Citizendium Blog

February 16, 2007

Vandal Assault

Filed under: Project growth, Technology, Open source, Internet — Jason Potkanski @ 8:43 pm

Over the last 48 hours, a vandal or group of vandals has been maliciously assaulting the wiki.

I am not sure what the appeal to vandalism is. Perhaps it is like a rock star trashing a hotel room. Either way, gathering enemies achieves a sort of relevance. So to the vandals…thank you for making us relevant.

When this project was created, we foresaw the possibility of attacks and prepared our hosting provider (Steadfast.net) to harden both the box and switch against attacks.

Hardening the wiki is a different matter. Each method used must be carefully chosen to avoid CPU, memory and bandwidth bottlenecks. What is in place now is stop-gap, but I believe it will survive slashdotting. The new software stops all bot/script activity at a cost of logging a lot of data.

Sadly, anti-spam/anti-vandal software solutions are not mature or even in alpha stages. Obvious solutions are lacking, such as throttling. I have not been able to find a CAPTCHA extension for new account creation and may have to write a homegrown one.

Stopping vandalism requires time. Time is money. I hate burning money. Like IRC in the early days, when you could split servers and create spoofs…the code will just get better inevitably.

-Jason Potkanski

3 Comments »

  1. Jason

    You’re aware that an anti pagemove vandalism bot does in fact exist for MediaWiki and has been used a fair bit at Wikipedia. (http://en.wikipedia.org/wiki/User:VoABot_II). There’s also a more generic anti vandalism bot @ http://en.wikipedia.org/wiki/User:AntiVandalBot

    Comment by AGuest — February 16, 2007 @ 11:03 pm

  2. Bots are reactive. Extensions are proactive/preventative. Why burn CPU cycles with external connections when the software itself should provide the functionality?

    -jtp

    Comment by Jason Potkanski — February 17, 2007 @ 12:00 am

  3. […] from editors.  More recently, as of February 16, we have shut down self-registration on account of rampant vandalism.  We have had no vandalism either before or after the self-registration […]

    Pingback by Citizendium Blog » Our registration policy - how we check identities — March 6, 2007 @ 3:15 pm

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress