Apologies re wiki spam

Apparently some idiot was using my wiki subdomain to send spam, and apparently the people who coded the wiki media CMS didn’t think to automatically block any function by default with such a gaping security flaw in it, nor to warn anyone with big flashing letters on the screen during the install to say “if you don’t do this immediately, people will be able to just use your domain as a source of spam without even needing to know your login passwords”.

This really stuns me about the world of software, how a product can be open source, released onto the market for many years, and yet no one thinks of the bleeding obvious security issues and solutions, like shutting off functionality by default, so that your installation is secure out of the box until you actually start enabling non-secure functions ( at which point it should warn you – or even easier, just bloody solve the gaping hole in your security ).

It really gives me no confidence whatsoever in WikiMedia to know that such a monumentally easy to exploit security hole exists in their software “out of the box” … I know it’s free guys, but that’s just fucking lazy on your part, especially if ( as my host server provider suggested ), the solution is as simple as something like installing captcha … Why not include that in the base installation by default? Why not code your own version? Why not something? Why not even a warning? Why do I find this out AFTER it’s been going on for some time?

Anyway, the consequence of which is that I’ve deleted the installation for now, and the link to that subdomain goes nowhere … I’m trying to focus on writing this book, so I really don’t need distractions like this … apologies to anyone who received any spam from that subdomain, it wasn’t me.

Leave a Reply