A game for coders or investigators

Chat about new breakthroughs in technology and science. Or even about cool stuff that happened in the past...
Forum rules
Please read the Forum rules and policies before posting.
Post Reply
User avatar
Zyx
DSA Master
Posts: 2592
Joined: Mon Jun 05, 2000 1:53 pm
Location: in the mind
Contact:

A game for coders or investigators

Post by Zyx »

There's a closed-code button and a javascript function that, to make a long story short, shouldn't be on a certain page of Wikipedia. The corporation who put it there through social engineering is very powerful, specialized in researching new technologies, artificial intelligence, etc.
I voluntarily don't give more details so we can focus on my question/challenge:
what do they do exactly, down to the last option?
User avatar
Gambit37
Should eat more pies
Posts: 13714
Joined: Wed May 31, 2000 1:57 pm
Location: Location, Location
Contact:

Re: A game for coders or investigators

Post by Gambit37 »

Hmmm.... perhaps I have misunderstood. I don't see anything on that page that "shouldn't be there"?
User avatar
Jan
Mighty Pirate
Posts: 2760
Joined: Tue Sep 23, 2008 4:55 pm
Location: Scumm Bar, Czech Republic

Re: A game for coders or investigators

Post by Jan »

I'm perplexed too. :|
Finally playing and immensely enjoying the awesome Thimbleweed Park-a-reno!
User avatar
Gambit37
Should eat more pies
Posts: 13714
Joined: Wed May 31, 2000 1:57 pm
Location: Location, Location
Contact:

Re: A game for coders or investigators

Post by Gambit37 »

Zyx has a habit of being far too clever for me to understand. I suspect this is one of those incidents.
User avatar
Joramun
Mon Master
Posts: 925
Joined: Thu May 25, 2006 7:05 pm
Location: The Universe

Re: A game for coders or investigators

Post by Joramun »

There is a "Suggest pages" feature which I suspect is not a wikimedia feature,
it looks far more like a Google or whatelse (plus it has a magic wand icon).

I might be entirely wrong, since I use both an advertising blocked AND a script controller.
It is a bit like being a blind person in the Parisian metro:
I get the same service (more or less), but I don't se any of the stupid advertising and the dirty tags.

Also, I'm a bit suprised that Wikipedia is SELLING books. I'm ok with wikipedia raising money in this way,
but I hope this will not all end up in a big copyright mess (if it's not already)
because some contributor actually copied protected stuff and it ended up in a sold book.

Anyway, I'm a +1 on both your sentences, Gambit.
What Is Your Quest ?
User avatar
Zyx
DSA Master
Posts: 2592
Joined: Mon Jun 05, 2000 1:53 pm
Location: in the mind
Contact:

Re: A game for coders or investigators

Post by Zyx »

There's a "show more information" part that reveals a link. There's a button saying "Preview with...". Putting aside the commercial aspect for now, what are the javascript functions of this page doing really? Could someone inspect the code down to the last semicolon?
User avatar
Joramun
Mon Master
Posts: 925
Joined: Thu May 25, 2006 7:05 pm
Location: The Universe

Re: A game for coders or investigators

Post by Joramun »

Ok, I lost then... But this button looks innocuous to me.
What Is Your Quest ?
User avatar
Zyx
DSA Master
Posts: 2592
Joined: Mon Jun 05, 2000 1:53 pm
Location: in the mind
Contact:

Re: A game for coders or investigators

Post by Zyx »

The code seems obfuscated, it has compression/encryption algorithm (I think), it executes an external .js, it loads from skin repertories. It could be nothing, and I hope it is, but there is an aura of unusual circumstances about how this page came to be that requires some supplementary precautions.
User avatar
Gambit37
Should eat more pies
Posts: 13714
Joined: Wed May 31, 2000 1:57 pm
Location: Location, Location
Contact:

Re: A game for coders or investigators

Post by Gambit37 »

I don't see anything suspicious. The function to show/hide that PediaPress info is a simple bit of code from "collection.js" which has a copyright message stating:

Collection Extension for MediaWiki
Copyright (C) PediaPress GmbH

The rest of the code in that JS file simply seems to be for managing the entries you want to add to your book.

The page makes it clear that "PediaPress offers high-quality printed books based on wiki content and is an official partner of the Wikimedia Foundation." Following the Help link on this page shows what these books are and why you might want one (to have a printed version of WikiPedia articles). Given that no WikiPedia article should contain material copied from elsewhere, there should not be any copyright issues with WikiPedia selling hard copies of their pages.

I don't really know what you're getting at Zyx?
User avatar
Zyx
DSA Master
Posts: 2592
Joined: Mon Jun 05, 2000 1:53 pm
Location: in the mind
Contact:

Re: A game for coders or investigators

Post by Zyx »

I was worried that this call to an external js could introduce some sort of virus or spyware.
User avatar
Gambit37
Should eat more pies
Posts: 13714
Joined: Wed May 31, 2000 1:57 pm
Location: Location, Location
Contact:

Re: A game for coders or investigators

Post by Gambit37 »

I don't see anything external to the site. All links to JS and other supporting files all resolve to the wikimedia.org domain, so if there is something there that shouldn't be, it's either been placed knowingly, or they've been hacked. (BTW, yes, I know that wikiMEDIA.org is a different domain to wikiPEDIA.org, but they are both part of the same outfit, hence I don't see it as "external", ie, it's not third-party.)

Could you be more specific about your concerns? What file are you referring to? Where's the obfuscation? Perhaps I've missed something obvious?
User avatar
Zyx
DSA Master
Posts: 2592
Joined: Mon Jun 05, 2000 1:53 pm
Location: in the mind
Contact:

Re: A game for coders or investigators

Post by Zyx »

Well thank you for your time and help. It seems that there is no obvious security threat. It could be a false alarm.

I owe you some explanations. I wrote a long post to explain our reasons to be concerned but it disappeared before I could send it! So, this time I'll be brief:
Background:
For the last years, some, not all, of the actions of the Wikimedia Foundation have been "polemical": doubling the team, doubling the fundraising, imposing unpopular measures, searching for new ways of making money, rejecting volunteers' efforts and privileging for-profit partners, etc. Given the apparent priorities of the Board (let's call them "pragmatical" and "traditional"), they can easily be induced and influenced to act according to the purposes of third parties - in particular rich ones.
PediaPress belongs to BrainBot wich is the for-profit side of DFKI. Immensely powerful shareholders, extremely advanced technologies:
DFKI conducts contract research in virtually all fields of modern AI, including image and pattern recognition, knowledge management, intelligent visualization and simulation, deduction and multi-agent systems, speech- and language technology, intelligent user interfaces, business informatics and robotics.
Note that all of them are about security and understanding, which can make a wonderful world for everybody if shared, or be used for hacking, spying, knowledge control and ownership of the world if in private hands.

The current story:
PediaPress has shown incredible dedication, responsiveness, preparedness and efforts to put a foot in the wikipedia platform, all of this apparently for selling a few thousands books. Maybe that's the end of the story: monetary profit. But maybe it's about other kind of profit, like being an exclusive layer between wikipedia online and wikipedia paper, or having the control of what is published, or the power to disrupt wikipedia. It may sound paranoid but the friend who sent me those informations seems to think that the possibility is real: they are technically and morally capable of it (and their army of lawyers can make it legal for a long time). They're clever enough to build from scratch an apparently innocuous trojan (in informational processes or electronic processes, or both) under the cover of financial profit.

The underlying philosophy to our zeal of cautiousness is that when you play a chess game you should always expect the best possible move from your opponent, the most dangerous to you. And the opponent is DFKI.
Last edited by Zyx on Wed Nov 17, 2010 8:42 pm, edited 1 time in total.
User avatar
Joramun
Mon Master
Posts: 925
Joined: Thu May 25, 2006 7:05 pm
Location: The Universe

Re: A game for coders or investigators

Post by Joramun »

Wow.
If the opponent is such an entity, virtually unknown of all population, and we're playing CHESS, chances are we're going to loose in the long run.
However, I think we're playing a game of Go on an infinite Goban, with a very large number of players.
And we have several means of totally disarming a particular opponent, once and for all, if he threatens to become overpowered in the long run.

If the opponent is clever, his move will not only be dangerous, but will also be concealed, cautious, and apparently harmless.

If we're talking about people who make money out of *knowledge about knowledge*, we're against the people who reach for the most valuable good. Therefore, not only are they more intelligent than Oil industries, Agroindustries or Financial industries, but they are necessarily more long-sighted, and probably don't think in a totally selfish manner, but will try to know what could be the reactions of their opponents, and adopt a strategy which could even seem HELPFUL in the short or medium run.
What Is Your Quest ?
User avatar
Zyx
DSA Master
Posts: 2592
Joined: Mon Jun 05, 2000 1:53 pm
Location: in the mind
Contact:

Re: A game for coders or investigators

Post by Zyx »

For the sake of completeness, I forgot to put the shareholders link: http://www.dfki.de/web/ueber/gesellschafter

Joramund, you understood perfectly. Your Go analogy is insightful. Remember that this is only a speculative possibility, with currently few proofs. However, this worst-case scenario can't be discarded through well-wishing.
User avatar
Sphenx
On Master
Posts: 566
Joined: Sun Sep 09, 2001 11:23 am
Contact:

Re: A game for coders or investigators

Post by Sphenx »

Whoa, I really did not find all these things within that page; all I found was the "apple-touch-icon". Did that become a new fruity web standard?
User avatar
Chaos-Shaman
High Lord
Posts: 2642
Joined: Wed May 03, 2006 7:26 pm
Location: The Gates of Hell

Re: A game for coders or investigators

Post by Chaos-Shaman »

yes, very clever Zyx. the only way to fight back is with disinformation. in playing chess, in order to beat the computer level 10 in windows 7, you need to make precise sacrifices early in the game, the computer does not yet fully understand why, and that's the trick. beaten it i have. i wouldn't trust any of those mega companies, or govs, anything like that. they want ya as a guinea pig, and gullable as sheep, like they do to poor children who they shove a riffle in their hands and tell them not to think, YES SIR, and go and shoot other poor children who are holding sticks. heh, sir is for assholes. trust is something that implies doubt, and there is no doubt with what you are saying Zyx, i believe you.
keep your gor coin handy
Post Reply