[FFmpeg-devel] List of Codecs, Containers, etc.

[Michael Niedermayer]

Hi

On Mon, Jun 25, 2007 at 11:23:41PM -0700, Mike Melanson wrote:
> [missed this email regarding the Wiki while I was on vacation...]
> 
> Michael Niedermayer wrote:
> >> One second you're totally paranoid about security, the next you're
> >> upset because the wiki has even minimal security measures in place.
> >> I just don't get it.
> > 
> > being _unable_ to create an account to edit is not minimal security
> > its maximal inconvenience
> > this is BOFH design or to say it differently security by simply switching
> > the system off or pulling the plug, it sure is giving you some security
> > but there is that little disadvantge of making the system unuseable in the
> > process
> 
> Maybe you're not familiar with the whole Wiki paradigm. It turns nearly 
> any network security model on its head since Wiki was apparently 
> conceived by a bunch of starry-eyed utopians who believe that all people 
> are innately good and only wish to create community and spread knowledge.
> 
> I do not need to tell you that this does not work in the real world.

of course not, theres a significant percentage of bad people


> 
> > the goal should be to make a system as secure as possible with the least
> > inconvenience to its users, not to make a system as secure as possible with
> > the least amount of work for the admin and while completely ignoring the
> > consequences for the users of the system
> 
> As I indicated, the wide-open Wiki paradigm is silly on the wide-open 
> internet. The opposite, the closed-off Wiki is almost as ridiculous, 

i fully agree


> except that most people in our group already have accounts. Right now, 
> we're investigating better trade-offs.

and iam flaming you :) as theres not even a minimal note on the wiki about
how to get an account. this is IMO unprofessional


> 
> > also you can stop automated scrips trivially and a spammer working manually
> > will not be stoped by having to contact mike to get an account. he wont
> > even be stoped from getting a second or third account after he spammed the
> > site and got his previous account banned ...
> 
> A huge problem is that MediaWiki is notoriously lacking in access 
> control features. Generally, the access modes are either "wide open" or 
> "exclusive membership" (and you have to hack PHP code to change modes). 
> We're down-rev a few major versions on the MediaWiki software so it is 
> entirely possible that they have improved some stuff. If only I had time 
> to upgrade. (To further exacerbate the problem, MediaWiki releases a new 
> major version ever quarter whether it makes sense or not, and it's all 
> documented in -- you guessed it -- Wiki format.)
> 
> To review-- the current MediaWiki software that we use allows a 
> malicious user to do an extraordinary amount of damage very quickly and 
> it is very tedious and time-consuming to repair the damage. That's why 
> we had to impose such serious access control, until the situation improves.

so theres no way to simply say revert all changes from IP:123.231.111.222 ?
if so this is bad ...

also it would be great if the wiki had some moderation feature so that all
changes (by people with insufficient priviledged acounts) would have to be
approved

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Democracy is the form of government in which you can choose your dictator
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070626/88bfa1ae/attachment.pgp>