[pmwiki-users] Programs should be allowed to edit pages (Was: PmWiki and Spam)

[Simon]

On 13/01/2008, christian.ridderstrom at gmail.com
<christian.ridderstrom at gmail.com> wrote:
> On Thu, 10 Jan 2008, Simon wrote:
>
> >>         libocacnoc
> >>
> >> might be spam, although it makes no sense to me...
>
> > Whether or not it makes sense is not the point. The problem is that is
> > rapidly impacts a lot of pages
>
> Thinking some more on it, I don't think it is spam... Could be some kind
> of defacing, or preparations to spam/deace. Or, unfortunately and
> extremely unlikely, maybe some actually wants to put these "words" on wiki
> pages. I can't imagine why though. Maybe it's an alien and it makes sense
> to "it" ;-) .. or maybe it's a person that somehow has a good reason...
>
> Generally speaking we _want_ everybody to be able to change the content.
> What is it that we don't want? For instance, we don't want:
> * Spam
> * Content being destroyed
> * Defacement
> * ?
>
> However, I don't think captchas is a proper solution as I think it is
> _valid_ that a script/program modifies a wiki page. A simple example of
> this is when I use Emacs to edit wiki pages (pmwiki-mode)... then it's
> Emacs rather than a browser that does the change. And within Emacs, it's
> easy for me (and _very_ useful) to create a macro that does a similiar
> modification to many pages... Introducing captchas would make this
> unpractical to say the least :-(
>
> Maybe what we need is editorial control over certain pages instead?
> Or perhaps that they are saved as drafts until someone (anyone?) approves
> the changes?
>
> I don't have any solutions, just a caution that we don't introduce any
> captchas or similarly as a _permanent_ "solution".


We (the PmWiki community) have (imho) a problem, a program, or
programs on the internet change many pages in PmWiki (and other wikis
such as my own, hence my interest) with unwanted content, or even
simply save pages with no change to the content - but creating a
revision history.

We have several solutions, many of us have simply implemented plain
text passwords and published them, other have added captchas, both
solutions have 100% success as far as I have heard, in stopping
spamming and defacement.

Many many sites are using captchas, I can't see how people new to
wikis will have any more problems with a capture than they do on, say,
wiki (non WYSIWYG) markup.

Editorial control doesn't do it for me, potentially it is more work
than fixing the original problem, and at the end of the day I'm still
striving for an open wiki and much wikiness!

I can't quite follow the line of thought that starts talking about
programs changing PmWiki pages, effectively there is no way of telling
what or who is submitting the update (Turing test anyone?). [for EMACS
perhaps log manually in (capthca in) first, then go right ahead - this
isn't a problem for 99% of wiki users perhaps].

So the question is what is the most appropriate solution for PmWiki.
I agree that it doesn't have to be the same as in the distribution,
but on the other hand all public wikis are potentially up against the
same problem, so it makes sense to provide that out out the box (as we
do with other security measures). Because of that captha is a very
appropriate solution both on PmWiki and out of the box.

cheers

Simon