Hello there,
I'd invite you to take a look at
http://meta.wikimedia.org/wiki/Board_election/Candidate_presentation_guidel…
Eventually I'm in charge of the election organzation, I spoke there as
one of regular meta editor. While it is a guideline about election, it
is not written on behalf of Election committee (at least now, and
currently I foresee no possiblity of changes). In my opinion the
characters of this document may be suggestions from the community, so
I would love all interested people to join its editing.
At first, I put a widely heard complaint from translators, since it
has been repeated by several translators. Some facts may be wrongly
remembered. My wording may be brunt even to the unnecessary extent, so
your copyedit would be very appreciated :)
Cheers,
--
KIZU Naoko
Wikiquote: http://wikiquote.org
* habent enim emolumentum in labore suo *
--
KIZU Naoko
Wikiquote: http://wikiquote.org
* habent enim emolumentum in labore suo *
I'd say too, please distribute this information as appropriate to your local
projects/languages.
---------- Forwarded message ----------
From: Brion Vibber <brion(a)wikimedia.org>
Date: May 8, 2007 7:17 AM
Subject: [Foundation-l] Password security notes
To: Wikimedia developers <wikitech-l(a)lists.wikimedia.org>
Cc: wikipedia-l(a)lists.wikimedia.org, Wikimedia Foundation Mailing List
<foundation-l(a)lists.wikimedia.org>, wikien-l(a)lists.wikimedia.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
As noted in other threads on several mailing lists, a few admin accounts
on en.wikipedia have been compromised recently, used to vandalize
high-traffic protected pages.
We're starting to roll out some additional protections against
password-guessing attacks, including but not limited to:
* Additional logging to better detect dictionary-style attacks
* Speed-bump measures against multiple failed logins
[But not that should DoS legitimate users. The traditional "lock out the
account after three tries" would make it trivial to lock out all the
site's sysops -- not wise. :)]
* Weak-password checks on existing sysops on our largest sites. Several
accounts have had their weak passwords invalidated and will need to
reset by mail before logging in again.
* Several targeted blocks against known cracking attempts.
Over the coming days we will additionally be rolling out more automated
password-strength checkers at login / set-password / change-password
time to reduce the danger of guessable passwords.
Please distribute this information as appropriate to your local
projects/languages.
- -- brion vibber (brion @ wikimedia.org)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGP6WDwRnhpk1wk44RApO6AJ9q8MXXhYbVAT9+YoTOZgFwv56YbwCdH2MU
ysd+CDuI1knUHJaD1jd8wUo=
=FGTh
-----END PGP SIGNATURE-----
_______________________________________________
foundation-l mailing list
foundation-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/foundation-l
--
KIZU Naoko
Wikiquote: http://wikiquote.org
* habent enim emolumentum in labore suo *