openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus (OOo)" <>
Subject Re: [Mwiki] a massive spam attack. Again
Date Fri, 07 Feb 2014 19:55:36 GMT
Am 02/07/2014 12:45 AM, schrieb Rob Weir:
> On Thu, Feb 6, 2014 at 6:21 PM, jan i<>  wrote:
>> On 6 February 2014 23:42, Andrea Pescetti<>  wrote:
>>> jan i wrote:
>>>> I warned about exactly that, but  I was asked (see JIRAs) to remove the
>>>> cats (captcha). If you read the JIRA (which was watched be several in
>>>> here)
>>>> you will see my warning.
>>> The idea was to replace the CAPTCHA with something better, otherwise we
>>> can (should) keep the current CAPTCHA and discuss a better solution in the
>>> meantime.
>>> The cats cause incompatibilities and other issues, but if they are much
>>> more effective than the replacement let's go back to the cats as soon as
>>> possible and in the "see what's best to replace them (but something MORE
>>> effective, not LESS effective!).
>> May I politely correct you, the idea was NOT to replace the cats. The jira
>> was implemented by the word !
>> The exact wording is:
>> "Wiki6: Cats/Dogs CAPTCHA for new user registration is quite broken. It
>> doesn't work in several browser configurations, it includes HTTP instead of
>> HTTPS ->  Recommended
>> solution: drop it entirely.  "
>> That statement is pretty clear, how it can be read as moving to something
>> more effective slips my mind.
>> later the jira contains:
>> "accessibility suggestion from Tyler (haven't tested MediaWiki
>> compatibility): there is a website which provides text-based CAPTCHA's in
>> the form of logic questions, math problems, etc. It provides an XML API.
>> See "
>> Apart from the facts, thats its a suggestion and not a decision (like that
>> above),  we do not use extensions that are not supported by mediawiki
>> (meaning downloadable from and verified for our release). As
>> a sidenote, that captcha is pretty much the same as the standard which are
>> active right now. There are quite a lot of captcha┬┤s out there, just
>> looking at extensions gives a lot of choises.
>> At this point in time we have several choices:
>> 1) leave the config as it is
>> 2) reinstall cats
>> 3) choose another captcha (in this case we need to decide which one).
>> I am not the one to overrule a community decision (Wiki6), but I will
>> happely implement another community decision.
> I hope you can simply restore cats if that can be done without too
> much trouble.  Then we can discuss further and come to a community
> decision on what else to do, if anything.  I hope you agree that there
> is zero benefit to accumulating additional spam while we discuss.
> Fix the immediate problem, then we can discuss longer term.  This one
> area that Apache Infra knows how to do well.  They know when it is
> important to act rather than discuss.  I suggest that this is one of
> those times.

Right, especially when there is already a solution that is working 
(mostly resp. for the most people).

Thanks Jan.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message