[Foundation-l] and what if...
Andrew Whitworth
wknight8111 at gmail.com
Fri Dec 12 16:29:16 UTC 2008
On Fri, Dec 12, 2008 at 10:50 AM, Thomas Dalton <thomas.dalton at gmail.com> wrote:
>> Long-time ago, I suggested adding a short-duration cookie whenever a
>> block was triggered that would allow the software to detect the most
>> obvious IP jumping vandals (asumming they used the same browser on the
>> same machine each time). It doesn't get at the bulk of Tomek's
>> criticism, but it does fall in the other-things-we-could-do category.
>
> Deleting cookies is far easier than changing IP addresses.
I think we're all overestimating the problem here. If a vandal is
absolutely determined and has enough technical savvy, no measures that
we take are going to keep them out indefinitely. We can take
reasonable measures to combat the most common types of vandalism, but
we need to realize that no measures we take will be perfect and the
more we do to try to combat individual determined vandals the more
collateral damage we are going to sustain. If vandals aim to disrupt
the project, then sweeping range blocks on IPs is victory for them.
No solution is perfect, and the best we can do is to eliminate the
most common cases in a reasonable way.
--Andrew Whitworth
More information about the foundation-l
mailing list