90:
423:
117:
107:
33:
127:
87:
137:
97:
177:). The milestone has little inherent significance for Wikimedians, since Wikimedia Foundation wikis run their own version of the MediaWiki software, which is usually well ahead of the official release. MediaWiki was originally developed with Knowledge in mind but is now in use in some form or other on a number of other popular sites, including the commercial wiki host
243:
password reset is another positive feature. However, Knowledge makes it easy to probe usernames through the enrolment, log-in, and reset forms. Whilst this is a deliberate and documented practice, and usernames associated with administrative privileges are also available through published lists, it leads to a lower password score in our survey.
205:), called it "the first large-scale empirical analysis of password implementations deployed on the Internet". Knowledge received a "password security score" of 4 out of 10, falling short of the optimal score with respect to several evaluation criteria: the password selection advice does not prohibit dictionary words, a minimum length (: -->
110:
531:
I would support mandatory secure login and a minimum password length, at least for admins. Requiring the inclusion of numbers is a bad idea, however. The way most users respond to such mandates is very predictable and so they add little in the way of password strength and can even weaken passwords if
325:
While WordPress's web-based upgrade utility certainly has a positive impact on security, I feel I should point out that what WordPress counts as a serious vulnerability does not align with MediaWiki’s definition of the same term. For instance, if a web-based user could execute arbitrary PHP code on
242:
Knowledge exhibits a unique set of password practices . The site is doing a decent job in preventing password guessing by requiring captcha-solving after three attempts -- one of the lowest limits observed in the market. Creating a random new password instead of sending out the old password during
245:
Much security could be gained by making encrypted transmission of the password the default. Imposing a minimum length is another low-hanging fruit. Similarly, a graphical password strength indicator could complement the ample password advice already available on the sign-up page. Given the
483:
326:
the server, compromising all data and user accounts, we would count that as the most serious sort of vulnerability, and we would do an immediate release to fix it.... in WordPress, they count this as a feature, and all administrators can .... If you are running MediaWiki in a
130:
249:
Knowledge's threat model and its specific motivations for deploying passwords, such as reputation-building and persistent display preferences, would seem to make OpenID a viable alternative to passwords. I think it is unfortunate that
Knowledge is not yet OpenID-enabled.
100:
140:
295:
304:– a private software security firm – has shown that 19 in every 20 MediaWiki installations are running software old enough to include "serious vulnerabilities", compared with fewer than 1 in 20
173:); a separate, minor update (Version 1.15.5) was also released for operators unwilling or unable to upgrade fully. Both versions were billed as fixing an important "data leakage vulnerability" (
541:
193:
The handling of user passwords on 150 websites was analysed in a recent study. Joseph
Bonneau and Sören Preibusch, researchers from the University of Cambridge who conducted the study (
181:. System administrators of these other installations are encouraged to upgrade, both for security reasons and to take advantage of features introduced since the 1.15 milestone, reached
273:
67:
73:
498:
332:
However, the statistics presented by Qualys show that an alarming number of people are running versions of MediaWiki older than 1.14.1, which was the most recent fix for an
269:
380:
that the underreporting of pageview counts has been repaired for recent months (and the cause of the problem has been identified and removed) and that there now exists a
462:
524:
467:
457:
120:
410:
401:
285:
281:
265:
520:
Perhaps I'm in a minority here, but I was delighted to wake up to the release of MediaWiki 1.16.0. Downloaded and installed it right away. It's very exciting. :)
447:
330:-like mode, with whitelist edit and account creation restricted, then I think it's fair to say that in terms of security, you're better off with MediaWiki.
452:
440:
198:
559:
532:
the predictable digit at the end of a password replaces a more random letter. And shifting to numbers is awkward on devices like the iPhone or iPad.--
572:
362:
434:
188:
52:
41:
206:
1) is not required, the use of numbers or symbols in the password is not enforced, federated identity services are not supported (although a
625:
246:
technology-savvy population of
Knowledge account holders, HTTP Digest authentication may improve security without making TLS the default.
503:
546:
It appears that
Preibusch's comments have already inspired some new MediaWiki code, a JavaScript-based password complexity checker:
510:
369:
graph database. The long-term goal is to provide category-based search (especially deep category intersection), replacing his own
21:
352:
Note: not all fixes may have gone live to WMF sites at the time of writing; some may not be scheduled to go live for many weeks.
600:
487:
361:, a MediaWiki developer employed by Wikimedia Germany) has written a new program to work with Knowledge's category structure (
595:
590:
585:
222:
is normally not used to protect password submissions (the password is sent in cleartext when logging in. However, the
521:
377:
160:
194:
580:
422:
185:. However, Wikimedians can be hopeful that the release is a sign of strength in the development community.
46:
32:
17:
327:
182:
537:
336:
vulnerability exploitable without special privileges. There is certainly room for us to do better.
219:
223:
388:
547:
606:
333:
207:
8:
533:
384:
for
Wikimedia page views that "presents trends for nearly all projects on a single page".
289:
381:
309:
174:
68:
Major MediaWiki release, password security, vulnerable MediaWiki installations, and more
277:
316:(one of only a handful of paid MediaWiki programmers) explained the startling figure:
195:
The password thicket: technical and market failures in human authentication on the web
494:
370:
313:
215:
358:
346:
555:
154:
619:
170:
202:
270:
Administrator status restored to five accounts after emergency desysopping
551:
305:
296:
95% of MediaWiki installations said to have a "serious vulnerability"
166:
150:
214:
exists), the user list is not protected from probing (the list is
266:
Four administrator accounts desysopped after hijacking, vandalism
301:
211:
366:
178:
276:
to some changes in MediaWiki and the start of the page
300:
In an unrelated announcement, research published by
508:If your comment has not appeared here, you can try
617:
286:Password security upgraded after Slashdot furor
282:Blank passwords eliminated for security reasons
264:coverage about password security on Knowledge:
148:
189:Study of web passwords includes Knowledge
169:(Version 1.16) was announced this week (
511:
395:" in the API, broken by recent updates.
14:
618:
288:(2005, about an incident after which
165:The release of the latest version of
51:
318:
235:
626:Knowledge Signpost archives 2010-08
233:for comment, Sören Preibusch said:
27:
421:
391:has been fixed, restoring use of "
53:
31:
28:
637:
493:These comments are automatically
226:provides encrypted connections).
135:
125:
115:
105:
95:
85:
376:Erik Zachte, WMF data analyst,
504:add the page to your watchlist
13:
1:
272:(about a 2007 incident which
479:
292:passwords were introduced).
18:Knowledge:Knowledge Signpost
7:
10:
642:
560:14:16, 6 August 2010 (UTC)
542:18:26, 4 August 2010 (UTC)
525:00:17, 3 August 2010 (UTC)
216:intentionally available
175:wikitech-l mailing list
161:MediaWiki 1.16 released
522:Reach Out to the Truth
501:. To follow comments,
426:
36:
425:
414:"Technology report" →
35:
497:from this article's
183:more than a year ago
463:Features and admins
406:"Technology report"
208:MediaWiki extension
488:Discuss this story
468:Arbitration report
458:WikiProject report
427:
382:new summary report
310:Wikimedia Techblog
278:Knowledge:Security
171:Wikimedia Techblog
42:← Back to Contents
37:
512:purging the cache
473:Technology report
344:
343:
258:
257:
203:downloadable data
65:Technology report
47:View Latest Issue
633:
609:
515:
513:
507:
486:
445:
437:
430:
413:
405:
394:
359:User:Duesentrieb
357:Daniel Kinzler (
319:
236:
157:
139:
138:
129:
128:
119:
118:
109:
108:
99:
98:
89:
88:
59:
57:
55:
641:
640:
636:
635:
634:
632:
631:
630:
616:
615:
614:
613:
612:
611:
610:
605:
603:
598:
593:
588:
583:
576:
564:
563:
517:
509:
502:
491:
490:
484:+ Add a comment
482:
478:
477:
476:
438:
433:
431:
428:
417:
416:
411:
408:
403:
392:
349:
308:installations (
298:
191:
163:
158:
147:
146:
145:
136:
126:
116:
106:
96:
86:
80:
77:
66:
62:
60:
50:
49:
44:
38:
26:
25:
24:
12:
11:
5:
639:
629:
628:
604:
599:
594:
589:
584:
579:
578:
577:
566:
565:
562:
545:
544:
528:
527:
492:
489:
481:
480:
475:
470:
465:
460:
455:
450:
448:News and notes
444:
432:
420:
419:
418:
409:
400:
399:
398:
397:
396:
385:
374:
348:
345:
342:
341:
338:
323:
297:
294:
260:See also past
256:
255:
252:
240:
190:
187:
162:
159:
144:
143:
133:
123:
113:
103:
93:
82:
81:
78:
72:
71:
70:
69:
64:
63:
61:
58:
45:
40:
39:
30:
29:
15:
9:
6:
4:
3:
2:
638:
627:
624:
623:
621:
608:
602:
597:
592:
587:
582:
574:
570:
561:
557:
553:
549:
543:
539:
535:
530:
529:
526:
523:
519:
518:
514:
505:
500:
496:
485:
474:
471:
469:
466:
464:
461:
459:
456:
454:
451:
449:
446:
442:
436:
435:2 August 2010
429:In this issue
424:
415:
407:
390:
386:
383:
379:
375:
372:
368:
365:), using the
364:
360:
356:
355:
354:
353:
339:
337:
335:
329:
324:
321:
320:
317:
315:
312:). Developer
311:
307:
303:
293:
291:
287:
283:
279:
275:
271:
267:
263:
253:
251:
247:
241:
238:
237:
234:
232:
227:
225:
224:secure server
221:
217:
213:
209:
204:
200:
196:
186:
184:
180:
176:
172:
168:
156:
152:
142:
134:
132:
124:
122:
114:
112:
104:
102:
94:
92:
84:
83:
75:
56:
54:2 August 2010
48:
43:
34:
23:
19:
568:
472:
441:all comments
351:
350:
331:
314:Tim Starling
299:
261:
259:
248:
244:
231:The Signpost
230:
228:
192:
164:
151:Tilman Bayer
607:Suggestions
550:. Regards,
495:transcluded
453:In the news
393:xxlimit=max
197:, see also
571:. You can
567:It's your
79:Share this
74:Contribute
22:2010-08-02
601:Subscribe
548:rev:70520
499:talk page
306:Wordpress
229:Asked by
199:blog post
167:MediaWiki
155:Jarry1250
620:Category
596:Newsroom
591:Archives
569:Signpost
404:Previous
363:CatGraph
347:In brief
284:(2006),
262:Signpost
121:LinkedIn
101:Facebook
20: |
573:help us
371:CatScan
218:), and
111:Twitter
302:Qualys
290:salted
212:OpenID
131:Reddit
91:E-mail
586:About
389:24564
387:Bug #
378:notes
373:tool.
367:Neo4j
179:Wikia
16:<
581:Home
556:talk
552:HaeB
538:talk
412:Next
210:for
201:and
153:and
141:Digg
534:agr
334:XSS
328:CMS
280:),
274:led
220:TLS
149:By
76:—
622::
558:)
540:)
402:←
340:”
322:“
268:,
254:”
239:“
575:.
554:(
536:(
516:.
506:.
443:)
439:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
