[wp-testers] "spam" attacks on WP.org / plugin rating
deliciousdays
oliver.seidel at deliciousdays.com
Sun Apr 20 20:30:48 GMT 2008
In total we're looking already at 45 1-star ratings, which is for some
other
plugins (I believe 4 to 5 of the top rated ones got hit), about 1/3 to
/1/4 of their
overall votes.
It all happened withing a few days and considering that it took for some of
these 12-18 months to build up a good rating, based on good and consistent
support and coding, it's unnecessary.
Coincidentally a new plugin had emerged not so long ago (roughly two weeks
old) and despite quite negative press, already has 56 (!!) votes and
deducting
some negative actual ratings, leave the plugin with about 30-40 some 5-star
ratings - v*e*r*y odd?!
I don't want to point fingers, but the coincidence is striking (14 days!).
Oliver
Aaron Harun wrote:
> The cause of the problem is that WP.org doesn't require unique email
> addresses. If you really wanted to be unethical, it takes about 2
> seconds to register a name, change it slightly and register another
> one. You basically end with a list of users and passwords that you
> just need to copy and paste.
>
> The highest rated plugin has 217 ratings. If you were to take 2
> seconds per registration and 5-10 per rating. It would take about
> 20-40 minutes for someone to _manually_ vote that many times. If
> someone made a bot, it would take seconds.
>
> This is the cause of the problem and the hole that should be closed.
>
> The fact that there were only 15 one-star ratings should make the
> plugin author feel glad that the rater didn't feel like spending more
> than a minute or two doing it.
>
> Aaron.
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>
>
More information about the wp-testers
mailing list