Site vandalism

Because the site is potentially editable by anyone some people are concerned that the hard work they could put into contributing might be sabotaged by people manevolently editing or erasing their work. Experience at Wikipedia indicates that there is inevitably some problem with vandalism but that a vigilant community with the right tools can manage this threat easily.

Evidence for this comes from a study by Alex Halavais of the School of Informatics at Buffalo University in New York State, USA. He made 13 changes to the English language Wikipedia, anticipating that most would remain intact and he'd have to remove them in two weeks. He reported that "All were identified and removed within a couple of hours" and found himself "impressed". He attracted the attention of three contributors, who promptly dealt with the problem changes.

Like many, Alex underestimated the great experience and skill the community has at dealing with such things. Vandalism probably happens hundreds of times a day. Once one edit is identified as vandalism a visit to the list of contributions by the same person will rapidly identify the rest. That will result in education, warnings or short term outright blocking of editing by the account, IP address or, in more extreme cases, a whole dialup IP address pool.

Here are some of the hurdles a vandal has to deal with:


 * The Recent Changes Patrol monitors changes which attract their attention via an IRC bot, the Recent Changes page itself or an RSS feed. Recent Changes lists every edit made.


 * Each contributor has a personal watchlist which will inform them of changes made to articles which they have registered an interest in. On average, each article is on the watchlist of two accounts. Relatively mainstream topics usually have more watchers, obscure trivia fewer or none (a hint to those who want to try circumventing this tool...). These watchlists are often checked several times a day, most within a week or so. Since these are usually topic experts, they are likely to detect any subtle changes which the RC patrol misses.


 * Once one edit is identified as vandalism, it's easy to see all other edits by a given IP address or contributor. The experienced anti-vandalism people routinely move on and check the rest once one problem is seen.
 * In tougher cases it's possible to ask members of the technical team to identify links between accounts, using assorted technical means which are restricted to only those whose technical roles already give them access to the tools required to do this. The desire to preserve as much privacy as possible for the community as a whole is the driving force behind this limited access.


 * There's also a tool to identify and block proxy servers, developed in response to a persistent vandal who used to make each edit from a different proxy IP address. At present it's turned off but it seems fairly likely that such edits will be highlighted to attract human review in the future. There's a desire not to block them outright because some normal contributors find them convenient to mask their work location or for other entirely legitimate purposes.

Corrections are easily made because each save of a page creates a new record in the database and all versions of a page are archived and can be reverted to as necessary.