Page MenuHomePhabricator
Create Task
Maniphest T156240

Stop writes on hash conflicts & log that they occour
Closed, ResolvedPublic
Actions

Details

SubjectRepoBranchLines +/-
Log hash key conflictsmediawiki/extensions/Cognatemaster+145 -19
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 OpenFeatureNoneT13996 A way to select which parts of Wiktionary articles to show
 OpenFeatureNoneT14213 Following a link to a language entry in Wiktionary should display only that entry
 OpenFeatureNoneT13998 A way to show only those languages on Wiktionary that the user is interested in
 OpenFeatureNoneT38881 Wiktionary needs usable API
 OpenNoneT31229 Extension to provide access via the dict protocol
 ResolvedLydia_PintscherT146637 Wikidata 2016 Q4 goals
 ResolvedLydia_PintscherT150179 Wikidata 2017 Q1 goals
 OpenNoneT109579 [Epic] Give more sister projects access to Wikidata
 ResolvedLydia_PintscherT986 Use structured data on Wiktionary
 ResolvedLydia_PintscherT988 Phase 1: Represent Wiktionary lexicon using structured data
 ResolvedLydia_PintscherT987 [Story] Phase 0: Automate interwiki language links for Wiktionary
 ResolvedLydia_PintscherT169708 Wikidata 2017 Q3 goals
 ResolvedLydia_PintscherT150178 Wikidata 2017 Q2 goals
 ResolvedLydia_PintscherT159316 Enable arbitrary access on English Wiktionary
 ResolvedaudeT158323 enable sitelinks on Wikidata for Wiktionary pages outside main namespace (phase 1)
 ResolvedAddshoreT150182 Deploy Cognate extension to production
 ResolvedAddshoreT156241 Deploy Cognate extension to beta
 ResolvedAddshoreT149082 Security review for Cognate Extension
 ResolvedAddshoreT156240 Stop writes on hash conflicts & log that they occour
 ResolvedaudeT158324 Enable phase 1 for Wiktionary at beta cluster
 ResolvedNoneT158325 Enable phase 1 for Wiktionary at test Wikidata
 OpenNoneT166765 Investigate the case of custom namespaces

Event Timeline

Addshore created this task.Jan 25 2017, 10:25 AM
Addshore claimed this task.Jan 25 2017, 10:29 AM
Addshore moved this task from Unsorted 💣 to Next on the User-Addshore board.Jan 25 2017, 10:34 AM
Bawolff subscribed.Jan 26 2017, 12:32 AM

The scenario i was thinking of is someone uses gpus to brute force a conflict between a real title and the normalized version of a naughty string.

So e.g. if "Dog" and "Bawolff sucks...GHHDCBTSfgjbftgdthn" collide after normalization (this is just a theoretical example, they dont actually collide), the vandal could create the page "Bawolff sucks...GHHDCBTSfgjbftgdthn" on an obscure language and now suddenly the en page for Dog has an interlanguage link to a maliciously titled page, and the users dont understand what happened.

daniel added a comment.Jan 26 2017, 1:18 AM

@Bawolff well, right now, all the vandal has to do is go to the page and add [[nds:Bawolff sucks...GHHDCBTSfgjbftgdthn"]] to the page... Granted, the fix is a bit less obvious, but deleting a page is easy enough.

Oh, btw...

@Addshore do we have a way to prune the titles table, so we don't accumulate too much garbage there?... I don't see a good way, really.

Bawolff added a comment.Jan 26 2017, 8:42 AM
In T156240#2971262, @daniel wrote:

@Bawolff well, right now, all the vandal has to do is go to the page and add [[nds:Bawolff sucks...GHHDCBTSfgjbftgdthn"]] to the page... Granted, the fix is a bit less obvious, but deleting a page is easy enough.

I agree its somewhat of a far fetched scenario (since its high effort for a relatively low amount of disruption). As I said in the parent task, im not sure how important this should be. Maybe we should just document it and deem it an acceptable risk. However the more I think about it the more I like the idea of mitigating by using a keyed hmac with a secret key (to prevent offline attacks)

gerritbot added a comment.Jan 26 2017, 12:00 PM

Change 334316 had a related patch set uploaded (by Addshore):
Log hash key conflicts

https://gerrit.wikimedia.org/r/334316

gerritbot added a project: Patch-For-Review.Jan 26 2017, 12:00 PM
Addshore mentioned this in rECOG37b167d341e1: Log hash key conflicts.Jan 26 2017, 12:01 PM
Addshore closed this task as Declined.Jan 26 2017, 12:03 PM
In T156240#2971262, @daniel wrote:

@Addshore do we have a way to prune the titles table, so we don't accumulate too much garbage there?... I don't see a good way, really.

We could write a maintenance script or do this in a deferred update?

Addshore reopened this task as Open.Jan 26 2017, 12:03 PM
Addshore moved this task from Proposed to Currently in sprint on the WMDE-TechWish board.
Addshore moved this task from Next to Active 🚁 on the User-Addshore board.
Addshore mentioned this in rECOG94754b949fa2: Log hash key conflicts.Jan 27 2017, 3:45 PM
gerritbot added a comment.Jan 30 2017, 7:25 PM

Change 334316 merged by jenkins-bot:
Log hash key conflicts

https://gerrit.wikimedia.org/r/334316

Addshore moved this task from Active 🚁 to Closing ✔️ on the User-Addshore board.Jan 31 2017, 10:00 AM
Addshore moved this task from Currently in sprint to Done on the WMDE-TechWish board.
Addshore moved this task from incoming to in progress on the Wikidata board.Jan 31 2017, 11:30 AM
Addshore closed this task as Resolved.Jan 31 2017, 12:57 PM
Addshore moved this task from Done to Demoed on the WMDE-TechWish board.Mar 9 2017, 9:40 AM
Tobi_WMDE_SW removed a project: WMDE-TechWish.Jun 7 2017, 12:00 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL