rubygarden homepage hacks

[Simon Strandgaard]

On daily basis the homepage at rubygarden is being edited.
some random piece of text are being replaced with a link to an
asian homepage which looks non-ruby related.

Is it possible to blacklist that automated bot ?

http://www.rubygarden.org/ruby?HomePage

 

[Chad Fowler]

On daily basis the homepage at rubygarden is being edited.
some random piece of text are being replaced with a link to an
asian homepage which looks non-ruby related.

Is it possible to blacklist that automated bot ?

I'll look into it. I think "hack" is a bit of a strong word here.
This is more of an "edit".

Chad

 

[Paul Vudmaska]

I'll look into it. I think "hack" is a bit of a strong word here.
This is more of an "edit".

Funny!

I dont see it on the page. If it _could_ be hacked, that would be an
interesting new spamming technique/scrourge to contend with.

aul

 

[Simon Strandgaard]

Funny!

I dont see it on the page. If it _could_ be hacked, that would be an
interesting new spamming technique/scrourge to contend with.

Take a look at the earlier revisions, and you will see the link.
I don't want to mention the name of the page, because then I would
help promote their silly page, which I don't want to.

url spelled backwards.

www ssmme dot com

 

[Dick Davies]

Take a look at the earlier revisions, and you will see the link.
I don't want to mention the name of the page, because then I would
help promote their silly page, which I don't want to.

url spelled backwards.

www ssmme dot com

It appeared on the rubygems wiki a couple of weeks ago, I remember taking
it out of the homepage there.

...

Ah, and it's back there again - the link is at the bottom of the first
list (About RubyGems), it's called 'chonnging wiki' and points to that url.

Taken it out for now, but it'll be back soon, I bet.

 

[Sascha Doerdelmann]

On daily basis the homepage at rubygarden is being edited.

Not only HomePage but some other pages, too. This is a well known
problem with wikis and usually requires an active wiki community. I am
not sure that a blacklist will do in all cases.

See http://c2.com/cgi/wiki?WhyWikiWorks
and http://c2.com/cgi/wiki?DeleteInsults

Cheers
Sascha

 

[Simon Strandgaard]

Not only HomePage but some other pages, too. This is a well known
problem with wikis and usually requires an active wiki community. I am
not sure that a blacklist will do in all cases.

See http://c2.com/cgi/wiki?WhyWikiWorks
and http://c2.com/cgi/wiki?DeleteInsults

I remember the Docbook wiki got erased completely by an evil bot, this
was a big loss.

http://wiki.docbook.org/topic/

Shouldn't we do something to prevent situations like that?



BTW: It would be really nice if one could create one central Ruby account,
which then would work with: rubyforge, rubygarden, rcrchive, raa, rubynews.
Is such unification realistic ?

 

[Jean-Hugues ROBERT]

I remember the Docbook wiki got erased completely by an evil bot, this
was a big loss.

http://wiki.docbook.org/topic/

Shouldn't we do something to prevent situations like that?



BTW: It would be really nice if one could create one central Ruby account,
which then would work with: rubyforge, rubygarden, rcrchive, raa, rubynews.
Is such unification realistic ?

I agree. Registering that often is painful. Unfortunately centralization
does not scale. There must be other ways to fight bots. I think that they
are not so good at OCR so far (that way I don't have to "invent" a new
password all the time, that I keep forgetting anyway).


Yours,

Jean-Hugues

 

[Michael Vondung]

url spelled backwards.
www ssmme dot com

I've seen this one just today in a number of unrelated Wikis that were
spammed with this URL. I checked whois, and unfortunately it appears
that they are in China. However, the administrative and technical
contacts list a valid looking msn.com email address.

M.

 

[Guillaume Marcais]

BTW: It would be really nice if one could create one central Ruby
Ruby passport?

Guillaume.

 

[Kristof Bastiaensen]

I agree. Registering that often is painful. Unfortunately centralization
does not scale. There must be other ways to fight bots. I think that they
are not so good at OCR so far (that way I don't have to "invent" a new
password all the time, that I keep forgetting anyway).

Yours,

Jean-Hugues

That is a nice idea, to have an autogenerated image, containing
a password to be used for making changes (and some random noise
to confuse the bot).
And maybe it would help prevent disaster to limit the amount of
text that can be deleted at a time.

A revision history (a la CVS) to quickly revert changes may help
to. Don't they have this already?

Kristof

 

[Paul Vudmaska]

--------------050905030907000601020008
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Sascha Doerdelmann wrote:




I remember the Docbook wiki got erased completely by an evil bot, this
was a big loss.

http://wiki.docbook.org/topic/

Shouldn't we do something to prevent situations like that?



BTW: It would be really nice if one could create one central Ruby account,
which then would work with: rubyforge, rubygarden, rcrchive, raa, rubynews.
Is such unification realistic ?

I'd highly recommend Microsoft Passport for this. <duck>

Actually, that would be a neat project for ruby - a remote
authenticaction service. Encrypted Xml, Rpc/Soap. Neat. Useful.


--------------050905030907000601020008--

 

[Hugh Sasse Staff Elec Eng]

[...]

That is a nice idea, to have an autogenerated image, containing
a password to be used for making changes (and some random noise
to confuse the bot).

I don't like this solution for the reasons outlined in

http://www.w3.org/TR/turingtest/

but:

And maybe it would help prevent disaster to limit the amount of
text that can be deleted at a time.

this agrees with their "limited use" solution
http://www.w3.org/TR/turingtest/#limiteduse
which seems to me the best solution of those offered.

A revision history (a la CVS) to quickly revert changes may help
to. Don't they have this already?

Many Wikis do.

Kristof

Hugh

 

[Dick Davies]

That is a nice idea, to have an autogenerated image, containing
a password to be used for making changes (and some random noise
to confuse the bot).
And maybe it would help prevent disaster to limit the amount of
text that can be deleted at a time.

Search on RAA for 'CAPTCHA' - someone mentioned a library a couple
of months ago.

Ah, here it is:

http://raa.ruby-lang.org/project/captcha/

 

[Thomas Fini Hansen]

Many Wikis do.

Actually, I consider it such an elemental feature of a wiki that I
think that one without is crippled. IMHO, of course.