usefulness of open wiki's (was: Re: wikihow.com/Category:Linux)

Lisa Kachold lisakachold at obnosis.com
Sun Oct 19 19:54:40 MST 2008 

The biggest issue for open Wiki's are those based on security.
Even Wikipedia and Wiktionary will post your originating IP address.  If you are posting contraversial content (like Anonymous Group anti-censorship and oppression information related to Scientology, this might be a BAD IDEA.

Large numbers of people farm those sites for IP addresses.

Additionally, we are all familiar with the old "moin moin" XSS and other security holes?  Php used in most Wiki's contains at least an average of 4 KNOWN EXPLOITS (it survives because it's ignored - not because it's secure).  So, it would be fairly trivial even from a site like DesertCodeCamp.com to see your header information in Apache logs, Distro, and IP, to facilitate further scripted attacks, bots or ssh dictionary/brute force attacks.

We each fairly well know from reading to qualify our sources, some of the information sits, and other is dropped, from years of reading for context, is it not?

http://wapedia.mobi/en/Obnosis |  http://en.wiktionary.org/wiki/Citations:obnosis | Obnosis.com (503)754-4452
Laugh at this MSN Footer


> Date: Sun, 19 Oct 2008 19:27:35 -0700
> From: schwartz at acm.org
> To: robgoelz at gmail.com; plug-discuss at lists.plug.phoenix.az.us
> Subject: usefulness of open wiki's (was: Re: wikihow.com/Category:Linux)
> CC: schwartz at acm.org
> 
> > "written, edited, and maintained [...] by volunteers."
> 
> True, there is almost no limit to how bogus a given
> article might be (become), at least temporarily.
> The damage might be due to someone well-meaning but
> inept or misguided, or someone who was actually malicious.
> 
> On the other hand, supposedly there are enough eyes
> gazing over the "recently changed" logs, that if someone
> does post some "mis" info., then theoretically it should
> be "on the air" only for a short time, before some altruistic
> helping hand comes along and pitches in to correct it.
> 
> It is similar to wikipedia -- which, it seems to me, can
> sometimes be a good source of explanations, which
> (maybe even after you already have the facts),
> may help to suggest (better) ways to "understand"
> something, that is, an attitude, (a point of view);
> how to see it, how to think about it, that might even
> help to remember the facts, or to see how/why the
> facts make sense.
> 
> Also, at en.wikipedia.org at least, they have links
> to [supposedly] authoritative "sources" -- which can
> be very useful.  Those (typically on other web sites),
> each have their own level of "reputation" or credibility;
> but given the range of such levels, some of them are
> probably pretty "authoritative".
> -- 
> Mike Schwartz
> Glendale  AZ
> schwartz at acm.org
> 
> On Sun, Oct 19, 2008 at 6:21 PM, Rob Goelz <robgoelz at gmail.com> wrote:
> > Mike,
> >
> >   Thanks for posting this -- it seems to have a lot of excellent information
> > (especially for a relative Linux n00b like me).
> >
> >   Wiki sites are great for information sharing but I inherently distrust
> > them due to the ability of anyone to edit the page. From the main page:
> > "written, edited, and maintained primarily by volunteers."
> >
> >   I suppose that the same is true of most forums in that someone could take
> > bad advice and damage their system, but at least on most forums, people have
> > to register and can be held accountable. On wikis, unless you choose to
> > register, the only thing tracked is your IP address. So far the stuff that
> > I've read seems to check out though. :)
> >
> >   What does everyone else think?
> >
> > -rob
> >
> > On Sun, Oct 19, 2008 at 2:45 PM, Mike Schwartz <schwartz at acm.org> wrote:
> >>
> >> Maybe it's just me,
> >> (having been in a cave, lo these umpteen years),
> >> but when I came across this:
> >>    http://www.wikihow.com/Category:Linux
> >> recently,
> >> it was news to me.
> >> --
> >> Mike Schwartz
> >> [...]
> >> ---------------------------------------------------
> >> PLUG-discuss mailing list - [...]
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

_________________________________________________________________
When your life is on the go—take your life with you.
http://clk.atdmt.com/MRT/go/115298558/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081020/49594213/attachment.htm

More information about the PLUG-discuss mailing list