Yes
(extra characters added to make > 10)
Oh, it’s at it again… I had the same effect from some reverts, but I had maybe 15 comments on every changset… not THIS…
yes and yes
I was asking yesterday about progress and got info that progress is happening at this moment the recommended action is to not bother person working on it (plus some ideas for even less direct action).
if you want you can ask for help: many mail clients (Gmail, Claws Mail etc) have support for mass deletion and filtering rules.
But we would need to know how you access mail.
See also rate-limit changeset comments · Issue #4196 · openstreetmap/openstreetmap-website · GitHub
1 Like
Whaaaat ? Where have you read that I was for this vandalism ? Ты дурак или что ? I strongly thank all the people fighting against the vandalism of removing name:ru ! (And I did add afew name:ru in Uzbekistan so you’re totally wrong). I was just responding when he was saying “you can’t talk with people full of hatred” meaning ukrainians. They’re not, Russians are.
I think that this vandalism just come from stupid trolls, it wouldn’t make any sense for ukrainians sympathysant to do so (whereas it would make sense from Russian one, to try to provethere is russophobia).
I mean vandalised names persists on the map for several hours here and there in last several days. This problem could not be solved with reverts. It is necessary to log IP on registration and temporary ban this IP if account do any harm - this is a simplest thing we could do for a moment until some account restrictions will be invented.
For example, this changeset is not reverted yet Changeset: 140348052 | OpenStreetMap .
By the way, is it safe to modify geometry of vandalised objects? Does it complicates revert process?
For some obvious and smaller changes we “only” need someone to implement change to GitHub - openstreetmap/openstreetmap-website: The Rails application that powers OpenStreetMap
So either one of current contributors will write patch (it is happening already from info I got). This does not require working group or board approval.
If you are familiar with Ruby on Rails: see Please help with pull requests! · Issue #3815 · openstreetmap/openstreetmap-website · GitHub - help would be highly welcome
For some large scale changes more would be needed. For example OSMF could hire someone to implement this like this (or help with review of open pull requests or do similar tasks), but right now are funds are too limited for this (one of reasons for fundraising).
3 Likes
this was checked as a solution, attacker is using VPN
Have you tried clearing browser cache?
From trying myself a revert requires reversal of edited nodes/ways vandalised top down from the edit stack
I am downloading this area with JOSM.
I think it would be ok if some VPN and proxy services IPs would be banned. Most of users would not suffer from this.
Would it be useful to block IP ranges used by vandals?
Editing vandalised objects complicates revert process and is highly not recommended.
mostly reverted, I am now looking through some trickier objects
Then, if you are not reverting it, it is helpful to report all such encountered objects (unless reverts are already happening right now).
https://revert.monicz.dev/ works quite nicely (though some vandals use tricks to make reverts more annoying).
And report any such unblocked accounts to DWG for blocking.
I see that Changesets by NorthCrab | OpenStreetMap is running reverts again.
Doing it in way that blocks more vandals than real users is ranging between tricky and impossible.
1 Like
All this efforts are ineffective - they will win.
IPs they could use for registration accounts are vpn-services, proxy-services, bot-nets and tor. This amount is limited, it is ok to ban them. If registration IP is logged already, this should be the simpliest solution.
I think registration of new users should be deactivated temporarily until some other mechanisms are in place that prevent automated account generation.
We have no idea how big the damage is. There could be much more than just the name and name:ru vandalism. Currently, the vandalism we see is executed pretty obvious and “stupid”. But this could change in the future.
1 Like
in Moscow, unfortunately, we have thousands and thousands of damaged objects now, and it’s not cash, I checked this:
I’m just thinking, maybe we should just limit changes and comments for anyone and then create a list of “autorised” bots, that can make changes beyond limits? It’s hard to believe that any human can write 100 comments per minute or change 3000 POIs at once - human changes would be smaller.
Imports and mass-changes should be discussed anyway (and unfortunately, a lot of time they are not) so it would make sense that only some accounts can do that.
They just have to use more accounts. Now they can create unlimited amount of accounts.
if by win you mean “waste plenty of out time” then yes
rate-limit changeset comments · Issue #4196 · openstreetmap/openstreetmap-website · GitHub Limit number of edits per user and day · Issue #2342 · openstreetmap/openstreetmap-website · GitHub (linked before)
Yes, right now damage exists, see say Relation: Центральное благочиние (7688147) | OpenStreetMap (though in general linking specific objects or lacations is better - people not speaking Russian will not be able to say at glance which objects are vandalised or find affected location).
Well, five days have passed, but it seems no fast-working methods have been invented.
There are several questions and suggestions:
-
The vandal is still registering new accounts. How? What kind of emails are used for this? If we don’t like simple captchas, maybe try Proof-of-Work captchas? GitHub - FriendlyCaptcha/friendly-challenge: The widget and docs for the proof of work challenge used in Friendly Captcha. Protect your websites and online services from spam and abuse with Friendly Captcha, a privacy-first anti-bot solution.
-
There are more forum moderators than the DWG team. Do we want to top up the DWG?
-
There are concerns that the limit on the size of edits will affect newcomers. I see only two types of newcomers: ID and StreetComplete.
StreetComplete must survive the limitations: it can upload edits in case of errors. And you will not solve more than a thousand quests in it in a day.
A beginner drawing huge forests in iD? 
As far as I know, the iD warns the user pretty early that you need to upload his edits. In which case, you can offer him to download .xml with changes and ask him to download someone from the agency.
- What if we block edits from users if the changed
name:*=is more than 100 and the user is registered after August? It seems the implementation of this will take less man-hours than DWG and users spend on blocks and reverts.
Less important:
-
About large imports. Since any import should be discussed, the system in which the account requires confirmation (for example, from DWG) will only make it better.
-
About the source of trust in the account. We have OSMF membership for mapping. It seems that this can be used to trust the account.
-
Reputational damage to OSM (and the joy of vandalism), it turns out when changes reach sites using our tiles. We can say that this is the price of free. But this is an advertisement for us!
I don’t see any simple solutions with tiles, except disabling the rendering of any names and stopping rendering on the stable version of the database. But it seems there have been no discussions about this yet.
5 Likes