[Wikipedia-l] Re: multi-headed VANDALS + PANIC button
Neil Harris
usenet at tonal.clara.co.uk
Mon Jul 29 18:51:21 UTC 2002
lcrocker at nupedia.com wrote:
>>What I do fear is some script kiddy with a couple dozen rotating
>>proxies and a ship-load of bots flooding the database with junk and
>>overwriting 20 articles a minute. A panic button to lock-down the
>>site would then be nice (Sorry, I can't protect pages fast enough).
>>Then that would give a sysop the time needed to block all the IPs
>>of the vandal. But again, I don't think we are at that point yet.
>>
>>
>
>I actually do already have a "lock the database" button available
>to developers; maybe I should make that available to sysops as well
>(as long as "unlock" is as well, of course)?
>
>I also need to start thinking about some back-end stuff like the cron
>job for making more frequent backups.
>
>
>
Whilst I was filling the database up with crud, I noticed that it still
took days and days to reach 100,000 articles, even running several
submit processes in parallel. Providing that sysops have powerful tools
ready for rolling back changes, they will have plenty of time to react.
I agree that hard security leads to an arms race. But leaving the
Wikipedia as a "soft target" with apparently magical self-healing
properties should make the experience no fun for script kiddies:
* they see that "vandalism" is easy, and no challenge
* they should also see (eventually) that it is futile
Neil
More information about the Wikipedia-l
mailing list