Wikipedia talk:WikiProject Computer Security/Archive 4

Article alerts
The Computer Security article alerts have been running for the past couple weeks. They provide a useful tool for staying on top of what's happening in the project. You can add WikiProject Computer Security/Article alerts to your watchlist and you'll get an entry every day.

I modified the alert subscription so it shows. Before it included those tagged using WikiProject Computer Security but omitted those tagged with WikiProject Computing.

That category should be populated shortly. It seems to be stuck in some kind of backlog. --Pnm (talk) 03:08, 12 January 2011 (UTC)

aXXo GA reassessment
One of the articles under this project, aXXo, is having its good article status reassessed, and may be delisted. Feel free to comment on the review at Talk:AXXo/GA2.  Swarm  X 21:00, 22 February 2011 (UTC)

Billion laughs
A portion of the article Billion laughs—the second paragraph in the 'Summary' section–closely paraphrases (basically copies from) the source that is cited in the article. It is unclear to me, however, whether IBM developerWorks is a non-free source and, thus, whether the section needs to be rewritten. Furthermore, I do not think that I could effectively rewrite even if I tried to, as I lack the technical knowledge to fully understand the topic.

Would someone please have a look at the article and, if necessary, rewrite the paraphrased portion? Thank you, -- Black Falcon (talk) 20:16, 4 March 2011 (UTC)
 * I see no claim of notability. Speedy Del under A7. — Preceding unsigned comment added by Sephiroth storm (talk • contribs) 23:48, 4 March 2011 (UTC)
 * Thank you for your quick response. I am generally hesitant about applying A7 to articles with references, but the premise underlying your deletion proposal seems, to me, to be solid. It may be worth noting that there are some other sources which touch on the topic (e.g., here and here), though I can't discern whether they are reliable. Thanks again, -- Black Falcon (talk) 00:17, 5 March 2011 (UTC)
 * Update: the speedy deletion was contested by another editor. -- Black Falcon (talk) 18:08, 8 March 2011 (UTC)

Citation templates now support more identifiers
Recent changes were made to citations templates (such as citation, cite journal, cite web...). In addition to what was previously supported (bibcode, doi, jstor, isbn, ...), templates now support arXiv, ASIN, JFM, LCCN, MR, OL, OSTI, RFC, SSRN and Zbl. Before, you needed to place id (or worse http://arxiv.org/abs/0123.4567), now you can simply use 0123.4567, likewise for id and http://www.jstor.org/stable/0123456789 → 0123456789.

The full list of supported identifiers is given here (with dummy values):



Obviously not all citations needs all parameters, but this streamlines the most popular ones and gives both better metadata and better appearances when printed. Headbomb {talk / contribs / physics / books} 02:38, 8 March 2011 (UTC)

Hacker Toolkits?
Do we have any articles related to exploit toolkits? Like "Black Hole" Anyone want to make one? Sephiroth storm (talk) 01:59, 27 April 2011 (UTC)

ArcSight SmartConnector/FlexConnector Product Review
After working with this product for OS and Application auditing for several years I would like to hear some open discussion of technical issues, limitations and reliability. Mepowers00 (talk) 11:49, 8 May 2011 (UTC)

English Martyrs virus
I have left a comment on the "List of computer viruses (E-K)" concerning the "English Martyrs virus". Seems to be redirecting back to the list and not the article itself if the link has an article. Could someone have a look at this? Adamdaley (talk) 12:57, 15 June 2011 (UTC)
 * The name is redirected there because English Martyrs does not have its own article. Doesnt appear very notable. In fact google has no reports on it... Sephiroth storm (talk) 13:31, 6 October 2011 (UTC)

What is "cyberethics"?
The lead to cyberethics didn't define the subject, so I rewrote it. It's better than it was, but it still seems a bit off. Something's lacking. Please take a look. The Transhumanist 06:50, 15 July 2011 (UTC)


 * I converted the list of questions into a bulleted list so it's a bit easier to follow. I also deleted the suggestion to merge it with Information Ethics. I hope that's ok. Icesword2 (talk) 03:57, 21 February 2013 (UTC)

CESG Listed Advisor Scheme page
This page needs to be 'moved' or simply renamed = it should be "CESG Listed Adviser Scheme" (adviser, not advisor).

Peter Bance (talk) 07:56, 8 August 2011 (UTC)

Move discussion re "Firewall"
Readers here may be interested in contributing to a discussion at Talk:Firewall (computing). Cheers. -GTBacchus(talk) 16:13, 24 September 2011 (UTC)

WikiProject restructuring
Compared to some other WikiProjects, the WikiProjects related to computing in a broad sense have been split into a large number of small projects:

I believe this fragmentation of the community is not productive. In essence a WikiProject is just a shared talk page where people with similar interests can meet each other. This project is fairly small and inactive. Would anyone object to it being merged (as a task force) into WikiProject Computing? —Ruud 10:34, 22 September 2011 (UTC)
 * At the moment I'm inclined to leave this one alone because the topic has a strong cultural focus. I've done some editing in this area, and I can see some advantage in bridging the cultural perspectives with more rigor, but think this is a topic where the "feel" might be important. Neutral for now. --Pnm (talk) 20:28, 7 November 2011 (UTC)
 * Although I'm not opposed to the idea itself, I don't see how this is going to be anything but a bureaucratic thing. How will merging with Computing bring new vigor, new energy to this Wikiproject? Isn't that just hiding the statistics in a larger pile of numbers? I think it'll actually get *worse*: if we're just a taskforce, I'd say less people will join to help out. So, for now: Oppose because (to me) the rationale makes no sense. --DanielPharos (talk) 21:23, 7 November 2011 (UTC)
 * I actually avoided the term "task force" in a previous merge proposal for the reason you give here: it seems like an arbitrary bureaucratic term. More concretely, I would like to see the following things happen:
 * This talk page becomes a redirect to Wikipedia talk:WikiProject Computing. Less talk pages to keep track of will hopefully result in more active participants in discussions.
 * WikiProject Computer Security gets properly merged with WikiProject Computing. Computer security articles will show up on the related changes list of WikiProject Computing, but there will sill be a separate recent changes lists covering only the computer security related articles.
 * Some additional reasoning can be found at Wikipedia talk:WikiProject Computing. —Ruud 21:59, 7 November 2011 (UTC)
 * So the proposal is basically to get rid of the Talk-page (redirecting all discussions to Computing)? Which leaves this wikiproject useless (just a lousy page gathering statistics), so I can already forsee the merge to Computing being suggested sometime afterwards. Which leaves my original comment fully intact, and in fact strengthens it. A wikiproject like this is *defined* by its talk-page. So: strong oppose. Again, not against the idea for a merger, but because this proposal clearly hasn't been thought fully through (yet). This appears to be just a sneaky way of getting rid of this wikiproject entirely! --DanielPharos (talk) 23:10, 7 November 2011 (UTC)
 * Yes, this proposal is primarily intended to reduce the number of talk pages of computing-related WikiProjects (I absolutely do not want to be "sneaky" about this). There are a number of good reasons to do so:
 * The multitude of different talk pages belonging to different, but related, WikiProjects can be confusing and intimidating to new contributors.
 * Long time editors have an upper bound on the WikiProjects they can keep track off and actively participate in (perhaps as low as two or three?)
 * I strongly believe the mantra "less is more" applies here: fewer talk pages result in a higher overall activity, especially if the WikiProjects are partially overlapping and effectively competing for the attention of editors. This approach has worked effectively in the past for WikiProjects such as WP:MILHIST. Think about it this way: a message posted at this talk page can be seen by at most 30 editors, a message posted to the talk page of WikiProject Computing by over 200. On which talk page do you think a relatively new or even experienced contributor would most likely be better served?
 * That said, I do want to preserve or even improve and promote any other infrastructure these smaller have in place (article assessments, related changes, etc.) as these are essential tools for some editors. I hope to have convinced you that I did in fact gave this matter a great deal of though over the past few years. —Ruud 00:06, 8 November 2011 (UTC)
 * I can indeed see now you've giving this a lot of thought, but I cannot see how this can result in anything else than the complete destruction of this wikiproject. A wikiproject is a clearly defined thing, as is a task force. Removing the talk-page sends us into limbo, and makes the wikiproject useless (as a gathering place; it's defining characteristic). A few months later, somebody will suggest an outright delete, and at that point, it makes sense to do so. You'll have to convince me your proposal doesn't end up with the deletion of this wikiproject, because that I do oppose. --DanielPharos (talk) 09:56, 8 November 2011 (UTC)
 * If merged then the nature of this project would already radically change. Afterwards any further deletion would imply removing the remaining part of this project, which would mainly consist of the article assessment infrastructure (please let me know if I've overlooked any other aspects that define this project in my analysis). WikiProject Computing already has a task force with separate article assessments and I can't think of a good reason why anyone would like to remove those.
 * I completely agree that the defining characteristic of a WikiProject is its gathering place, the talk page. The really important question here is whether current community that has gathered around this project is large and vibrant enough to be able to be of assistance to editors writing in the area of computer security, or whether they are better served by a somewhat more diverse and larger community. My analysis of some of the statistics related to this project and a look through the talk page archives lead me to believe the latter, but in the end people who have actively participated in this project are a better judge of the situation. —Ruud 10:56, 8 November 2011 (UTC)
 * Well, if you can show me that analysis of the stats, and why you think this wikiproject would be improved by what you're suggesting, AND if you can prove to me we will be better of without our own Talk-page, then I'm all for it. But right now, I haven't seen any convincing evidence. --DanielPharos (talk) 12:35, 8 November 2011 (UTC)
 * This isn't an exact science, so I'm certainly not going to claim to be able to prove anything. The evidence is is given by activity statistics - such as the numbers in the table above or the "Top 50 Editors" table here, which indicate this project only has two active editors (one of which is semi-retired) - and past experiences. —Ruud 13:06, 8 November 2011 (UTC)
 * Then I'm simply not convinced this is the right thing to do, and I'm not willing to sacrifice this wikiproject on that basis, sorry. --DanielPharos (talk) 15:15, 8 November 2011 (UTC)

Historical note: This project seems to have originated from WikiProject Computing/Computer and Information Security task force. —Ruud 18:29, 8 November 2011 (UTC)
 * It's a merger of that and WikiProject Malware --DanielPharos (talk) 18:45, 8 November 2011 (UTC)
 * Any idea why it happened? Not the merge, which makes sense, but the change from task force to a separate wikiproject. --Pnm (talk) 18:54, 8 November 2011 (UTC)
 * I was in the Malware wikiproject at the time, so from my point of view, there was no change from task force to wikiproject. It was noted that there was a significant overlap between the two, and neither had a large active set of members, so it was decided to split the task force (pure information things went one way, computer security thing went towards Malware) and Malware was re-branded to Computer Security, to increase the span to something more useful. (The Malware=yes tag on the Computing template for instance gives you a "Computer Security" instead.) --DanielPharos (talk) 19:27, 8 November 2011 (UTC)
 * Got it. A task force was merging with a wikiproject, and the result was a new wikiproject. So what we're considering now isn't so much the reverse move as a retargeting of that original merge. --Pnm (talk) 23:19, 8 November 2011 (UTC)


 * Neutral Since some people have taken a liking to deleting inactive Wikiprojects, I think morphing smaller Wikiprojects into task forces and placing them under umbrella wikiprojects makes more sense... at least as long as we have people who think that processes can be improved by destruction of idle wikiprojects, at any rate. Jclemens (talk) 02:33, 9 November 2011 (UTC)
 * Strong support per Ruud. "Less is more" summarises the arguments pretty well. By my own experience, smaller WikiProjects are so inactive that it makes no sense to use their talk page for questions or centralized discussions. So what's the point for keeping a separate WikiProject then? Restructuring the WikiProject as a task force under an umbrella of a more active one is a sensible solution, since the issues in the talk page get more exposure, but the editor tools such as assessments and such are left intact. 1exec1 (talk) 18:02, 3 December 2011 (UTC)

Blackhole Exploit Kit
Someone needs to write an article about the Blackhole Exploit Kit. I am too busy to write a stub at this moment because I am studying to renew my CCNA, but I think that malware that has delivered over one third of all web threats as described in this page in Sophos' Security Threat Report 2012 and hacked many popular web sites like MySQL.com, USPS.com, and Cryptome.org should be notable enough for an article. Jesse Viviano (talk) 03:36, 14 February 2012 (UTC)

Koobface worm
After my friend joined a site called Badoos (a dating social network site) all the addresses stored in his computer started receiving emails which he did not generate or even know were sent. These when opened (can do this with special software police have to keep computer safe) have a link saying you have a message from a friend or click here to see photo. It gives the impression that you have received a photo from a friend. The link takes you to an online store. The one we checked led to a store that sells sex aids. Not surprising given the website is a less than reputable one. Initially I thought I'd received an email and opened it. This caused my computer to send similar messages to all in my mailbox. Also I now receive 100s of spam messages as does my friend whose computer infected mine. Having done a check on Badoos, I strongly recommend you stay well away from this dating site. A lot of the people listed on it were definitely fake identities. I feel sorry for the genuine people on it who think they've met a real person. The other issue I have with this is that this site is used by men to stalk women and many have found themselves subjected to indecent assaults and rape. Also there are instances of women meeting men off the website, inviting them over (to obtain evidence such as fingerprints/DNA) then later claiming they were raped/assaulted and taking legal action. Then making a claim for criminal injury compensation, which the government will chase the alleged offender for later. My friend now curses the day he joined it. His computer is bombarded with rubbish which uses up all of his download at a very rapid rate and is costing him time and money as his download speed is significantly slowed down making doing business very tedious indeed on the computer. Information suggests that this website either allows access to members personal information or sells the email addresses to anyone wanting to send out buik emails for advertising or to scammers. It doesn't appear they discriminate. Whilst there are genuine dating sites whom I would hope keep your personal information safe, Badoos is not one that does. I do not recommend being a part of it. I found it very easy to create an account with a complete fake id. I was also able to easily obtain others personal information. I'm not a tech computer person and if it was easy for me, just think how easy it is for the criminally minded who specialise in computer crime, ID theft, credit card fraud. Be cautious... very cautious and stay safe. — Preceding unsigned comment added by 61.245.132.22 (talk) 07:56, 16 February 2012 (UTC)

Websense
There has been some problematic editing over at Websense; extra eyes would be appreciated. bobrayner (talk) 10:41, 16 February 2012 (UTC)
 * I revised the lead paragraph per this request, then only afterwards thought to check the talk page for it. Apparently there have been a few edits since this post, so I probably overstepped the bounds a bit. Icesword2 (talk) 04:16, 21 February 2013 (UTC)

Computer security help requested
Hi, an editor has recently made a lot of edits to various computer security articles, promoting 3 articles on browser security, internet security and network security. I've patrolled a number of their edits (Special:Contributions/Mistress_Selina_Kyle) and while some seem relevant, I've also reverted some of them that seemed more tangential. I would welcome others to take a look and opine. There is also a bit of an edit war going on in the browser security article, which could use some additional advice and opinions from neutral parties.

Secondly, in looking at all of these edits, it seems that one article that might be missing is an article on mobile phone security. Did such an article ever exist, and if not, do you think it would be a good idea to create one? It seems that there might be utility in capturing all of the issues specific to mobile phones and security, especially as more and more people have smartphones. Karl.brown (talk) 20:00, 24 March 2012 (UTC)
 * That's the point, there isn't anything, something's better than nothing, and mobile phone browsers are as susceptible to being hijacked as any other.
 * If you think there should be an article for the wider network and application security about phones WP:SOFIXIT don't go around edit-stalking and reverting people trying to make constructive edits...
 * You complain about my edits, yet at the same time you seem to be acknowledging at least that I noticed what you (and apparently no one else) didn't seem to notice, that there's a gaping hole in coverage... -- Mistress Selina Kyle  ( Α⇔Ω ¦ ⇒✉ )  20:47, 24 March 2012 (UTC)
 * Thanks for your comments. Let's please try to keep this discussion civil and not personal. I did not agree with some of your edits, so I reverted them. I do see that you were trying to be constructive, but I felt that in balance some of the edits did not add to the wikipedia. For example, many of the template changes - if adding browser security to the Android template is useful, why not add links to HTML and SMTP, or 'computer virus' or any other thing which might show up or be used on an android phone? I guess my general philosophy is a bit more minimalist; I prefer articles and templates with fewer spurious links, and more stuff which is on-target, and I guess I disagree with what you said above 'something's better than nothing' - I'd rather not have links to articles which aren't only tangentially relevant to the particular topic at hand...
 * You are also right that through your edits I came to realize that there is a gap in mobile security. However, please note I am not a member of this computer security group, and I'm not an expert in security either for that matter (I do have a background in CS). The reason I didn't just go create a new article is I wanted to hear from the other editors; perhaps this has been discussed, perhaps there is a longer-term plan, etc. There isn't a rush, lets have a discussion about how to improve coverage in this area. My gut is, a new article would be the best fix, that could capture the specifics of mobile security (and then link out to the more generic pages) - that way relevant mobile pages could link to such a page. But, other editors may prefer to bolster coverage of mobile security through individual operating system or browser articles, and have mobile-specific sections of the internet or computer security articles.--Karl.brown (talk) 22:20, 24 March 2012 (UTC)
 * I just came across this: Mobile security. The article does exist - but it's not very good and it's a bit of an orphan. I think we could debate the name - mobile phone security might be a better name, but I don't have a strong opinion, and google seems to suggest that Mobile security is more common. So I think the next step is to improve the Mobile security article, then bring it into the fold in terms of links. I will start this, but probably not this week or next... The french version of this article: is actually excellent, so I may just steal that content and translate it. --Karl.brown (talk) 12:01, 26 March 2012 (UTC)
 * Well it seems you two were able to deal with that issue. I will take a look at browser security, see if i can help. Sephiroth storm (talk) 14:41, 27 March 2012 (UTC)

Mobile security
I have completed a translation of the Mobile security article from french. I would welcome any assistance from other editors in continuing to clean up the article, and producing translated graphics (I don't know how to produce wiki-pedia ready graphics). --KarlB (talk) 18:59, 21 April 2012 (UTC)

Flame (malware)
Flame (malware) may be headed to the main page in the next 24-48 hours via WP:ITN/C; expert input on the article would be appreciated. Cheers, Khazar2 (talk) 01:32, 29 May 2012 (UTC)

List of computer viruses overhaul
Hi,

I have began updating and verifying this list and the lists associated with it in the hope of improving its clarity and reducing the amount of fake/incorrect viruses that are present.

Over the next few months I hope to remove all redlinks that do not provide any further informaion, and replace them with links to verified virus articles.

I believe that a shorter list of viruses that can be verified is more useful than a long list of virus redlinks that can not be confirmed. This may also help counter vandalism/errors as I have seen instances of viruses that appear to be fake, or whose existence cannot be verified. A list of all the redlinks deleted will be kept and once their existence has been confirmed, they can then be added back to the article.

I have also requested to merge the List of computer viruses (all) with the List of computer viruses article as I believe they are very similar and should not be separate articles. The discussion on this matter can be found here Talk:List of computer viruses.

Thanks for reading this message. If you have any suggestions please let me know, they are greatly appreciated.

Sirkus (talk) 19:57, 9 August 2012 (UTC)


 * Redlinks removed for List of computer viruses (A-D), List of computer viruses (A-D), List of computer viruses (E-K), List of computer viruses (L-R), List of computer viruses (S-Z).
 * Await outcome of discussion regarding merger.
 * Sirkus (talk) 14:20, 12 August 2012 (UTC)

Further Merger proposal

 * I am further proposing that List of computer viruses (Numeric), List of computer viruses (A-D), List of computer viruses (E-K), List of computer viruses (L-R) and List of computer viruses (S-Z) all be merged into one article List of computer viruses.
 * After the removal of the above redlinks, the remaining lists are quite short and I do not believe warrant their own pages. For the sake of clarity and organisation, I believe these lists are best combined into one list.
 * The discussion on this matter can be found here. A mockup of the proposed page can be found here.
 * Any feedback is greatly appreciated.
 * Many thanks.
 * Sirkus (talk) 06:25, 14 August 2012 (UTC)

Mass assignment vulnerability
I created this article as a stub since it has been the news semi-recently with the GitHub compromise, but is also an ongoing issue with various frameworks and with languages other than Ruby. I put in a lot of references but lack the time to do anything further. --AlastairIrvine (talk) 04:03, 10 August 2012 (UTC)

Analogies between computer security and security in nature and society
I am interested in considering the analogies between computer security, or more specifically computer malware through the Internet, and other areas of our experience, such as  * predator-prey interactions, * diseases, * parasites; and social interactions as well, such as  * criminal behavior in general, * interactions between governments, * between governemtns and their citizens, * police forces, * economic competition, * corporate battles, etc.

Are there already people in this group that are addressing these issues? Are there already articles devoted to one or more of these issues? Does anyone have any interest in interacting on this?

Thanks! -- MarkGoldfain (talk) 14:52, 3 April 2012 (UTC)

I created this section by moving the content of Wikipedia:WikiProject Computer Security/Peer Review to this page. I am the author of the section header and of this paragraph only. --Maarten 1963 (talk) 18:24, 20 August 2012 (UTC)

Renovation of the project's page
Dear fellow editors,

This section deals with the sweeping renovation of the project's page that took place on 29 August 2012. The renovation was reverted on 3 September 2012. The purpose of this section is to reach consensus about a new version of the project's page.

History
I renovated Wikipedia:WikiProject Computer Security on 29 August 2012. The renovation has the following edit summary.


 * Sweeping renovation of the page. This renovation solves the faulty display of a panel, cleans up the member list, removes all bombastic graphics and page inflations, and ends both fragmentation in subpages and acceptance of irresponsibility.

The renovation can be studied in detail by clicking the history tab of the page and then clicking on the aforementioned date.

Another editor, with name DanielPharos, reacted to the renovation by adding the following message to my Talk page.
 * Hi Maarten 1963. I probably forgot to 'watch' the right page; can you point me to the discussion where consensus was achieved for the recent changes you made to the WikiProject Computer Security‎ page? (Or point me to the wiki-ruling that wikiproject pages should be 'stripped' of all fancy stuff.) Thanks. --DanielPharos (talk) 22:57, 29 August 2012 (UTC)

I answered the message with the following messages.


 * Dear DanielPharos,
 * I herewith acknowledge that I have read your addition to my Talk page of 29 August 2012.
 * I plan to answer your writing with respect to content as soon as possible.
 * Yours sincerely,
 * Maarten 1963 (talk) 19:12, 31 August 2012 (UTC).


 * Dear DanielPharos,
 * In your message of 29 August 2012, you ask me two questions:
 * Can you refer me to the discussion where consensus was achieved for the recent changes that you made to the Wikipedia:WikiProject Computer Security‎ page?
 * Can you refer me to the rule of the Wikipedia that states that the pages of a WikiProject should be stripped of all fancy stuff?
 * I cannot refer you to a discussion that lead to consensus about my renovation of the WikiProject Computer Security‎ page on 29 August 2012. However, I did not need to have found any consensus among editors to have the right to edit the page. Wikipedia encourages editors to be bold, and also briefly discusses the possibility of being very bold. Wikipedia states that pages should reflect consensus among editors, but does not state that consensus should be attained before edits can be made. Instead, it presents a model of how consensus can be obtained when an edit is not agreed to by other editors. Furthermore, Wikipedia states that nobody owns a page. This means that nobody can dictate the contents of a page in relation to other editors. Consequently, objecting to an edit on the sole ground that the edit is not based on consensus is not acceptable.
 * I cannot refer you to the rule of the Wikipedia that states that the pages of a WikiProject should be stripped of all fancy stuff. As far as I know, the rule does not exist. However, editors are not required to retain any fancy stuff on the pages of a WikiProject.
 * I can refer you to Be bold, Editing policy, Consensus, BOLD, revert, discuss cycle, and Ownership of articles.
 * Yours sincerely,
 * Maarten 1963 (talk) 15:10, 3 September 2012 (UTC).

Editor DanielPharos then reverted the renovation on 3 September 2012. The editor provided the following edit summary.


 * Reverted because the edit destroys a lot of useful functionality.

The editor also added the following message to my Talk page one minute later.


 * I have decided to revert your changes, because they remove useful functionality without any good reason to. --DanielPharos (talk) 19:48, 3 September 2012 (UTC)

Another editor, with name Ruud, added the following message to my Talk page thereafter.


 * Also, the "It is very honourable to be a member of this WikiProject, but that honour comes with responsibilities.[1] Becoming a member is not open to anyone, and remaining a member is not granted." language is highly inappropriate. Membership of WikiProjects is informal, always open to every editor and does not come with any obligations. —Ruud 20:50, 3 September 2012 (UTC)

As far as I know, the above history completely describes the renovation and what happened thereafter in relation to it.

Analysis
Editor DanielPharos did not indicate what functionalities were removed that he thinks are useful. He also did not explain why he thinks that they are useful. He also did not indicate what page elements are related to the functionalities concerned.

Editor DanielPharos states in his second message that functionalities were removed without any good reason. However, my edit summary stated that the renovation removed all bombastic graphics and page inflations. This means that the editor was inconsiderate of my edit summary or that he did not consider page inflations a good reason for their removal.

A text must have sufficient information, regarding both the purpose and the intended readers of the text. However, writers must always bear in mind that readers have more to do than reading the text. Part of writing well is writing concise, vigorously removing all "dross".

I conclude that if parts of a text can be considered as page inflations, then this does represent a good reason for their removal.

Editor Ruud criticises two successive sentences of the renovation. He states that membership of a WikiProject is informal. It is not clear what informal membership means. The statement is true as long as membership of all WikiProjects is informal. When one WikiProject chooses to have formal membership, then it is not true any more. However, this would not prove that formal membership is inappropriate.

He also states that membership is always open to every editor, and that membership does not come with any obligations. These statements are clear. However, the reasoning is the same as with the first statement: the situation is this, and therefore any change is very inappropriate.

The criticisms of editor Ruud are not referenced and I could not find any direct support for them on the pages of the WikiProject Council. I conclude that they are sophisms.

Actions
I ask editor DanielPharos to fully answer the following questions within 3 weeks.
 * 1) What functionalities were removed by the renovation that he thinks are useful?
 * 2) For each functionality concerned, why does he think that it is useful?
 * 3) For each functionality concerned, what are the related page elements?

I will also notify editor DanielPharos and editor Ruud of this writing.

Afterword
Editor DanielPharos stated on this Talk page on 7 November 2011, at 23.10, that the WikiProject Computer Security would be useless without its Talk page; that removing the Talk page would make the project just a lousy page that gathers statistics. Comparison shows that the project's page was then essentially the same as before my renovation. It is therefore remarkable that he claimed that my renovation removed a lot of useful functionality.

Analysis
Editor DanielPharos has not complied with my request to fully answer some legitimate questions that I asked him. He has been given a reasonable time to answer them. However, that time is over now.

Editor DanielPharos has indicated that he is mainly concerned about the removal of the article watch panel. However, he has failed to answer why he thinks that that panel is useful. This means that his objection to the removal of that panel is factually groundless.

His other remarks do not relate to the contents of my renovation, and are therefore not relevant.

I declare that the concerns of editor DanielPharos have been given due attention and that it is not reasonable to pay attention to them any further. I declare that they are all groundless.

Editor Ruud stated that if I want to change the membership requirements of the WikiProject Computer Security, then I must show that this has the support of the community. This is basically not true. The membership requirements of the WikiProject Computer Security are what the project's page states about them. Therefore, to change the membership requirements, I only need to change the project's page in that respect. When I want to do that, then I may assume that this reflects consensus without consulting any other editor in advance. It is only when another editor makes an edit that affects my change that consensus about my version can no longer be assumed.

Editor Ruud stated that he strongly opposes the change in the membership requirements that I implemented in my renovation. That is all right.

Editor Ruud argued that my membership requirements are against the spirit of Wikipedia's open and volunteer community. It is true that in my renovation membership is not open to anyone. However, the members are still volunteers.

Wikipedia's community is indeed an open community. However, that community has different categories of members, and one cannot move from the one category to the other freely. This means that the Wikipedia does not have a perfect spirit of openness regarding its community memberships.

Editor Ruud argued that we need more members participating in WikiProjects, and that my membership requirements would cause the WikiProject to have less members.

I do not accept the statement that the Wikipedia would benefit if more of its editors would join WikiProjects. To accept it, I require hard evidence that shows that articles rise quicker on Wikipedia's quality scale when the relative participation in WikiProjects is higher.

I am sure that my membership requirements would cause the WikiProject to have less members. However, my renovation is not about more members, it is about a greater number of active members that take responsibility.

Editor Ruud stated that my pompous language did not convince him that he does not strongly oppose my change of the membership requirements. He meant that my pompous language did not convince him that he should support my change of the membership requirements. That is all right.

Theorem 1
Assume that we have my renovation of the project's page. Then its membership requirements are appropriate.

Proof
The membership requirements of my renovation are:
 * New members must have at least one year of experience as a regular writer/editor on the Wikipedia, must have a good command of English, and must care about clear, correct, and concise use of language. Basic knowledge about computers or computer security is not a condition.
 * New members should deliver a review first.
 * Members must review at least one article per half a year.

The renovation contains the following sentences:
 * If you want a review of an article, then add the title to the numbered list below, signed with your signature.
 * Our objective is to deliver a review within 6 weeks.

This means that the WikiProject offers editors who are not members of the WikiProject the service of providing a review of an article on request and within six weeks. When an editor makes such a request, then the WikiProject has the moral responsibility towards the requester to deliver a review, possibly within six weeks. Because the review service is offered structurally, the editor may also justifiably have the expectation that a review will typically be of good quality. Therefore, the WikiProject also has the moral responsibility towards the requester to deliver a review that is at least of reasonable quality.

To be able to deliver reviews, the WikiProject Computer Security needs members. For members to be able to deliver reviews of at least reasonable quality without help, requirements need to be set regarding the background of new members.

The requirements for the background of new members have been set sensibly. They are therefore appropriate.

The current members are not required to meet the background requirements for new members. However, they must deliver a review in the second half of 2012 to remain a member after 1 January 2013. This is a transitional arrangement that can help to have a greater number of active members in the first half of 2013. It is therefore appropriate.

The renovation contains the following sentence:
 * It is very honourable to be a member of this WikiProject, but that honour comes with responsibilities.

This means that the project claims that it is very honourable to be a member. Editors may therefore want to add their username to the member list to obtain that honour without having the intent of contributing to the goals of the project. To prevent this from happening, it is appropriate to require new members to deliver a review first.

The renovation contains the following annotations:
 * According to the Guide of the WikiProject Council, reviewing articles is the most important activity of a WikiProject. This work can be tedious, however. To maintain group cohesion, every member must share in that work.
 * Members must show a minimum of commitment to this WikiProject to maintain group cohesion. This minimum has been set to one review per half a year, so members can also engage in writing/editing articles.

In the first annotation, it is not only the first sentence that is based on the Guide of the WikiProject Council. All three are. They are based on the following paragraph.


 * A WikiProject is fundamentally a social construct; its success depends on its ability to function as a cohesive group of editors working towards a common goal. Much of the work that members must do to sustain a successful WikiProject (quality assessment and peer review in particular, but almost anything beyond the actual writing of articles) is tedious, often unrewarding, and usually unappreciated. To be effective, a WikiProject must foster not only interest in the topic of the project, but also an esprit de corps among its members. When group cohesion is maintained—where, in other words, project members are willing to share in the less exciting work—a WikiProject can muster the energy and direction to produce excellent articles systematically rather than incidentally.

The second annotation is also based on the above quotation. The quotation does not make it absolutely clear what work is tedious. However, it is reasonable to conclude from the quotation that reviewing probably is. It is therefore appropriate to set a lower limit on reviewing to safeguard group cohesion. The annotation explains how this has been done. It follows that it has been done carefully, and the lower limit is therefore appropriate. This completes the proof.

(My own experience strongly confirmed that reviewing can be tedious. I therefore simply stated in the first annotation that reviewing can be tedious.)

Theorem 2
Assume that we have my renovation of the project's page. Then the renovation can be given a more friendly tone without changing its referential message. (The referential message of a text is all what it states about everything it is about.)

Proof
The following sentence of the lead has an unfriendly tone.
 * Becoming a member is not open to anyone, and remaining a member is not granted.

Because the sentence is a summary of details lower on the page, it can be removed.

The following paragraph of the section “Becoming a member” also has an unfriendly tone.
 * New members must have at least one year of experience as a regular writer/editor on the Wikipedia, must have a good command of English, and must care about clear, correct, and concise use of language. Basic knowledge about computers or computer security is not a condition.

It can be changed in the following paragraph.
 * New members should have at least one year of experience as a regular writer/editor on the Wikipedia, should have a good command of English, and should care about clear, correct, and concise use of language. Basic knowledge about computers or computer security is not necessary.

This paragraph has the same referential message but does not have an unfriendly tone. This completes the proof.

Actions
I ask editor Ruud to fully answer the following questions within 3 weeks. I will also notify editor DanielPharos and editor Ruud of this writing.
 * 1) Does he want to continue his opposition against the membership requirements of my renovation?
 * 2) If so, why is that?
 * 3) Does he want to continue his opposition when the above changes were made to give the renovation a more friendly tone?
 * 4) If so, why is that?

Thank you for reading.

Yours faithfully,

Maarten 1963 (talk) 15:10, 15 October 2012 (UTC).


 * I am hereby notifying Maarten 1963 and other fellow editors I've read this reply, and I declare that I am not going to pay this troll any further attention. --DanielPharos (talk) 16:06, 15 October 2012 (UTC)

Dear fellow editors,

Editor Ruud Koot has not responded to some legitimate questions that I asked him. He had been given a reasonable time to answer them.

Editor DanielPharos has responded to my previous writing; this response does not disprove my statement that his concerns are all groundless.

The time has come to evaluate this discussion with respect to its goal. The goal had been set at the beginning, which was to reach consensus about a new version of the project's page.

Evaluation of a discussion is a task different from taking part in it and even different from leading it. It is not uncommon for a chairperson to both take part in a discussion and to evaluate the results. When someone evaluates a discussion that he or she has taken part in, then this does not prove that the evaluation is unfair. However, it does require complete openness of the evaluation.

Wikipedia:Policies and guidelines states:
 * Policies explain and describe standards that all users should normally follow, while guidelines are meant to outline best practices for following those standards in specific contexts.
 * Policies and guidelines should always be applied using reason and common sense.

Wikipedia:Consensus (a policy) states:
 * In determining consensus, consider the quality of the arguments, the history of how they came about, the objections of those who disagree, and existing documentation in the project namespace. The quality of an argument is more important than whether it represents a minority or a majority view. The arguments "I just don't like it" and "I just like it" usually carry no weight whatsoever.
 * Consensus is determined by the quality of the arguments given on the various sides of an issue, as viewed through the lens of Wikipedia policy.
 * Wikipedia has a higher standard of participation and consensus for changes to policies and guidelines than to other types of articles.
 * Editors should listen, respond, and cooperate to build a better article.

Wikipedia:Civility (a policy) states:
 * Editors are expected to be reasonably cooperative, to refrain from making personal attacks, to work within the scope of policies, and to be responsive to good-faith questions.

A document about discussion rules and their related tricks, which I received during a course about debating skills, states as one of the rules: Someone who makes a statement is obliged to defend it when another participant asks for this. One of the related tricks is eluding the burden of proof. Another rule is: An attacker must end his or her doubt after a successful defence, and a defender must give up his or her position after a successful attack. The related trick is: be right but not be put in the right.

A book about argumentation states: A proponent must be able to provide a substantiation of his or her position at any time. When he or she fails a request for substantiation, intentional eluding of the burden of proof is probable. (Argumenteren (Dutch textbook for students in higher education) by Cees Braas, Ellie van der Geest, and Annemieke de Schepper (teachers at the college of higher education in Utrecht), Wolters-Noordhoff, 1996, page 81.)

Editor Ruud Koot has not responded to the questions that I asked him. These questions were justifiable and unmistakable. Therefore, editor Ruud Koot has violated Wikipedia's ruling that editors should listen, respond, and cooperate. He has also violated the discussion rule that someone must give up his or her position after a successful attack. I decide to declare his position unfounded.

Editor DanielPharos did not answer the first and the second question that I had asked him, and he only partly answered the third, while I had asked him to fully answer these questions. Consequently, he has answered less than a third of the questions that I asked him. These questions were justifiable and unmistakable. Therefore, editor DanielPharos has violated Wikipedia's ruling that editors should listen, respond, and cooperate. He has also violated the discussion rule that who made a statement is obliged to defend it when another participant asks for this. I decide to declare his position unfounded.

There are no other editors who have given their opinion about a new version of the project's page.

I conclude that consensus about a new version of the project's page has been reached. This version is the version that was reversed, possibly adapted to reflect more recent changes.

I will notify editor DanielPharos and editor Ruud Koot of this writing.

Yours faithfully,

Maarten 1963 (talk) 15:10, 13 November 2012 (UTC).

List of hackspaces
You are invited to join the discussion at Talk:Hackerspace. -- Trevj (talk) 10:29, 2 October 2012 (UTC)

Review of FA status for Microsoft Security Essentials
I have challenged the decision to award this article FA status over what I allege is a lack of balance and neutrality in the article. Fresh opinions and input are encouraged here. Quantumsilverfish (talk) 01:40, 22 October 2012 (UTC)

Storm botnet FAR
User:Cbrittain10 has nominated Storm botnet for a featured article review here. Please join the discussion on whether this article meets featured article criteria. Articles are typically reviewed for two weeks. If substantial concerns are not addressed during the review period, the article will be moved to the Featured Article Removal Candidates list for a further period, where editors may declare "Keep" or "Delist" the article's featured status. The instructions for the review process are here. JJ98 (Talk) 00:09, 9 November 2012 (UTC)

Relation to WP:COMP
I'd like to start contributing to network security articles. Should these articles be tagged with both and  ? --Kvng (talk) 19:04, 28 November 2012 (UTC)
 * Yes, but it's better to use . (Also, please sign your posts.) --DanielPharos (talk) 07:38, 29 November 2012 (UTC)
 * Thanks, I've updated the project page to document this option. -—Kvng 20:53, 29 November 2012 (UTC)
 * Ah, makes sense, thanks! --DanielPharos (talk) 07:38, 30 November 2012 (UTC)

Example Image 2009 UTM.PNG
file:Example Image 2009 UTM.PNG (Universal Threat Management firewalls) has been nominated for deletion -- 65.92.180.137 (talk) 04:54, 2 April 2013 (UTC)
 * Thanks, voted delete. Sephiroth storm (talk) 19:00, 2 April 2013 (UTC)

27001
Hi all, The FDIS of ISO/IEC 27001:2013 has been released. There are a number of changes from 27001:2005. Is it time to consider overhauling our article on 27001? The article is currently a little dusty and unwieldy, and as other standards/frameworks converge on 27001, I think the importance of this article increases... bobrayner (talk) 15:36, 2 July 2013 (UTC)
 * Having looked at more sources, much of the 27001 article is tied to the old standard; the new standard now seems notable in its own right and there are dozens of sources out there pointing out differences, so I went ahead and started a fresh article for the new standard. I think this would help reduce confusion once I've finished checking the incoming links &c - since various other pages which talk about "27001" will actually be talking about aspects of 27001:2005 which have since changed or been removed. bobrayner (talk) 22:09, 2 July 2013 (UTC)

Conduit and Browser hijacking
We're having a discussion about WP:RS for identifying malware on Talk:Conduit (publisher network and platform). I'd like to solicit advice from folks more knowledgeable than myself about this topic. Terrible Tim (talk) 20:30, 15 August 2013 (UTC)

Created category for Streisand effect
I've gone ahead and created the category for Category:Streisand effect.
 * Category:Streisand effect

Please feel free to populate it with related articles.

Discussion is welcome at Category talk:Streisand effect.

Thank you for your time,

&mdash; Cirt (talk) 18:44, 11 November 2013 (UTC)

Information Security Certifications
Hi all, I'm concerned about Information Security Certifications. It seems to take up quite a lot of screen space (more than the content in most of the articles), but it's woefully incomplete. What should we do here? Delete the template and replace with meaningful content in some of the articles? Overhaul the template somehow? Replace with categories? Or what? bobrayner (talk) 14:17, 3 December 2013 (UTC)
 * Navboxes tend to work well when they cover topic areas with clear boundaries, and where there are connections between individual articles, and where all the things you could reasonably put in a list will actually pass the notability guideline; but none of those three apply here.
 * There are lots of certifications which don't have articles, there are lots of vendors which only manage one or two certs (but they still take up the full width of the page), there are far more certs which aren't even listed in the navbox, or which straddle different topics.
 * Link all certs without articles to the company that provides the cert. User still has a quick way to see what certs the vendor has and can go to the page for more info. Sephiroth storm (talk) 19:30, 3 December 2013 (UTC)
 * Maybe this is mostly an autohide issue. I'm not clear on how this works but the template is expanded in CompTIA and collapsed in EC-Council. I don't see any difference in the article source code. ~KvnG 14:46, 6 December 2013 (UTC)

Casperspy
I don't know the field well enough to tell, but the new article Casperspy is at best confusing and at worst, may be advertising for someone selling malware. If someone with some expertise could take a look and advise, I'd appreciate it. Thank you. SchreiberBike talk 07:23, 10 December 2013 (UTC)

Is OpenCA notable?
I removed a PROD on OpenCA after a Google search. Regardless, the article needs work. 72.244.206.130 (talk) 02:26, 7 April 2014 (UTC)

Problem with project article section
Clicking on any of the numbers on the Project Article grid gives me a No Webservice error.TechnoTalk (talk) 18:21, 3 June 2014 (UTC)


 * I can see that the tool is still running (it is still updating the numbers). I guess it's just a temporary downtime of the webservice? --DanielPharos (talk) 19:46, 7 June 2014 (UTC)


 * Still down for all WikiProjects. I assume someone is working on it but don't actually know. ~KvnG 16:21, 11 June 2014 (UTC)

Leaflet For Wikiproject Computer Security At Wikimania 2014
Hi all,

My name is Adi Khajuria and I am helping out with Wikimania 2014 in London.

One of our initiatives is to create leaflets to increase the discoverability of various wikimedia projects, and showcase the breadth of activity within wikimedia. Any kind of project can have a physical paper leaflet designed - for free - as a tool to help recruit new contributors. These leaflets will be printed at Wikimania 2014, and the designs can be re-used in the future at other events and locations.

This is particularly aimed at highlighting less discoverable but successful projects, e.g:

• Active Wikiprojects: Wikiproject Medicine, WikiProject Video Games, Wikiproject Film

• Tech projects/Tools, which may be looking for either users or developers.

• Less known major projects: Wikinews, Wikidata, Wikivoyage, etc.

• Wiki Loves Parliaments, Wiki Loves Monuments, Wiki Loves ____

• Wikimedia thematic organisations, Wikiwomen’s Collaborative, The Signpost

For more information or to sign up for one for your project, go to: Project leaflets Adikhajuria (talk) 16:24, 13 June 2014 (UTC)

BadBIOS
WhisperToMe (talk) 09:52, 8 July 2014 (UTC)
 * Goodin, Dan. "Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps" (Archive). Ars Technica. October 31, 2013.

Articles for Deletion/SQRL
This is a notice that the article SQRL, which may be within the scope of your WikiProject, has been nominated for deletion. If this is of interest to your members, their input would be appreciated. 0x0077BE [talk/contrib] 14:42, 23 July 2014 (UTC)

Content removed from Network security
The article is tagged as "high importance" for this project so I thought it prudent to notify interested editors here that I have removed a large WP:NOTHOW violation from the article. The offending sections formed the bulk of the article so it is now in a rather sad state. Editors familiar with the topic are encouraged to improve the article by replacing the removed content with material that does not violate the WP:NOT policy. Roger (Dodger67) (talk) 13:49, 26 July 2014 (UTC)

Comment on the WikiProject X proposal
Hello there! As you may already know, most WikiProjects here on Wikipedia struggle to stay active after they've been founded. I believe there is a lot of potential for WikiProjects to facilitate collaboration across subject areas, so I have submitted a grant proposal with the Wikimedia Foundation for the "WikiProject X" project. WikiProject X will study what makes WikiProjects succeed in retaining editors and then design a prototype WikiProject system that will recruit contributors to WikiProjects and help them run effectively. Please review the proposal here and leave feedback. If you have any questions, you can ask on the proposal page or leave a message on my talk page. Thank you for your time! (Also, sorry about the posting mistake earlier. If someone already moved my message to the talk page, feel free to remove this posting.) Harej (talk) 22:47, 1 October 2014 (UTC)

Streisand effect category deletion discussion

 * Category:Streisand effect
 * 1) Categories_for_discussion/Log/2015_March_12

Category:Streisand effect has been nominated for deletion, the discussion is at Categories_for_discussion/Log/2015_March_12.

Feel free to participate there.

Thank you for your time,

&mdash; Cirt (talk) 02:11, 17 March 2015 (UTC)

Afd discussion : +Greythorne the Technomancer (+gthorne)
All interested editors are welcome to contribute to Articles for deletion/+Greythorne the Technomancer (+gthorne). The subject is wanting in reliable, independent sources. Please focus on policy and guidelines rather than any "gut feelings" of the subject. Cheers, --Animalparty-- (talk) 21:12, 31 March 2015 (UTC)

Talk:Conduit (publisher network and platform)
Discussion ongoing; join in. --George Ho (talk) 03:10, 16 October 2014 (UTC)

WikiProject X is live!


Hello everyone!

You may have received a message from me earlier asking you to comment on my WikiProject X proposal. The good news is that WikiProject X is now live! In our first phase, we are focusing on research. At this time, we are looking for people to share their experiences with WikiProjects: good, bad, or neutral. We are also looking for WikiProjects that may be interested in trying out new tools and layouts that will make participating easier and projects easier to maintain. If you or your WikiProject are interested, check us out! Note that this is an opt-in program; no WikiProject will be required to change anything against its wishes. Please let me know if you have any questions. Thank you!

Note: To receive additional notifications about WikiProject X on this talk page, please add this page to WikiProject X/Newsletter. Otherwise, this will be the last notification sent about WikiProject X.

Harej (talk) 16:57, 14 January 2015 (UTC)

Discussion at Village Pump (Proposals)
There is a proposal to enable HTTPS security by default for all readers on Wikipedia at the Village Pump. Computer security is a very relevant topic in the discussion. Your input would be welcome. Thank you, Tony Tan98  ·  talk  02:04, 26 February 2015 (UTC)

Created new article on the Free Speech Flag
I've created a new article on the Free Speech Flag.

If anyone's got ideas for possible additional sources, comments are welcome, at Talk:Free Speech Flag.

Thank you,

&mdash; Cirt (talk) 18:38, 25 September 2015 (UTC)

Free Speech Flag for Featured Picture
I've nominated the Free Speech Flag for Featured Picture.

Discussion is at Featured picture candidates/Free Speech Flag.

&mdash; Cirt (talk) 18:23, 24 September 2015 (UTC)

Possible source
I found: WhisperToMe (talk) 23:55, 7 March 2015 (UTC)
 * Shaw, Eric, Ph.D; Keven G. Ruby, M.A. and Jerrold M. Post. "The Insider Threat to Information Systems The Psychology of the Dangerous Insider" (Archive). Reprinted from the Security Awareness Bulletin, No. 2-98.
 * Based on: “Insider Threats to Critical Information Systems, Technical Report #2; Characteristics of the Vulnerable Critical Information Technology Insider (CITI).” Political Psychology Associates, Ltd., June 1998.

Storm Botnet
Is very overdue for updating, assuming sources can be found. All the best: Rich Farmbrough, 04:29, 13 October 2015 (UTC).

DROWN attack on TLS
I've made a start on an article covering this at DROWN attack. Any help on this would be gratefully accepted. -- Markshale (talk) 00:56, 2 March 2016 (UTC)

RZA4096 File Encryption Ransomware
Hi guys, last Sunday when i started my computer in the morning i found all my data files encrypted on my PC. Well, tried to fix this issue by restarting my PC but it does not worked. After then i tried to run the Anti-malware application running in my system and its fails too. Well, after sometimes a strange message locks my PC screen.

@@@@@@@ What happened to your files ? @@@@@@@ All of your files were protected by a strong encryption with RZA4096 @@@@@@@ More information about the en-Xryption keys using RZA4096 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem)

@@@@@@@ How did this happen ? @@@@@@@ !!! Specially for your PC was generated personal RZA4096 Key, both publik and private. @@@@@@@ !!! ALL YOUR FILES were en-Xrypted with the publik key, which has been transferred to your computer via the Internet. @@@@@@@ !!! Decrypting of your files is only possible with the help of the privatt key and de-crypt program, which is on our Secret Server

@@@@@@@ What do I do ? @@@@@@@ So, there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way @@@@@@@ If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment

It was asking me to pay the ransom in exchange of the access of my precious file. However, when i searched about RZA4096 File Encryption Ransomware i reached to a blog spot site : Kick Ass Malware from where i came to that it is a file encrypting ransomware virus. However, the manual methods listed on that blog does not helped me to remove the threat completely form my PC. Meanwhile, that particular blog is also promote an Anti-Malware tool to remove RZA4096 File Encryption Ransomware. Please suggest me should i use the Tool and remove the threat or i simply pay the ransom. Kindly help me guys as i don't want to lose my important data. — Preceding unsigned comment added by Mathewpeter1 (talk • contribs) 17:43, 24 May 2016 (UTC)


 * Wikipedia is not a forum, so you're asking in the wrong place. Here's a forum where people are talking about this particular ransomware: And finally: "as i don't want to lose my important data": since you don't have a backup (otherwise, just restore that), you've already lost your data. Now you're trying to get it back from the criminals that are holding it hostage. --DanielPharos (talk) 05:57, 25 May 2016 (UTC)

Could use some help over here!
Hello, I decided to be bold and start an  new article on the clusters of attacks utilizing unauthorized access to SWIFT to send fund transfer messages to, well, rob banks. And the ongoing investigations into links to North Korea. It's just a start, please help! Chris vLS (talk) 17:08, 28 May 2016 (UTC)

Existing article quality
Dear wikipedians, about 70% of articles in scope for this project don't get to "C" in quality scale. Is there any improvement initiative in the pipeline? Kind regards, DPdH (talk) 07:37, 17 August 2016 (UTC)

Active users?
I've recently checked into the list of WikiProject Computer Security/Members.

Could this list be improved by stating which members are currently active or inactive or haven't made a contribution in quite some time.

Also there has been some users have joined without making a single contribution to an article or a talk page relating to the subject of computer security.

(Some these accounts only contribution was to just add their name to the list.)

Perhaps leaving notices on the talk pages of users who haven't made a contribution relating to computer security stating that they'll be removed from the project in four weeks time would be suffice.

As for users who have made contributions, but are inactive they could be placed on an inactive section on the list.

FockeWulf FW 190 (talk) 14:23, 27 July 2016 (UTC)


 * I'm all for it. I guess if nobody objects within (say) a week or two, we should go ahead. --DanielPharos (talk) 17:21, 27 July 2016 (UTC)
 * I have no problem with the idea of contacting registered members to determine their status. ~Kvng (talk) 14:33, 30 July 2016 (UTC)
 * I guess we're ready to send notifications to users. FockeWulf FW 190 (talk) 00:22, 16 August 2016 (UTC)
 * Right, I don't see anyone complaining or protesting, so go ahead. :) --DanielPharos (talk) 06:10, 16 August 2016 (UTC)
 * I'm going to send WikiProject Computer Security users to this talk page so that their WikiProject status will be up to date. FockeWulf FW 190 (talk) 18:40, 16 August 2016 (UTC)
 * Hi, I agree with this proposal. In my case, I have a special interest in this topic, but didn't have the chance to contribute in some time though I will if the opportunity arises... wouldn't this be a 3rd status value, like "Passive"? Regards, DPdH (talk) 21:11, 16 August 2016 (UTC)

Thank you for your notification. I am planning to contribute an article about the cyber initiative that connects European CERTs, is involved in ENISA etc. Am looking forward to comments (within a week or so) Ppinia — Preceding unsigned comment added by Ppinia (talk • contribs) 07:59, 17 August 2016 (UTC)

User status
This section is created for users to state their user status as active or inactive. Please be sure to update your status to keep your status as active. Feel free to use the example below.

FockeWulf FW 190 (talk) 18:58, 16 August 2016 (UTC)


 * 1) Active FockeWulf FW 190
 * 2) Active DanielPharos
 * 3) Active User:DPdH
 * 4) Active User:Pleasancoder —Preceding undated comment added 22:52, 16 August 2016 (UTC)
 * 5) Active Jclemens (talk)
 * 6) Active Callsignpink (talk) 23:26, 16 August 2016 (UTC)
 * 7) Active The Grumpy Hacker (talk) 00:16, 17 August 2016 (UTC)
 * 8) Active User:Ozhu —Preceding undated comment added 01:32, 17 August 2016 (UTC)
 * 9) Inactive Neo139 (talk) 01:40, 17 August 2016 (UTC)
 * 10) Active Dawnseeker2000  02:18, 17 August 2016 (UTC)
 * 11) Active LoganLopez (talk) 03:59, 17 August 2016 (UTC)
 * 12) Active happysmash27 —Preceding undated comment added 04:04, 17 August 2016 (UTC)
 * 13) Active WikiGopi
 * 14) Active Sonora Carlos (talk) 18:18, 17 August 2016 (UTC)
 * 15) Active Marcus_Band (talk) 08:43, 18 August 2016 (UTC)
 * 16) Inactive Nickntg — Preceding unsigned comment added by 2A02:582:1CC9:E300:EDA6:A4E9:6842:616C (talk) 21:04, 17 August 2016 (UTC)
 * 17) Active   deadrat
 * 18) Active
 * 19) Inactive  L337p4wn   Talk to me! 05:26, 23 August 2016 (UTC)
 * 20) Active Comepradz (talk) 08:35, 24 August 2016 (UTC)
 * 21) Active MahajanDeepakV —Preceding undated comment added 12:47, 30 August 2016 (UTC)
 * 22) Active User:Ppinia —Preceding undated comment added 15:31, 7 September 2016 (UTC)
 * 23) Inactive Paul M. Nguyen (chat&#124;blame) 01:16, 10 September 2016 (UTC)
 * 24) Active Bezanson (talk) 18:02, 6 October 2016 (UTC)
 * 25) Active Alijohn Ghassemlouei

Looks like enough time has been given and the user list can be updated. FockeWulf FW 190 (talk) 14:10, 20 September 2016 (UTC)
 * Agreed. Go ahead! --DanielPharos (talk) 15:05, 20 September 2016 (UTC)
 * The userlist has been successfully updated with active and formerly active members FockeWulf FW 190 (talk) 16:34, 25 September 2016 (UTC)

IoT malware and stresser software
Hi all,

Currently we don't have much coverage on the subject of IoT malware and stresser software which has been recently on media, but lacks significant coverage on Wikipedia. If anyone is interested I'm looking for a collaboration to improve coverage on articles on the subject.

FockeWulf FW 190 (talk) 18:13, 4 November 2016 (UTC)


 * I suppose I can lend a helping hand, although I'll be mostly limited to weekends. What's the plan? --DanielPharos (talk) 08:20, 5 November 2016 (UTC)
 * Probably the first step would be to start articles on notable IoT malware and work on having the articles reach a quality scale of class c or better. I've also given thought of a timeline or list to go along with this, but this will probably come during a later stage when most of the articles are completed. FockeWulf FW 190 (talk) 21:17, 5 November 2016 (UTC)
 * Sounds good! I see two articles on IoT malware right now: Mirai (malware) and BASHLITE. The BASHLITE one is really stubby; I'll take a look at that one and see what I can do. --DanielPharos (talk) 21:25, 5 November 2016 (UTC)
 * Wow! The BASHLITE article looks much better now. I'll see if I can start work on creating Remaiten. FockeWulf FW 190 (talk) 20:38, 6 November 2016 (UTC)

Merger proposal notification
There is a merger proposal for: Democratic National Committee cyber attacks to be merged ---> into Russian influence on the 2016 United States presidential election.

Discussion is at: Talk:Russian_influence_on_the_2016_United_States_presidential_election. Sagecandor (talk) 20:42, 11 December 2016 (UTC)

Fake news website - move discussion
Article is Fake news website.


 * Requested move discussion at: Talk:Fake_news_website. Sagecandor (talk) 13:10, 18 December 2016 (UTC)

Missing topics list
My list of missing topics related to computers is updated - Skysmith (talk) 19:31, 8 January 2017 (UTC)

Is there a security breach NEWS page on wikinews.org or here?
I am new to this group. Let me know if any news item that belongs to here or somewhere else? thanks. LairdUnlimited (talk) 17:40, 7 March 2017 (UTC)

Security of password managers
You have Comparison_of_password_managers and List of password managers and LastPass, etc. But there's no information on the security of password managers. LastPass had yet another huge security hole reported by a white hat Tavis Ormandy recently. So I started looking to switch to one that has a better reputation or better record or has been 3rd-party audited. I found that 1Password hasn't been audited, and neither has LastPass, but that information should be on Wikipedia for the listed entries. Without it, the articles are worse than useless. --StarDestroyer — Preceding unsigned comment added by 2601:643:8300:B030:50BB:CE2:4353:1F86 (talk) 14:55, 7 April 2017 (UTC)
 * Then create an account (rather than faking a signature) and fix it, with reliable sources. Cabayi (talk) 15:03, 7 April 2017 (UTC)

Nomination of The Plot to Hack America for deletion
A discussion is taking place as to whether the article The Plot to Hack America is suitable for inclusion in Wikipedia according to Wikipedia's policies and guidelines or whether it should be deleted.

The article will be discussed at Articles for deletion/The Plot to Hack America until a consensus is reached, and anyone is welcome to contribute to the discussion. The nomination will explain the policies and guidelines which are of concern. The discussion focuses on high-quality evidence and our policies and guidelines.

Users may edit the article during the discussion, including to improve the article to address concerns raised in the discussion. However, do not remove the article-for-deletion notice from the top of the article. Sagecandor (talk) 17:40, 12 June 2017 (UTC)

Metasploit CLI commands
I have been working on a command listing for the metasploit CLI and the Meterpreter payload commands. At first I thought it could be included in the Metasploit Project but it is way too long for that so it may be worthy of having it's own article. Anyone know of any other Wikipedia articles of a similar nature? DoctorG  (talk)  20:34, 28 September 2017 (UTC)
 * Wasn't quite sure since I am only a casual contributor to WP Computer Security, and it doesn't look like this project has anything related, but WP Computing has List of DOS commands and List of Unix commands. Dawnseeker2000  20:55, 28 September 2017 (UTC)
 * thanks, this is exactly what I was looking for. I wasn't sure if I liked the way I formatting my article, and now I have a few more ideas. DoctorG  (talk)  14:58, 30 September 2017 (UTC)
 * And if that doesn't work out, consider posting it on wikibooks instead. For example: Q3Map2 --DanielPharos (talk) 20:20, 2 October 2017 (UTC)

New AFC article
Draft:Metasploit Framework commands is now in the AFC queue. If any of you spend time there, I'd appreciate you taking a look at it. Thanks! DoctorG  (talk)  20:45, 13 October 2017 (UTC)

MacKeeper Content/references dispute - can anyone give me a second opinion on this
Hi, I'm only an occasional editor of Wikipedia so I'm not sure if this is the right place to raise this question. Please redirect me if it's not appropriate.

I've been trying to edit the page for MacKeeper but I've run up against an experienced editor who disagrees with me so I would appreciate it if someone from the security community could give a second opinion on this. The objection is that the edit cites primary sources which is true, but only as a "straightforward, descriptive statement" of two major anti-malware vendor's description of MacKeeper as a "potentially unwanted application", permitted as per WP:PRIMARYCARE. Furthermore, the sources Sophos and MalwareBytes are discounted because they are a competitor of MacKeeper in the anti-malware market and therefore biased or unreliable. As per WP:NEUTRALSOURCE I contend that while an article must have an overall NPOV, "reliable sources may be non-neutral".

The edit I propose is as follows, I would appreciate it if someone could review it:

MacKeeper has been criticized for being very difficult to uninstall  and reported as a potentially unwanted program by Malwarebytes. Sophos Labs agrees and states in it's 2018 Malware Forecast that "Of all PUAs we intercepted, MacKeeper was most prolific" Kromtech states that their product is definitely not a virus and that there are "situations when some antiviruses falsely marked MacKeeper as a virus or a potentially unwanted applications (PUA)."

119.224.17.35 (talk) 07:07, 7 November 2017 (UTC)


 * Here is my personal opinion:
 * : This was rightfully reverted. You can't use the company itself as a source here, because obviously they would never claim that their software is malicious. At most one can add that the company claims that their software isn't malicious.
 * : (haven't checked the source) This look much better, but I wouldn't put it in the lead, but in the lawsuit section. In other words, personally, I would have moved it, not reverted it.
 * : A blog entry on Malwarebytes by a person with a known anti-MacKeeper history indeed won't do. I think the Sophos link should be OK, as long as it's stated that "Sophos categorized MacKeeper blah blah", and it's not put in the lead. There isn't a good section for it right now, though. Perhaps a "reception" section is in order? (Which would need more balancing and references.)
 * As for the used references: there's already advice on the next step given in the commit message of one of the reverts: --DanielPharos (talk) 18:07, 8 November 2017 (UTC)
 * Thanks very much for taking the time to review this DanielPharos, I appreciate your time. It seems very unusual indeed for two reputable anti-malware companies to accuse another anti-malware company of distributing a PUP so with reference to the edit I was trying to balance the accusations that Mackeeper is a Potentially Unwanted Program leveled by Sophos and MalwareBytes against the denial from Mackeeper vendor Kromtech. I understand that it's a delicate situation but do you think it's acceptable to cite this reference from Kromtech to help balance article by giving Kromtech the a right of reply to the accusations from their competitors? 119.224.17.35 (talk) 07:29, 10 November 2017 (UTC)
 * Sorry for the late response. Using any material from Kromtech itself is very "dangerous", because they will obviously be (accused of being) biased. At most one can add that the company claims that their software isn't malicious, and use the link as support for that statement. --DanielPharos (talk) 18:44, 24 November 2017 (UTC)

Community Outreach
Marketing Manager here at RoboForm reaching out to see if anyone would be interested in helping create an article for RoboForm Password Manager. Thanks! https://www.roboform.com/ SoftwareGirl (talk) 22:07, 11 December 2017 (UTC)SoftwareGirl

Splitting public-policy from technical material at Computer security
Please see Talk:Computer security.

Summary: The present article is a mish-mash of material of a general nature (technical, academic, practices, history, terms, incidents, notable-figures) and material of a socio-political nature (infrastructural, regulatory, legal, corporate, financial, espionage and cyberwar, public impacts).

This started as an RM discussion but turned into a scope one. I've proposed that a Cybersecurity article (using the term favored in technology-and-public-policy circles) should be a spinoff, per WP:SUMMARY, for the second group of material, leaving the bulk of the more general info at Computer security (the basic, non-jargon, descriptive term for the field). This would be in keeping with Cyberwarfare, Internet privacy, Internet censorship, Genetically modified food controversies, and numerous other clear splits between technology and technology policy articles (sometimes multiple such articles, e.g. Electronic cigarette → Regulation of electronic cigarettes, Safety of electronic cigarettes, and several others – but let's just start with one here).

I've done a section-by-section review of what needs to be done, but it's just one opinion, so additional input is sought.

Computers: In particular, a whole lot of "cybersecurity" isn't about computers and their security so much as it is about telecommunications infrastructure and its management and control. — SMcCandlish ☏ ¢ &gt;ʌⱷ҅ᴥⱷʌ&lt;  10:42, 18 December 2017 (UTC)

Help with M2M public key certificate
Could someone have a look at the recently created M2M public key certificate to see if it deserves an article of its own? – Uanfala (talk) 22:22, 27 December 2017 (UTC)


 * This has now been nominated for deletion. Please discuss here. ~Kvng (talk) 14:50, 30 December 2017 (UTC)

Lookout
I work at Lookout and we shared this draft article that I hoping will be reviewed by an editor. Here is the link to the talk page where we shared the draft: https://en.wikipedia.org/wiki/Talk:Lookout_(company)#Draft Eileen at lookout (talk) 17:21, 3 May 2018 (UTC)

AVG AntiVirus
Shouldn't article about faimily of the antivirus software which including independent programs like "AVG AntiVirus" and "AVG Internet Security" exists under common name like "AVG (software)"? As I said "AVG AntiVirus" is name one of the programs from family. I couldn't check the whole article but it looks like article is focusing mostly on "AVG AntiVirus" program only so It could be possible to delete all informations not reffering to "AVG AntiVirus" program and change definition. Eurohunter (talk) 09:53, 19 April 2018 (UTC)
 * There is AVG Technologies for content not related to specific software. AVG (software) exists as a redirect to AVG AntiVirus. It is possible that there's a better title for AVG AntiVirus but I personally don't see a problem with current organization. Maybe once the articles have been improved a bit, a better shememe will become evident. ~Kvng (talk) 12:52, 22 April 2018 (UTC)
 * Current state is chaotic. Eurohunter (talk) 16:25, 28 April 2018 (UTC)

Hi, my name is Charlotte Empey and I work at Avast/AVG. I support AVG (software) as a consolidated article because WP:PRODUCT encourages the company page to use WP:Summary Style to summarize its products, but this isn’t practical if the product page is on just one product. Additionally, WP:PRODUCT says to avoid creating multiple stubs on products of marginal notability and there are other AVG products that have been covered in in-depth articles https://www.pcmag.com/review/343595/avg-cloudcare An AVG (software) page would be the best place for these sources. I realize the article-content won’t jive well with the article-title initially, but I will eventually assist in adjusting the content in an appropriate manner given my conflict of interest. Empey at Avast (talk) 19:42, 7 May 2018 (UTC)
 * I think if few AVG products meet notability criterion they deserve few articles. If only one product meet criteria only one article should be created and rest products created by AVG Technologies should be included in AVG Technologies article. Eurohunter (talk) 20:41, 23 May 2018 (UTC)

WikiProject collaboration notice from the Portals WikiProject
The reason I am contacting you is because there are one or more portals that fall under this subject, and the Portals WikiProject is currently undertaking a major drive to automate portals that may affect them.

Portals are being redesigned.

The new design features are being applied to existing portals.

At present, we are gearing up for a maintenance pass of portals in which the introduction section will be upgraded to no longer need a subpage. In place of static copied and pasted excerpts will be self-updating excerpts displayed through selective transclusion, using the template Transclude lead excerpt.

The discussion about this can be found here.

Maintainers of specific portals are encouraged to sign up as project members here, noting the portals they maintain, so that those portals are skipped by the maintenance pass. Currently, we are interested in upgrading neglected and abandoned portals. There will be opportunity for maintained portals to opt-in later, or the portal maintainers can handle upgrading (the portals they maintain) personally at any time.

Background
On April 8th, 2018, an RfC ("Request for comment") proposal was made to eliminate all portals and the portal namespace. On April 17th, the Portals WikiProject was rebooted to handle the revitalization of the portal system. On May 12th, the RfC was closed with the result to keep portals, by a margin of about 2 to 1 in favor of keeping portals.

There's an article in the current edition of the Signpost interviewing project members about the RfC and the Portals WikiProject.

Since the reboot, the Portals WikiProject has been busy building tools and components to upgrade portals.

So far, 84 editors have joined.

If you would like to keep abreast of what is happening with portals, see the newsletter archive.

If you have any questions about what is happening with portals or the Portals WikiProject, please post them on the WikiProject's talk page.

Thank you. &mdash; The Transhumanist  10:54, 31 May 2018 (UTC)

Seeking input on an update that spans various articles
I believe I've identified a shortcoming that spans a number of Wikipedia articles relating to computer security. I don't think there's anything intentional about it, but as I'm sure followers of this page are well aware, the nature and severity of cyberattacks has changed rapidly in recent years, and major developments have not been well summarized in Wikipedia coverage (though many specific attacks have been covered very effectively). I started an article on fifth generation cyberattack, and I've gotten good feedback from a couple of long-term editors (thanks again, especially). I'd like to start weaving information about 5th generation attacks into other high-level articles. Such as: computer security, cyberwarfare, network security, as well as the articles on NotPetya and Wannacry. As I've noted on other pages, my efforts are part of my professional duties as an employee of Check Point; but my goal is simply to improve Wikipedia's coverage of an important field, not specifically to advance my employer's interests. I'd be happy for any input from those more experienced with Wikipedia as I proceed. I'll start with an edit to computer security to illustrate the kind of edit I'm talking about. -Cindy (talk) 00:47, 10 July 2018 (UTC)

Request an infobox for computer vulnerabilities such as Heartbleed and Shellshock
For information: This is being discussed at Wikipedia_talk:WikiProject_Computing. Djm-leighpark (talk) 19:45, 28 November 2018 (UTC)

Discussion of Softpedia (softpedia.com) and The Hacker News (thehackernews.com) at the reliable sources noticeboard
There is a discussion on the reliability of Softpedia (softpedia.com) and The Hacker News (thehackernews.com, not to be confused with Hacker News) at the reliable sources noticeboard. If you are interested, please participate at. —  Newslinger  talk   12:17, 6 February 2019 (UTC)

A new newsletter directory is out!
A new Newsletter directory has been created to replace the old, out-of-date one. If your WikiProject and its taskforces have newsletters (even inactive ones), or if you know of a missing newsletter (including from sister projects like WikiSpecies), please include it in the directory! The template can be a bit tricky, so if you need help, just post the newsletter on the template's talk page and someone will add it for you.
 * – Sent on behalf of Headbomb. 03:11, 11 April 2019 (UTC)

CrowdStrike edit request
Hi all! I'm a COI editor representing CrowdStrike. I've posted some edit requests on that article's talk page that have been awaiting review for quite a bit now, so I'm reaching out to this community in case anyone here would be willing to take a look and share feedback. Thank you! Mary Gaulke (talk) 23:27, 19 June 2019 (UTC)

AVG Technologies COI edit request
A declared COI editor/employee of Avast has drafted a version of the AVG Technologies article at User:Empey at Avast/AVG Technologies Draft. See discussion on the article talk page, where the user has agreed to leave the Controversy section intact. I am not familiar with the computer security realm, so anybody who is, I would appreciate their input on the other drafted changes. Thanks. --Geniac (talk) 22:52, 17 July 2019 (UTC)

What images should be used in Hardware security module?
Anyone have good ideas on what images should be included in Hardware security module? I don't see why multiple images are needed, but we could use some clear criteria to keep the spamming/coi/etc problems in check. --Ronz (talk) 20:16, 14 August 2019 (UTC)
 * Talk:Hardware_security_module
 * Talk:Hardware_security_module

Update ?
A man was charged for the Anthem data breach in 2019 — Preceding unsigned comment added by Personisgaming (talk • contribs) 21:45, 22 September 2019 (UTC)

Request for information on WP1.0 web tool
Hello and greetings from the maintainers of the WP 1.0 Bot! As you may or may not know, we are currently involved in an overhaul of the bot, in order to make it more modern and maintainable. As part of this process, we will be rewriting the web tool that is part of the project. You might have noticed this tool if you click through the links on the project assessment summary tables.

We'd like to collect information on how the current tool is used by....you! How do you yourself and the other maintainers of your project use the web tool? Which of its features do you need? How frequently do you use these features? And what features is the tool missing that would be useful to you? We have collected all of these questions at this Google form where you can leave your response. Walkerma (talk) 04:24, 27 October 2019 (UTC)

DHS Cyber Security Division
The article on DHS Cyber Security Division has very little information as the article has been rated as Low-importance on the project's importance scale. For my class assignment I would like to add to the information presented on DHS Cyber Security Division, as I believe I could fill in a couple of missing gaps within the article. Unless opposed? --Andrew.willman (talk) 22:21, 4 February 2020 (UTC)
 * Thanks, we're always happy to have someone expand a WP:STUB. ~Kvng (talk) 14:02, 7 February 2020 (UTC)

iframe virus
There's a long-standing merge proposal over at iframe virus and Frame injection which could use some educated eyes; outside of my field of expertise! Contributions welcome at Talk:Iframe virus Klbrain (talk) 17:55, 6 April 2020 (UTC)

Prioritary
For me prioritary is a list of know viruses and aliases. A Basic Table of Computing Viruses and a more complete one?. A viruspedia?. A TaskForce within Security Wikiproject about Computing Viruses? (it would be OK). For example, include information about KMSAuto Net.exe virus. Main articles: Malware, Exploit, and Ransomware.BoldLuis (talk) 12:12, 17 May 2020 (UTC)
 * Be careful not to violate WP:DIRECTORY (especially point 7). And there may already be one, due to the way Wikipedia works: Category:Malware. Other than that, be BOLD! --DanielPharos (talk) 20:25, 17 May 2020 (UTC)

🎆 New Wikibooks book on inexpensive end-user computer security...
Just completed a Wikibooks book on inexpensive end-user computer security. Might be relevant to your work, and because it's hosted on a Wikimedia Foundation site, it might not be too difficult for you to use its content. It's hosted at: https://en.wikibooks.org/wiki/End-user_Computer_Security. --MarkJFernandes (talk) 11:18, 4 June 2020 (UTC)

About cyber loss scenario modeling in wikidata
I would like to use Wikidata to model the different cyber loss scenarios. What is the connection of this Wikipedia project and wikidata? Do we need an equivalent project on Wikidata or this can be coordinated from this project? --AntoineLogean (talk) 11:18, 27 July 2020 (UTC)

Drovorub malware toolkit
I've just started an article on Drovorub, the recently discovered Linux malware toolkit from APT28. I'd welcome help expanding and improving the article. -- The Anome (talk) 16:51, 21 August 2020 (UTC)

Suggest creation of list article on HTTP authentication/Security access control methods
See my post here. El komodos drago (talk to me) 10:49, 1 December 2020 (UTC)

Help with article about technology company
Hello. I’m hoping a member of this group can help out with a few changes I’ve proposed to improve the Cloudflare article at Talk:Cloudflare/Archives/2021. I have a conflict of interest so would like an independent editor to evaluate the proposed edits. Thanks! Ryanknight24 (talk) 18:48, 12 February 2021 (UTC)

Phineas Phisher/Fisher
Hi, i was considering making an article about phineas-phisher who you can find out about here,here ,here for a few examples, a quick search of google books as well as a browse of a few I own shows: A ecent amount of hits, but i am unsure if this person passes is enough Notable. Could I get some feedback here before I begin? It would be much appreciated, Thanks. W1tchkr4ft 00 (talk) 21:45, 24 February 2021 (UTC)
 * , notability is established by significant coverage in multiple reliable sources. Vice coverage looks good, that counts as one source. is good if it was published in a respectable journal. WP:INTERVIEWs such as  can be considered WP:PRIMARY sources so are not necessarily good evidence of notability. There is one promising book in your Books search. The subject appears to be marginally notable based on what you've provided here. ~Kvng (talk) 15:21, 28 February 2021 (UTC)

Suggestion of 'Golden Age of HTTPS/SSL/TLS/CA' and 'HTTP is Dead'
I have often seen opening sites of any kind for a long time, but since the 2010s some of these sites have switched to https permanently and make me worrying (however not). My suggestion about 'Golden Age of HTTPS/SSL/TLS/CA' where users of encryption really need and as an obligation to secure the site now and 'HTTP is Dead' is the drastic reduction of the use of http has been experienced since the late 2010s due to security warning and more vulnerable for all. Thanks for my suggestion about the history of HTTP and HTTPS --Firzafp (talk) 10:03, 3 March 2021 (UTC)

Multi-editor discussion requested for Cloudflare
There is a new discussion on the Talk page of Cloudflare, the ISP, about three issues that were looked at by one editor as part of a conflict of interest review. Talk:Cloudflare/Archives/2021 I think the discussion would benefit from multiple editors weighing in. Thank you. Ryanknight24 (talk) 22:57, 21 June 2021 (UTC)

Nomination of Virus Creation Laboratory for deletion
A discussion is taking place as to whether the article Virus Creation Laboratory is suitable for inclusion in Wikipedia according to Wikipedia's policies and guidelines or whether it should be deleted.

The article will be discussed at Articles for deletion/Virus Creation Laboratory until a consensus is reached, and anyone, including you, is welcome to contribute to the discussion. The nomination will explain the policies and guidelines which are of concern. The discussion focuses on high-quality evidence and our policies and guidelines.

Users may edit the article during the discussion, including to improve the article to address concerns raised in the discussion. However, do not remove the article-for-deletion notice from the top of the article. Skyerise (talk) 13:58, 17 July 2021 (UTC)

Proposed deletion of PaX


The article PaX has been proposed for deletion&#32;because of the following concern: "Little to no reliable third-party coverage exists. See the deletion discussion of the patchset which this is a part of."

While all constructive contributions to Wikipedia are appreciated, pages may be deleted for any of several reasons.

You may prevent the proposed deletion by removing the notice, but please explain why in your edit summary or on the article's talk page.

Please consider improving the page to address the issues raised. Removing will stop the proposed deletion process, but other deletion processes exist. In particular, the speedy deletion process can result in deletion without discussion, and articles for deletion allows discussion to reach consensus for deletion. ilmaisin (talk) 07:17, 11 September 2021 (UTC)

FORCEDENTRY
I've jusr created an article of FORCEDENTRY, a major hack of pretty much the whole Apple endpoint ecosystem that has just been revealed. I'd appreciate any help that other editors can give to improve it. -- The Anome (talk) 23:49, 13 September 2021 (UTC)

Pegasus (spyware) has an RFC
Pegasus (spyware), which is within the scope of this WikiProject, has an RFC for possible consensus. A discussion is taking place. If you would like to participate in the discussion, you are invited to add your comments on the discussion page. Thank you. Szmenderowiecki (talk) 22:36, 6 January 2022 (UTC)

Requested move at Talk:List of security hacking incidents
There is a requested move discussion at Talk:List of security hacking incidents that may be of interest to members of this WikiProject. ASUKITE 15:22, 14 January 2022 (UTC)

Requested move at Talk:Asset Disposal and Information Security Alliance
There is a requested move discussion at Talk:Asset Disposal and Information Security Alliance that may be of interest to members of this WikiProject.  NW1223  &lt; Howl at me &bull; My hunts &gt; 15:59, 17 March 2022 (UTC)

Editor Review Assistance - Fortinet Company Page
Hello, I’m seeking assistance from qualified editors to review COI edit requests I post on the Fortinet article’s Talk page. Will appreciate anyone leaving a comment here saying it’s okay if I ping them in the future for these requests. At the present time there is only 1 open (technically ready to be closed) request, but likely others. Context: Last year Fortinet became aware of an undisclosed paid edits warning label that was placed on the article about “Fortinet” in December 2020 after a sock puppet investigation found 2 accounts had made edits in 2018 as part of a broader campaign. Although Fortinet has hired disclosed paid editors in the past, we were not in a position to make uncontroversial reversions to any suspicious edits. Fortinet has been making COI Edit requests and seeking unbiased, disinterested editors to help improve the article in hopes to see the page’s quality improved per the warning label request to ensure that the Wikipedia community trusts the content there again. We’re hoping some of the editors involved with this Wikiproject will assist.Johnwikiwelton (talk) 19:12, 18 March 2022 (UTC)

FLRC for List of Computer Criminals
I have nominated List of computer criminals for featured list removal. Please join the discussion on whether this article meets the featured list criteria. Articles are typically reviewed for two weeks; editors may declare to "Keep" or "Delist" the article's featured status. The instructions for the review process are here. Hog Farm Talk 18:02, 28 March 2022 (UTC)

User script to detect unreliable sources
I have (with the help of others) made a small user script to detect and highlight various links to unreliable sources and predatory journals. Some of you may already be familiar with it, given it is currently the 39th most imported script on Wikipedia. The idea is that it takes something like and turns it into something like
 * John Smith "Article of things" Deprecated.com. Accessed 2020-02-14.
 * John Smith "Article of things" Deprecated.com. Accessed 2020-02-14.

It will work on a variety of links, including those from cite web, cite journal and doi.

The script is mostly based on WP:RSPSOURCES, WP:NPPSG and WP:CITEWATCH and a good dose of common sense. I'm always expanding coverage and tweaking the script's logic, so general feedback and suggestions to expand coverage to other unreliable sources are always welcomed.

Do note that this is not a script to be mindlessly used, and several caveats apply. Details and instructions are available at User:Headbomb/unreliable. Questions, comments and requests can be made at User talk:Headbomb/unreliable.

- &#32; Headbomb {t · c · p · b}

This is a one time notice and can't be unsubscribed from. Delivered by: MediaWiki message delivery (talk) 16:01, 29 April 2022 (UTC)

Editor Review Assistance - ReBAC
Hi, I need finding reliable sources for this page: https://en.wikipedia.org/wiki/Draft:Relationship-based_access_control. Thanks! Miparnisari (talk) 02:00, 21 June 2022 (UTC)

Feedback on OneTrust new article draft
Hi there. I created a draft article for OneTrust in my sandbox here:. I’m a new Wikipedia user, and work for the company so I have a conflict of interest, and therefore I need feedback on how to improve the draft from independent editors and make sure it’s in line with Wikipedia’s policies and best practices. Is someone from this project available to take a look and provide feedback/comments? Thanks. FriendofKittens8 (talk) 18:30, 3 August 2022 (UTC)
 * Page looks great! I don't see any conflict of interest issues. I've moved the page to it's own article. DecorumForum125 (talk) 22:13, 14 August 2022 (UTC)

Requested move at Talk:Zero-day (computing)
There is a requested move discussion at Talk:Zero-day (computing) that may be of interest to members of this WikiProject. – robertsky (talk) 16:24, 2 September 2022 (UTC)

Edit Review - Emsisoft
Posted a few requests on the talk page for Emsisoft, an anti-malware company, just to fix a few bad sources like press releases, blogs, etc. I have a COI (and declared it there too) - could someone from this group review the proposals? Talk:Emsisoft Thanks. Sportsfan4646 (talk) 19:36, 7 December 2022 (UTC)

AfC review of Draft:Confidential computing
Hi,

I worked on an article about Confidential Computing. Tried to make it as objective and well-referenced as possible. Seeking review and suggestions. Note, I'm affiliated with a related non-profit industry group and will abide by all rules regarding conflicts. All help appreciated. Thanks!

HudsonAttests (talk) 20:51, 30 March 2023 (UTC)

Draft for review
Hey, submitted this a few days ago and would appreciate a review, this is the first article I made so I am not sure if I got everything right - Draft:Alon Gal 85.250.218.178 (talk) 11:40, 1 May 2023 (UTC)


 * Now published as Alon Gal. ~Kvng (talk) 15:16, 15 December 2023 (UTC)

Draft for review - Dancho Danchev
Hello,

I've been working on a draft for - Draft:Dancho Danchev which I believe needs improvements and the following references based on articles and Google Scholar and Google Books including the following Google Books references added.

I also collected the following articles mentioning his research which is outstanding for references and adding additional content.

https://abcnews.go.com/Technology/PCWorld/story?id=4960161

https://arstechnica.com/information-technology/2008/03/ongoing-iframe-attack-proving-difficult-to-kill/

https://boingboing.net/2008/08/30/indias-underground-c.html

https://boingboing.net/2012/05/15/new-skype-malware-threat-repor.html

https://foreignpolicy.com/2009/05/12/dont-pay-your-ransom-via-sms/

https://foreignpolicy.com/2009/05/20/in-gaz-we-trust-a-fake-russian-energy-company-facilitating-cybercrime/

https://foreignpolicy.com/2009/11/04/is-aggregate-and-forget-the-future-of-cyber-extortion/

https://money.cnn.com/2013/02/22/technology/security/nbc-com-hacked-malware/index.html

https://securitywatch.pcmag.com/apple/283499-has-ev-ssl-growth-been-slow

https://securitywatch.pcmag.com/security/296289-zeus-zbot-trojan-spread-through-rogue-us-airways-email

https://threatpost.com/adele-bests-adderall-affiliate-spammers-offer-music-downloads-060412/76647/

https://threatpost.com/fake-paypal-emails-distributing-malware-102312/77145/

https://threatpost.com/how-much-does-botnet-cost-022813/77573/

https://threatpost.com/report-vishing-attack-targets-skype-users-050211/75190/

https://threatpost.com/spammers-using-fake-youtube-notifications-peddle-drugs-122612/77344/

https://uk.pcmag.com/software/17274/news/nbccom-hacked-infected-with-citadel-trojan

https://www.cnet.com/news/attackers-booby-trap-searches-at-top-web-sites/

https://www.cnet.com/news/carpet-bombing-networks-in-cyberspace/

https://www.cnet.com/news/fake-microsoft-e-mail-contains-trojan-virus/

https://www.cnet.com/news/firefox-add-on-encrypts-sessions-with-facebook-twitter/

https://www.cnet.com/news/green-dam-exploit-in-the-wild/

https://www.cnet.com/news/high-tech-bank-robbers-phone-it-in/

https://www.cnet.com/news/sony-playstation-site-victim-of-sql-injection-attack/

https://www.cnet.com/news/storm-worm-e-mail-says-u-s-attacked-iran/

https://www.cnet.com/news/twitter-warms-up-malware-filter/

https://www.computerworld.com.au/article/210515/hackers_expand_massive_iframe_attack_prime_sites/

https://www.computerworld.com.au/article/256798/russian_hacker_militia_mobilizes_attack_georgia/

https://www.computerworld.com/article/2484233/cybercrime-hacking/cybercrime-service-automates-creation-of-fake-scanned-ids.html

https://www.computerworld.com/article/2532189/security0/massive-faux-cnn-spam-blitz-uses-legit-sites-to-deliver-fake-flash.html

https://www.computerworld.com/article/2536384/security0/hackers-expand-massive-iframe-attack-to-prime-sites.html

https://www.crn.com.au/news/spam-email-contains-malware-not-apple-gift-card-353159

https://www.csoonline.com/article/2118281/build-ci-sdlc/danchev--the-small-pack-web-malware-exploitation-kit.html

https://www.csoonline.com/article/2123341/build-ci-sdlc/danchev--massive-sql-injection-the-chinese-way.html

https://www.csoonline.com/article/2123470/build-ci-sdlc/danchev--anti-fraud-site-ddos-attack.html

https://www.csoonline.com/article/2123901/build-ci-sdlc/danchev--a-crimeware-developer-s-to-do-list.html

https://www.csoonline.com/article/2124089/build-ci-sdlc/danchev-rained-on-my-scareware-campaign.html

https://www.csoonline.com/article/2124947/build-ci-sdlc/danchev--money-mule-recruiters.html

https://www.cyberdefensemagazine.com/botnets-for-rent-criminal-services-sold-in-the-underground-market/

https://www.darkreading.com/attacks-breaches/hacking-the-tdos-attack/d/d-id/1139863

https://www.dw.com/en/bulgarian-sleuth-unveils-botnet-operators/a-15689368

https://www.helpnetsecurity.com/2010/06/17/months-old-skype-vulnerability-exploited-in-the-wild/

https://www.helpnetsecurity.com/2012/08/31/fake-ups-notices-deliver-malware/

https://www.helpnetsecurity.com/2012/10/31/can-the-nuclear-exploit-kit-dethrone-blackhole/

https://www.helpnetsecurity.com/2013/01/15/automated-youtube-account-generator-offered-to-cyber-crooks/

https://www.helpnetsecurity.com/2013/09/10/cc-php-script-for-staging-ddos-attacks-sold-on-underground-forums/

https://www.infosecurity-magazine.com/news/russian-malware-as-a-service-offers-up-server/

https://www.infoworld.com/article/2629993/malware/microsoft-declares-war-on--scareware-.html

https://www.infoworld.com/article/2652021/security/hackers-knocked-comcast-net-offline.html

https://www.itnews.com.au/news/buy-500-hacked-twitter-accounts-for-less-than-a-pint-309382

https://www.itworld.com/article/2767489/endpoint-protection/what-s-really-the-safest-web-browser-.html

https://www.networkworld.com/article/2285012/lan-wan/hackers-expand-massive-iframe-attack-to-prime-sites.html

https://www.nytimes.com/2012/01/17/technology/koobface-gang-that-used-facebook-to-spread-worm-operates-in-the-open.html

https://www.pcworld.com/article/149642/malware.html

https://www.pcworld.com/article/166714/article.html

https://www.pcworld.com/article/189868/article.html

https://www.recordedfuture.com/deconstructing-the-al-qassam-cyber-fighters-assault-on-us-banks/

https://www.researchgate.net/publication/271893977_Virtual_jihad_How_real_is_the_threat

https://www.scmagazine.com/home/news/buggy-diy-botnet-tool-leaks-in-black-market/

https://www.scmagazine.com/home/news/mass-website-hacking-tool-alerts-to-dangers-of-google-dorks/

https://www.scmagazineuk.com/article/1482050

https://www.securityfocus.com/brief/744

https://www.securityweek.com/new-diy-google-dorks-based-hacking-tool-released

https://www.sfgate.com/business/article/Hackers-infiltrate-Google-searches-3288807.php

https://www.techrepublic.com/blog/apple-in-the-enterprise/watch-out-for-malware-with-those-pretty-mac-screensavers/

https://www.techrepublic.com/blog/it-security/is-the-death-knell-sounding-for-traditional-antivirus/

https://www.techrepublic.com/blog/it-security/kaspersky-disputes-mcafees-shady-rat-report/

https://www.theinquirer.net/inquirer/news/1017058/faked-cnn-spam-blitz-pushes-fake-flash

https://www.theregister.co.uk/2009/09/18/scareware_botnet_scam/

https://www.theregister.co.uk/2009/12/09/amazon_ec2_bot_control_channel/

https://www.theregister.co.uk/2010/03/17/bulletproof_hosting_exposed/

https://www.theregister.co.uk/2012/01/18/koobface_prime_suspect_outed/

https://www.theregister.co.uk/2012/10/11/exploit_vulnerability_marketplace/

https://www.theregister.co.uk/2013/02/14/phone_harvesting_service_creates_spam_menace/

https://www.theregister.co.uk/2013/02/27/apt1_china_dark_visitor_b_team/

https://www.thetechherald.com/articles/CAPTCHAs-are-dead-new-research-from-Dancho-Danchev-confirms-it

https://www.tripwire.com/state-of-security/latest-security-news/upgraded-modular-malware-platform-released-black-market/

https://www.v3.co.uk/v3-uk/news/2252440/java-exploit-kit-sells-for-usd40-per-day

https://www.v3.co.uk/v3-uk/news/2267552/bitcoins-are-being-traded-for-hack-tools

https://www.wired.com/2008/01/fraudsters-target-facebook-with-phishing-scam/

https://www.wired.com/2008/04/cia-copies-thre/

https://www.wired.com/2010/04/ransomware/

Here's also heavily referenced here in Dutch:

https://www.security.nl/search?continue=1&keywords=dancho+danchev&sort=yoda&order=desc&limit=35&c&#x5B;&#x5D;=1&c&#x5B;&#x5D;=3&page=1

And here in French:

https://www.reseaux-telecoms.net/recherche.html?kw=dancho+danchev&sa= Ahsks873 (talk) 16:19, 26 January 2024 (UTC)

Isolation dates on virus pages?
There are never any sources cited for "isolation dates" on the pages for worms or viruses, nor is there any explanation as to what an isolation date is. I am just curious how this information, in most cases, supersedes the need for a release date, and how in many cases the isolation date is not present. Thanks in advance for anyone who can clear this topic up for me. GordonFreeman1997 (talk) 17:23, 2 February 2024 (UTC)


 * The isolation date should be the date when the virus was first analysed by anyone who was able to understand something about the virus. Generally this tends to be for viruses that are developed by organizations that are not forthcoming about the exact origins of the code (and thus generally don't provide release dates). Viruses that have been around for longer periods of time, generally tend to have much fuzzier timelines and so might not have exact isolation dates. Hope that helps. Sohom (talk) 19:02, 2 February 2024 (UTC)
 * Thank you so much! This explanation really helps. GordonFreeman1997 (talk) 21:41, 2 February 2024 (UTC)

Data breach template
Is there a standard practice for how we treat data breaches on Wikipedia? I'm looking at things like 2011 PlayStation Network outage (which I've done some work on and would appreciate eyeballs), 2015_TalkTalk_data_breach, and 2015_TalkTalk_data_breach - but there isn't much consistency. At the very least they should probably all use Template:Infobox_event, but I'm curious to know if there is any 'best practice' I can look at... Joe (talk) 18:31, 20 March 2024 (UTC)

FAC for Cross-site leaks
I've nominated Cross-site leaks (a while back) for promotion to a Featured article. Reviews, comments and suggestions are welcomed at the nomination page :) Sohom (talk) 21:36, 9 March 2024 (UTC)


 * I'm sadly too late to properly comment but I think you got a good discussion in the end - I definitely think I would agree that I'd like to see a shorter and more simple lead section. Joe (talk) 18:40, 20 March 2024 (UTC)

Comprehensive review and update on DNS attack articles for clarity and modern practices
I've conducted a detailed review of articles on DNS-related attacks, including DNS hijacking, spoofing (and cache poisoning), and noticed some areas where we could improve clarity and accuracy, especially regarding the interchangeability of terms and the mention of modern security practices like DoT and DoH.

Terminology Clarification

There seems to be some confusion and overlap in how we define and use terms like DNS hijacking, spoofing, poisoning, cache poisoning, rebinding and redirection. A concerted effort to standardize these terms with clear definitions could significantly benefit the readers. Specifically, distinctions between terms such as DNS hijacking and DNS spoofing, as well as DNS poisoning vs. DNS cache poisoning, need to be more clearly delineated.

Inclusion of MiTM Contexts and Clarification on Attack Strategies

Enhancing these articles to explicitly explain how DNS attacks can facilitate MiTM attacks, including the roles of ARP poisoning and race condition attacks, is necessary. The latter, often conceptualized as a "first reply race" in DNS spoofing scenarios, involves attackers responding to DNS queries more quickly than legitimate servers.

Remedies and Modern Solutions

The absence of discussions on current DNS security measures like DoT (DNS over TLS) and DoH (DNS over HTTPS) in the remedies sections of these articles is a notable gap.

I propose we collaborate to update these articles for accuracy and to reflect latest advancements in DNS security. This effort would involve revising the existing content for clarity, updating terminology to reflect the precise use of DNS-related terms, and adding sections on modern remedies such as DoT and DoH.

I look forward to your feedback, suggestions, and any additional insights you might have on these topics.

Links:

DNS spoofing

DNS hijacking

DNS rebinding

WalterMccan (talk) 12:28, 19 March 2024 (UTC)


 * At a glance, all three of the articles need significant work and I think they'd be a great project for a newish editor. I would encourage you to be WP:BOLD and start by adding verified sources and doing some general housekeeping according to WP:MOS. Hit me up on my talk page if you'd like someone to review what you've done. Joe (talk) 18:35, 20 March 2024 (UTC)
 * Sounds like a plan! I will get on it over the weekend and keep you up-to-date. Thank you. WalterMccan (talk) 11:20, 21 March 2024 (UTC)