[Moving to <wikitech-l>, since we're now discussing programming, not policy.]
Matthew Woodcraft wrote:
>Toby Bartels wrote:
[plans]
>These are surely good plans.
Thanks!
>Note that if we're willing to do the work
>to classify IPs, we can ban on the 'Client-ip' and 'X-forwarded-for'
>headers instead of the real IPs, for known shared proxies.
I don't know what this means. But I hope that it works! ^_^
>But in the long run, nothing based on ip-banning would be able to stop
>a sufficiently determined vandal. Neither would relying on registered
>accounts. At present, stealing someone else's account would be quite
>easy.
Right, the passwords and cookies are sent over the Net unencrypted.
They just need to sniff our packets (how rude!).
>I think techniques for automatically slowing down bots would be the
>most valuable place to concentrate our efforts.
This sounds promising to me too.
What's the fastest rate of saving that a legitimate user is likely to use?
What's the fastest rate of saving that we can expect to keep up with
if used by a bot? I'm going make a 0th approximation of 1 minute for each.
Too slow? too fast?
-- Toby
Matthew Woodcraft wrote:
>Toby Bartels wrote:
[plans]
>These are surely good plans.
Thanks!
>Note that if we're willing to do the work
>to classify IPs, we can ban on the 'Client-ip' and 'X-forwarded-for'
>headers instead of the real IPs, for known shared proxies.
I don't know what this means. But I hope that it works! ^_^
>But in the long run, nothing based on ip-banning would be able to stop
>a sufficiently determined vandal. Neither would relying on registered
>accounts. At present, stealing someone else's account would be quite
>easy.
Right, the passwords and cookies are sent over the Net unencrypted.
They just need to sniff our packets (how rude!).
>I think techniques for automatically slowing down bots would be the
>most valuable place to concentrate our efforts.
This sounds promising to me too.
What's the fastest rate of saving that a legitimate user is likely to use?
What's the fastest rate of saving that we can expect to keep up with
if used by a bot? I'm going make a 0th approximation of 1 minute for each.
Too slow? too fast?
-- Toby