[Pdx-pm] More kwiki attacks
Wil Cooley
wcooley at nakedape.cc
Thu Mar 1 09:45:44 PST 2007
On Wed, 2007-02-28 at 10:48 -0800, Eric Wilhelm wrote:
> # from Bruce J Keeler
> # on Wednesday 28 February 2007 10:43 am:
>
> >Eric Wilhelm wrote:
> >> Well, as much as I love editing rcs files, I think it might be time
> >> to do something else. Our edits to hacks ratio is looking rather
> >> lame, so in our case I'm not sure we're getting that much milage out
> >> of a wiki.
> >
> >How sophisticated are the attack scripts? Would they be confused by
> >something as simple as, say, changing the name of the form field that
> >gets submitted? Or adding a hidden field with a special value that
> > gets checked by the wiki code?
>
> Possibly, but if they become only slightly more sophisticated they will
> easily catch-up to that.
>
> The sad truth is that we have more edit from bots than people. I think
> that violates one of the "why wiki works" laws.
A CAPTCHA might be the easiest way to maintain anonymity.
Wil
--
Wil Cooley <wcooley at nakedape.cc>
http://nakedape.cc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mail.pm.org/pipermail/pdx-pm-list/attachments/20070301/26395a01/attachment.bin
More information about the Pdx-pm-list
mailing list