[aprssig] Re: Wiki: Ok. I give up.
Tom Russo
russo at bogodyn.org
Tue Aug 14 10:10:08 EDT 2007
On Mon, Aug 13, 2007 at 10:44:03PM -0700, we recorded a bogon-computron collision of the <sparkfel at qwest.net> flavor, containing:
> At 02:54 PM 8/13/2007, Scott Miller wrote:
>
>
> > I've restricted anonymous edits, and installed a simple captcha system. If
> > that proves inadequate there are some other measures that can be
> > implemented - MediaWiki has plenty of extensions and tweaks available.
>
>
>
> It is my understanding that CAPTCHA has been/can be bypassed. Dunno how,
> but I heard it on the radio a few weeks back. Radio being AM Talk, not
> Ham.
I'm reasonably certain that the particular captcha in use on this wiki will
be inadequate, especially if it's already a well-known MediaWiki module.
It is something that a program could easily defeat, and most of the spamming
that's been happening is scripted so I would expect it won't be long before
the new wiki is overwhelmed with spam, too.
It would be much more effective to make registration require an email
confirmation, *and* implement a permissions system that restricts edits to
users in specific groups (both simple things in MediaWiki). The hard part
of that is having a sysop that is willing to serve as the contact point to
modify permissions of new users on request.
The Xastir wiki became unusable briefly before we implemented those two
features, and has been unmolested since we did. Chuck Byam, the sysadmin,
set Curt and me up as alternate sysops, and we can add or remove users'
edit permissions as needed. I think a similar set-up should be in place on
the APRS wiki. This captcha won't hold us for long.
--
Tom Russo KM5VY SAR502 DM64ux http://www.swcp.com/~russo/
Tijeras, NM QRPL#1592 K2#398 SOC#236 AHTB#1 http://kevan.org/brain.cgi?DDTNM
"And, isn't sanity really just a one-trick pony anyway? I mean all you get is
one trick, rational thinking, but when you're good and crazy, oooh, oooh,
oooh, the sky is the limit!" --- The Tick
More information about the aprssig
mailing list