You would think that if anyone could appreciate limited value to security through obscurity, it would be Wikipedia editors. —After all, Wikipedia is destroying the similar notion of “authority through obscurity” or “reliability through obscurity”. There’s a very clear parallel between the open source software development model and the Wikipedia editorial process. And yet… it is not the case.
The latest drama on en.wp is about intentionally adding hundreds of useless edits to the [[Main Page]] to make it undeletable. Deleting the main page is a hallmark of an administrator gone rouge, you see. I think it’s kind of cool that you can earn the cred to be able to delete the front page of a top ten website. Apparently for some people this is too much temptation.
In part these useless edits were added by an already-contentious bot, which performs a variety of routine tasks. The issue came up about what was the “contingency plan” given that this bot account was blocked.
I don’t know that we have a contingency plan for such things. The bot system is like the wild west. Everyone runs their own code and there is very little [sic?] redundancy. — Carl
The bot owner responded:
As for the source for my bots, I am willing to share it with people that I can trust. I wrote RfC bot and gladly handed that code out to a user that I know is responcible [sic]. I have also written code for other users and they have abused it, since then I only give it to people I can trust. — βcommand
Simetrical, one of the developers, responded:
Of course, all this would be an excellent argument for requiring that all bots on Wikipedia be entirely open-source, and that this be periodically verified by someone attempting to run the bot on a test wiki and making sure it actually works as advertised. Why Wikipedia has not yet agreed on this I’m not sure, except to the extent that it seems never to be able to agree on anything. (Yes, yes, anti-vandal bots’ source code will be open, I’m sure that will be a great aid to the huge number of vandals who are also programmers and malicious enough to spend hours analyzing twisty heuristic-based source code. The idea of security through openness is that they’ll be outnumbered by the group that’s identical but willing to help out by sharing any exploits they find.) Without open-source bots, it seems to me Wikipedia is asking to have major bot contributors get annoyed with the project and leave, or just disappear for any reason, seriously inconveniencing everyone. Actually, this has happened in the past, if I’m not wrong. How is it that The Free Encyclopedia is relying so heavily on non-free software? If not for the bots and scripts that are permitted to be closed, you could come close to saying that the only proprietary software used in creating and serving the encyclopedia is routing software. — Simetrical
There is somewhat similar code anarchy on the toolserver, with limited collaboration leading to multiple tools performing the same function, because with early versions the developer loses interest, some database configuration changes and the tool becomes permanently broken because it has no maintainer.
Recently a stable toolserver was introduced, which requires a project have at least two maintainers before it can be hosted there, in an attempt to alleviate some the described problems. It has not had very enthusiastic uptake yet.
In a similar vein I found it odd to be asked to contemplate a Windows toolserver just this week. Apparently the toolserver is considered exempt from the strict free software requirements of the Foundation proper because it is hosted by the German chapter. Or something. I do not find it very convincing.
An essential part of the Wikimedia Foundation’s mission is encouraging the development of free-content educational resources that may be created, used, and reused by the entire human community. We believe that this mission requires thriving open formats and open standards on the web to allow the creation of content not subject to restrictions on creation, use, and reuse.
At the creation level, we want to provide the editing community with freely-licenced tools for participation and collaboration. Our community should also have the freedom to fork thanks to freely available dumps. The community will in turn create a body of knowledge which can be distributed freely throughout the world, viewable or playable by free software tools.
We, the community, clearly have some catching up to do. People in glass houses not throwing stones and all that! Closed source should not be acceptable for bots or toolserver tools.
Elsewhere on the web...
Commenting is closed for this article.