[Owasp-leaders] Possible misuse of owasp.org wiki space

Kate Hartmann kate.hartmann at owasp.org
Mon Jun 28 09:17:19 EDT 2010


Last May we had a similar problem with spamming.  We had to delete about 250
users and the pages they created.  Since then, I have been manually
approving wiki accounts after confirming email address for the user and,
until now, we had not had a problem.

I have deleted this user and all the altered pages (I hope) using the same
process I used last year.  

Please let me know if you come across any others.

Kate Hartmann
OWASP Operations Director
9175 Guilford Road
Suite 300
Columbia, MD  21046

301-275-9403 
kate.hartmann at owasp.org
Skype:  kate.hartmann1 


-----Original Message-----
From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Rogan Dawes
Sent: Monday, June 28, 2010 9:09 AM
To: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] Possible misuse of owasp.org wiki space

On 2010/06/28 3:05 PM, dinis cruz wrote:
> Nice catch Paolo
>
> I've also just deleted that page
> (http://www.owasp.org/index.php/How_to_rip_DVD_movies_to_iPhone_4_easily)
and
> also the user's page (http://www.owasp.org/index.php?title=User:Xiaoa)
>
> This seem to be an common tactic designed to get results on Google
>
(http://www.google.co.uk/search?hl=en&q=%22How+to+rip+DVD+movies+to+iPhone+4
+easily%22&btnG=Search&aq=f&aqi=&aql=&oq=&gs_rfai=
>
<http://www.google.co.uk/search?hl=en&q=%22How+to+rip+DVD+movies+to+iPhone+4
+easily%22&btnG=Search&aq=f&aqi=&aql=&oq=&gs_rfai=>)
>   I would be nice to have an easy way to alert the other MediaWiki
> admins of this issue
>
> This must have been created using a spam tool that supports MediaWiki
> websites
>
> Dinis Cruz
>

Don't forget to kill

<http://www.owasp.org/index.ph/How_to_convert_YouTube_to_iPhone_4_video>

and all the linked pictures, too.

Easiest is just to search

<http://www.owasp.org/index.php?title=Special:RecentChanges&limit=500>

for xiaoa

Rogan

>
>
> On 28 June 2010 13:00, Kate Hartmann <kate.hartmann at owasp.org
> <mailto:kate.hartmann at owasp.org>> wrote:
>
>     I have blocked this user.  Thanks for the diligence, Paolo.
>
>     Kate Hartmann
>     OWASP Operations Director
>     9175 Guilford Road
>     Suite 300
>     Columbia, MD  21046
>
>     301-275-9403
>     kate.hartmann at owasp.org <mailto:kate.hartmann at owasp.org>
>     Skype:  kate.hartmann1
>
>
>     -----Original Message-----
>     From: Jim Manico [mailto:jim.manico at owasp.org
>     <mailto:jim.manico at owasp.org>]
>     Sent: Monday, June 28, 2010 7:16 AM
>     To: owasp-leaders at lists.owasp.org
>     <mailto:owasp-leaders at lists.owasp.org>; Kate Hartmann
>     Subject: Re: [Owasp-leaders] Possible misuse of owasp.org
>     <http://owasp.org> wiki space
>
>     This user was just added a few days ago
>
>     http://www.owasp.org/index.php?title=User:Xiaoa&action=history
>     <http://www.owasp.org/index.php?title=User:Xiaoa&action=history>
>
>     In my opinion, please reduce access to
>     http://www.owasp.org/index.php/User:Xiaoa,
>     Jim
>
>      > Hi leaders, with a bit of surprise I found this link in our wiki
>      >
>
(http://www.owasp.org/index.php?title=How_to_rip_DVD_movies_to_iPhone_4_easi
>     ly).
>      > I followed the link, thinking about an how to rip the Owasp Conf
>      > recorded videos, but this page seems completely unrelated to Owasp
>      > project intents.
>      >
>      > I think wiki model is Open and it's good but applying some rules as
>      > projects are growing can make our days.
>      > What about making a CMS software selection to allow chapter/project
>      > leaders to work on their related material and let the same for
>      > reviewers, news editors and people like them?
>      >
>      > Indeed, I think this content must be removed and the user prompted.
>      >
>      > Ciao ciao
>      > Paolo
>      >
>
>
>     --
>     Jim Manico
>     OWASP Podcast Host/Producer
>     OWASP ESAPI Project Manager
>     http://www.manico.net
>
>
>     _______________________________________________
>     OWASP-Leaders mailing list
>     OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders



More information about the OWASP-Leaders mailing list