On 8/24/06, Timwi timwi@gmx.net wrote:
Suppose some stupid web programmer programmed a forum where you can delete posts with a GET request. If you can fire GET requests to any server from Wikimedia's servers, then the forum's servers will only log Wikimedia's IPs, and the mass-deletion forum vandal is now untraceable.
1) Most web programmers aren't that stupid.
2) Even if they were that stupid, they wouldn't be stupid enough to allow an IP address completely unknown to their server to do anything bad to it.
3) Even if they were *that* stupid (and we're currently talking serious, serious stupid), they would have