Gabe
On Mon, May 7, 2018 at 1:51 PM, Shabab Mustafa <shabab.mustafa(a)gmail.com>
wrote:
I have been a Linux advocate for almost a decade
now and from 'my past
experience', I can tell you have opened a topic of a huge discussion about
people should switch to Linux Desktops (which is off-topic here). But I
respectfully disagree with your statement, "anti-virus programs usually do
more harm than good".
From a conservative viewpoint, some protection is still better to have than
no protection at all. And the example you gave here, an anti-virus
mistakenly classified your domain as a potential threat, makes a weaker
point. By a few mistakes, we cannot cancel out a million of other
successes. A false alarm is yet favourable than no alarm at all.
---
Shabab Mustafa
President
Wikimedia Bangladesh
On Mon, May 7, 2018 at 5:56 PM Shlomi Fish <shlomif(a)shlomifish.org> wrote:
On Thu, 3 May 2018 19:27:16 -0500
John Bennett <jbennett(a)wikimedia.org> wrote:
Hello,
Many of you may have been receiving emails in the last 24 hours
warning
you
of "Multiple failed attempts to log in"
with your account. I wanted to
let
you know that the Wikimedia Foundation's
Security team is aware of the
situation, and working with others in the organization on steps to
decrease
> the success of attacks like these.
>
> The exact source is not yet known, but it is not originating from our
> systems. That means it is an external effort to gain unauthorized
access
to
random accounts. These types of efforts are
increasingly common for
websites of our reach. A vast majority of these attempts have been
unsuccessful, and we are reaching out personally to the small number of
accounts which we believe have been compromised.
While we are constantly looking at improvements to our security
systems
and
processes to offset the impact of malicious
efforts such as these, the
best
> method of prevention continues to be the steps each of you take to
> safeguard your accounts. Because of this, we have taken steps in the
past
> to support things like stronger password
requirements,[1] and we
continue
> to encourage everyone to take some routine
steps to maintain a secure
> computer and account. That includes regularly changing your
passwords,[2]
actively
running antivirus software on your systems, and keeping your
system software up to date.
From my experience, anti-virus programs usually do more harm than good.
For
example,
https://en.wikipedia.org/wiki/Norton_AntiVirus recently blocked
my
entire
shlomifish.org domain because it apparently misclassified an
executable
download as problematic (and it was built from source using
https://en.wikipedia.org/wiki/CMake and
https://en.wikipedia.org/wiki/AppVeyor
so it is unlikely that that is the case.). MS Windows' poor resistance to
malware and the fact that Windows Update is so dysfunctional (see
http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are the
reasons
why I cannot recommend running it as a desktop, and instead one should
use
https://en.wikipedia.org/wiki/Linux#Desktop -
desktop linux or similar.
A little off topic perhaps, but needs to be said.
> My team will continue to investigate this incident, and report back if
we
> notice any concerning changes. If you have
any questions, please
contact
the
Support and Safety team (susa{{(a)}}wikimedia.org).
John Bennett
Director of Security, Wikimedia Foundation
[1]
https://meta.wikimedia.org/wiki/Password_strength_requirements
[2]
https://meta.wikimedia.org/wiki/Special:ChangePassword
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l New messages to:
Wikimedia-l(a)lists.wikimedia.org Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
--
-----------------------------------------------------------------
Shlomi Fish
http://www.shlomifish.org/
http://www.shlomifish.org/open-source/projects/fortune-mod/
If a tree falls down in the middle of the forest, and there’s no one
there
to
hear it… what colour is the tree?
— Monkey Island 2: LeChuck’s Revenge
Please reply to list if it's a mailing list post -
http://shlom.in/reply .
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/
wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/
wiki/Wikimedia-l
New messages to: Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at: