MeatballWiki | RecentChanges | Random Page | Indices | Categories

The effect of being mentioned on the main page of SlashDot.

A MeatBall account of ZWiki's being SlashDotted (ZWiki:WikiVandalism, ZWiki:ShieldsUp).

1pm Alas, there was a day when I would happily have posted raves about Wiki on SlashDot (cf. the JonKatz? article about virtual communities and the front-page link to ZWiki:FrontPage!). The rapid trashing of ZWiki:FrontPage shows why I am slightly hesitant to do so today. I really wish I knew enough about ZWiki to figure out how to recover the front page. From the little I can see, I suspect that only the administrator can do so.

2pm The posting of pornographic content (through the use of JavaScript redirects) on ZWiki:FrontPage has slowed down. I found myself carrying the torch for SoftSecurity (a role I would not have expected a month ago!); I've been clearing the page out with a short "being fixed" message off and on for the last hour or so. I'm not sure what to think of this. ZWiki definitely needs edit rate limits. And there has to be an easy and quick way to restore prior versions. (At one point, the page was defaced every 15 seconds or so.) Also, the use of full HTML is questionable. . . I wonder whether server-side scripting is enabled (shudder)? The individual posted the same code once on WardsWiki, but it obviously failed to execute as expected, and he(?) returned to ZWiki.

It's obvious what we need. PoliceForces! GodKings! HardSecurity! Compassionate Fascism! [Take with smileys to taste.] Actually, I have a few more serious possibilities that I'll try to discuss in the next few weeks. Hopefully there will still be some wikis left by then... --CliffordAdams

[ed: Cliff then wrote OnWikisAndSecurity.]

Discussion moved from PeerPressure...

When a wiki gets SlashDotted, the wiki community rallies to protect it. ZWiki took the full brunt of Slashdot goons and "lost" temporarily, but after Simon put the ZWiki:ShieldsUp the community came together to discover the perpetrators. Sure enough, once a call to an ISP was made, apologies came flowing. Moreover, SoftSecurity like KeptPages would have allowed ZWiki to keep their shields down.

Now, I think IP blocking was useful in ZWiki's case. HardSecurity is necessary to break concerted attacks: you must MeetForceWithForce. However, that does not mean that SoftSecurity is a bust. Both hard and soft can work together, but hard should only be used in exceptional circumstances. This is true in normal society. One would not want the police or--even worse--the military to be hauled out at every turn. -- SunirShah

I have a different view of the ZWiki case. Because ZWiki didn't (at first) have any good means of distinguishing trusted users from vandals, it had to treat all the users (except Simon) as potential vandals, even people like myself and Sunir. (Later ZWiki IP-blocked the vandal's ISP.) Even now, more than a week later, almost all users are considered potential vandals of the ZWiki:FrontPage.

Now consider how different the experience could have been if the existing community had some form of access control. After the slashdotting, access control would allow the option to turn off writing only to unknown users--the existing community could have continued mostly unaffected by the event. More radically, if Simon had trusted a few people like Sunir, Scott, and myself with admin-level IP-blocking controls, ZWiki might have remained open with all the repeat attackers blocked. Instead, a few people tried (with moderate effectiveness) to correct each attack as it occurred, until ZWiki was closed to everyone.

In one sense, the ZWiki attacks left no permanent damage--the content was backed up in the database and could be retrieved. In another way, it is hard to know how much damage was done. Not all the visitors from SlashDot were attackers, and several of them might have been interested in the wiki way. Those who experienced the redirect to a porn site might never again try a "wiki" link--they could rationally think that "it's just another MetaBaby-like anarchy". If my first wiki experience had been like that, you wouldn't be reading this on any site I host. --CliffordAdams

By the way, just to show the difference of scale, Slashdot receives 500 000 - 1 000 000 hits per day. MeatballWiki receives around 1 000. I don't have stats on ZWiki.

Ah, The trolls hit SeattleWireless and did a variety of ugly things including inlining their favorite nasty picture. Pages were restored quickly by our own regular users and slashdot users that were a bit more mature. I did drop the route of an extremely persistant troll, but avoided making the site read only or putting filters into the code as it goes against the nature of a wiki and ups the 'fun level' for script kiddies (I dont feel like being ping flooded either).

This is not our first slashdotting, but has definitely been one of the more annoying. They usually dont figure out image tags that quick ;) I doubt we will do anything programatically to increase site security as these things generally stop after a couple of days. It would be nice to have an easier recovery method in the diff list. Perhaps the newest version of MoinMoin solves that.

-- MattWestervelt

If you could restore an old version with one click (which would be about 10 lines of code), that'd open up a new and quite dangerous line of vandalism, because you'd not note on first sight that someone just eradicated several months of contribution. It has been a conscious decision to not add that particular click so far. If you want it, I'll add it as a config option.

true, true, It would also make it a lot easier to revert to the dumb version... I guess I dont really want that :) --MattWestervelt

I'm open to any ideas, personally I commit my wikis to CVS repositories as a means to quickly revert to a safe version. Another idea you can directly implement is creating a daily tarball via cron, of the "text" directory. -- jh

I do backups, but I'm averse to just untarring the whole thing as that's going to wipe out any new good content that may have occurred at the same time as the bad content. No matter what I think of the high noise level of slashdot, we do owe a fair amount of our project's status / volunteerbase to the few that provide signal. It's probably best if I just stay out of the whole thing really :) --MattWestervelt

Does MoinMoin have a VersionHistory system like KeptPages? I can't find anything like that. It doesn't even seem to have an EditCopy. Sure, malicious users can revert to bad versions just as easily as you can but a) don't make it worth their time by taking it like the joke that it is(your SeattleWireless:NoticeToScriptKiddies isn't helping); b) there are more good users than bad. -- SunirShah

January 22, 2003: WikiPedia is slashdotted again, on the occasion of its 100K articles press release. http://slashdot.org/articles/03/01/22/0258226.shtml?tid=149

Particularly good comment from Brion, in response to criticism of a specific error in an article:

I think I'll stick with peer reviewed articles for the moment.
You're a peer, you reviewed it, you found a problem. Why didn't you correct it?

Perhaps us Wikiers forget the LearningCurve? we had to climb when we first discovered Wiki. Then again, it wasn't rocket science ;)

CategoryCase CategorySlashdot


MeatballWiki | RecentChanges | Random Page | Indices | Categories
Edit text of this page | View other revisions