I recently recieved this message from a user: "I'm a regular wikipedia user although i don't have an account here. I think this site is great and it really helps me with my college work. But I recently heard of these people that were talking about wikipedia that they were all programming a hack for it. So after a little while I found it was a spider to hunt down all the pages links and change them to shocks site links or something along those lines. I didn't know who to tell so I just thought I'd tell an administrator as they might know who to tell or what to do. Just giving an advanced warning so you might be able to do something to protect this wonderful resourse. Apparently they permenantly change their ip address using some thing (a bit beyond me). Something like that. I just didn't know what to do. I hope I didn't embaress myself here. Thanks for your time."
Brett
On 11/3/05, Brett Gustafson brett.gustafson@gmail.com wrote:
I recently recieved this message from a user: "I'm a regular wikipedia user although i don't have an account here. I think this site is great and it really helps me with my college work. But I recently heard of these people that were talking about wikipedia that they were all programming a hack for it. So after a little while I found it was a spider to hunt down all the pages links and change them to shocks site links or something along those lines. I didn't know who to tell so I just thought I'd tell an administrator as they might know who to tell or what to do. Just giving an advanced warning so you might be able to do something to protect this wonderful resourse. Apparently they permenantly change their ip address using some thing (a bit beyond me). Something like that. I just didn't know what to do. I hope I didn't embaress myself here. Thanks for your time."
Brett
We get these kind of things sent to us all the time most don't amount to anything. For a number of reasons I would not expect that style of attack to be effective. -- geni
From: wikien-l-bounces@Wikipedia.org [mailto:wikien-l-bounces@Wikipedia.org] On Behalf Of Brett Gustafson Sent: Thursday, 3 November 2005 11:23 To: wikien-l@wikipedia.org Subject: [WikiEN-l] Shock site bot
...But I recently heard of these people that were talking about wikipedia that they were all programming a hack for it. So after a little while I found it was a spider to hunt down all the pages links and change them to shocks site links or something along those lines.
There's something about this message that doesn't quite ring true to me (and no, it's not the Nigerian spelling), but in case it's genuine, it doesn't seem to be much of a threat - anything like this is going to be noticed very quickly, the IP address swiftly blocked, and the pages repaired.
In case it is somehow programmed to be resistant to our normal defence measures, then maybe we could have a white-hat robot searching for the links inserted by the black-hat and reverting them.
Peter (Skyring)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Peter Mackay wrote:
From: wikien-l-bounces@Wikipedia.org [mailto:wikien-l-bounces@Wikipedia.org] On Behalf Of Brett Gustafson Sent: Thursday, 3 November 2005 11:23 To: wikien-l@wikipedia.org Subject: [WikiEN-l] Shock site bot
...But I recently heard of these people that were talking about wikipedia that they were all programming a hack for it. So after a little while I found it was a spider to hunt down all the pages links and change them to shocks site links or something along those lines.
There's something about this message that doesn't quite ring true to me (and no, it's not the Nigerian spelling), but in case it's genuine, it doesn't seem to be much of a threat - anything like this is going to be noticed very quickly, the IP address swiftly blocked, and the pages repaired.
In case it is somehow programmed to be resistant to our normal defence measures, then maybe we could have a white-hat robot searching for the links inserted by the black-hat and reverting them.
If they were thinking of using an open proxy, one diligent user went and blocked about a hundred of them the other day, completely flooded the recent changes channel...
There have been similar incidences of "ZOMOGG let's run a bot to do something stupid" before (eg. the junk username bot) - we stopped that with a range block (I think it was most of AOL) and tagged all the relevant usernames.
I also remember a threat of "mass disruption" that was communicated about in code (I think it was some sort of substitution cipher), but the planned attack never came.
Oh, and helpdesk-l, #wikipedia and info-en (used to) get plenty of "There is a serious security problem with your site! Anyone can change it!" posts, and we've survived /that/ problem for the last four years ;)
Bottom line to anyone who warns of an "iminent attack": We find your ideas intriguing/interesting and wish to subscribe to your newsletter/journal.
- -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \
On 11/3/05, Alphax alphasigmax@gmail.com wrote:
I also remember a threat of "mass disruption" that was communicated about in code (I think it was some sort of substitution cipher), but the planned attack never came.
The threats were in plane. The nonsence text may or may not have been something in code
-- geni
I was going to post this on the RFA talk page, but quite frankly I don't even want to go near it;
I am astonished at how bad this rfa process has become, it seems to be constant arguing and point scoring contests. The present example being Silsor's non-RFA, why can't people just let common sense guide them, and then in the event this fails or they disagree just step back and bite their tongue? We actually seem to have a mini revert war between admins (how ironic) at the moment regarding the non-RFA! (removed or replaced 7 times).
Then of course there is the reasoning for opposing candidates, ecitcountitis is bad, but we seem to be on the recovery from this ailment. Now some think that below good use of edit summaries is actually reason to *oppose*! my god! I thought it was "no big deal". Then there are the recent cases (that I couldnt be bothered to follow properly) where people were left very distressed after their ordeal (and I think "ordeal" is the correct term for the rfa now). There is more but I can't be bothered to read long rants so don't expect you to either.
regards
Martin (Bluemoose)
On 11/3/05, Martin Richards Martin@velocitymanager.com wrote:
I was going to post this on the RFA talk page, but quite frankly I don't even want to go near it;
I am astonished at how bad this rfa process has become, it seems to be constant arguing and point scoring contests. The present example being Silsor's non-RFA, why can't people just let common sense guide them, and then in the event this fails or they disagree just step back and bite their tongue? We actually seem to have a mini revert war between admins (how ironic) at the moment regarding the non-RFA! (removed or replaced 7 times).
Then of course there is the reasoning for opposing candidates, ecitcountitis is bad, but we seem to be on the recovery from this ailment. Now some think that below good use of edit summaries is actually reason to *oppose*! my god! I thought it was "no big deal". Then there are the recent cases (that I couldnt be bothered to follow properly) where people were left very distressed after their ordeal (and I think "ordeal" is the correct term for the rfa now). There is more but I can't be bothered to read long rants so don't expect you to either.
As far as edit summaries go, they're often the only indicator of how thorough and considerate of others a user is. Many users are still on dialup. Many users have watchlists with hundreds or even thousands of entries. Edit summaries are a basic courtesy.
I will freely state that if I see an admin candidate who can't be bothered to use an edit summary most of the time, I will oppose them, and explain why, so that when they're nominated again a month later, I can support them.
-- Michael Turley User:Unfocused