[Pdx-pm] More kwiki attacks

Wil Cooley wcooley at nakedape.cc
Thu Mar 1 09:45:44 PST 2007


On Wed, 2007-02-28 at 10:48 -0800, Eric Wilhelm wrote:
> # from Bruce J Keeler
> # on Wednesday 28 February 2007 10:43 am:
> 
> >Eric Wilhelm wrote:
> >> Well, as much as I love editing rcs files, I think it might be time
> >> to do something else.  Our edits to hacks ratio is looking rather
> >> lame, so in our case I'm not sure we're getting that much milage out
> >> of a wiki.
> >
> >How sophisticated are the attack scripts?  Would they be confused by
> >something as simple as, say, changing the name of the form field that
> >gets submitted?  Or adding a hidden field with a special value that
> > gets checked by the wiki code?
> 
> Possibly, but if they become only slightly more sophisticated they will 
> easily catch-up to that.
> 
> The sad truth is that we have more edit from bots than people.  I think 
> that violates one of the "why wiki works" laws.

A CAPTCHA might be the easiest way to maintain anonymity.

Wil
-- 
Wil Cooley <wcooley at nakedape.cc>
http://nakedape.cc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mail.pm.org/pipermail/pdx-pm-list/attachments/20070301/26395a01/attachment.bin 


More information about the Pdx-pm-list mailing list