RE: Our Wiki just got hijacked

From: Popkin, Laird (WMG Corp) <"Popkin,>
Date: Tue Jun 29 2004 - 13:07:48 CDT

The revision history is:

        Revision 23 . . June 29, 2004 11:00 am by Dqm [Restore vandalized
homepage]
        Revision 22 . . June 29, 2004 10:38 am by Ekennedyx
        Revision 21 . . June 29, 2004 8:11 am by
CBL217-132-89-133.bb.netvision.net.il [www.casino-online-on-line.com]

So at 8:11 AM the wiki home page became a casino ad. At 10:38 one of us
deleted the ad, leaving the page blank. At 11:00 two of us (smile) restored
the original page.

As for the issue of the wiki being our documentation, and the risk of it
being defaced, I can see three easy options:

1) Leave it as is.
2) Add HTTP authentication to the web server, so we'd have a (shared)
username and password used to access the site. This would block reading as
well as posting.
3) We move to a more sophisticated Wiki system that provides for logging in,
access control over authoring, etc. For example, there's a Wiki module for
Drupal that works quite nicely; if you'd like I can set it up on our Drupal
site for people to evaluate. It basically looks just like a Wiki with Drupal
sidebars. :-)

- LP

-----Original Message-----
From: owner-voting-project@afterburner.sonic.net
[mailto:owner-voting-project@afterburner.sonic.net]On Behalf Of Arthur
Keller
Sent: Tuesday, June 29, 2004 1:29 PM
To: voting-project@lists.sonic.net
Subject: Re: [voting-project] Our Wiki just got hijacked

At 1:16 PM -0400 6/29/04, David Mertz wrote:
>>>A Wiki is closer to a discussion list than it is to formal publication.
>
>On Jun 29, 2004, at 12:56 PM, Arthur Keller wrote:
>>Others may not make that distinction. I'd prefer if we had a login
>>system. Simple passwords will do.
>
>What others?! People who don't know what a Wiki is?

The typical person looking at our materials.

>If you're worried about it, add a note to the HomePage that says "A
>Wiki is more like a discussion list than it is like a formal
>publication"... that way anyone who goes there will know that fact.
>
>>The danger is not merely vandalism, it is someone changing our text
>>in a way that we don't notice and changes our meaning. That's the
>>greater risk.
>
>Just look at the change history. There's nothing subtle there: it
>gives you explicit diffs between versions, with colors and
>highlights pointing out what's changed. Looking at a colorized
>diff, it's pretty darn hard to miss it if a change gives the wrong
>meaning. It doesn't make a whit of difference whether that wrong
>meaning is malicious or careless, or just represents a
>misunderstanding by an OVCer... if it's wrong, make it better!

I don't understand the social problem of having registered users and
passwords. It avoids vandalism, and let's us know who wants to
contribute.

>I definitely DO NOT want to create an ANTI-WIKI that masquerades as a Wiki.

Who's talking about an Anti-Wiki? I'm talking about controlled
authorship. We don't allow merely anyone to post to our mailing list
(and we've stopped quite a few Nigerian spams that way), and there
aren't calls to allow anyone.

I think people should introduce themselves to a community before
contributing. Having strangers edit our discussions, for good or
evil intent, is not a requirement of a Wiki. Rather, I want a
discussion amongst a community, to which others can join.

For the record, how long did it take until the vandalism was
discovered and restored?

Best regards,
Arthur

-- 
----------------------------------------------------------------------------
---
Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Wed Jun 30 23:17:26 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:30 CDT