Wikivoyage talk:Ongoing vandalism/Archive
Add topicTerminology
[edit]So, I really don't like the term "vandalism" nor the us-against-them mentality that it breeds. The fact that a lot of people who make unwanted edits are anonymous makes us act like scared children around a campfire, pointing our flashlights out into the dark and imagining things a lot worse than they actually are.
Wikivoyage is an open, welcoming community, and I don't want that to change. I think the extremely easy task of cleaning up after the occasional self-promoter is much better than cultivating an environment of fear and distrust.
We're bigger than any spammer. We should act like it. --(WT-en) Evan 12:40, 23 Sep 2004 (EDT)
- Call me a pessimist, but as Wikivoyage gets more popular there will also be more vandalism, esp. of the intentional sort. But for now the main purpose of this page was just to clean up the Traveller's pub. (WT-en) Jpatokal 22:19, 23 Sep 2004 (EDT)
- I think the term vandalism is appropriate in some cases and the fact it took so long to create this article indicates how little vandalism there has been in the past. As I see it vandalism consists of:
- Complete or significant replacement of a page with completely irrelevant (not just off topic) content,
- Repeat posting of that content on multiple pages,
- Not abiding by requests to stop such activity,
- Redoing changes that have already been reverted, without talking about or explaining the changes,
- The same user does the same changes to other wikis.
- The casino spammer put the same garbage on Henna for Hair, which is not a wiki. Does that count? -(WT-en) phma 15:22, 4 Oct 2004 (EDT)
- If it's open to be written to by anyone - er... Yes. Wiki's for WikiSpam, Blogs for BlogSpam, etc. When it all comes down to the google search it is still Spam links trying to improve page rank. If the links disrupt, distort or subvert the purpose of the site, it is probably vandalism too. - (WT-en) Huttite 04:36, 5 Oct 2004 (EDT)
Vandal
[edit]Swept in from the Pub:
Alert a vandal is ruining the bahrain and NYC articles! 169.244.143.114 09:38, 31 March 2006 (EST)
- Uh, maybe I'm comfused here, but aren't you the vandal in question? If so, I'm amused. (WT-en) Majnoona 09:53, 31 March 2006 (EST)
- He was at least partially undoing a vandal's changes, though not always perfectly. I think it was a successful (and moderately amusing) attempt to confuse some of us... -- (WT-en) Colin 10:08, 31 March 2006 (EST)
No maj... i wanted to revert 66 ip sorry i just talked to you on ip 169.244.143.114 09:55, 31 March 2006 (EST)
Whoa Colin nothing like that 169.244.143.114 10:11, 31 March 2006 (EST)
Phone number spam
[edit]Swept in from the Pub:
We seem to have a spammer on some of the Indian pages adding his phone number to all listings and in some cases replacing existing numbers with his number. Seems to be same one that was adding URL removed as it has been blacklisted and this was preventing editing of this page - see edit history for URL ~ 58.8.1.171 22:58, 17 June 2007 (EDT) entries. Is there any automated way to blacklist a number? --(WT-en) NJR_ZA 15:33, 11 April 2007 (EDT)
- Or worse, it might be his ex-girlfriend's number...I hope we can blacklist it. -- (WT-en) Ricardo (Rmx) 15:47, 11 April 2007 (EDT)
- OK, there seems to be more than just the one number that looks suspect. I'll keep a list here something to work off:
- list removed as the numbers have now been blacklisted and this was preventing editing of this page - see edit history for numbers ~ 58.8.1.171 22:53, 17 June 2007 (EDT)
- I have found least 20 articles that seems to be affected so far.
--(WT-en) NJR_ZA 16:12, 11 April 2007 (EDT)
- I added a dash after the first digit of these numbers. With them intact, no edits to this page could be made. Of course, the spammer could do the same thing. Sigh. (WT-en) Jordanmills 17:07, 11 April 2007 (EDT)
- Thanks, was just about to come back and do the same as the spam filter blocked this edit of mine. I have cleaned up one or two of the articles, but am running out of time here and will have to look at the rest tomorrow. It's a bit of a mess to clean up as some of the changes are old and he did not add them in any single simple edit. --(WT-en) NJR_ZA 17:14, 11 April 2007 (EDT)
- Coolness. I'll see if I can find some time tonight to poke around. (WT-en) Jordanmills 18:27, 11 April 2007 (EDT)
- Can we do a mass revert of this dork's changes? Here's an IP with a lot. I just got the bright idea to collect his other IPs, so I'll list 'em here. 121.246.3.9 121.247.89.142 121.246.3.74 121.247.229.142 210.211.236.226 121.247.89.250 ... never mind, there's a lot. It looks like he comes from 121.246.0.0/16 and 121.247.0.0/16. Please advise if the following is possible: block all IPs in those ranges from editing, get a list of all changes made by those IPs, give 'em a quick one-over to make sure we're not removing useful content, and undo all those changes. (WT-en) Jordanmills 18:53, 11 April 2007 (EDT)
- Here are some more numbers I've seen this spammer using:
- numbers removed as they've now been blacklisted and this was preventing editing of this page - see edit history for numbers ~ 58.8.1.171 22:53, 17 June 2007 (EDT)
- Unfortunately, the spammer has added a good deal of content that may or may not be legitimate - a lot of resort entries. --(WT-en) Peterfitzgerald Talk 19:01, 11 April 2007 (EDT)
- Yeah I noticed that too. But there's generally nothing listed but the name and the spam number, so I'd consider it dubious info at best. I don't know how I'd go about looking up the info to verify, either. (WT-en) Jordanmills 20:56, 11 April 2007 (EDT)
- Looks like he stopped. Maybe we got all his numbers, or he got tired of paying for new ones. Yawn. (WT-en) Jordanmills 18:01, 14 April 2007 (EDT)
- Unfortunately, the spammer has added a good deal of content that may or may not be legitimate - a lot of resort entries. --(WT-en) Peterfitzgerald Talk 19:01, 11 April 2007 (EDT)
Talk:Florida
[edit]Swept in from the Pub:
Semi-protection may be in order here until whoever keeps vandalizing it (from a plethora of IP addresses) gets bored. I'd do it myself but my admin buttons aren't showing. (WT-en) LtPowers 14:14, 20 October 2008 (EDT)
- Yet another ridiculous problem in the wake of the disastrous server move weeks ago. You'll see your sysop buttons if you use IE instead of firefox, but you can also access the functions through the history tab. Click history, then replace the word "history" in the resulting url with "protect" or "delete" and voila. What's more frustrating is trying to move pages... --(WT-en) Peter Talk 15:43, 20 October 2008 (EDT)
- Well I wasn't going to point any fingers and was happy to let someone else handle it until the login issue was resolved. Nonetheless, I fired up IE and took care of it. Obviously not an ideal long-term solution, though. (WT-en) LtPowers 17:16, 20 October 2008 (EDT)
- Talk:Florida isn't the only one, the same vandal(s?) have hit San Francisco/SoMa, the Chicago skyline guide, and Soma Bay. I dunno about the others, but San Francisco/SoMa I think could use some protection if anyone can access their admin features, because it's been the target of repeated vandalism. (WT-en) PerryPlanet 19:01, 20 October 2008 (EDT)
- Done, done, and done. This is shaping up to be a potential problem, though, if this guy is willing to put his ads up on any old page. I was hoping it was just a Florida thing. Blocking the IPs won't help because they change so frequently. (WT-en) LtPowers 08:55, 21 October 2008 (EDT)
- I know this is probably gonna come out the wrong way, but i work at a insurance company, and until January 1st, often have long vacant night shifts where i just sit around and wait for a fire or flooding to happen. I'd be happy happy to jump in and help with the admin stuff, and have my rights revoked when the FF bug is resolved (we use IE6 at work). I know this is far from ideal since I obviously don't really have complete grasp of the inner workings of this place yet, but I just felt like i wanted to extend the offer if you guys are feeling overworked - and in any case I'll just try to keep up with normal access stuff at the recent changes page (WT-en) Sertmann 20:21, 21 October 2008 (EDT)
Spambots
[edit]I just noticed a couple more of these... Could an admin please block User:(WT-en) BoricAlace, User:(WT-en) AlgetOrrel, User:(WT-en) RacbaSdarc, and User:(WT-en) RictrElcna? Thanks, (WT-en) JYolkowski 21:36, 19 December 2008 (EST)
- done --(WT-en) Stefan (sertmann) Talk 21:43, 19 December 2008 (EST)
He keeps creating new ones. (WT-en) edmontonenthusiast [ee] .T.A.L.K. 21:48, 19 December 2008 (EST).
Does anyone know how Wikipedia is avoiding this bot, or even what the bot is trying to do? I spent a bit of time Googling but couldn't find anything. While trying to figure out how to stop it I browsed Wikipedia's new user log and they don't have any usernames that match the "10 random characters with the first and sixth capitalized" rule that this bot seems to be using. Since we can't use the blacklist (edits are simply random characters) does anyone have any ideas on how to block this one? -- (WT-en) Ryan • (talk) • 22:13, 19 December 2008 (EST)
- What about just block user creation with what you said - and make a warning to new users. (WT-en) edmontonenthusiast [ee] .T.A.L.K. 23:22, 19 December 2008 (EST).
- This is an interesting one, isn't it? My guess is that Wikipedia is avoiding it because they are proactive at blocking open proxies (of course, they have 1,500 admins, too). One possibility for blacklisting is that it has some character set conversion problems. For example, in , it inserts ü where previously the article contained ü, and several other things. Might be an idea to add to the blacklist strings that couldn't possibly correspond to something people would actually write (is there any possible valid use of ü in a Wikivoyage article?). Unfortunately there isn't any way of blocking user creation without a software change (at least not that I'm aware of). (WT-en) JYolkowski 23:37, 19 December 2008 (EST)
- I'd be in favor of some proxy blocking if others are up for it, although having 1500 admins would make such an endeavor easier. As to the blacklist, my (limited) understanding of bad character conversions is that the junk character is just a mangled bytecode, so I'm not sure that it can actually be used in a blacklist since the bot is uploading an invalid character and the software then interprets/converts it to something like "ü". That said, if anyone wants to experiment it couldn't hurt. Hopefully whatever bot is hitting us just goes away... it seems like the pattern is usually 1-2 days of annoyance, followed by the next (different) attack. -- (WT-en) Ryan • (talk) • 23:51, 19 December 2008 (EST)
- Mediawiki is UTF8-safe, so the mangling is happening on the bot's side and it should be fairly safe to block things like "ü". But I think this is the wrong angle of attack, it won't catch more than a fraction of the edits anyway. (WT-en) Jpatokal 01:24, 22 December 2008 (EST)
OK, so these guys are back, but have now resorted to adding spam and then being kind enough to remove it again right afterwards - like this. While I think it's very kind of them to clean up after themselves, and appreciate the humour, I've been a very inhospitable host and blocked the dear bots anyway. Do anyone disagree with that policy? and can anyone explain what the hidden agenda is, cause I can't for the love of god figure it out, since there is no way google is going to catch the links, in the less than 60 seconds the bot leaves it there, or am I missing somethin'?. --(WT-en) Stefan (sertmann) Talk 22:21, 9 July 2009 (EDT)
- I'm pretty sure the bot author's intention is to get search rank results from the historical version with the spam. Of course, we've set up our site so that older versions from the history are not crawled by search engines... In any rate, lets keep blocking them, since the zombies might change their behavior in the future. They also just clutter recentchanges & article histories. --(WT-en) Peter Talk 22:24, 9 July 2009 (EDT)
- Any bot not approved by the Bot Guidelines can be blocked by any admin at their discretion. -- (WT-en) Colin 18:26, 14 July 2009 (EDT)
Does anyone know anything about what the latest incarnation of this bot is trying to accomplish by adding random strings of characters? A Google search indicates that it could either be a test (ie add a random string, then see if it's still there a day later) or a mis-behaving bot, but there doesn't seem to be any concrete explanation. This one is particularly annoying since there isn't any blacklist pattern that can be used, and it appears to be coming from a vast botnet of IPs so blocking isn't particularly effective. I've tried temporarily protecting some of the archive pages that are being hit (I realize that this is slightly outside of policy, but no anonymous user should be editing an archive page so hopefully it's harmless), but that doesn't solve the problem of the bot munging non-archive articles. Anyone have any ideas? -- (WT-en) Ryan • (talk) • 12:16, 14 July 2009 (EDT)
- This is not the first time the bots have added nonsense. If I were guessing, I'd guess that someone has a botnet which lightly probes once in awhile. If we fail to clean up, it probes harder as it is doing now. Perhaps it is waiting to see if the situation is good for it before it risks spamming urls. -- (WT-en) Colin 18:26, 14 July 2009 (EDT)
- Challenge of the day: build a regexp that catches random strings. For example, both "JYeIgZdXVHr" and "hmeyKSnQjlnMSC" would be caught by [A-Z][A-Z][a-z][A-Z], which looks for sequences of upper and lowercase characters in the format upper-upper-lower-upper, which is exceedingly unlikely to happen in real text. Catching strings of five or more consonants should also work, although there might be some collateral damage at Czech phrasebook... (WT-en) Jpatokal 02:56, 15 July 2009 (EDT)
- Even if imperfect, perhaps it would be a good idea to introduce this and other similar patterns to the blacklist now? If it's even a little bit effective, it would be a big help on flailing language versions. --(WT-en) Peter Talk 21:42, 24 July 2009 (EDT)
- I've plugged in one for five consonants in a row: [B-DF-HJ-NP-TV-XZb-df-hj-np-tv-xz]{5} (WT-en) Jpatokal 00:19, 25 July 2009 (EDT)
- Didn't work, too many URLs seem to match that. Further discussion → Wikivoyage_talk:Local_spam_blacklist#Random_spam_catcher. 00:29, 25 July 2009 (EDT)
Archive or even delete?
[edit]Not sure this page needs to be a history of site vandalism.. shouldn't this page generally be blank, except for currently ongoing vandalism? Either a Willy on Wheels-style event, or a Sihanoukville / Mandarmani type of ongoing incident, that requires being brought to the community's attention? – (WT-en) cacahuate talk 15:36, 5 August 2007 (EDT)
- Archive might be a good idea. Sometimes vandals can go away for a couple of weeks or months before returning, will be good to be able to check against past events. I do agree that this should be blank while all is quiet --(WT-en) NJR_ZA 15:52, 5 August 2007 (EDT)
- I'd support redirecting this page to Project:How to handle unwanted edits. "Vandalism" on Wikivoyage seems to fall into three categories: wikispam, people trying to promote a business, and trolls. The first two can be handled with Project:Local spam blacklist (as a side note to all editors: PLEASE add a note on Project:Local spam blacklist when adding a non-bot to the blacklist) and trolls are people looking for attention, which is exactly what this page gives them. We want to fight trolling by boring the troll to death, not giving them some reinforcement that their actions are causing a bunch of wiki editors to get all upset, and in that respect I think that this page is counter-productive. -- (WT-en) Ryan • (talk) • 15:55, 5 August 2007 (EDT)
- I agree with Ryan; I've never understood the point of this page. If someone sees "vandalism" in progress, they should clean it up themselves, not "report" it here. If someone wants to make sure other people notice the problem, taking care of it on their own will accomplish that goal, because other users watch special:recentchanges. If a someone is worried that the user in question will continue to make problematic edits in the future, they could just bookmark a link to his contributions in their userspace. In addition to giving trolls attention, this page gives the impression that "vandalism" is something to be taken care of by someone else, which, I think, is an impression we should not encourage. --(WT-en) Peter Talk 12:33, 18 February 2009 (EST)
- I don't agree. The big advantage of this page is that it permits pointers to vandalism (there are other kinds, btw -- malicious renaming of pages, for example) that endure long after the person who generates the pointers goes offline. Some of the vandals are remarkably persistent and can stay on-line, and doing damage, for hours at a time -- don't they have lives? Noting their activities will allow others to join the clean-up crew. Yes, "sweeping" the page from time to time, probably into an Archive as Nick suggests, is a good idea, but don't throw out the baby with the bath water. -- (WT-en) Bill-on-the-Hill 20:11, 18 February 2009 (EST)
- I agree with Ryan; I've never understood the point of this page. If someone sees "vandalism" in progress, they should clean it up themselves, not "report" it here. If someone wants to make sure other people notice the problem, taking care of it on their own will accomplish that goal, because other users watch special:recentchanges. If a someone is worried that the user in question will continue to make problematic edits in the future, they could just bookmark a link to his contributions in their userspace. In addition to giving trolls attention, this page gives the impression that "vandalism" is something to be taken care of by someone else, which, I think, is an impression we should not encourage. --(WT-en) Peter Talk 12:33, 18 February 2009 (EST)
- Yup, I concur, it can be a nice tool but as so many other things around here, we suck at keeping things current :) --(WT-en) Stefan (sertmann) Talk 20:22, 18 February 2009 (EST)
- Why can't users simply glance at special:recentchanges to check if any persistent vandals are hanging around? For the reasons listed above, I'd wager the (small) advantage of the page < the downsides. --(WT-en) Peter Talk 20:25, 18 February 2009 (EST)
- (Re-indenting) I'm not sure that we need "pointers to vandalism". As Peter has said, Special:RecentChanges makes it clear when any significant vandalism is occurring, and people are much more likely to look at that page than this one. For vandals that re-appear every few weeks, the moment one edit is reverted most editors will check the user's edit history and revert other changes that look problematic without the need to first refer to this page. This page was originally created when Wikivoyage had fewer users, no spam blacklist, and a much more permissive policy about problem editors. Today we have users online at all hours, a blacklist to handle common vandalism and spambots, and a policy that allows temporarily blocking users who are truly abusive. As a result, this page serves solely as a badge of honor for trolls looking for attention while failing to provide value to Wikivoyage users - has anyone in the past few years actually looked at this page and then cleaned up vandalism that they (or others) wouldn't have noticed via recent changes? I'd be surprised if the answer to that question is yes. -- (WT-en) Ryan • (talk) • 21:41, 18 February 2009 (EST)
- In the past few years, I for one have, although not in the past few days or even weeks. As for the recent-changes page, that's fine if the edit rate is so low that vandalism can always be caught there by an admin or other helpful general editor. That's not the case. I've seen vandalism go undetected for remarkably long times. Finally, I don't think vandals give a rat's *ss whether their names are mentioned in this page or not, meaning that the argument that they get their jollies from seeing names here is a bit weak. What makes you think they do? I'm genuinely curious about that. -- (WT-en) Bill-on-the-Hill 10:05, 19 February 2009 (EST)
- First - if this page is actually being used then I'd retract my support for deleting it - there's no point in keeping useless pages around, but any page that is a useful tool for editors is worth retaining. That said, if it is going to be kept it would be nice to have a discussion about how to actually make it more useful. Second, with regards to trolls, see What is a troll?. The key point is that trolls are trying to elicit a response: "The basic mindset of a troll is that they are far more interested in how others react to their edits than in the usual concerns of Wikipedians". Someone who is trolling is looking for validation that they are disruptive and causing problems, and listing them on a "vandalism in progress" page, arguing with them, or similarly showing any sort of negative reaction is incentive for them to continue. The way to beat a troll is to bore them, and giving them any extra attention defeats that effort. -- (WT-en) Ryan • (talk) • 11:35, 19 February 2009 (EST)
Ignoring the issue of whether this page is useful or not, I'll point out that both this page and Project:User ban nominations have the same name as pages on Wikipedia (well, at least pages that did exist on en:wp when the Wikivoyage pages were created). I'd imagine that this isn't a coincidence; I'd guess that they were set up to serve the same purpose as the Wikipedia pages do. The problem that I see is that we deal with unhelpful edits and user conduct problems in a very different way from Wikipedia. My suggestion would be to create a single page where these topics can be discussed in a manner that dovetails with the way we do things; then we wouldn't need either of those pages. Cheers, (WT-en) JYolkowski 18:17, 19 February 2009 (EST)
Round two
[edit]We don't use this page, and I don't think we should. (The last two substantive edits on this page were my own, each a year apart.) We have other means of communication (pub, wts, email, user talk pages, recentchanges, watchlists, etc.) for coordinating anti-vandalism efforts, and vandalism honestly isn't that big of an issue. But most importantly, we just don't use this page. Let's redirect it to Project:How to handle unwanted edits, per Ryan above? --Peter Talk 02:11, 29 September 2012 (CEST)
- I think vandalism is going to increase significantly as the site grows. While we can post vandalism in the pub, it could become very crowded with reports. And in terms of user talk pages, new users may not know who to approach to report vandalism, and a particular admin may take a large amount of time to check. I feel that we can make good use of this page, we just need to put it in a better place (possibly the sidebar), make reporting easier and make sure that admins check it more frequently. I have seen a page like this utilised very well. When users made a report, they would use a special template that would bring up the vandal's contributions and a Special:Block link, making it easier for admins to check the contributions and block immediately. I will try to bring it across later to demonstrate it. JamesA >talk 02:25, 29 September 2012 (CEST)
Strange vandalism
[edit]Does anyone understand what happened here ? My revert doesn't show up, either. --(WT-en) Peter Talk 16:03, 13 March 2009 (EDT)
- I tried to revert that as well - I think what happened is the spambot clicked on the "+" for "add section", entered a section name and edit comment, but since there was no section content Mediawiki didn't save a version. I could be very wrong, however. -- (WT-en) Ryan • (talk) • 16:11, 13 March 2009 (EDT)
Not archiving
[edit]Similar to Project:Requests for comment, I don't think this page really needs the additional red tape involved in archival. Additionally, the "trail" by which decisions are made on site really doesn't include comments here—they are just alerts (like rfcs). I just cleaned the page of old comments without bothering to archive them—if others find this inappropriate, feel free to archive the comments, and then comment here to let me know not to do this in the future. --(WT-en) Peter Talk 17:44, 21 May 2009 (EDT)
- Agree – (WT-en) cacahuate talk 00:27, 22 May 2009 (EDT)