Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Wikipedia>
  3. Wikitech
Re: [Wikipedia-l] vandalism spree
toby+wikipedia at math
Nov 20, 2002, 11:33 PM
Post #1 of 4 (457 views)
Permalink
[Moving to <wikitech-l>, since we're now discussing programming, not policy.]

Matthew Woodcraft wrote:

>Toby Bartels wrote:

[plans]

>These are surely good plans.

Thanks!

>Note that if we're willing to do the work
>to classify IPs, we can ban on the 'Client-ip' and 'X-forwarded-for'
>headers instead of the real IPs, for known shared proxies.

I don't know what this means. But I hope that it works! ^_^

>But in the long run, nothing based on ip-banning would be able to stop
>a sufficiently determined vandal. Neither would relying on registered
>accounts. At present, stealing someone else's account would be quite
>easy.

Right, the passwords and cookies are sent over the Net unencrypted.
They just need to sniff our packets (how rude!).

>I think techniques for automatically slowing down bots would be the
>most valuable place to concentrate our efforts.

This sounds promising to me too.
What's the fastest rate of saving that a legitimate user is likely to use?
What's the fastest rate of saving that we can expect to keep up with
if used by a bot? I'm going make a 0th approximation of 1 minute for each.
Too slow? too fast?


-- Toby
Re: Re: [Wikipedia-l] vandalism spree [ In reply to ]
engels at uni-koblenz
Nov 21, 2002, 3:10 AM
Post #2 of 4 (453 views)
Permalink
> >I think techniques for automatically slowing down bots would be the
> >most valuable place to concentrate our efforts.
>
> This sounds promising to me too.
> What's the fastest rate of saving that a legitimate user is likely to use?
> What's the fastest rate of saving that we can expect to keep up with
> if used by a bot? I'm going make a 0th approximation of 1 minute for each.
> Too slow? too fast?

Although I fear that something that is fast enough is too fast by definition
(if I can keep up with a bot having a certain speed, I will have to have at
least that speed myself, and it's something one does quite fast, but not the
fastest of all - correcting a spelling error is often faster).

With that proviso, I can say that faster than 1 minute is certainly being
done by legitimate users. For example, on November 18, maveric made 42 edits
in 20 minutes (as part of his latest naming war with Lir), and jheijmans made
16 edits in 6 minutes on November 12 (disambiguating Helle).

A limit of 1 per minute would be much too strict, in my opinion. One should
really not go further than 2 edits per minute, and even that might be enough
to have some people get irritated and decide not to do 'trivial tasks' such
as going through the 'regular misspellings' or disambiguating pages.

Andre Engels
Re: Re: [Wikipedia-l] vandalism spree [ In reply to ]
saintonge at telus
Nov 21, 2002, 11:56 AM
Post #3 of 4 (453 views)
Permalink
>
>
>Right, the passwords and cookies are sent over the Net unencrypted.
>They just need to sniff our packets (how rude!).
>
For dogs it's just their way of handshaking. :-) Shake-a-paw is a
human cultural imposition on the canine nation.
Ec
Re: vandalism spree [ In reply to ]
toby+wikipedia at math
Nov 22, 2002, 12:25 AM
Post #4 of 4 (452 views)
Permalink
Andre Engels wrote:

>Although I fear that something that is fast enough is too fast by definition
>(if I can keep up with a bot having a certain speed, I will have to have at
> least that speed myself, and it's something one does quite fast, but not the
> fastest of all - correcting a spelling error is often faster).

>A limit of 1 per minute would be much too strict, in my opinion. One should
>really not go further than 2 edits per minute, and even that might be enough
>to have some people get irritated and decide not to do 'trivial tasks' such
>as going through the 'regular misspellings' or disambiguating pages.

OK, with this and some other replies, I think that it's clear that
any time limit short enough not to bother regular legitimate users
will be too short to allow one person to keep up with a bot.
Will it be short enough to allow the entire militia
(or what of it is online at any given time) to keep up?
Or if not that, will a time limit still help *enough* to be worthwhile?
Not rhetorical questions, but I have no good idea of how to answer them.

Zeroth approximation for time limit: 1 minute.
First approximation for time limit: 10 seconds.
(I'm putting not bothering regular legitimate users
as the determining factor in my evolving approximations,
rather than allowing us to keep up with the bot.)


-- Toby

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal