Wikipedia talk:WikiProject Computer Security

This is the talk page for discussing WikiProject Computer Security and anything related to its purposes and tasks.

Put new text under old text. Click here to start a new topic.
New to Wikipedia? Welcome! Learn to edit; get help.

Shortcut

WT:COMPSEC

Archives: 1, 2, 3, 4: 90 days

Computer Security: Computing Project‑class

This page is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles

Project

This page does not require a rating on Wikipedia's content assessment scale.

This page is supported by WikiProject Computing.

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Isolation dates on virus pages?[edit]

There are never any sources cited for "isolation dates" on the pages for worms or viruses, nor is there any explanation as to what an isolation date is. I am just curious how this information, in most cases, supersedes the need for a release date, and how in many cases the isolation date is not present. Thanks in advance for anyone who can clear this topic up for me. GordonFreeman1997 (talk) 17:23, 2 February 2024 (UTC)[reply]

The isolation date should be the date when the virus was first analysed by anyone who was able to understand something about the virus. Generally this tends to be for viruses that are developed by organizations that are not forthcoming about the exact origins of the code (and thus generally don't provide release dates). Viruses that have been around for longer periods of time, generally tend to have much fuzzier timelines and so might not have exact isolation dates. Hope that helps. Sohom (talk) 19:02, 2 February 2024 (UTC)[reply]

Thank you so much! This explanation really helps. GordonFreeman1997 (talk) 21:41, 2 February 2024 (UTC)[reply]

FAC for Cross-site leaks[edit]

I've nominated Cross-site leaks (a while back) for promotion to a Featured article. Reviews, comments and suggestions are welcomed at the nomination page :) Sohom (talk) 21:36, 9 March 2024 (UTC)[reply]

I'm sadly too late to properly comment but I think you got a good discussion in the end - I definitely think I would agree that I'd like to see a shorter and more simple lead section. Joe (talk) 18:40, 20 March 2024 (UTC)[reply]

Comprehensive review and update on DNS attack articles for clarity and modern practices[edit]

I've conducted a detailed review of articles on DNS-related attacks, including DNS hijacking, spoofing (and cache poisoning), and noticed some areas where we could improve clarity and accuracy, especially regarding the interchangeability of terms and the mention of modern security practices like DoT and DoH.

Terminology Clarification

There seems to be some confusion and overlap in how we define and use terms like DNS hijacking, spoofing, poisoning, cache poisoning, rebinding and redirection. A concerted effort to standardize these terms with clear definitions could significantly benefit the readers. Specifically, distinctions between terms such as DNS hijacking and DNS spoofing, as well as DNS poisoning vs. DNS cache poisoning, need to be more clearly delineated.

Inclusion of MiTM Contexts and Clarification on Attack Strategies

Enhancing these articles to explicitly explain how DNS attacks can facilitate MiTM attacks, including the roles of ARP poisoning and race condition attacks, is necessary. The latter, often conceptualized as a "first reply race" in DNS spoofing scenarios, involves attackers responding to DNS queries more quickly than legitimate servers.

Remedies and Modern Solutions

The absence of discussions on current DNS security measures like DoT (DNS over TLS) and DoH (DNS over HTTPS) in the remedies sections of these articles is a notable gap.

I propose we collaborate to update these articles for accuracy and to reflect latest advancements in DNS security. This effort would involve revising the existing content for clarity, updating terminology to reflect the precise use of DNS-related terms, and adding sections on modern remedies such as DoT and DoH.

I look forward to your feedback, suggestions, and any additional insights you might have on these topics.

Links:

DNS spoofing

DNS hijacking

DNS rebinding

WalterMccan (talk) 12:28, 19 March 2024 (UTC)[reply]

At a glance, all three of the articles need significant work and I think they'd be a great project for a newish editor. I would encourage you to be WP:BOLD and start by adding verified sources and doing some general housekeeping according to WP:MOS. Hit me up on my talk page if you'd like someone to review what you've done. Joe (talk) 18:35, 20 March 2024 (UTC)[reply]

Sounds like a plan! I will get on it over the weekend and keep you up-to-date. Thank you. WalterMccan (talk) 11:20, 21 March 2024 (UTC)[reply]

Data breach template[edit]

Is there a standard practice for how we treat data breaches on Wikipedia? I'm looking at things like 2011 PlayStation Network outage (which I've done some work on and would appreciate eyeballs), 2015_TalkTalk_data_breach, and 2015_TalkTalk_data_breach - but there isn't much consistency. At the very least they should probably all use Template:Infobox_event, but I'm curious to know if there is any 'best practice' I can look at... Joe (talk) 18:31, 20 March 2024 (UTC)[reply]