[syslinux] New antispam measures on the wiki

[Gene Cumm]

On Sat, Jul 21, 2012 at 1:23 PM, H. Peter Anvin <hpa at zytor.com> wrote:
> It is by now clear that a handful of persistent spammers have started using
> semiautomated attacks targeted specifically at our wiki ... one careless
> spammer even uploaded some of his scripts!

With increasing persistence and success, unfortunately.

> As a result, I have switched the wiki to a mode where editors need to be
> explicitly authorized, manually, before they can edit.  As a result, people
> will need to first create an account, and then get a Sysop to add them to
> the Editors group manually.

Is it worthwhile to consider having an email list/group (not logged,
of course) which individuals may contact to elevate their privileges
or notice on UserLogin that users will not have edit access by
default.  Except for the potential volume of spam, perhaps a
"request-access" button/page when a user attempts to edit a page while
not having edit access which would email this list/group with a limit
of 1 request per user (either indefinitely or per month/week).  This
would probably get the least spam since the address would be hidden by
the system and only known to those on the list.

> I have tried to already add everyone I could find who had made useful edits
> in the past (just over 40 accounts worth), but it is pretty much guaranteed
> I missed some, so if you find your account is blocked please let us know and
> we'll fix it.
>
> Hopefully this should eliminate the spam problem for good.  Sorry to have to
> go to this level.

When the automated measures prove insufficient, human measures are
well justified.

-- 
-Gene