Monday, May 07, 2007
A scary surprise
Four Admins has their accounts hacked. David Gerard sounded the first alarm. More information on Sage Ross' blog (with useful links).
This problem grew out of the common perception that none of us thought Wikipedia would present itself as such an inviting target, so many Wikipedians selected less-than-optimal passwords, ones where ease of remembering outweighs their obscurity. (I've since changed my password to something far more secure.) It's not as if Admin rights gave one significant powers in Wikipedia. Sure, an Admin can delete pages, block users, or protect pages -- but that's the same as being able to beat up your kid brother. Fortunately, none of the crackers thought very hard about what damage they really could do; then again, it doesn't take much brains to damage something useful.
Technocrati tags: security, vandalism, wikipedia