On Wed, 15 Dec 2004 11:55:10 +1300, Doug Fraser fraserdw@xtra.co.nz wrote:
I want to raise a concern about the potential proliferation of viruses via Wikipedia. I'm new to the list, so I apologise in advance if this has already been covered.
I'm not sure it has been covered on this list, but the technical lists (wikitech-l and mediawiki-l) have been discussing this issue a fair amount lately. [To search the archives of all lists, put "site:mail.wikipedia.org <search terms>" into Google.]
The fact that any user can upload practically any content to Wikipedia, via [[Special:Upload file]] is a potential risk. It is relatively easy to disguise a hostile executable as a document or other ''encyclopedic'' content.
For this precise reason, it is now *only* possible to upload verified image files to Wikimedia sites; it is no longer possible to override the warning about "unsupported" filetypes. This was introduced after a text file exploiting a bug in IE (anything that "looks like" HTML is treated as HTML) was used to capture the information (including, at the time, passwords) from users' cookies.
An even greater concern to me is the JPEG GDI+ Buffer Overrun exploit announced by Microsoft on September 14th.( http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx ).
I can't remember the exact details of whether the verification being used would spot this particular exploit; it was certainly discussed, but I can't remember the final result.
This problem isn't just academic; at [[Vandalism in Progress]] a user recently reported getting a JPEG GDI+ exploit warning flag from his software firewall, pointing to a Wikimedia address. Maybe a false alarm, but who knows?
What do people have to say about this issue? Are my concerns unfounded?
No, your concerns are certainly not unfounded; as I say, we have already had one full-scale attack using an uploaded file, before the security was tightened. I'm not sure of the current reliability of spotting *malformed* images, but currently non-image uploads are completely disabled (I think Ogg Vorbis sound files are also allowed).
This is, of course, annoying for those who have genuine non-image content to upload (vector-based "source" files to allow others to edit uploaded images, for instance) and there is indeed work on integrating virus-scanning and other checks; see, for example, this MediaZilla entry: http://bugzilla.wikipedia.org/show_bug.cgi?id=898 As far as I know, no such check has yet been implemented.