[please don't forget to cc: wine-devel]
"Jeff Latimer" lats@yless4u.com.au wrote:
It would be also helpful to to get all wiki user account list (check it time from time for suspicious names) and have an ability to delete accounts of known spammers for Wiki admins. Is it possible?
Another thing that would probably help to get rid of spammers' accounts is to (regularly) delete all user accounts without a personal page.
It would also get rid of anyone who did not want to create a home page.
Then it's time to do that, with a short description what your intentions/ activity is in the Wine project.
I just created one /just in case/ but really don't want to.
What's the point in having a Wiki account then?
On Thu, 12 Mar 2009, Dmitry Timoshkov wrote: [...]
I just created one /just in case/ but really don't want to.
What's the point in having a Wiki account then?
Being able to modify the Wiki pages. Being notified of changes to specific Wiki pages.
As far as I know you cannot do that if you don't have an account. But personally I really don't want yet one more home page to maintain. In fact mine is mostly full of cruft and has not been updated in years. Maybe I'll just nuke most of it...
"Francois Gouget" fgouget@free.fr wrote:
What's the point in having a Wiki account then?
Being able to modify the Wiki pages. Being notified of changes to specific Wiki pages.
As far as I know you cannot do that if you don't have an account. But personally I really don't want yet one more home page to maintain. In fact mine is mostly full of cruft and has not been updated in years. Maybe I'll just nuke most of it...
As I said having a short description what your intentions/activity is in the Wine project is enough, no burden/obligations to update it.
On Thu, 12 Mar 2009, Dmitry Timoshkov wrote: [...]
As I said having a short description what your intentions/activity is in the Wine project is enough, no burden/obligations to update it.
And unless you updated the list of what you usually work on and what you intend to work on quickly becomes obsolete and incorrect. In the very best case it mostly duplicates 'git log --author foo', and most of the time it's just misleading. So I prefer to leave the Wiki home page business to the Facebook generation.
On Thu, 12 Mar 2009, Dmitry Timoshkov wrote: [...]
As I said having a short description what your intentions/activity is in the Wine project is enough, no burden/obligations to update it.
So, if a user notices a typo in the wiki and is nice enough to take the time to correct it, you want to require them to also add a personal page saying they once corrected a typo? You might as well tell them to file a bug report instead--it would be less trouble for them. The point of a wiki is that anyone can contribute, not just people with formal "intentions/activity."
"Rosanne DiMesio" dimesio@earthlink.net wrote:
As I said having a short description what your intentions/activity is in the Wine project is enough, no burden/obligations to update it.
So, if a user notices a typo in the wiki and is nice enough to take the time to correct it, you want to require them to also add a personal page saying they once corrected a typo? You might as well tell them to file a bug report instead--it would be less trouble for them. The point of a wiki is that anyone can contribute, not just people with formal "intentions/activity."
Spammers do "contribute" a lot lately to the Wine wiki, that's why this thread has appeared in the first place.
If a user has found a typo, probably he/she is aware of bugzilla or irc.
Dmitry Timoshkov wrote:
If a user has found a typo, probably he/she is aware of bugzilla or irc.
That's a lot thinking for a user to do given bugzilla is not an intuitive approach to correcting grammar. There does not appear to be an easy way to decide that a user is valid and spammers will create page for their login's if that is what it takes. If we restrict it down to updates by admin's then we are back to moderated source updates which is not the wiki spirit. A half way point may be to see if the user has contributed, then at least they have some credentials.
This is limiting as developers are not the focus of wine and it should embrace all.
2009/3/12 Dmitry Timoshkov dmitry@codeweavers.com:
Spammers do "contribute" a lot lately to the Wine wiki, that's why this thread has appeared in the first place.
What are the numbers? Any action should be based on evidence.
If a user has found a typo, probably he/she is aware of bugzilla or irc.
Or you could just require all wiki updates to be done by an approved patch to a git tree. This fundamentally misses the point of having a wiki rather than a static page.
- d.
On Thu, 12 Mar 2009 17:58:42 +0800 "Dmitry Timoshkov" dmitry@codeweavers.com wrote:
What's the point in having a Wiki account then?
I occasionally update the FAQ based on questions that seem to come up on the forum repeatedly. And I really don't want a personal page.
2009/3/12 Dmitry Timoshkov dmitry@codeweavers.com:
[please don't forget to cc: wine-devel]
"Jeff Latimer" lats@yless4u.com.au wrote:
It would be also helpful to to get all wiki user account list (check it time from time for suspicious names) and have an ability to delete accounts of known spammers for Wiki admins. Is it possible?
Another thing that would probably help to get rid of spammers' accounts is to (regularly) delete all user accounts without a personal page.
It would also get rid of anyone who did not want to create a home page.
It would also attract spammers to creating personal pages.
"Ben Klein" shacklein@gmail.com wrote:
Another thing that would probably help to get rid of spammers' accounts is to (regularly) delete all user accounts without a personal page.
It would also get rid of anyone who did not want to create a home page.
It would also attract spammers to creating personal pages.
And *that* actually will show the real need for captchas at the login creation time, and IMO will help fighting with spammers if removing a personal page will eventually lead to the account removal.
2009/3/13 Dmitry Timoshkov dmitry@codeweavers.com:
"Ben Klein" shacklein@gmail.com wrote:
Another thing that would probably help to get rid of spammers' accounts is to (regularly) delete all user accounts without a personal page.
It would also get rid of anyone who did not want to create a home page.
It would also attract spammers to creating personal pages.
And *that* actually will show the real need for captchas at the login creation time, and IMO will help fighting with spammers if removing a personal page will eventually lead to the account removal.
Sure, why not have a captcha? I really don't care either way. But I do object strongly to removing accounts that don't have a personal page. After all, if we do have a spammer problem, we can just disable the offending accounts.
Note that in order to be an effective spammer-blocker, the captcha has to have a variable response. Someone suggested "Who is the Wine project maintainer?" as a captcha - this would just require an extra POST field to be added to a spambot's request. Of course, complicated captchas don't keep out manually created spam accounts, only bots.
On Sat, 2009-03-14 at 01:59 +1100, Ben Klein wrote:
Of course, complicated captchas don't keep out manually created spam accounts, only bots.
And I'll like to see some data that shows that we have a significant portion of the spammers are bots before we even start thinking of captchas.
2009/3/13 Dimi Paun dimi@lattica.com:
On Sat, 2009-03-14 at 01:59 +1100, Ben Klein wrote:
Of course, complicated captchas don't keep out manually created spam accounts, only bots.
And I'll like to see some data that shows that we have a significant portion of the spammers are bots before we even start thinking of captchas.
Yes. This thread is long on anecdote and short on quantified evidence.
- d.
"Dimi Paun" dimi@lattica.com wrote:
And I'll like to see some data that shows that we have a significant portion of the spammers are bots before we even start thinking of captchas.
http://wiki.winehq.org/RecentChanges has all the details. Please consider at least removing the spammers' accounts listed there, or give a way to do that for us poor people who regularly brushes spam out of the Wine wiki.
2009/3/13 Dmitry Timoshkov dmitry@codeweavers.com:
http://wiki.winehq.org/RecentChanges has all the details. Please consider at least removing the spammers' accounts listed there, or give a way to do that for us poor people who regularly brushes spam out of the Wine wiki.
Yes, the usual remedy in this situation would be to make it possible for more individuals to deal with the problems rather than to make the wiki not a wiki.
- d.
On Sat, 2009-03-14 at 00:59 +0800, Dmitry Timoshkov wrote:
http://wiki.winehq.org/RecentChanges has all the details. Please consider at least removing the spammers' accounts listed there,
I have done that in the past, and I'll keep removing them. A quick ping on IRC usually gets me going :)
or give a way to do that for us poor people who regularly brushes spam out of the Wine wiki.
I have no problem with that if if can be done. Can someone look it up what would it take to make Moin do that?
2009/3/13 Dimi Paun dimi@lattica.com:
On Sat, 2009-03-14 at 00:59 +0800, Dmitry Timoshkov wrote:
or give a way to do that for us poor people who regularly brushes spam out of the Wine wiki.
I have no problem with that if if can be done. Can someone look it up what would it take to make Moin do that?
A first glance at moinmo.in shows:
http://moinmo.in/AntiSpamFeatures http://moinmo.in/DespamAction
Is despam.py any use?
- d.
On Fri, Mar 13, 2009 at 12:40 PM, David Gerard dgerard@gmail.com wrote:
2009/3/13 Dimi Paun dimi@lattica.com:
On Sat, 2009-03-14 at 00:59 +0800, Dmitry Timoshkov wrote:
or give a way to do that for us poor people who regularly brushes spam out of the Wine wiki.
I have no problem with that if if can be done. Can someone look it up what would it take to make Moin do that?
http://master.moinmo.in/HelpOnUserHandling
Section "Disable a user account"
The account is still there but can't post which would probably be good enough till dimi comes to zap it.
Seems there is no way to delete a user account from the web gui without a custom patch.
--John Klehm
2009/3/13 John Klehm xixsimplicityxix@gmail.com:
http://master.moinmo.in/HelpOnUserHandling Section "Disable a user account" The account is still there but can't post which would probably be good enough till dimi comes to zap it. Seems there is no way to delete a user account from the web gui without a custom patch.
You need to be a SuperUser to have that power, not a mere Admin. Does that carry too many extra abilities with it?
Because the ideal way to deal with more malicious users without hampering the good users is to give community members the power to do the work, so it doesn't fall to just Dimi.
(I'm highly familiar with this stuff on MediaWiki, so am trying to map concepts from one onto the other, which is probably not a useful approach.)
- d.
On Fri, Mar 13, 2009 at 2:24 PM, David Gerard dgerard@gmail.com wrote:
You need to be a SuperUser to have that power, not a mere Admin. Does that carry too many extra abilities with it?
It does carry more responsibilities. Too many isn't for me to say.
Because the ideal way to deal with more malicious users without hampering the good users is to give community members the power to do the work, so it doesn't fall to just Dimi.
I'd agree, but there doesn't seem to be a way to delete users from the web interface. Disabling them could be our best bet without some custom coding.
I'm not familiar enough with Moin SuperUser powers to say what impact parceling them out to a few people would have.
--John Klehm
2009/3/13 John Klehm xixsimplicityxix@gmail.com:
On Fri, Mar 13, 2009 at 2:24 PM, David Gerard dgerard@gmail.com wrote:
Because the ideal way to deal with more malicious users without hampering the good users is to give community members the power to do the work, so it doesn't fall to just Dimi.
I'd agree, but there doesn't seem to be a way to delete users from the web interface. Disabling them could be our best bet without some custom coding.
Disabling will do.
I'm not familiar enough with Moin SuperUser powers to say what impact parceling them out to a few people would have.
If Dimi's running an Internet-facing Moin wiki, he should be asking on a list how to distribute his workload to valiant and foolhardy volunteers with too much time on their hands ;-)
- d.
2009/3/14 David Gerard dgerard@gmail.com:
2009/3/13 John Klehm xixsimplicityxix@gmail.com:
On Fri, Mar 13, 2009 at 2:24 PM, David Gerard dgerard@gmail.com wrote:
Because the ideal way to deal with more malicious users without hampering the good users is to give community members the power to do the work, so it doesn't fall to just Dimi.
I'd agree, but there doesn't seem to be a way to delete users from the web interface. Disabling them could be our best bet without some custom coding.
Disabling will do.
I'd think that disabling would be preferred to removing accounts, at least as a quick-fix if someone is identified as a spammer. I also think it's probably a bad idea to have too many SuperUsers :D
Ben Klein wrote:
2009/3/14 David Gerard dgerard@gmail.com:
2009/3/13 John Klehm xixsimplicityxix@gmail.com:
On Fri, Mar 13, 2009 at 2:24 PM, David Gerard dgerard@gmail.com wrote:
Because the ideal way to deal with more malicious users without hampering the good users is to give community members the power to do the work, so it doesn't fall to just Dimi.
I'd agree, but there doesn't seem to be a way to delete users from the web interface. Disabling them could be our best bet without some custom coding.
Disabling will do.
I'd think that disabling would be preferred to removing accounts, at least as a quick-fix if someone is identified as a spammer. I also think it's probably a bad idea to have too many SuperUsers :D
I was asking about disabling of file attachments since they can not be monitored for spam content. How did this deviate into disabling users?
Vitaliy.
2009/3/16 Vitaliy Margolen wine-devel@kievinfo.com:
Ben Klein wrote:
2009/3/14 David Gerard dgerard@gmail.com:
2009/3/13 John Klehm xixsimplicityxix@gmail.com:
On Fri, Mar 13, 2009 at 2:24 PM, David Gerard dgerard@gmail.com wrote:
Because the ideal way to deal with more malicious users without hampering the good users is to give community members the power to do the work, so it doesn't fall to just Dimi.
I'd agree, but there doesn't seem to be a way to delete users from the web interface. Disabling them could be our best bet without some custom coding.
Disabling will do.
I'd think that disabling would be preferred to removing accounts, at least as a quick-fix if someone is identified as a spammer. I also think it's probably a bad idea to have too many SuperUsers :D
I was asking about disabling of file attachments since they can not be monitored for spam content. How did this deviate into disabling users?
Because someone started talking about spam-control methods.
Ben Klein wrote:
2009/3/16 Vitaliy Margolen wine-devel@kievinfo.com:
Ben Klein wrote:
2009/3/14 David Gerard dgerard@gmail.com:
2009/3/13 John Klehm xixsimplicityxix@gmail.com:
On Fri, Mar 13, 2009 at 2:24 PM, David Gerard dgerard@gmail.com wrote:
Because the ideal way to deal with more malicious users without hampering the good users is to give community members the power to do the work, so it doesn't fall to just Dimi.
I'd agree, but there doesn't seem to be a way to delete users from the web interface. Disabling them could be our best bet without some custom coding.
Disabling will do.
I'd think that disabling would be preferred to removing accounts, at least as a quick-fix if someone is identified as a spammer. I also think it's probably a bad idea to have too many SuperUsers :D
I was asking about disabling of file attachments since they can not be monitored for spam content. How did this deviate into disabling users?
Because someone started talking about spam-control methods.
Ok, then please can we disable attachments? And if not why? If we have to have attachments then is it possible to let admins only to upload them?
BTW disabling users won't do you much good withe current registration process. Most spam is added by users with random usernames. With few exceptions.
Vitaliy.
On Mon, Mar 16, 2009 at 12:36 AM, Vitaliy Margolen wine-devel@kievinfo.com wrote:
Ok, then please can we disable attachments? And if not why? If we have to have attachments then is it possible to let admins only to upload them?
http://moinmo.in/HelpOnConfiguration/FileAttachments
---snip---- The AttachFile action enables a page to have multiple attached files. Since file uploads could be abused for DoS (Denial of Service) attacks, AttachFile is an action that may be disabled by the wiki administrator (by adding actions_excluded = ['AttachFile'] to wikiconfig). ---snip----
So it seems it's possible to disable it.
Cheers, --John Klehm
Hi Dimi,
"Dimi Paun" dimi@lattica.com wrote:
On Sat, 2009-03-14 at 00:59 +0800, Dmitry Timoshkov wrote:
http://wiki.winehq.org/RecentChanges has all the details. Please consider at least removing the spammers' accounts listed there,
I have done that in the past, and I'll keep removing them. A quick ping on IRC usually gets me going :)
We've got a very stubborn spammer's attack lately, and this is getting very ridiculous that instead of simply disabling attachments that nobody uses in the Wine Wiki, we are forced to remove the same spammer's shit tens times a day from the Wiki.
Please consider disabling attachments once and for all. Thanks.
On Thu, 2009-04-30 at 16:32 +0900, Dmitry Timoshkov wrote:
Please consider disabling attachments once and for all. Thanks.
OK, I'll look at that this afternoon.
-
Ben Klein -
David Gerard -
Dimi Paun -
Dmitry Timoshkov -
Francois Gouget -
Jeff Latimer -
John Klehm -
Rosanne DiMesio -
Vitaliy Margolen