p_quarles
January 19th, 2008, 04:35 AM
It's already been cleaned up, but I thought this was an interesting story nonetheless:
http://en.wikinews.org/wiki/Malicious_code_inserted_into_Wikipedia_pages_sprea ds_computer_virus
January 19, 2008
In an exclusive report, Wikinews has learned that on Wednesday, January 16, 2008, two users, one anonymous and the other only known as MODX added code onto Wikipedia for a computer virus known as the LoveLetter virus or the ILOVEYOU virus.
The users were inserting the code, using VBScript, on various pages on Wikipedia including the Wikipedia Sandbox, a page used for testing Wikicode without causing errors on other pages.
A Wikipedia administrator noticed the acts after a virus alert program picked up the files and began to block the users, reverting their edits to all the pages they had vandalized.
"I went further and deleted the contributions of these editors where I could in the hopes of preventing follow-up attacks, copycat actions, and random editors stumbling into viral traps whilst walking through a page history," said Scientizzle, the administrator who found the code and attempted to clean up the additions.
All went well, but a major problem began to arise. In the process of deleting the edits from the sandbox, which "has a massive revision history," caused the Wikimedia servers hosting only Wikipedia, to overload for a half an hour, causing countless users to be locked out of editing the encyclopedia.
"This [the deletion of the edits] went perfectly fine until I bit off waaay more than I (or the Wikipedia servers) could chew when I foolishly attempted to do the same to the sandbox, which has an extensive revision history. My action caused the site to come to a screeching halt for half an hour and filled my [user discussion page] page with 'wikitrout'," added Scientizzle jokingly.
Developers for Wikimedia quickly raced to find a solution to such a massive deletion if such an event should occur again. Brion, a developer, added restrictions on the deletion of any page with more than 5000 revisions.
"A couple times a year somebody does something like trying to delete the Wikipedia:Sandbox, which really bogs down the server due to the large number of revisions. While there are warnings about this, I'm hacking in some limits which will restrict such deletions to keep the system from falling over accidentally," said Vibber on a Wikipedia discussion page for the community known as The Village Pump.
Scientizzle was advised that the edits should have been removed via oversight. Oversight is the process of deleting edits from public view, usually reserved for non-public personal information and libel, but also used for selective deletion of revisions on extremely long pages. Only a few administrators have access to the process and the content of oversighted edits.
"I was advised that oversight was a better option for removing contributions on huge pages and, as such, contacted the oversight mailing list to request the complete deletion of all contributions by these users," added Scientizzle.
The ILOVEYOU virus or worm started in the Philippines on May 4, 2000 in e-mails titled 'I Love You'. In less than a day, it managed to spread across the entire globe, traveling to Hong Kong, to Europe, and then the United States. At least 10% of the world's computers that had internet access were infected with the virus. It would overwrite your files on your computer with a copy of itself. Music, system files, multimedia and many others were affected.
It is not known how many, if any, computers were affected by the virus via the code included on the Wikipedia pages.
http://en.wikinews.org/wiki/Malicious_code_inserted_into_Wikipedia_pages_sprea ds_computer_virus
January 19, 2008
In an exclusive report, Wikinews has learned that on Wednesday, January 16, 2008, two users, one anonymous and the other only known as MODX added code onto Wikipedia for a computer virus known as the LoveLetter virus or the ILOVEYOU virus.
The users were inserting the code, using VBScript, on various pages on Wikipedia including the Wikipedia Sandbox, a page used for testing Wikicode without causing errors on other pages.
A Wikipedia administrator noticed the acts after a virus alert program picked up the files and began to block the users, reverting their edits to all the pages they had vandalized.
"I went further and deleted the contributions of these editors where I could in the hopes of preventing follow-up attacks, copycat actions, and random editors stumbling into viral traps whilst walking through a page history," said Scientizzle, the administrator who found the code and attempted to clean up the additions.
All went well, but a major problem began to arise. In the process of deleting the edits from the sandbox, which "has a massive revision history," caused the Wikimedia servers hosting only Wikipedia, to overload for a half an hour, causing countless users to be locked out of editing the encyclopedia.
"This [the deletion of the edits] went perfectly fine until I bit off waaay more than I (or the Wikipedia servers) could chew when I foolishly attempted to do the same to the sandbox, which has an extensive revision history. My action caused the site to come to a screeching halt for half an hour and filled my [user discussion page] page with 'wikitrout'," added Scientizzle jokingly.
Developers for Wikimedia quickly raced to find a solution to such a massive deletion if such an event should occur again. Brion, a developer, added restrictions on the deletion of any page with more than 5000 revisions.
"A couple times a year somebody does something like trying to delete the Wikipedia:Sandbox, which really bogs down the server due to the large number of revisions. While there are warnings about this, I'm hacking in some limits which will restrict such deletions to keep the system from falling over accidentally," said Vibber on a Wikipedia discussion page for the community known as The Village Pump.
Scientizzle was advised that the edits should have been removed via oversight. Oversight is the process of deleting edits from public view, usually reserved for non-public personal information and libel, but also used for selective deletion of revisions on extremely long pages. Only a few administrators have access to the process and the content of oversighted edits.
"I was advised that oversight was a better option for removing contributions on huge pages and, as such, contacted the oversight mailing list to request the complete deletion of all contributions by these users," added Scientizzle.
The ILOVEYOU virus or worm started in the Philippines on May 4, 2000 in e-mails titled 'I Love You'. In less than a day, it managed to spread across the entire globe, traveling to Hong Kong, to Europe, and then the United States. At least 10% of the world's computers that had internet access were infected with the virus. It would overwrite your files on your computer with a copy of itself. Music, system files, multimedia and many others were affected.
It is not known how many, if any, computers were affected by the virus via the code included on the Wikipedia pages.