[Squeak-e] What happened to our Swiki?
Cees de Groot
cg at cdegroot.com
Tue Apr 15 05:56:13 CEST 2003
On Tue, 2003-04-15 at 03:00, Mark S. Miller wrote:
> The current state is blank and locked, and from the history it looks like
> we've been terribly scribbled on.
>
Yawn. It's a handful of script babies (kiddies is too good a word for
them) going round all Wiki's they can find. It's even beyond boring.
The password on the front page is 'cap'.
> On the figuring-out front, any ideas for a solution based on the capability
> security principles Squeak-E stands for? Perhaps using Tyler's style of
> capabilities as unguessable https URLs?
>
Guns, ICBMS? ;-). Seriously: so far we've kept the kids off by setting a
simple password on the front page. As a Swiki is a social environment,
if we need to look for solutions I'd look for 'advogato-style' solutions
instead of trying to combine 'everyone can enter and edit' with the
'absolutism' of capabilities.
For example, on a first post a random editor is signaled for approval;
editors are those who have modified (and gotten approved) more than n
pages, where n is a function of how big the Swiki is and how hard you
want to make it to become an editor. Or three random editors are mailed,
only one has to approve, to make it easier on the editors. After x posts
(0 < x < n) the editors aren't bothered anymore, and n-x posts more
you're an editor yourself. This way, you can slowly and gently lead
newcomers into a Swiki community.
Apart from that, the idea is to keep ahead in the 'arms race' of undoing
malicious changes faster than they can apply them. Wiki vandals are so
dumb, they will not use tools. So my five-second edit I just made
probably countered a one-hour 'hacking' spree of a 5-year old - so I won
;-).
Regards,
Cees
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lnx-12.ams-2.theinternetone.net/pipermail/squeak-e/attachments/20030415/093acb60/attachment.bin
More information about the Squeak-e
mailing list