Wikis - Powerless in the Face of Spam? Part II

In my previous post, I have outlined how I've hunted a spammer who has been vandalizing wikis on Wikidot.com - adding spam links to increase the page ranks for particular commercial websites, which in turn causes them to appear higher in search results at search engines.

For the moment, this particular spammer seems to have been driven away from Wikidot.com. But I was curious whether he had vandalized other wikis as well, and did Google searches for some of his keywords in addition to the keyword "wiki" to find out where else he has it.

The results were... not encouraging. Here is a a list of only the first 50 afflicted pages I have found:

• Association of Lisp Users
• BASES Wiki 
• Bem-vindo ao Wiki do Projeto Software Livre Brasil 
• Blag Linux And GNU 
• Boston.pm News and Resources Wiki 
• City of Heroes Vault 
• CocoaDev Wiki 
• Control Tier 
• Consortium for the Science of Socio-Technical Systems 
• DoWire's E-Democracy Best Practices Wiki 
• EeeUser Eee PC 
• Enlightened Perl Organization Home 
• fdiary.net wikifarm
• Flyer Guide.com Wiki
• FrAndroid Wiki 
• FreeBSD Wiki @Taiwan 
• GeekDinner Wiki 
• Gender Wiki 
• Global Villages Info Wiki
• GT System Wiki
• Howard Forums 
• IKM Emergent
• Jakarta-Cactus Wiki 
• Java User Group Milano 
• Java User Group Torino 
• Knowmore.Org Wiki 
• Licence to Kill Wiki 
• LXDE Wiki 
• Meatball Wiki
• MediaLab Prado
• Mondo Rescue devel pages 
• OpenInkPot 
• OpenLayers Wiki
• Podster.de 
• Replicant Wiki
• Repository Aggregator
• Root.cz 
• SCOME Wiki 
• SelbstOrganisations Wiki 
• SimplePie Wiki
• Sourceforge.net Wiki 
• squirrel's community wiki 
• TextMate Wiki
• Varamozhi wiki
• Warp Spawn Games Wiki 
• Wiki de PMB 
• Wikinvest 
• Wiki Ubuntu Indonesia 
• Young Adult Library Services Association 
• ZoneMinder Wiki

After that, I gave up. There are too many, and they are scattered on too many different wiki farms. And with that, I can only conclude that this spammer has won. I might be able to keep him off Wikidot.com, but on most of these wikis his spam links will stay until either their hosts go broke or until the Internet as a whole collapses into a black hole of spam. This is a problem that is even beyond Anonymous to solve - he has scattered his vile seed too far and wide. If you want to get a grasp of just how wide this particular spammer has cast his net, try these following searches with some of his favorite keywords:

• "aksesoris sparepart motor" - 23,100 results
• "bisnis online lokal" - 10,500 results
• "hipnoterapi surabaya" - 1,870 results

Some of these are duplicates, but many are not - and that's only using some of his keywords. He will just keep on going and adding his spam to any wikis that are not sufficiently protected and where the owners do not pay constant attention.

And that's just one spammer (or a single team) - and their numbers are legion! Every spammer has their own websites to promote, and they all scan the Internet for wikis to defile. If you are maintaining or participating in a wiki as well, they will come for it too - the only real way of defending yourself is to limit its use to invited members. Which in turn runs contrary to the promise of openness that originally started wikis.

Sure, right now it might still be sufficient to just revert the occasional spam that comes your way. But the tide of spam will continue to rise until you are forced to resort to more drastic measures. And what then? Will there one day be a new medium that allows open, public collaboration in the way wikis do, or is this form of collaboration doomed?

You tell me. Right now, I am rather depressed in the face of the scale of this problem.

Wikis - Powerless in the Face of Spam?

I am beginning to wonder whether wikis as a form of communal projects are doomed in the long run apart from a small number of specific applications. Sure, Wikipedia will continue to exist, as will a number of other specific projects. But large wiki farms, which maintain the majority of wikis out there, are under continued and increasing assault by spammers.

You are all familiar with email spammers which clutter up your inbox and your spam folder. But they are not the only form of spammers out there. Email spammers just send massive amounts of emails to other people in the hopes that one of the recipients will actually answer or click on the embedded links and do something foolish. But other spammers are out there to increase the prominence of other web sites in search engines - and the algorithms search engines such as Google use determine how important a particular website is (and thus, how soon it comes up in the search results) by calculating how many other websites link to it. While they have added lots of refinements to their search algorithms over the years, this still remains true - so if someone wants to promote a third-rate website of some third-rate company, they need to make sure that this website gets as many external links as possible.

Enter wiki spammers.

Large wikifarms - such as Wikidot.com, which is the platform I am using for my own projects have lots of active wikis. But they have an even higher number of half-abandoned projects which haven't been worked on for years. And many of these wikis allow anyone to edit their pages, whether they are ordinary registered users or even anonymous editors - after all, the whole point of wikis is to make editing them as easy as possible for everyone. Thus, it also becomes easy for wikis to add spam links to them - that is to say, links to the websites they want to promote, whether those links are appropriate to the wiki in question or not - and they are almost never appropriate.

I first became aware of one new spammer on May 23rd when he vandalized one of my wikis. Naturally, I reversed the changes and banned that user, and he was also banned from Wikidot.com. But a few days later he was back with a new user account and reverted my changes so that the spam links would appear again.

Then he did something that really angered me: He deleted the start page and the navigation toolbars on another one of my wikis, presumably so that it would be harder to reverse his edits. But this only made it personal, as after I restored these pages from Archive.org, created backups for all my wikis and implemented admin blocks for the most vital pages I vowed to stop him not only on my wikis, but on all wikis where I found his spam. I researched his activities, observed his user profiles, reported his new accounts, and reverted his new changes, many of which were only reversing my edits to get his spam edits. In the last few days, this had reached a fever pitch - he made hundreds of edits (almost all reversals of my earlier edits) every day, and as soon as I managed to get his current account banned he started a new one. So far, the tally of his user accounts which I positively identified is:

• Ayna: 8 edits
• baraaa: 29 edits
• baraaas: 135 edits
• Borneos: 32 edits
• Ellias: 43 edits
• gerrardo: 98 edits
• jajaaa: 123 edits
• jikons:28 edits
• jiks: 67 edits
• jikunsss: 67 edits
• jikunz: 13 edits

And with the assistance of several other Wikdot folks, I set out to revert them all. He had become my own personal White Whale, with each striving to undo what the other had wrought. At times the editing history of certain pages looked like this:






 

Fortunately, yesterday the Wikidot.com team implemented some new filters which largely seem to be doing the trick - the flood of spam had become a trickle by this morning, and now Wikidot.com is largely empty of his spam apart from a few pages on wikis for which I don't have the necessary permissions to edit them.

Still, I have no doubt that he will be back some day, with new tricks or on a different wiki farm. And if he won't come back, others will. As a wiki farm expands and the number of fallow wikis increases, wiki spammers will come in greater and greater numbers and become more and more aggressive, with better and better scripts. Will anti-spam measures improve in equal measure, or are they doomed to fail before the onslaught just as ordinary emails are drowned out 2:1 by spam emails?

Time will tell. But to my eye it isn't looking good.