this post was submitted on 05 Mar 2026
346 points (99.4% liked)

Technology

82296 readers
4371 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
346
Wikipedia were in read-only mode following mass admin account compromise (www.wikimediastatus.net)
submitted 11 hours ago* (last edited 11 hours ago) by Beep@lemmus.org to c/technology@lemmy.world
29 comments fedilink hide all child comments
 
top 29 comments
sorted by: hot top controversial new old
[–] surfrock66@lemmy.world 31 points 8 hours ago (1 children)

FYI, the kiwix foundation makes offline versions of wikimedia resources (though at pretty wide intervals, depending on the site, annually) which you can download via torrent and browse with a ZIM viewer. I use this as an offline resource on my home LAN, and have used other kiwix downloaded resources to train a local LLM without spamming the real internet: https://library.kiwix.org/

[–] brbposting@sh.itjust.works 16 points 7 hours ago (1 children)

Download a little offline Wiki for rainy days folks!

I take connectivity for granted but shouldn’t. Batteries charged, books on the shelf, offline games and media stored locally…

[–] user224@lemmy.sdf.org 5 points 6 hours ago (1 children)

> Live on a dorm
> There's lots of people
> Cell towers are motherfuckingly overloaded during the day
> 0.09Mbps down, 4.5Mbps up and > 300ms on 4G

[–] grue@lemmy.world 6 points 5 hours ago (2 children)

What kind of shitty-ass dorm relies on cellular connections? When I was in college, we had wired ethernet in the dorms and then wifi on top of that. Piracy was huge, in part because it was a lot of folks' first opportunity to have a fast connection, LOL.

(Admittedly, that was at a research university that had been sitting directly on internet backbone since the NSFNET days, but still...!)

[–] HeyThisIsntTheYMCA@lemmy.world 2 points 2 hours ago

Ah good old dorms. My first t3 line. So much media downloaded, uh, with the express written consent of the license holders I swear

[–] user224@lemmy.sdf.org 6 points 5 hours ago (2 children)

We have that available, I just use mobile data because I disagree with their ToS.
The ToS is so restrictive that you basically immediately break it after connecting a device. I was told that, of course, they don't really care.
Except - there is a point stating the provider has the right to access your computer if there is a suspicion of ToS violation. Considering the network here is a student-run organization, that could easily be exploited if you piss off someone.
Maybe I am just paranoid, but no thanks.

Otherwise, from talking with them, most dorms have 1Gbit, some have 2.5Gbit, and all share a 40Gbit link which could apparently do 100Gbit (I think), but it's capped due to licensing.
They leverage national academic network.
Oh, and they also got a class B subnet back when everyone was sure there's just way too many IPv4s, so NAT isn't being used here.

[–] MigratingApe@lemmy.dbzer0.com 1 points 29 minutes ago

You are not paranoid. People were sued and jailed under CFAA interpretation that violation of ToS is a federal crime.

https://www.eff.org/deeplinks/2020/04/federal-judge-rules-it-not-crime-violate-websites-terms-service

I was under impression that this is still the case after listening to a few of DarkNet Diaries recent episodes.

[–] brbposting@sh.itjust.works 3 points 4 hours ago

paranoid

Mm who wants to rely on someone keeping a verbal promise when it says in writing something like your privacy is at stake?

[–] pelespirit@sh.itjust.works 187 points 11 hours ago (1 children)

We must protect wikipedia, they're our only safe place right now.

[–] Canconda@lemmy.ca 64 points 11 hours ago (1 children)

Ya tonight Im gonna start torrenting one of the backups. I don't normally seed more than 2x ratio but I think this one will be set to trickle seed and stay on for at least 10x

[–] e8CArkcAuLE@piefed.social 31 points 10 hours ago (1 children)

please do if you have the storage space and bandwith

[–] Lost_My_Mind@lemmy.world 14 points 8 hours ago (2 children)

How big is the torrent, and where do I download from?

[–] entropicdrift@lemmy.sdf.org 8 points 5 hours ago* (last edited 5 hours ago) (1 children)

40G if you don't download pics. Closer to 100G with pics (apparently 115G at the moment)

See: library.kiwix.org

Kiwix is the simplest way to host a local Wikipedia backup

[–] HeyThisIsntTheYMCA@lemmy.world 2 points 2 hours ago (2 children)

I'ma let one of you who has 40 spare gigs of HDD space do it

[–] massacre@lemmy.world 2 points 1 hour ago

Going to kick this off tonight and seed for a good long while. I got you fam.

[–] entropicdrift@lemmy.sdf.org 3 points 2 hours ago

I've got a copy on a hard drive and one on my phone

[–] TheTechnician27@lemmy.world 83 points 11 hours ago* (last edited 11 hours ago) (1 children)

Oh, fuck, this is going to be interesting to read about. Just to clarify: it seems like this wasn't just Wikipedia but Wikimedia generally. So that's also e.g. Wiktionary, Wikimedia Commons, Wikidata, etc.

Edit: Decided to check Reddit, and someone posted an ostensibly good summary on /r/wikipedia.

[–] Takapapatapaka@tarte.nuage-libre.fr 120 points 10 hours ago (5 children)

Shameless copy/paste of the main info if anyone wants to catch a glimpse without going to reddit :

Summary of events:

On 5 March 2026, a Wikimedia Foundation employee accidentally imported a malicious script to his account on Meta-Wiki while testing global API limits for user scripts (see his global.js page history). The malicious script was created in 2023 to attack two Russian-language alternative wiki projects, Wikireality and Cyclopedia. In 2024, user Ololoshka562 created a page on the Russian Wikipedia containing the script used in these attacks. The script, which had been sitting dormant on ruwiki for 1.5 years, then spread to several accounts on Meta, including WMFOffice, and mass-deleted pages in namespaces 0–3, leaving behind an edit summary of "Закрываем проект", Russian for "Closing the project". The staff member, as a global interface administrator, has permission to edit meta:MediaWiki:Common.js, which allowed the script to infect any user who visited Meta-Wiki while it was active. To prevent the script from spreading further, all Wikimedia projects were set to read-only for about 2 hours, and all user JavaScript was temporarily disabled.

Post from WMF staff member on Discord:

Hey all - as some of you have seen, we (WMF) were doing a security review of the behavior of user scripts, and unintentionally activated one that turned out to be malicious. That is what caused the page deletions you saw on the Meta log, which are getting cleaned up. We have no reason to believe any third-party entity was actively attacking us today, or that any permanent damage occurred or any breach of personal information.

We were doing this security review as part of an effort to limit the risks of exactly this kind of attack. The irony of us triggering this script while doing so is not lost on us, and we are sorry about the disruption. But the risks in this system are real. We are going to continue working on security protections for user scripts – in close consultation with the community, of course – to make this sort of thing much harder to happen in the future.

[–] thebestaquaman@lemmy.world 62 points 10 hours ago (1 children)

To be fair I would assume that it's better to trigger something like this during a security review when people are actively "online" and focused on security risks than at some other time.

[–] SnotFlickerman@lemmy.blahaj.zone 28 points 10 hours ago

Absolutely and it helped prove why they needed to do this security review to begin with as well as will teach them the nature of how this user script worked so they can put up guardrails for this specific type of attack. An unfortunate event but as long as they are using it to learn from and strengthen their security, overall it's a good thing.

[–] deacon@lemmy.world 16 points 8 hours ago

Ironically it is comments like these that led to Reddit gold. But thank you kind stranger for saving me having to descend into The Depths for this.

[–] Gullible@sh.itjust.works 35 points 10 hours ago (1 children)

That’s hilarious, and I cannot imagine how stressed out that employee is.

[–] db2@lemmy.world 21 points 10 hours ago* (last edited 10 hours ago) (1 children)

After that kind of learning experience that employee needs a reprimand and a raise in that order. You can bet that shit won't happen twice! 😆

[–] crandlecan@mander.xyz 4 points 10 hours ago (1 children)

You want even more Management?? 😨

[–] db2@lemmy.world 11 points 9 hours ago

Raise and promotion are not synonyms.

[–] TheTechnician27@lemmy.world 18 points 10 hours ago* (last edited 10 hours ago)

Danke. This should easily be fine for anyone who's slightly-to-moderately interested; some of the nitty-gritty details like hyperlinks to the edit diffs are excluded from this copy–paste for those who really know their stuff and want to learn more.

[–] Sims@lemmy.ml -4 points 9 hours ago

"The malicious script was created in 2023 to attack two Russian-language alternative wiki projects, Wikireality and Cyclopedia."

So this was a US/Ukrainian attack on Russia that backfired ?? Weird 'friendly fire' situation..

[–] disconnectikacio@lemmy.world -2 points 3 hours ago

Putinists to turn wiki to moscovite narrative?