For information, we’re still seeing waves of undiscussed mechanical edit (removing name:ru from all sorts of objects in Ukraine). The previously mentioned OSM history link shows the problem - in this case 3 deleted accounts have removed @Barroszt’s obsolete name:ru and (along with many other edits) were reverted by DWG accounts including mine**.
The rate limiting that @Mateusz_Konieczny wrote about here is still working, but it is still possible for a “new” user to sign up mechanically, make a very large number problem edits and then, because this issue remains unaddressed, delete their account.
** We (the DWG) will need to go through @Barroszt’s edits to try and unpick the mess to make sure that edits like this one are reapplied.
Following https://www.openstreetmap.org/user_blocks/15187 that user has been in contact with the DWG about removing their block - I’ve emailed them to clarify the sorts of edits they’ll want to make if we do so.
If you look carefully, in the example that I showed everything was done very well and the names were transferred to old_name:*. Sometimes happens that users, especially beginners, do not do this due to lack of experience. We are periodically reminded that this is important, sometimes I put old names myself after such edits
Some of that user’s edits had already been reverted, but I’ve started off a “complex revert” of that user in https://www.openstreetmap.org/changeset/142963083 which should mop up the stragglers. There may be edge cases that need manual intervention, and given the state of the war there may be “new accounts” responsible for more vandalism later, so once these reverts are complete it would be worth people looking at what may be still wrong.
Edit: Just looking at the node data just now, and there is still quite a bit to untangle.
I agree, but let’s have a separate thread about it. It’s not the most acute problem that doesn’t corrupt data.
Plus we have several applications that actively use it and we need to warn their developers.
Let’s get back to limiting the size of edits for new users.
We see again edits of 10000 objects already in Israel. Let’s limit the size of edits for new accounts to 1000-2000 changes. That way we’ll make DWG work a little easier.
At the DWG level, I would suggest the idea of trap objects. If some newcomer made a large (in area and/or size) changeset and affected some important established object, then automatically block it for a couple of hours. In the case of name:ru tag vandalism, this should work well.
That’s part of the problem, true, but the sheer volume of edits by new users (which was your first point) means that quite a lot of damage can be done before something is detected. Also, some edits are “indiscriminate” - watching objects does not help there. For example, the most recent vandalism of e.g. this object was spotted “by accident” (well I was half expecting problems in that area, saw it, and blocked and reverted the user (mostly**) cleanly).
How can non-DWG users help with this process? It seems like partial reverts have really complicated the process. Should we be trying to spread the word not to do these reverts at all when the DWG is already involved?
While reverts are in progress, do not edit affected names
To redraw the map in the browser after rollbacks, reload the page without cache: Ctrl+F5 or Cmd+Shift+R.
If you notice new cases: go to user profile → Report this User
Also at the link you can also see that we reported the current status of reverts and explained how it works, why vandalism may not disappear from the map for a long time.
HDYC and OSMCha (if I remember correctly because Overpass was unavailable) became victims of such diffs in the past times. Live-update users in OsmAnd also faced huge updates.
Also, edits with 10k modified objects are very difficult to view quickly and without lags in the change viewer. OSMCha, Achavi, JOSM.
And imagine vandalising not just one person, but several hundred organised on some 4chan or on a video blogger’s stream
By the way, code is already deployed for testing here: https://tomh.apis.dev.openstreetmap.org/
You need to sign up there (your main osm.org account won’t work there), and then try uploading some, or even lots of data.
you can test whether reasonable edits are going through and mass scale vandalism is limited (and error handling in editors and API and so on)
We’'ll have a look. Blocked for now, we’ll amend that message with more detail once more detail is know.
At first glance it looks like a case of password-stuffing; and if so it wouldn’t be the first example in OSM. The general advice to avoid this sort of thing is for people to ensure that they don’t share passwords between accounts for different things on the internet (so that if passwords for site A get published, they aren’t useful for site B).