How about limit new accounts?

For clarification, you suggested “We could limit only 2 accounts by email address, or block new account creation with email addresses of users who received blocks”. There’s a long way between “2” (which I said there “would impact lots of people negatively”) and “several thousand” (a restriction on which wouldn’t impact any legitimate users). See (waves vaguely above).

Also worth revisiting in hindsight is your other suggestion - “block new account creation with email addresses of users who received blocks”.

Not directly related to this issue but similar was my suggestion to prevent bad actors from deleting and recreating the same account name to “lose” changeset discussion and block history.


Today, a user that babysits a neighborhood or town would either need to be pretty good with 3rd party websites or spend a huge amount of time on OSM org.

What does it mean to babysit a neighborhood?

It might be a US specific term. In the US if you want to go out to a restaurant (for example) without your children, you can hire someone to watch the children. This person is referred to as the “babysitter” (sits and watches the baby [or child] to make sure they are ok). In the context of this post, it means an experienced OSM mapper watching an area of the map (neighborhood) to make sure new mappers don’t make mistakes (and hopefully gently provides feedback if mistakes are found).


Forcing users to socialize and adapt into a hierarchical structure is not good. It will further cultivate internal politics within OSM. If I was forced into such a model, I would quit editing.

Being a loner (i.e.: working alone by choice) should not be punished.


Nobody in OSM is forcing anybody in OSM to “socialize.” Nor have I ever considered something as diverse and even anarchic as “hierarchical,” as what is not inherently hierarchical cannot be made so. What OSM does is foster cooperation, collaboration and “good growth” among the people who share editing in any given area (could be very small like a neighborhood, medium-sized like a decent-sized city, or large-scale like a whole state/province or even small country). This isn’t “socialization,” it is a bit like all the medieval-era workers on a cathedral (stonemasons, carpenters, glaziers…) being aware of what “others around them” are doing so that the “integrated whole” can be as good as, or even better, the very best possible.

You can “work alone” doing this, but you are truly missing out on the best that OSM has to offer: the collaboration of other, like-minded mappers. I have met dazzlingly talented people via OSM, both “in the map” and socially / in-person at events like Mapping Parties, Mappy Hours (monthly chapter videoconferences) and at our national State Of The Map conferences (where sometimes I am asked to be a speaker). These human interactions of other people discovering what they discover (how to map, how to better map in an area we share…) are (in my opinion) “the best part” of the whole project.

OpenStreetMap is an amazing project, it is practically a worldwide movement empowering people to learn more about our environment, communities, infrastructure, architecture and more, while positively contributing with others doing the same.


In case people haven’t noticed, there’s another wave of vandalism ongoing. I’m in the process of blocking the accounts that I can identify (currently ~4500, but may increase), and a number of other people have reverted obviously problematic changesets. The block messages, like this one, are deliberately non-accusatory, even though some of the accounts have been used for vandalism already.


I have said it before and I must say it again because I feel it so strongly: thank you immensely to all who “bolster our map” against vandalism and wrong / bad edits. While we as individual contributors (if we are experienced, have community consensus behind us and absolutely know we are “doing the right thing”) CAN (occasionally) help the anti-bad-map-data / anti-vandalism trend and we CAN sometimes redact bad edits or some other helpful act, I continue to be both amazed by and am supportive of the many hands who “watch and keep clean” our (important to the world) data. I salute you (us, really) and contribute when and how I am able to do so (locally, sometimes, it can be a challenge to watch and respond, but I will and do and have when necessary).

Sometimes, this is simple “editing back to a level of sane.” Sometimes, this is a carefully-crafted redaction, regression or tool-oriented removal of data. However it is done, there are a lot of steps (technical, social, procedural…) involved and I salute the efforts and results of those of us who do this important work.

Keep your / our ears open, everybody: you might be able to help, too.

Go, OSM!

1 Like

Yup, I just noticed reverts that occurred few hours ago for Greek places with name:ru tags. It’s sad that this vandalism wave still occurs, and the discussion here still continues as it’s not easy to find and implement measures that wouldn’t affect much genuine new accounts…
Thank you again for all the actions you take all the time, when exactly you are volunteers and spend your own time to take care of the vandalism others create for their own amusement…

There is a wave of russophobia-based vandalism of deleting name:ru. I report the users when I notice one such malicious edit. It is not possible to reason with them because they are driven by hatred.


Reading this thread and the 2019 GitHub issue that Mateusz linked near the top, it seems like everyone participating in the discussion agrees that something should be done, but both threads show it’s complicated. I’m skeptical we’ll find agreement through normal community discussion. Based on what I’ve read, I’m wondering if one way the board could help us is to form a working group on this topic - specifically covering needed tools and ecosystem changes to address vandalism and accidental and consequential edits from new users, but maybe more broadly construed to also cover the suite of tools and incentives for reviewers of edits too. It could maybe also cover social aspects and potential solutions discussed here. I agree with Steve that it affects the fundamental nature of the project, so it should be deliberate and thoughtful, and I think an organized group on the issue could do that.

I’d think a group working on this should have representative from operations, website development, API development, editor developers, DWG, and various community members based upon these existing discussions. A thread like this provides potential options, but a working group could dive deep to find solutions that solve the issues mentioned here that are blocking us from dealing with the problem, make recommendations, and suggest a timeline for each of that parties involved.

If that’s just more overhead on this issue and not helpful, I don’t need to push the idea further, but it’s what I was thinking as I read through all of this. It needs a concerted long-term push that involves people from all parts of the OSM community if we hope to actually address the problem.


Can we find out what IP addresses the vandals are using?

Last time it happened, they were using VPNs :angry:

note that reverts are currently not yet complete

also, this time they also edited/removed name tags - see say overpass turbo for one specific case of slurs added by this troll

overpass turbo just counts that and finds 57k cases.

If the vandal or vandals really are Ukrainian theyʼre willing to squander international goodwill for a country in need of it. If itʼs a Russian false flag attack theyʼre happy to damage use of OSM by Russian speakers.

1 Like

they could be also troll not caring about actual conflict but happy to waste their and our time

(it changes nothing at our end anyway)


I agree this can’t continue - as OSM grows, the community grows, the data grows, more clients, both individual but also commercial companies rely on OSM, there’s so much at stake here.

Just closing the eyes and ignoring this problem isn’t going to solve it.

I also don’t know the solution - we can brainstorm of course and I’m sure with proper discussions over tons of available options to mitigate he issue we can reduce vandalism significantly - bu the fact remains something has to be done.

As OSM grows - legit honorable mappers are increasingly wasting time on fixing vandalism… I think we came to the point where we can’t ignore it any longer.


might also be completely non-Ukrainian and non-Russia - just some trolls somewhere wasting their life and hoping to waste ours with their own.

There is no russophobia with protecting his country against an invader. So please keep your ukrainophobia with you. And please do not have this kind of political comment, it has nothing to do with the topic: OSM vandalism.

PS: I’m half Russian, long live Ukraine and Russia without his bloody dictator.


Just as an update, I blocked some more accounts that had appeared overnight (up to this one). As far as I can see, no new problem accounts have appeared since then (but please email the DWG if you think that accounts that should have been blocked have not been).

Edit at 16:36 UTC: Still no new problem accounts of this form.

There’s still a lot that needs reverting (and thanks for everyone who’s done that), but I think that the priority must be to address the ability to create new vandal accounts at will (as per e.g. here). We need to fix the hole in the ship’s hull so that the bailing out can be effective.

– Andy (from the DWG)


I have some questions,is it possible to limit the number of accounts that can be created within a certain IP segment within a day or longer? Or can DWG check to see if the email address used by these users are from a particular provider? :cry:
If there are hundreds of bot accounts (such as this round) performing this type of sabotage, is it compliance to disclose such technical details?