On Wed, 15 Dec 2004 11:55:10 +1300, Doug Fraser <fraserdw(a)xtra.co.nz> wrote:
I want to raise a concern about the potential
proliferation of viruses via
Wikipedia. I'm new to the list, so I apologise in advance if this has
already been covered.
I'm not sure it has been covered on this list, but the technical lists
(wikitech-l and mediawiki-l) have been discussing this issue a fair
amount lately. [To search the archives of all lists, put
"site:mail.wikipedia.org <search terms>" into Google.]
The fact that any user can upload practically any
content to Wikipedia, via
[[Special:Upload file]] is a potential risk. It is relatively easy to
disguise a hostile executable as a document or other ''encyclopedic''
content.
For this precise reason, it is now *only* possible to upload verified
image files to Wikimedia sites; it is no longer possible to override
the warning about "unsupported" filetypes. This was introduced after a
text file exploiting a bug in IE (anything that "looks like" HTML is
treated as HTML) was used to capture the information (including, at
the time, passwords) from users' cookies.
An even greater concern to me is the JPEG GDI+ Buffer
Overrun exploit
announced by Microsoft on September 14th.(
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx ).
I can't remember the exact details of whether the verification being
used would spot this particular exploit; it was certainly discussed,
but I can't remember the final result.
This problem isn't just academic; at [[Vandalism
in Progress]] a user
recently reported getting a JPEG GDI+ exploit warning flag from his software
firewall, pointing to a Wikimedia address. Maybe a false alarm, but who
knows?
What do people have to say about this issue? Are my concerns unfounded?
No, your concerns are certainly not unfounded; as I say, we have
already had one full-scale attack using an uploaded file, before the
security was tightened. I'm not sure of the current reliability of
spotting *malformed* images, but currently non-image uploads are
completely disabled (I think Ogg Vorbis sound files are also allowed).
This is, of course, annoying for those who have genuine non-image
content to upload (vector-based "source" files to allow others to edit
uploaded images, for instance) and there is indeed work on integrating
virus-scanning and other checks; see, for example, this MediaZilla
entry:
http://bugzilla.wikipedia.org/show_bug.cgi?id=898 As far as I
know, no such check has yet been implemented.
--
Rowan Collins BSc
[IMSoP]