[PD] PD WIKKI defaced

Marc Lavallée marc at hacklava.net
Mon Jan 3 18:53:10 CET 2005

derek holzer a écrit :

> Defacing WIKKIs is like knocking over little old ladies in the street.
> I just can't imagine how anyone could have fun doing it...

Spammers don't have fun, they're working.

Mathieu Bouchard a écrit :

 > However, the only other wikis I recall visiting (and a LOT)
 > are the C2.com wiki and the Wikipedia, which are the two biggest wikis
 > I know, were never affected by any such problem, as far as I remember.

Because Wikipedia has a login, permissions and reviewers.

 > A third wiki I have used extensively (but not much in the last years)
 > is http://rubygarden.org/ruby ... I hadn't visited it for a while, and
 > now I notice that they have a page "PreventingWikiSpam" as the first
 > link on the first page. Maybe we'd like to read it.

It explains how to disable Google page ranking. It probably helps, but 
it doesn't solve security issues. Because many wikis are insecure by 
design, there's a whole web site dedicated to wiki spamming: 

The real problem lies in the concept some site admins have of what a 
wiki should be. Here's a excerpt from http://wiki.tcl.tk/12559:
" 1. Wiki Spamming cannot be tolerated.
   2. Implementing login systems, Captchas, etc. means losing the fight
      and giving up.
   3. Wikis are the essence of what the internet should be for me: free,
      open, accessible by anybody. "

I prefer a more balanced approach. Here's a excerpt from

" One of Wiki's key strengths is radical openness.
   One of Zope's is fine-grained, manageable security. "


More information about the Pd-list mailing list