[sudo-discuss] someone hacking the SudoRoom Wiki

Pete Forsyth peteforsyth at gmail.com
Sat Feb 15 13:49:06 PST 2014 

Captchas might or might not be a worthwhile tool -- definitely something
worth considering. But unless there are some people who want to sit down
and map out a comprehensive approach, I'm going to bow out -- I don't think
we're going to get very far suggesting ideas piecemeal on an email list.

If there *are* folks who'd like to work on it, let me know! I'll be out of
town for a bit, but can either call/skype/IRC in, or get together in person
after the 27th. In the meantime maybe we could divide up some questions to
research, about what has worked well on other sites...

Pete


On Mon, Feb 10, 2014 at 12:54 PM, David Keenan <dkeenan44 at gmail.com> wrote:

> Thank you Pete - that makes a lot of sense.
>
> Might requiring a simple captcha for each edit do the trick..? In addition
> to, or perhaps instead of, requiring a registered email? Just a thought -
>
> Best,
> David
>
>
> On Sunday, February 9, 2014, Pete Forsyth <peteforsyth at gmail.com> wrote:
>
>> David, two things:
>>
>>
>> On Sun, Feb 9, 2014 at 5:54 PM, David Keenan <dkeenan44 at gmail.com> wrote:
>>
>>> Forgive my naiveté, but - what are the arguments against requiring
>>> registration to edit as a permanent requirement, moving forward..? Doesn't
>>> seem that onerous - to me, anyway. I know we'd have to vote on it and all,
>>> but im curious (and entirely open to) to hear from folks who'd be
>>> against such a change.
>>>
>>
>> (1) In my opinion, it is better to leave things open to casual fixes,
>> than to close things down; obstacles of any kind will prevent some
>> improvements (even if they are only small improvements that somebody
>> doesn't feel like bothering with an account for). In my mind this is not an
>> absolute rule, but it's a worthwhile guiding principle.
>>
>> (2) With MediaWiki, requiring registration doesn't solve the problem, it
>> only pushes it back. The spambots are just as good at creating accounts as
>> they are at making IP/anonymous edits.
>>
>> This is why i suggest getting a small group of people to focus on the
>> problem and recommend a solution. With MediaWiki there is no magic bullet
>> that we just haven't gotten around to implementing -- it will take a
>> careful consideration of a combination of a number of options, and
>> assessing how effective they are at the current date -- because this stuff
>> evolves rather rapidly. Basically, I'd describe it as a design problem, not
>> a binary "lock down or do not lock down".
>>
>> What *combination* of various policies, extensions, and settings is right
>> for meeting Sudo Room's needs?
>>
>> Pete
>>
>
> _______________________________________________
> sudo-discuss mailing list
> sudo-discuss at lists.sudoroom.org
> http://lists.sudoroom.org/listinfo/sudo-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sudoroom.org/pipermail/sudo-discuss/attachments/20140215/404273a0/attachment.html>

More information about the sudo-discuss mailing list