On Tuesday 16 Jul 2002 6:50 pm, Michael Rueger wrote:
> John Hinsley wrote:
> > Has Mark received any response yet? If the domain isn't responding, I'd
> > be inclined to call in the Fibies (is it federal?) and block them anyway.
> > The
>
//snip//
>
> I'm all for setting a simple password, these attacks will not go away
> and we can consider ourselves lucky that these aren't real attacks (yet).

Can I suggest something a little different?

As an interim measure we block that domain (that is, someone at Gatech asks 
the roots to block it). This should stop Snoodman for the time being and may 
irritate the domain into doing something.

Long term, we look at better controls for the Swiki. I'd suggest that only the 
administrator and the original author be allowed to lock pages.

Reasons? Issuing passwords leaves open the possibility that someone may get 
hold of one. Unless we have a secure means of distributing them we only grant 
ourselves the illusion of security.

Graffitti is an annoying, but easy enough to correct issue. If a Snood creates 
a page, admin can zap it. If a Snood alters someone else's page, we can do a 
rollback.

Cheers

John