[sudo-discuss] someone hacking the SudoRoom Wiki

[Pete Forsyth]

David, two things:


On Sun, Feb 9, 2014 at 5:54 PM, David Keenan <dkeenan44 at gmail.com> wrote:

> Forgive my naiveté, but - what are the arguments against requiring
> registration to edit as a permanent requirement, moving forward..? Doesn't
> seem that onerous - to me, anyway. I know we'd have to vote on it and all,
> but im curious (and entirely open to) to hear from folks who'd be against
> such a change.
>

(1) In my opinion, it is better to leave things open to casual fixes, than
to close things down; obstacles of any kind will prevent some improvements
(even if they are only small improvements that somebody doesn't feel like
bothering with an account for). In my mind this is not an absolute rule,
but it's a worthwhile guiding principle.

(2) With MediaWiki, requiring registration doesn't solve the problem, it
only pushes it back. The spambots are just as good at creating accounts as
they are at making IP/anonymous edits.

This is why i suggest getting a small group of people to focus on the
problem and recommend a solution. With MediaWiki there is no magic bullet
that we just haven't gotten around to implementing -- it will take a
careful consideration of a combination of a number of options, and
assessing how effective they are at the current date -- because this stuff
evolves rather rapidly. Basically, I'd describe it as a design problem, not
a binary "lock down or do not lock down".

What *combination* of various policies, extensions, and settings is right
for meeting Sudo Room's needs?

Pete
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sudoroom.org/pipermail/sudo-discuss/attachments/20140209/2185884b/attachment.html>