Re: [opensuse-wiki] Vandalism and new users

-------- Original-Nachricht --------
Datum: Tue, 20 Jul 2010 13:34:52 +0200 Von: Andreas Jaeger <aj@novell.com> An: pistazienfresser <pistazienfresser@gmx.de> CC: "Rajko M." <rmatov101@charter.net>, Thomas Schmidt <tom@opensuse.org>, Henne Vogelsang <hvogel@opensuse.org>, javier@opensuse.org, m.moeller@opensuse.org, Tim Mohlmann <muhlemmer@gmail.com>, petr.uzel@suse.cz, spyhawk@opensuse.org, "Rémy Marquis" <remy.marquis@gmail.com>, Shayon Mukherjee <sj@opensuse.org>, MJPSeidler@gmail.com, Martin Seidler <Martin.Seidler@web.de> Betreff: Re: [opensuse-wiki] Vandalism and new users
On Tuesday 20 July 2010 13:05:26 pistazienfresser wrote:
http://wiki.opensuse.org/index.php?title=Main_Page&curid=544&diff=17698&oldi...
http://wiki.opensuse.org/index.php?title=Main_Page&diff=prev&oldid=17351
Hello Andreas, Rajko, Thomas/Tom, Hendrik/Henne, Javier, Marcus, Tim, Petr, Rémy, Shayon and all other wiki-admins,
is there any plan to secure the group of users/to limit the creation of new users and of dealing with vandalism in general?
I think it is possible to do a lot less obvious and more dangerous spamming/malicious things than the examples above.
Maybe next think will be an external link to a malware containing page and maybe next time an editor/admin/... will not look at the content of a link/will not control the link before marking as 'patrolled [corr.] '/'sighted'/'quality'. Compare:
http://forums.opensuse.org/english/community/opensuse-wiki-discussions/44127...
I do not want that on a list (that will be published) - not in all cases I rate the openness of bug reports so hight ;-).
It was only my opinion.
I cannot speak about the best overall plan for the wiki but let me just state that Iwecan ask our IS&T guys to block the accounts used in case of such vandalisms - Henne, I can give you details on what to do to get it done,
A page for normal users on that or where and how to deal with vandalism may be fine?
Btw. shouldn't we write protect the "Main Page"?
I think it is 'protected' with 'quality maintenance' in the way that no without higher permissions as a normal user (I think only admins and a group with members that are already admins, too) can make a edit that is shown as default by not users - I may sometimes a bit more cautious that others but even I think that is enough.
Btw. I suggest to discuss this publically on the mailing list,
Andreas
Done, as there were no objections in the time since... Greetings pistazienfresser [...] -- GMX DSL: Internet-, Telefon- und Handy-Flat ab 19,99 EUR/mtl. Bis zu 150 EUR Startguthaben inklusive! http://portal.gmx.net/de/go/dsl -- To unsubscribe, e-mail: opensuse-wiki+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-wiki+help@opensuse.org

On Tue, Jul 20, 2010 at 16:05, pistazienfresser wrote:
http://wiki.opensuse.org/index.php?title=Main_Page&curid=544&diff=17698&oldi...
http://wiki.opensuse.org/index.php?title=Main_Page&diff=prev&oldid=17351
Wiki vandalism like this is tough to combat in my experience. Flagged revisions really does help - but it comes at a cost... overhead for approvers, and it prevents instant editing. On other Wikis (like the OOo Wiki), I've implemented (with reasonably good results): - http://www.mediawiki.org/wiki/Extension:Bad_Behavior - http://www.mediawiki.org/wiki/Extension:ReCAPTCHA and set up $wgSpamRegex with the most common words used in Wiki Spam. These extensions etc are working and we've reduced Spam from an hourly problem to something that has to be dealt with a couple of times per month.
is there any plan to secure the group of users/to limit the creation of new users and of dealing with vandalism in general?
Isn't an action like this rather counter productive? The point of Wikis is for collaboration on input. If you lock down the users.. or raise the bar too high, you starve the Wiki of the few new contributors.
I think it is possible to do a lot less obvious and more dangerous spamming/malicious things than the examples above.
Sure. That's the risk of the internet and Wikis in general.
I cannot speak about the best overall plan for the wiki but let me just state that Iwecan ask our IS&T guys to block the accounts used in case of such vandalisms - Henne, I can give you details on what to do to get it done, A page for normal users on that or where and how to deal with vandalism may be fine?
Anyone with Admin access on the WIki can and should be able to deal with the WIki Spam fairly effectively (including blocking the spammers) Account blocking at the Novell level... that's another animal :-) C. -- To unsubscribe, e-mail: opensuse-wiki+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-wiki+help@opensuse.org

On 20/07/10 16:26, C wrote:
On Tue, Jul 20, 2010 at 16:05, pistazienfresser wrote:
http://wiki.opensuse.org/index.php?title=Main_Page&curid=544&diff=17698&oldi...
http://wiki.opensuse.org/index.php?title=Main_Page&diff=prev&oldid=17351
Wiki vandalism like this is tough to combat in my experience. Flagged revisions really does help - but it comes at a cost... overhead for approvers, and it prevents instant editing.
On other Wikis (like the OOo Wiki), I've implemented (with reasonably good results): - http://www.mediawiki.org/wiki/Extension:Bad_Behavior - http://www.mediawiki.org/wiki/Extension:ReCAPTCHA and set up $wgSpamRegex with the most common words used in Wiki Spam.
These extensions etc are working and we've reduced Spam from an hourly problem to something that has to be dealt with a couple of times per month.
is there any plan to secure the group of users/to limit the creation of new users and of dealing with vandalism in general?
Isn't an action like this rather counter productive? The point of Wikis is for collaboration on input. If you lock down the users.. or raise the bar too high, you starve the Wiki of the few new contributors.
I think it is possible to do a lot less obvious and more dangerous spamming/malicious things than the examples above.
Sure. That's the risk of the internet and Wikis in general. [...] But you can reduce the risk for both the user/consumer and especially for the approving admin/editor/ I was referring to this discussion/example: *Thread: Internal and external links - definition and rules/guidelines* http://forums.opensuse.org/english/community/opensuse-wiki-discussions/44127...
Especially in a wiki where are controlled versions (not only against vandalism but also for quality) there might be a problem for admins/editors with liability for 'controlled' external links. With this in mind I propose that there should be some more cautious dealing with external links: - Easy to see in html/wiki format: links to openSUSE/novell without an arrow (and not links to openFATE, forums.opensuse.org, novells bugzilla and other openSUSE or Novell pages with an arrow like likes to private webpages), but links to real external pages (including en.wikipedia) with an arrow (not without a arrow like internal links to an other page of the opensuse-wiki). If I look at the "terms" (Contract of adhesion?/Allgemeine Geschaeftsbedingungen?) the section under http://wiki.opensuse.org/Terms_of_site#Links_to_Third-Party_Sites seems to define "external links" like I thought of it. - (If possible without much fuss) no external links in the main text but only in the section "external links" (template:References/Footnotes or at least: [[#References|Short name]]). - The (easy to see) possible reputation of an external source - Author, Platform, Title of the source: better to control/rate both by user and by patrolmen/administrators. See: http://wiki.opensuse.org/Talk:In_the_press So what about a help:-page and a template with guidelines to define external links and there use like above? Maybe you would define accordingly the content of the sections "see also" (or maybe a third section for links to novell and openSUSE out of the wiki) and especially "external links". Greetings pistazienfresser -- - openSUSE profile: https://users.opensuse.org/show/pistazienfresser -- To unsubscribe, e-mail: opensuse-wiki+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-wiki+help@opensuse.org

On Martes, 20 de Julio de 2010 16:05:57 pistazienfresser escribió:
-------- Original-Nachricht --------
Datum: Tue, 20 Jul 2010 13:34:52 +0200 Von: Andreas Jaeger <aj@novell.com> An: pistazienfresser <pistazienfresser@gmx.de> CC: "Rajko M." <rmatov101@charter.net>, Thomas Schmidt <tom@opensuse.org>, Henne Vogelsang <hvogel@opensuse.org>, javier@opensuse.org, m.moeller@opensuse.org, Tim Mohlmann <muhlemmer@gmail.com>, petr.uzel@suse.cz, spyhawk@opensuse.org, "Rémy Marquis" <remy.marquis@gmail.com>, Shayon Mukherjee <sj@opensuse.org>, MJPSeidler@gmail.com, Martin Seidler <Martin.Seidler@web.de> Betreff: Re: [opensuse-wiki] Vandalism and new users [...] Btw. shouldn't we write protect the "Main Page"?
I think it is 'protected' with 'quality maintenance' in the way that no without higher permissions as a normal user (I think only admins and a group with members that are already admins, too) can make a edit that is shown as default by not users - I may sometimes a bit more cautious that others but even I think that is enough.
The Main Page was protected in the old wiki and it should be like that in the new one to prevent vandalism.
Btw. I suggest to discuss this publically on the mailing list,
Andreas
Done, as there were no objections in the time since...
Greetings, -- Javier Llorente
participants (3)
-
C
-
Javier Llorente
-
pistazienfresser