/2005, Patrick Gundlach wrote:
> > What, other than firefighting, is the right way to deal with this in
> > the future?
>When I woke up this morning, I thought that I can just reinstall a
>database backup from the day before the attack started. This would
>make any of our reverting lost, but also the spam. Was there any
>'good' change in the wiki since the last few days? I guess, no.

That seems like a good idea, indeed.  Here's what I found for "good" changes:

I made a tiny typo correction on the Installation Hints page (a period 
after the 2004 in the "General Hints" section.)

On Oct. 6, an anonymous user ( changed the Typescripts page 
to add "[gentium]" to the first \typescripts line in the first example of 
each section, making them

% load mapfile
\starttypescript         [map]  [gentium]       [\defaultencoding]
\loadmapfile    [\defaultencoding-sil-gentium.map]


% and then use that data within the typescript:
\starttypescript  [map]   [gentium]     [ec,texnansi,8r,t5,t2a,t2b,qx]
   \loadmapfile    [\typescripttwo-sil-gentium.map]

Other than those -- which will be easy to put back if needed -- the most 
recent "real" change was Taco's extra information on User:Taco/Bib on 
September 30th.

> > be to add invisible links to the end of the Wiki pages, and the
> > text-deletion seems merely a side-effect of very badly-programmed
> > bots.
>Actually, I think that the page deletion is part of the game. I have
>no clue what to do with the spamming. So far it was quite ok to remove
>the spamming by hand. But this is beyond manual work that can be done
>in a minute or two. I could make only logged-in users change pages and
>validate the email address or approve new users by hand. But this,
>IMO, violates the principal that makes the wiki so efficient.

Indeed; I agree.

I'm pretty sure that this could have been blocked after the fact if we had 
the ability to block on certain bits of text in the edit -- for instance, 
nearly all of these edits were adding a "<div>" tag, so blocking text 
containing "<div>" tags would probably have stopped it.  (Ideally, we'd do 
the blocking after the text gets wikified, so that any "<div>" tags in code 
blocks get converted to "%lt;div&gt;" and thus not blocked....)

Incidentally, if you do a Google search on the bits of text that this 
spammer is including ("WTHPD1"), you'll find thousands of other Wikis that 
have identical additions.

- Brooks

More information about the dev-context mailing list