Hey everyone, Does anyone know what happened to the Referata MediaWiki hosting service (http://referata.com) - it seems to have died or something, as no site hosted under Referata's domain name, nor the main "meta" website itself is accessible. CC'ing Yaron Koren who I believe is the lead sysadmin of the service. If we have indeed lost another free MediaWiki host, I will definitely say that it is a major setback and has the potential to impact many poeple. Too many free MediaWiki hosts have either died, had a change of management and are now ad-spammed, and/or have become pay-only services. -- Amanda
Hi Amanda,
Sorry about that. Yes, Referata is currently hacked, and has been hacked repeatedly by someone in the last few days. No, Referata is not going away. I had hoped this problem could have been fixed I already, but I'm hoping to get it fixed soon, and to get rid of whatever security vulnerability they're currently exploiting.
-Yaron
On Sun, May 5, 2019, 1:23 PM Amanda Quad amandaquad@yahoo.com wrote:
Hey everyone,
Does anyone know what happened to the Referata MediaWiki hosting service ( http://referata.com http://referata.com)) - it seems to have died or something, as no site hosted under Referata's domain name, nor the main "meta" website itself is accessible. CC'ing Yaron Koren who I believe is the lead sysadmin of the service. If we have indeed lost another free MediaWiki host, I will definitely say that it is a major setback and has the potential to impact many poeple. Too many free MediaWiki hosts have either died, had a change of management and are now ad-spammed, and/or have become pay-only services.
-- Amanda
Hi Yaron, It appears that the latest hack has quoted something from the Referata Meta frequently asked questions regarding security (or lack thereof) as their "justification" for hacking, so that may be something that needs to be cleaned up. Also, I do know who the current hacker is. At least from a non-sysadmin perspective, when attempting to access Referata, an IP address is visible in the lower right hand corner of the "Hacked by Delicious" message. There is a string of capital letters in front of the IP address that just looks like some random hash code, but in actuality is the former username (from before a global rename) of a now-globally locked and enwiki-banned WMF user. Additionally, I noticed that a user account by the name of "BEWARE HACKER" with exclamation points on either side had been created on the Referata main site/Meta wiki. I've noticed that the main site/Meta Wiki has virtually been abandoned and as a result heavily spammed - you might want to take a good look through the 30 day-500 changes recent changes display once the wiki is up again and hand out some blocks/perform some deletions. -- Amanda
On Sunday, May 5, 2019, 8:05 PM, Yaron Koren yaron@wikiworks.com wrote:
Hi Amanda, Sorry about that. Yes, Referata is currently hacked, and has been hacked repeatedly by someone in the last few days. No, Referata is not going away. I had hoped this problem could have been fixed I already, but I'm hoping to get it fixed soon, and to get rid of whatever security vulnerability they're currently exploiting. -Yaron On Sun, May 5, 2019, 1:23 PM Amanda Quad amandaquad@yahoo.com wrote:
Hey everyone, Does anyone know what happened to the Referata MediaWiki hosting service (http://referata.com) - it seems to have died or something, as no site hosted under Referata's domain name, nor the main "meta" website itself is accessible. CC'ing Yaron Koren who I believe is the lead sysadmin of the service. If we have indeed lost another free MediaWiki host, I will definitely say that it is a major setback and has the potential to impact many poeple. Too many free MediaWiki hosts have either died, had a change of management and are now ad-spammed, and/or have become pay-only services. -- Amanda
Hello, Referata is still down/hacked/locked/not working. I've looked into the issue more, and it appears that my initial conclusion that the hacker was a globally locked and enwiki-banned WMF user was incorrect. The hacker in question exposed the personal information of said banned user, and I thought that they had outed themselves. My bad. I did dig around a bit though trying to figure out who or what "Delicious" was... the only thing that I found was https://en.wikipedia.org/wiki/Delicious_(website)%C2%A0but I would highly doubt that there's any connection to that since Referata and that website don't appear to be even remotely similar. -- Amanda
On Sunday, May 5, 2019, 8:36 PM, Amanda Quad amandaquad@yahoo.com wrote:
Hi Yaron, It appears that the latest hack has quoted something from the Referata Meta frequently asked questions regarding security (or lack thereof) as their "justification" for hacking, so that may be something that needs to be cleaned up. Also, I do know who the current hacker is. At least from a non-sysadmin perspective, when attempting to access Referata, an IP address is visible in the lower right hand corner of the "Hacked by Delicious" message. There is a string of capital letters in front of the IP address that just looks like some random hash code, but in actuality is the former username (from before a global rename) of a now-globally locked and enwiki-banned WMF user. Additionally, I noticed that a user account by the name of "BEWARE HACKER" with exclamation points on either side had been created on the Referata main site/Meta wiki. I've noticed that the main site/Meta Wiki has virtually been abandoned and as a result heavily spammed - you might want to take a good look through the 30 day-500 changes recent changes display once the wiki is up again and hand out some blocks/perform some deletions. -- Amanda
On Sunday, May 5, 2019, 8:05 PM, Yaron Koren yaron@wikiworks.com wrote:
Hi Amanda, Sorry about that. Yes, Referata is currently hacked, and has been hacked repeatedly by someone in the last few days. No, Referata is not going away. I had hoped this problem could have been fixed I already, but I'm hoping to get it fixed soon, and to get rid of whatever security vulnerability they're currently exploiting. -Yaron On Sun, May 5, 2019, 1:23 PM Amanda Quad amandaquad@yahoo.com wrote:
Hey everyone, Does anyone know what happened to the Referata MediaWiki hosting service (http://referata.com) - it seems to have died or something, as no site hosted under Referata's domain name, nor the main "meta" website itself is accessible. CC'ing Yaron Koren who I believe is the lead sysadmin of the service. If we have indeed lost another free MediaWiki host, I will definitely say that it is a major setback and has the potential to impact many poeple. Too many free MediaWiki hosts have either died, had a change of management and are now ad-spammed, and/or have become pay-only services. -- Amanda
Hi,
The Referata problems were due to a security leak that has now been identified and fixed. (It was not in MediaWiki itself, but rather in the Site Settings extension - which I believe is only used on Referata, fortunately.) There are still some problems, like wikis missing their logos, but in general the running of the wiki farm is now back to normal, I am very relieved to say.
-Yaron
On Sun, May 12, 2019 at 2:14 PM Amanda Quad amandaquad@yahoo.com wrote:
Hello, Referata is still down/hacked/locked/not working. I've looked into the issue more, and it appears that my initial conclusion that the hacker was a globally locked and enwiki-banned WMF user was incorrect. The hacker in question exposed the personal information of said banned user, and I thought that they had outed themselves. My bad. I did dig around a bit though trying to figure out who or what "Delicious" was... the only thing that I found was https://en.wikipedia.org/wiki/Delicious_(website) but I would highly doubt that there's any connection to that since Referata and that website don't appear to be even remotely similar. -- Amanda
On Sunday, May 5, 2019, 8:36 PM, Amanda Quad amandaquad@yahoo.com wrote:
Hi Yaron, It appears that the latest hack has quoted something from the Referata Meta frequently asked questions regarding security (or lack thereof) as their "justification" for hacking, so that may be something that needs to be cleaned up. Also, I do know who the current hacker is. At least from a non-sysadmin perspective, when attempting to access Referata, an IP address is visible in the lower right hand corner of the "Hacked by Delicious" message. There is a string of capital letters in front of the IP address that just looks like some random hash code, but in actuality is the former username (from before a global rename) of a now-globally locked and enwiki-banned WMF user. Additionally, I noticed that a user account by the name of "BEWARE HACKER" with exclamation points on either side had been created on the Referata main site/Meta wiki. I've noticed that the main site/Meta Wiki has virtually been abandoned and as a result heavily spammed - you might want to take a good look through the 30 day-500 changes recent changes display once the wiki is up again and hand out some blocks/perform some deletions. -- Amanda
On Sunday, May 5, 2019, 8:05 PM, Yaron Koren yaron@wikiworks.com wrote:
Hi Amanda, Sorry about that. Yes, Referata is currently hacked, and has been hacked repeatedly by someone in the last few days. No, Referata is not going away. I had hoped this problem could have been fixed I already, but I'm hoping to get it fixed soon, and to get rid of whatever security vulnerability they're currently exploiting. -Yaron On Sun, May 5, 2019, 1:23 PM Amanda Quad amandaquad@yahoo.com wrote:
Hey everyone, Does anyone know what happened to the Referata MediaWiki hosting service ( http://referata.com) - it seems to have died or something, as no site hosted under Referata's domain name, nor the main "meta" website itself is accessible. CC'ing Yaron Koren who I believe is the lead sysadmin of the service. If we have indeed lost another free MediaWiki host, I will definitely say that it is a major setback and has the potential to impact many poeple. Too many free MediaWiki hosts have either died, had a change of management and are now ad-spammed, and/or have become pay-only services. -- Amanda
MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
mediawiki-l@lists.wikimedia.org