Today I was patrolling edits on the Habari Wiki and noticed a page of gibberish data with a text block explaining that it was part of a research project. Upon further investigation, it seems that it is part of a project to determine if spamming wikis is a viable method of storing anonymous data online. While, as a concept I find the idea interesting, putting it into practice strikes me as a very, very bad idea.
The whole concept behind the wiki model is one of openness. Allowing anonymous access is a viable choice on these sites, not a security flaw. As Wikipedia has demonstrated, this model can be very effective at producing great work. However the price of this openness is that it requires careful monitoring to prevent abuse. The fact that these students(?) are abusing wikis as part of their "research" means that the people who maintain these wikis are being forced to spend more time deleting spam, which means less time producing content or being otherwise productive. While this is true of any spam, when someone is not only blatant about their abuse, but also (by distributing a list of "unprotected" wikis) facilitating other spammers, I feel that we need to call them out and stop their abuse.
Spamming our wiki is not acceptable. Using our servers and networks for your private data storage without permission is unacceptable. Encouraging other spammers is unacceptable. Abusing our trust and our community is unacceptable. The people behind this "research" should be ashamed, and Brown University should take strong action against them for abusing both Brown's network and that of as many as 14,000 other sites.
If you run a MediaWiki installation, check for this spam and delete it as soon as possible. If your site has been spammed in this fashion, I'd suggest sending a complaint to firstname.lastname@example.org as well detailing the abuse so that they can put a stop to it.
Update: April 11, 2009, 2:04pm
I received a response from the chair of the Brown University CS department.
Thanks to you and other wiki owners who alerted me to this problem. I am very sorry for the inconvenience.
I was not aware of the graffiti project and after seeing several complaints in my mailbox this morning, I immediately conducted an investigation. I found that it is a project led by two graduate students, Andrew Pavlo (PhD) and Ning Shi (Master's), who have been working on it independently. I have just talked to Pavlo reproaching him for his conduct. Pavlo is taking down the system and removing as much as possible the data placed by it. I have also asked him to post an apology on the project website.
The CS department values research integrity and will further investigate the matter according to university policies. For what I have seen so far, this incident seems to have been caused by naive behavior by two students and not deliberate misconduct. In particular, Pavlo is a promising second-year PhD student, full of enthusiasm for research. I regret that he did not consult with his advisor about the ethical and legal implications of his approach to measuring spam persistence in wikis. Also, I hope he learned from his mistake.
Again, I am sorry for the problems caused to your website.
I think that this is an appropriate response to this situation, and assuming that it is followed through on, I think we can chalk this up to over-enthusiasm for an idea and acting without thinking through the wider implications. We've all done this from time to time I'm sure. I have to commend Brown on their timely response and action, especially on a holiday weekend.