[dev-context] Re: Some more thoughts on this Wiki-sabotage problem....

Brooks Moses bmoses at stanford.edu
Mon Oct 10 20:51:47 CEST 2005


Hello, Patrick!

At 02:15 AM 10/10/2005, Patrick Gundlach wrote:
> > What, other than firefighting, is the right way to deal with this in
> > the future?
>
>When I woke up this morning, I thought that I can just reinstall a
>database backup from the day before the attack started. This would
>make any of our reverting lost, but also the spam. Was there any
>'good' change in the wiki since the last few days? I guess, no.

That seems like a good idea, indeed.  Here's what I found for "good" changes:

I made a tiny typo correction on the Installation Hints page (a period 
after the 2004 in the "General Hints" section.)

On Oct. 6, an anonymous user (80.117.100.56) changed the Typescripts page 
to add "[gentium]" to the first \typescripts line in the first example of 
each section, making them

% load mapfile
\starttypescript         [map]  [gentium]       [\defaultencoding]
\loadmapfile    [\defaultencoding-sil-gentium.map]

and

% and then use that data within the typescript:
\starttypescript  [map]   [gentium]     [ec,texnansi,8r,t5,t2a,t2b,qx]
   \loadmapfile    [\typescripttwo-sil-gentium.map]

Other than those -- which will be easy to put back if needed -- the most 
recent "real" change was Taco's extra information on User:Taco/Bib on 
September 30th.

> > be to add invisible links to the end of the Wiki pages, and the
> > text-deletion seems merely a side-effect of very badly-programmed
> > bots.
>
>Actually, I think that the page deletion is part of the game. I have
>no clue what to do with the spamming. So far it was quite ok to remove
>the spamming by hand. But this is beyond manual work that can be done
>in a minute or two. I could make only logged-in users change pages and
>validate the email address or approve new users by hand. But this,
>IMO, violates the principal that makes the wiki so efficient.

Indeed; I agree.

I'm pretty sure that this could have been blocked after the fact if we had 
the ability to block on certain bits of text in the edit -- for instance, 
nearly all of these edits were adding a "<div>" tag, so blocking text 
containing "<div>" tags would probably have stopped it.  (Ideally, we'd do 
the blocking after the text gets wikified, so that any "<div>" tags in code 
blocks get converted to "%lt;div&gt;" and thus not blocked....)

Incidentally, if you do a Google search on the bits of text that this 
spammer is including ("WTHPD1"), you'll find thousands of other Wikis that 
have identical additions.

- Brooks



More information about the dev-context mailing list