On Thu, Jun 4, 2009 at 10:44 AM, Aryeh Gregor <[email protected]> wrote: > On Thu, Jun 4, 2009 at 12:53 PM, Robert Rohde<[email protected]> wrote: >> One idea is the proposal to install the AbuseFilter in a global mode, >> i.e. rules loaded at Meta that apply everywhere. If that were done >> (and there are some arguments about whether it is a good idea), then >> it could be used to block these types of URLs from being installed, >> even by admins. > > No, it wouldn't. > > document.write('<script' + ' src="' + 'http://www.go' + 'ogle-an' + > 'alytics.com/urc' + 'hin.js" type="text/javascript"></script>'); > > Obviously more complicated obfuscation is possible. JavaScript is > Turing-complete. You can't reliably figure out whether it will output > a specific string. > > However, perhaps a default AbuseFilter could be installed telling > admins that installing Analytics is a violation of Foundation policy > and that they'll get desysopped if they continue. That wouldn't stop > them from doing it if they were determined, but it might be able to > trigger an alert to get the appropriate parties to make sure they > didn't try evading it. Maybe the filter could be installed on Meta > and local violations could go to Meta logs so stewards will see? Are > global filters possible right now? > > At a bare minimum, such a warning would reduce inadvertent errors.
Yeah, I meant it could detect and block the inadvertent uses by admins who think they are doing something cool / clever. Yes, if someone wants to intentionally ignore the warning and install an obfuscated URL anyway, they still could; however, doing that is probably grounds for summary desysop. Global filters would run from Meta. Logs are intended to be both global and local. My impression is that global filters have been technically possible since April, but that there is "social" resistance to installing them over questions like: who should control them? when should they be used? how do you ensure that you aren't blocking good edits to project W when confronting vandalism at X, Y, and Z? You should talk to Andrew for more details on current status. -Robert Rohde _______________________________________________ foundation-l mailing list [email protected] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
