Comments (11)
tomhughes
commented on June 16, 2024
4
Yes but community.openstreetmap.org is a better place to discuss with the community - here you're only going to find a small number of developers who are just going to get annoyed by a never-ending thread with no actionable conclusions.
I also largely disagree with the idea that something more needs to be done, or rather I think I have already identified a way to prevent the type of action used in the recent attacks from causing significant disruption and have taken steps to action that by opening osm2pgsql-dev/osm2pgsql#2185.
from openstreetmap-website.
mmd-osm
commented on June 16, 2024
2
The editing app can be easily faked, as it has happened before. You could pretend to be iD and still do large scale changes.
The dormant accounts idea might work from a technical pov, probably needs a bit more thought.
Sorry, we donβt have review queues or anything like that. It would be a huge change to the architecture and overall mapping process.
from openstreetmap-website.
tomhughes
commented on June 16, 2024
2
Also see https://community.openstreetmap.org/t/the-osm-standard-tile-layer-looks-wrong-white-lines-abusive-comments-etc/111583/193 for why a "review queue" is a nice idea but a huge task with significant problems.
from openstreetmap-website.
bhousel
commented on June 16, 2024
1
No. Even in the browser editor iD this is a mouse click away and freely changeable:
Not quite - users can type here, but it won't actually accept their change. Those fields are locked to their original values.
(The original point is correct though that it's trivially easy to fork iD, or any other OSM editor, and have it call itself something else, making the idea of combating vandalism by looking at the created_by tag a non-starter.)
from openstreetmap-website.
aredridel
commented on June 16, 2024
Segregate suspicious edits for review, or commit on a delay. Specifically "large bounding box from newish account" and "golf-related from a new account" seem to be pretty obviousmarkers.
from openstreetmap-website.
tomhughes
commented on June 16, 2024
None of this is something that is best discussed here - discuss it with DWG and come back when you have concrete requests.
Note that "chessiegp9" was a relatively minor even and didn't actually make a significant number of edits so it's unlikely rate limits would have much effect there.
from openstreetmap-website.
CorruptComputer
commented on June 16, 2024
The editing app can be easily faked, as it has happened before. You could pretend to be iD and still do large scale changes.
The changeset tags for the app maybe, but wouldn't the 'Client ID' for the app be harder? That would require changing and building from source wouldn't it? It would still be possible to fake this, but it would add an additional barrier that they would need to cross for it.
from openstreetmap-website.
SomeoneElseOSM
commented on June 16, 2024
discuss it with DWG and come back when you have concrete requests.
Actually, we'd probably just say "discuss it with the community first so that people are happy about the way that contributing to OSM has changed". There was significant pushback against rate limiting from organisations that rely on putting lots of newbies in front of computers and doing some remote editing; we'd need to ensure that if we're going to change the way that people can contribute that people are (a) aware and (b) happy about that change.
from openstreetmap-website.
CorruptComputer
commented on June 16, 2024
discuss it with DWG and come back when you have concrete requests.
[...] "discuss it with the community first so that people are happy about the way that contributing to OSM has changed". [...]
Yeah, I opened this issue so a discussion could take place here. Its obvious that something needs to be done, but nothing will get better if we just shut down the conversation and kick the problem down the road to different groups.
from openstreetmap-website.
HolgerJeromin
commented on June 16, 2024
The editing app can be easily faked, as it has happened before. You could pretend to be iD and still do large scale changes.
The changeset tags for the app maybe, but wouldn't the 'Client ID' for the app be harder? That would require changing and building from source wouldn't it?
No. Even in the browser editor iD this is a mouse click away and freely changeable:
from openstreetmap-website.
CorruptComputer
commented on June 16, 2024
The editing app can be easily faked, as it has happened before. You could pretend to be iD and still do large scale changes.
The changeset tags for the app maybe, but wouldn't the 'Client ID' for the app be harder? That would require changing and building from source wouldn't it?
No. Even in the browser editor iD this is a mouse click away and freely changeable:
Thats not at all what I am talking about though, I'm talking about the Client ID that the editor uses to identify itself to the OSM API. While this is still something that can be changed, it would require rebuilding the application from source which is adding a higher barrier to entry for these vandals. Sure it won't stop a persistent vandal, but it would make them need to work a bit harder for it and I'd imagine some would probably just give up if its too much work to be worth it for them.
https://github.com/openstreetmap/iD/blob/develop/config/id.js#L14
from openstreetmap-website.
Related Issues (20)
- Maybe rate limit changeset size? HOT 9
- Improve the text of a mail about comments to a changeset HOT 11
- Cursor not in first input field of login form
- Allow notes to be moved HOT 4
- API: List IDs of hidden notes HOT 2
- Add "Like" button to diary entries HOT 2
- PUT /api/0.6/gpx/:id causes HTTP 500 Internal Server Error HOT 3
- Add original note in note reply email HOT 7
- GPS trace tiles do not load HOT 2
- Minimum/maximum supported URL length for API queries is not documented (or guaranteed fwiw), provide it via capabilities call HOT 7
- Wikipedia links with question mark HOT 2
- Address of building:part is not shown HOT 3
- Refactor usage of check_api_readable/writable HOT 2
- Refactor api_call_* filters HOT 2
- Netherlands contributor URL on Copyright page no longer valid HOT 2
- Indicate when a changrset comment is added by a moderator. HOT 3
- Note resolved email notifications are failing to return address HOT 5
- HTTP 500 when trying to open a diary entry via a link HOT 5
- Prevent page change when writing messages HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openstreetmap-website.