Mailing List Archive

yay for kiddies!
http://www.0x000000.com/?i=330


- d.

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
Hoi,
I am sure that the wiki attitude will save the day.. Someone will just fix
it ..

Well spotted :)
Thanks,
GerardM

On 6/6/07, David Gerard <dgerard@gmail.com> wrote:
>
> http://www.0x000000.com/?i=330
>
>
> - d.
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l@lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/wikitech-l
>
_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
David Gerard wrote:
> http://www.0x000000.com/?i=330

Hm, this guy talks about what you should or shouldn't do, but has he
actually found an actual vulnerability in Wikipedia or MediaWiki?


_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
Timwi wrote:
> David Gerard wrote:
>> http://www.0x000000.com/?i=330
>
> Hm, this guy talks about what you should or shouldn't do, but has he
> actually found an actual vulnerability in Wikipedia or MediaWiki?

No. If he did, there's no doubt he'd blurt it out on his blog before he
finished his coffee. But I doubt he has the competence to find such a thing.

He just found some script files that I deliberately made public.
Originally they were only available there, but eventually I committed them
to svn as well. Next he'll be reporting that he can edit the wiki.

-- Tim Starling


_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
/me wonders if this script was added by Wikimedia.

[TXT] 0x000000 06-Jun-2007 14:23 4

On 06/06/07, Tim Starling <tstarling@wikimedia.org> wrote:
> Timwi wrote:
> > David Gerard wrote:
> >> http://www.0x000000.com/?i=330
> >
> > Hm, this guy talks about what you should or shouldn't do, but has he
> > actually found an actual vulnerability in Wikipedia or MediaWiki?
>
> No. If he did, there's no doubt he'd blurt it out on his blog before he
> finished his coffee. But I doubt he has the competence to find such a thing.
>
> He just found some script files that I deliberately made public.
> Originally they were only available there, but eventually I committed them
> to svn as well. Next he'll be reporting that he can edit the wiki.
>
> -- Tim Starling
>
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l@lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/wikitech-l
>


--
Robert[hl] [[User:Lcarsdata]]
http://roberthl.wikitest.co.uk/

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
Robert Leverington wrote:
> /me wonders if this script was added by Wikimedia.
>
> [TXT] 0x000000 06-Jun-2007 14:23 4

I added it, of course. Who did you think it was? I wanted to make the blog
readers feel welcome.

-- Tim Starling


_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
Oh, I thought that that website had hacked Wikimedia. Obviously I
misunderstood the article.

On 06/06/07, Tim Starling <tstarling@wikimedia.org> wrote:
> Robert Leverington wrote:
> > /me wonders if this script was added by Wikimedia.
> >
> > [TXT] 0x000000 06-Jun-2007 14:23 4
>
> I added it, of course. Who did you think it was? I wanted to make the blog
> readers feel welcome.
>
> -- Tim Starling
>
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l@lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/wikitech-l
>


--
Robert[hl] [[User:Lcarsdata]]
http://roberthl.wikitest.co.uk/

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
Robert Leverington wrote:
> On 06/06/07, Tim Starling <tstarling@wikimedia.org> wrote:
>> Robert Leverington wrote:
>>> /me wonders if this script was added by Wikimedia.
>>>
>>> [TXT] 0x000000 06-Jun-2007 14:23 4
>> I added it, of course. Who did you think it was? I wanted to make the blog
>> readers feel welcome.
>
> Oh, I thought that that website had hacked Wikimedia. Obviously I misunderstood the article.

I put our secret site password in the directory as well. Now all they have
to do is work out how to use it.

-- Tim Starling


_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
On 6/6/07, Tim Starling <tstarling@wikimedia.org> wrote:

> to svn as well. Next he'll be reporting that he can edit the wiki.


Hmm .. reading through his blog, I don't see *any* vulnerabilities he has
discovered -- he reported a couple that were already known, but never
anything original. How did this blog even get known?

--
Daniel Cannon (AmiDaniel)

http://amidaniel.com
cannon.danielc@gmail.com
_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
On 06/06/07, Daniel Cannon <cannon.danielc@gmail.com> wrote:
> On 6/6/07, Tim Starling <tstarling@wikimedia.org> wrote:

> > to svn as well. Next he'll be reporting that he can edit the wiki.

> Hmm .. reading through his blog, I don't see *any* vulnerabilities he has
> discovered -- he reported a couple that were already known, but never
> anything original. How did this blog even get known?


It came up in today's Google blogsearch trawl on "wikipedia".


- d.

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Moin,

On Wednesday 06 June 2007 16:15:48 Tim Starling wrote:
> Timwi wrote:
> > David Gerard wrote:
> >> http://www.0x000000.com/?i=330
> >
> > Hm, this guy talks about what you should or shouldn't do, but has he
> > actually found an actual vulnerability in Wikipedia or MediaWiki?
>
> No. If he did, there's no doubt he'd blurt it out on his blog before he
> finished his coffee. But I doubt he has the competence to find such a
> thing.
>
> He just found some script files that I deliberately made public.
> Originally they were only available there, but eventually I committed
> them to svn as well. Next he'll be reporting that he can edit the wiki.

Tim,

you owe me a new keyboard (actually, an old, vintage CHERRY MX 3000M) and a
monitor cleaning kit...

*still laughing*

Tels


- --
Signed on Wed Jun 6 17:33:07 2007 with key 0x93B84C15.
Get one of my photo posters: http://bloodgate.com/posters
PGP key on http://bloodgate.com/tels.asc or per email.

┌───────┬─────┬───┬───────────────┬─────┬─────────┬───┬─┐
├─────╴ │ ╷
╶─┘ ╷ ╵ ╶─┬───┬───┐ ╷ └─╴ ╷ └─┬─╴ ┌─╴ │ ╷ │ │
│ ┌─┬───┴─┴─┐ ╶─┼───┐ ╵
╷ ╵ ┌─┘ ├─────┴─╴ │ ┌─┘ ┌─┘ │ ╵ │
│ │ ╵ ╶─┐ ╷ └─┐ │ ╷ │ ┌─┴─┬─┘ ┌─┤
┌─────┬─┘ │ ╶─┴─╴ ├─╴ │
│ └─┐ ┌─┘ ├─╴ ├─┘ │ └─┘ ╷ │ ┌─┘ │ ╵ ┌─╴ │ ╷
└───┬───┤ ╶─┤
├─╴ └─┘ ┌─┘ ╶─┘ ┌─┴─────┘ ╵ │ ╶─┴───┘ ╶─┴─┴───╴ │ ╶─┴─╴
│
└───────┴───────┴───────────┴───────────────────┴───────┘

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iQEVAwUBRmbT7HcLPEOTuEwVAQLcsAf/RZmDfn50m23GNWsgen/xkK0HBhNbAnhC
W9MCL4pilYkXYfRWuFXut2CPo5piGA6d7DGllykx1ln/EpfXW6e02vFkGSZQUWgI
gfxCYiAlfblw5XdcHvPs4VnJ69yQHHfNy+ze4AjgfUPNK93yPdWulvoBaUICvzAr
X3nhFRg2EGyXeccxw4gvJn56qMG130Cd279VvnkCBk8HeKATGiU8n02+4pWXY8Fv
OH/AVOdxwBdXdznF6YP+Zbeawx3eC+haxTeA0D/dEnXG2CfQ7JiwyPI1nzSz97qi
b3j+2Mo82Jf7gFImFnsYsgCaVMQllvEDSYK81iLhG8lc5W+hcMyFog==
=qThF
-----END PGP SIGNATURE-----

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Re: yay for kiddies! [ In reply to ]
On Wed, Jun 06, 2007 at 03:52:06PM +0100, Tim Starling wrote:
> Robert Leverington wrote:
> > /me wonders if this script was added by Wikimedia.
> >
> > [TXT] 0x000000 06-Jun-2007 14:23 4
>
> I added it, of course. Who did you think it was? I wanted to make the blog
> readers feel welcome.

C|N>K

Thanks.

Cheers,
-- jr 'really' a
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com '87 e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l