Post Sun Nov 05, 2006 6:16 pm

Wikipedia hijacked? Not really.

I saw this article on Slashdot this morning.
http://www.tech2.com/india/news/telecom/wikipedia-hijacked-to-spread-malware/2667/0


The article wrongly claims that Wikipedia was "hijacked" when in fact the perpetrators simply created a new article and put information in it with the same permission of any ordinary user.  No exploit was used against wikipedia, however the attack did take advantage of wikipedia's good name.  As wikipedia has become more popular and it's credibility has increased people are more trusting of the links presented on the site.  One of the links that the perpetrators put on their article was a link to a malicious web site that was spreading a virus.

I wonder if Wikipedia blocks any attempt to put scripting code into an article.  I've used mediawiki software before and usually I can put whatever code I want to in an article as long as I put the code between <nowiki> tags.  I'm not going to edit a wikipedia article to find out, but I would like to know if that stuff is blocked.  If not it would present a tempting target for people trying to spread malware.