[wsfii-discuss] Spammers appear to have hacked into wsfii site

jeff buderer jeff at onevillagefoundation.org
Tue Oct 28 10:04:00 UTC 2008 

Sanjay,

Thanks for the intro and the useful concise info.

Lets map out some specifics that we can do in terms of solving the
problem.

In particular i see the issue as revolving around understanding the
existing wiki/blog system that powers wsfii.org and then seeing what
could be adapted to that system.

I also cced to wsfii-coord at lists.okfn.org as that is the wsfii
coordination discussion group and this discussion might actually be more
relevant there.

Jeff

On Tue, 2008-10-28 at 14:32 +0530, Sanjay Bhangar wrote:
> On Tue, Oct 28, 2008 at 1:01 PM, jeff buderer
> <jeff at onevillagefoundation.org> wrote:
>         Vickram,
>         
>         Anything can be broken but CAPTCHAS reduce the number of
>         intruders.
> 
> CAPTCHAs are a bit ugly in the sense of it being a zero-sum game - a
> CAPTCHA gets broken, then you need to make it more obscure, upto a
> point where its rather hard for even humans to decipher what's
> written .. I personally prefer the option of using random questions,
> etc. combined with some javascript spoofing techniques (not having a
> standard submit button but a javascript onclick triggering submit,
> etc.) which has reduced attacks from automated bots for me in the past
> - however, none of these techniques are effective against human
> spammers ..
> 
>         
>         What are the other options?
> 
> One tool that I know of, that apparently works quite well - I haven't
> used it a lot, but am on their mailing list and it sounds like a
> decently good project - http://akismet.com/ .
> 
> Again, the above solutions are more in the context of "comment spam"
> and not sure how well they translate to the problem of wiki spam ...
> 
> Am happy to work with people on implementing any of these
> solutions ... I think aksimet is probably worth a try as its
> absolutely non-intrusive for the user, works by learning from the
> community of users so you help the larger community every time you
> find a new spammer, etc ... 
>  
> (btw, since this is my first post on the list, a quick introduction -
> I work for http://camputer.org , very interested in wireless and am
> friends with Vickram, in Bombay .. )
> 
> cheers,
> Sanjay
> 
> 
>         
>         Jeff
>         
>         
>         On Tue, 2008-10-28 at 02:52 +0000, Vickram Crishna wrote:
>         > I think many such initiatives suffer for the same reason
>         (ie, not
>         > enough time for sysops to handle the load), in order to
>         authenticate
>         > genuine users. Plus of course the hassles of keeping
>         passwords, for
>         > the genuine users.
>         >
>         > Captchas can and are being broken today by public ocr
>         service sites, I
>         > read not so long back in Slashdot.
>         >
>         > Vickram
>         > http://communicall.wordpress.com
>         > http://vvcrishna.wordpress.com
>         >
>         >
>         >
>         >
>         >
>         ______________________________________________________________________
>         > From: Alexander List <alex at list.priv.at>
>         > To: Discuss list on the World Summit on Free Information
>         > Infrastructure <wsfii-discuss at lists.okfn.org>
>         > Sent: Monday, 27 October, 2008 15:41:37
>         > Subject: Re: [wsfii-discuss] Spammers appear to have hacked
>         into wsfii
>         > site
>         >
>         > Vickram Crishna wrote:
>         > > Quite right. Naturally, this increases the workload for
>         the sysop,
>         > for
>         > > which the only solution, imo, is to increase the number of
>         sysops,
>         > > with enough volunteers (3-5 is a good number) that one or
>         the other
>         > > takes care of it in time.
>         >
>         > What about only allowing authenticated users to sign
>         up/post, and to
>         > use
>         > captchas to get rid of those bots?
>         >
>         > Alex
>         >
>         > _______________________________________________
>         > wsfii-discuss mailing list
>         > wsfii-discuss at lists.okfn.org
>         > http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>         >
>         >
>         > _______________________________________________
>         > wsfii-discuss mailing list
>         > wsfii-discuss at lists.okfn.org
>         > http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>         
>         
>         
>         _______________________________________________
>         wsfii-discuss mailing list
>         wsfii-discuss at lists.okfn.org
>         http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>         
> 
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss

More information about the wsfii-discuss mailing list