Menu
▾
▴
octave-dev
|
From: Etienne G. <et...@cs...> - 2006-03-17 03:00:23
|
Hi All, who wants a password to edit the wiki? This offer is for non-spammers only! If you qualify, send me your password and I'll add it to the list of passwords. This should at last loosen a little bit the conditions for editors. You or anyone else can then use your pwd from anywhere. For our security, please [1] <<"log out" if you are "logged in" from a public terminal, by using the password action and not providing a password.>> Logging in/out, aka "using the password action," would be done by going to http://wiki.octave.org/wiki.pl?action=password. Is everyone ok w/ this? Cheers, Etienne On Sun, Feb 26, 2006 at 06:42:11PM -0500, Bill Denney wrote: # You mentioned in the previous e-mail that you didn't know how to set # passwords on oddmuse. Here is the info. # # Bill # # -- # "hee hee, i have a pony." -- Amy Feingold # # # ---------- Forwarded message ---------- # Date: Fri, 10 Feb 2006 09:43:10 -0500 (EST) # From: Bill Denney <de...@se...> # To: et...@cs..., et...@is..., # eti...@la... # Cc: to...@ku..., mai...@oc... # Subject: Re: Website Updates # # According to http://www.oddmuse.org/cgi-bin/wiki/Passwords, you can add a # variable to the config file called $EditPass with a space separated list of # passwords: # # $EditPass # # Default: empty # # This is a string containing a list of passwords separated by whitespace. # Thus, 'foo bar' defines two passwords, 'foo' and 'bar'. Any user having set # one of these passwords is considered to be an editor for the wiki. # # Bill # # On Fri, 10 Feb 2006, Etienne Grossmann wrote: # # > # > Hi All, # > # >we can try to set the wiki w/ a password, if oddmuse (the wiki prog) # >allows. If someone knows exactly what should be done, send me # >braindead instructions and I can give it a try. Since I am traveling # >until the 21st, I can only spend a wee bit of time at a time on this # >question; else I can look into it after the 21st. Else you can send me # >your IP and I can add it to the wiki so you can edit. # > # > Cheers, thx for proposing to contribute & sorry for the hurdle # > before allowing you to edit the wiki... # > # > Etienne # > [snip] -- Etienne Grossmann ------ http://www.cs.uky.edu/~etienne |
|
From: Paul K. <pki...@us...> - 2006-03-17 03:53:18
|
How about the following? Assuming the spam is coming from 'bots rather than humans, you could post the password on the wiki itself. Individual humans who still spam can be handled with a blackhole list. Persistent humans with 'bot nets would still be a problem, but there should be few enough of these that we can automatically turf edits which contain their spam string. If the problem still persists, post new passwords to he...@oc... periodically. - Paul On Mar 16, 2006, at 5:42 PM, Etienne Grossmann wrote: > > Hi All, > > who wants a password to edit the wiki? This offer is for non-spammers > only! If you qualify, send me your password and I'll add it to the > list of passwords. This should at last loosen a little bit the > conditions for editors. > > You or anyone else can then use your pwd from anywhere. For our > security, please [1] <<"log out" if you are "logged in" from a public > terminal, by using the password action and not providing a password.>> > Logging in/out, aka "using the password action," would be done by > going to http://wiki.octave.org/wiki.pl?action=password. > > Is everyone ok w/ this? > > Cheers, > > Etienne |
|
From: Joshua R. <jr...@ha...> - 2006-03-17 14:57:36
|
Maybe this has already been suggested/tried, but what about using some sort of free/open source CAPTCHA program? If you aren't sure what that is, or if you want a good list of available implementations in Perl, PHP, Java, etc., as well as several online services, go to: http://en.wikipedia.org/wiki/CAPTCHA Sorry, I've never actually implemented any of these, but I suspect it can't be too hard if one has at least rudimentary web-authoring skills (famous last words). -EJR Paul Kienzle wrote: > How about the following? > > Assuming the spam is coming from 'bots rather than humans, > you could post the password on the wiki itself. Individual > humans who still spam can be handled with a blackhole list. > Persistent humans with 'bot nets would still be a problem, but there > should be few enough of these that we can automatically turf > edits which contain their spam string. If the problem still > persists, post new passwords to he...@oc... periodically. > > - Paul > > On Mar 16, 2006, at 5:42 PM, Etienne Grossmann wrote: > >> >> Hi All, >> >> who wants a password to edit the wiki? This offer is for non-spammers >> only! If you qualify, send me your password and I'll add it to the >> list of passwords. This should at last loosen a little bit the >> conditions for editors. >> >> You or anyone else can then use your pwd from anywhere. For our >> security, please [1] <<"log out" if you are "logged in" from a public >> terminal, by using the password action and not providing a password.>> >> Logging in/out, aka "using the password action," would be done by >> going to http://wiki.octave.org/wiki.pl?action=password. >> >> Is everyone ok w/ this? >> >> Cheers, >> >> Etienne > > > > > ------------------------------------------------------------- > Octave is freely available under the terms of the GNU GPL. > > Octave's home on the web: http://www.octave.org > How to fund new projects: http://www.octave.org/funding.html > Subscription information: http://www.octave.org/archive.html > ------------------------------------------------------------- > |
|
From: Miquel C. <miq...@ua...> - 2006-03-17 15:56:43
|
(shame on me for not completing my self-imposed home work, it's a lame excuse, but if it help to indulge on me... these are rather hectic times) On Fri, 2006-03-17 at 09:02 -0600, Joshua Rigler wrote: > Maybe this has already been suggested/tried, but what about using some > sort of free/open source CAPTCHA program? late January I contacted the author of the wiki server used by Octave wiki about this issue. See below my message and his reply. Briefly, his advice is against that sort of access control. Indeed, after doing some research on the subject, I found that it's a bullet vs shield head to head race, and that there's freely available code that defaces the simpler ones, while the difficult ones are difficult too for humans. He proposed instead, 1. blacklisting URL 2. smart questions asker extension, already available for his wiki server. The asker distinguishes human from bots by posing a random question chosen from a list. See the oddmuse link below for an example. Miquel -------- Forwarded Message -------- > From: Miquel Cabanas <Miq...@ua...> > Reply-To: Miq...@ua... > To: al...@em... > Subject: catpcha perl implementation for oddmuse? > Date: Fri, 20 Jan 2006 10:37:31 +0100 > hi Alex, > > several months ago, the Octave wiki page [1] was defaced by a spam bot > [2]. This led the wiki administrators to lock the wiki site, which > turned to be a good idea to prevent attacks but also discouraged users > from contributing to the website [3]. > > I was about to post a message to the Octave list proposing to replace > the current IP-based access control protocol with a CATPCHA based > system, but I have just seen that catpcha is not yet implemented in > Oddmuse, although it is being considered. > > According to the Wikipedia, there are already two Perl packages > implementing catpcha [4]. Do you think they could be used in Oddmuse? > How difficult would be to include them in Oddmuse? > > [1] http://wiki.octave.org/ > [2] http://users.isr.ist.utl.pt/~etienne/wiki.pl-defaced-edited.html > [3] http://wiki.octave.org/wiki.pl?WikiDiscussion > [4] http://en.wikipedia.org/wiki/Captcha#Perl > > I look forward to hear your opinion before sending the message to the > Octave community. -------- Forwarded Message -------- > From: Alex Schroeder <al...@gn...> > To: Miq...@ua... > Subject: Re: catpcha perl implementation for oddmuse? > Date: Fri, 20 Jan 2006 17:44:49 +0100 > Personally, we've switched to blacklisting URLs. That doesn't work > for you? Personally I dislike tests based on images because that > locks out the blind and users of text browsers. There's also the > question asker extension which works with text only. I like that > one... > > http://www.oddmuse.org/cgi-bin/oddmuse-en/QuestionAsker_Extension > -------- Forwarded Message -------- > From: Miquel Cabanas <miq...@ua...> > Reply-To: miq...@ua... > To: Alex Schroeder <al...@gn...> > Subject: Re: catpcha perl implementation for oddmuse? > Date: Fri, 20 Jan 2006 18:14:54 +0100 > thanks for your reply. In the meanwhile, I've become more familiar with > the pros and cons of the captcha approach, and have realised that the > simple ones are also easy to deface while the hard ones can't be hard to > solve also for humans. And yes, eye impaired people or those using text > browsers are left out. > |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X