Yep. Since
Wikimedia publishes the templates and the dumps, the fixing
needs to happen at the source -- the English Wikipedia. Some sort of
constraint should be placed into MediaWiki to limit the call depth and
complexity for some of these templates by refusing to save changes for
templates which are so obviously broken.
Thing is, they're not "broken" on
en.wikipedia.org. The WMF hardware is
capable of rendering these pages in a reasonable amount of time, ~12s
for me for either [[United States]] and [[Antarctica]], including
download time for the images etc. I agree that's higher than most
pages, but I wouldn't call it "broken."
Broken is relative, and I don't see why the English Wikipedia needs to
be crippled because your hardware, as a downstream user, isn't capable
of matching the performance of the Foundation's hardware.
"Not our problem" is potentially a dangerous argument. Let's take as a given
that
some normal non-malicious pages as currently written take 12 seconds to render on WMF
hardware. Suppose that an actively malicious user then systematically identifies and
repeatedly calls the slowest operations contributing to that render time, and eliminates
all the fast operations, thus allowing them to increase the "efficacy"/slowness
of the
wikitext rendering, such that a page that's only 5% of the size takes 4 times longer
to render (so we're up to around 50 seconds to render 8 KB of wikitext). We then take
the number of MediaWiki Apache servers (let's assume 170 for the sake of argument).
So for a DoS we need to request from each server (say) two preview renderings of each
attack page per 50 seconds, and assuming 170 servers, that's 170/(50/2) seconds * 8
KB
= 54 KB per second upstream bandwidth required. Downstream bandwidth doesn't matter
because we don't care about the response, and we won't be listening anyway. My
connection
now for example is 1017 kilobits per second upstream, equals 127 KB per second. So,
if the above assumptions are reasonable and my maths is okay, then any single reasonably
modern broadband connection is more than sufficient to make every Wikipedia unusable.
... remind me again of how this is not our problem? ;-)
It might be better to think of Jeff's servers as the gasping canary, WMF servers as
the
miner, and slow render time as the toxic gas, the Internet as the mine, the people who
will make useful contributions as the gold, the trolls as trolls, and ... actually I
think I'm overextending the metaphor, so I'll stop there!
-- All the best,
Nick.