wiki.erights.org down?
|
View:
New views
20 Messages
—
Rating Filter:
Alert me
|
 |
wiki.erights.org down?
by Mark Miller-2
::
Rate this Message:
Is wiki.erights.org down?
-- Text by me above is hereby placed in the public domain Cheers, --MarkM _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: wiki.erights.org down?
by James Graves
::
Rate this Message:
Mark Miller wrote:
> Is wiki.erights.org down? Yes it was. Rebooted now. I've really got to get going on that newer hardware. James _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: wiki.erights.org down?
by Mark Miller-2
::
Rate this Message:
On Dec 3, 2007 7:40 AM, James Graves <ansible@...> wrote:
> Mark Miller wrote: > > Is wiki.erights.org down? > > Yes it was. Rebooted now. I've really got to get going on that newer > hardware. Hi James, wiki.erights.org seems to be down again. If you need someone to volunteer hosting services, donate hardware, or whatever, please ask on e-lang. -- Text by me above is hereby placed in the public domain Cheers, --MarkM _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: wiki.erights.org down?
by James Graves
::
Rate this Message:
Mark Miller wrote:
> Hi James, wiki.erights.org seems to be down again. If you need someone > to volunteer hosting services, donate hardware, or whatever, please > ask on e-lang. Yes, it is down. I'm at home right now, so I can't restart it (lots of snow today). I should be able to drive into work later today and give it a kick. Hmmm... you know, I was planning on upgrading the OS and software... but I haven't had the time / gumption to get it set up and running. I apoligize for this. The quickest short-term solution would be to just copy the drive onto a new system. I'll try to do that ASAP. If someone else who has more time and energy would like to take over hosting the wiki, that would be fine too. Best regards, James _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: wiki.erights.org down?
by James Graves
::
Rate this Message:
Hi all, The wiki is up and running on a slightly newer, slightly faster box. Ideally, we'd still upgrade to the latest OS, MediaWiki, etc. software, but that'll have to wait for another weekend. Next I'll work on that catchpa stuff next. I'm not going to promise a specific date though. ------------------------------------------------------------------- What do we want the policy to be with users and editing anyway? First, we tried just plain open (anonymous users can edit), and got some spam that way. We would revert the changes and also block that IP address. Next, we tried to require a user account to edit pages. And we got some spam that way (a lot). So we'd (*) ban the user, and revert the changes. However, with the current MediaWiki software, you don't easily see the IP address the user signed up with, because ideally we'd also just ban that IP as well. So I forget the details with the catchpa software... did we want to use that for signing up new accounts. Or for making any edits? Or for making only anonymous edits and allowing anonymous edits again? ---------------------------------------------------------------- Another option is to only allow account creation by the sysops. Right now there are just three sysops: MarkM, Kevin and myself. And only I am a 'bureaucrat', who can give sysop access to other users. Anyone else who wants either of these privileges, just let me know. James (*) By 'we' I mean mostly other people besides myself. Thanks to everyone who is keeping an eye on the recent changes log. _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Wiki access policy (was: wiki.erights.org down?)
by Kevin Reid-2
::
Rate this Message:
On Feb 2, 2008, at 17:37, James Graves wrote:
> So I forget the details with the catchpa software... did we want to > use > that for signing up new accounts. Or for making any edits? Or for > making only anonymous edits and allowing anonymous edits again? I would suggest captchas for both account creation and anonymous editing; I'm not sure whether to allow anonymous editing. > Another option is to only allow account creation by the sysops. I think this is slightly too much of a barrier to entry, because it requires contacting a sysop. -- Kevin Reid <http://homepage.mac.com/kpreid/> _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: wiki.erights.org down?
by Karp, Alan H
::
Rate this Message:
James Graves wrote:
> > Next I'll work on that catchpa stuff next. I'm not going to promise a > specific date though. > You should use recaptcha (http://recaptcha.net/) instead. It gives the same protection as captchas and helps digitize books. I would require them for setting up an account and making anonymous edits. That way somone who doesn't edit often doesn't have to bother setting up an account. ________________________ Alan Karp Principal Scientist Virus Safe Computing Initiative Hewlett-Packard Laboratories 1501 Page Mill Road Palo Alto, CA 94304 (650) 857-3967, fax (650) 857-7029 http://www.hpl.hp.com/personal/Alan_Karp _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by James Graves
::
Rate this Message:
Kevin Reid wrote:
> I would suggest captchas for both account creation and anonymous > editing; I'm not sure whether to allow anonymous editing. With the current capability of the MediaWiki software we're using, I'm inclined to turn back on anonymous edits, just so that we can ban based on IPs again. >> Another option is to only allow account creation by the sysops. > > I think this is slightly too much of a barrier to entry, because it > requires contacting a sysop. This is definitely a concern. I'm still worried that even requiring an account to edit is too much a barrier to entry. But I have no way to easily measure that. James _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by Bill Frantz
::
Rate this Message:
ansible@... (James Graves) on Saturday, February 2, 2008 wrote:
>> I think this is slightly too much of a barrier to entry, because it >> requires contacting a sysop. > >This is definitely a concern. I'm still worried that even requiring an >account to edit is too much a barrier to entry. But I have no way to >easily measure that. I can testify that it is a barrier to contribution. I promised almost a year ago to have a go at the KeyKOS entry in Widipedia. I kind of think that if I make major contributions, I should do it under some stable name, which means an account. On the other hand, I haven't set up an account for reasons that aren't justifiable, or even admitting to description, although I assure you they are quite real. Cheers - Bill ----------------------------------------------------------------------- Bill Frantz | I like the farmers' market | Periwinkle (408)356-8506 | because I can get fruits and | 16345 Englewood Ave www.pwpconsult.com | vegetables without stickers. | Los Gatos, CA 95032 _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by James Graves
::
Rate this Message:
Bill Frantz wrote:
> ansible@... (James Graves) wrote: > >> This is definitely a concern. I'm still worried that even requiring an >> account to edit is too much a barrier to entry. But I have no way to >> easily measure that. > > I can testify that it is a barrier to contribution. I promised > almost a year ago to have a go at the KeyKOS entry in Widipedia. I > kind of think that if I make major contributions, I should do it > under some stable name, which means an account. On the other hand, > I haven't set up an account for reasons that aren't justifiable, or > even admitting to description, although I assure you they are quite > real. I think it in part has to do with managing yet another username / password. Since we are all good netizens, we will use a different password for distinct sites to prevent someone who breaks into one site from accessing our other accounts. So if you 'get around' to the extent that I do, it wouldn't be unusual to have over 100 of them. Most of these aren't terribly security critical, like my New York Times login. Conferences, blogs, developer sites, stupid little routers, wiki passwords (I have at least 6 of these), etc. They do tend to accumulate. Ah, but how to keep track of them? The thought of adding yet another is a little bit depressing to many people I suspect. I can only keep about 20 different ones memorized and that's if I use them regularly. The only answer right now is to write down the username and password somewhere. Some people write them on a piece of paper stashed in the wallet. But admit it, you feel guilty about doing that, for a variety of reasons. I think the best solution is to encrypt them. I use this GPG plugin for VIM to automatically decrypt / encrypt files while editing them: http://www.vim.org/scripts/script.php?script_id=661 Very handy. I keep a copy of the file on a flashdrive... which I'm not too worried about losing. James P.S. Isn't obj-cap security supposed to fix all this? :-) _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by Toby Murray-4
::
Rate this Message:
On Mon, 2008-02-04 at 09:05 -0600, James Graves wrote:
> Since we are all good netizens, we will use a different password for > distinct sites to prevent someone who breaks into one site from > accessing our other accounts. > > So if you 'get around' to the extent that I do, it wouldn't be unusual > to have over 100 of them. You want PassPet mate. http://www.passpet.org Speaking of which, does anyone on e-lang know when / if we're likely to see a PassPet release? I've been eagerly awaiting it since I read the SOUPS paper. In the meantime, you may be able to get mileage with Alan Karp's Password Safe, which appears to be a less feature-ful predecessor of PassPet. http://www.hpl.hp.co.uk/personal/Alan_Karp/site_password/index.html > P.S. Isn't obj-cap security supposed to fix all this? :-) Instead of writing down 100 different passwords, you'll have 100 different bookmarked YURLs... But each site will probably then implement a YURL-recovery scheme for when you reinstall your machine and lose all of your bookmarks that's based on username/password ;) _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by Karp, Alan H
::
Rate this Message:
James Graves wrote:
> > Ah, but how to keep track of them? The thought of adding yet > another is > a little bit depressing to many people I suspect. I can only > keep about > 20 different ones memorized and that's if I use them regularly. > You can also use a password calculator, such as http://www.hpl.hp.com/personal/Alan_Karp/site_password/index.html. If you're on a Windows machine, just run the executable. There's also a JavaScript version, but it's too ugly to put up a link. An even better solution for Firefox is Ping's Passpet at http://passpet.mozdev.org/. ________________________ Alan Karp Principal Scientist Virus Safe Computing Initiative Hewlett-Packard Laboratories 1501 Page Mill Road Palo Alto, CA 94304 (650) 857-3967, fax (650) 857-7029 http://www.hpl.hp.com/personal/Alan_Karp _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: wiki.erights.org down?
by James Graves
::
Rate this Message:
Karp, Alan H wrote:
> James Graves wrote: >> Next I'll work on that catchpa stuff next. I'm not going to promise a >> specific date though. >> > You should use recaptcha (http://recaptcha.net/) instead. It gives the same protection as captchas and helps digitize books. > > I would require them for setting up an account and making anonymous edits. That way somone who doesn't edit often doesn't have to bother setting up an account. I was feeling plucky and so implemented reCAPTCHA on wiki.erights.org. Turned out to be fairly easy and quick, because they've got a MediaWiki plugin already. As a consequence, I've re-enabled anonymous edits. Let's see if that ends up being a problem. I've done some basic testing, and everything seems to be fine. Now I need to go through and delete all those bogus accounts. James _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by James Graves
::
Rate this Message:
The password calculator might work for me, as long as I settle on rules for the site names. I'd also need to use the same login name for all the sites, which is a slight problem in a couple cases. Though the calculator won't work in the situations where I don't get to set the password in the first place, or have to share it with someone else. Yes, yes, not the best security practice, I know. I don't think I can use Passpet at all, because I need passwords for other things besides websites. And I surf the Internet from 4 different machines on a regular basis. Without some means to have all of them synchronized automatically, I wouldn't find that convenient. Interesting though. Thanks guys, James _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by Karp, Alan H
::
Rate this Message:
James Graves wrote:
> > The password calculator might work for me, as long as I > settle on rules > for the site names. I'd also need to use the same login name for all > the sites, which is a slight problem in a couple cases. > You can write down your userids and sitenames on a piece of paper you carry in your wallet. They have little security value without your master password. In fact, I keep mine on an external web page. I just don't have a link to it, nor do I tell anyone the URL. ________________________ Alan Karp Principal Scientist Virus Safe Computing Initiative Hewlett-Packard Laboratories 1501 Page Mill Road Palo Alto, CA 94304 (650) 857-3967, fax (650) 857-7029 http://www.hpl.hp.com/personal/Alan_Karp _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by Andrea Campi-10
::
Rate this Message:
On Feb 5, 2008 5:05 PM, James Graves <ansible@...> wrote:
> > I don't think I can use Passpet at all, because I need passwords for > other things besides websites. And I surf the Internet from 4 different > machines on a regular basis. Without some means to have all of them > synchronized automatically, I wouldn't find that convenient. If you are on Mac, have a look at 1Password (http://1password.com/), it looks like it may match all requirements. Including sync between computers, since it stores passwords online, AES crypted. Standard disclaimer, not affiliated, just a happy customer. Bye, andrea _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by James Graves
::
Rate this Message:
Karp, Alan H wrote:
> You can write down your userids and sitenames on a piece > of paper you carry in your wallet. They have little security > value without your master password. In fact, I keep mine on an > external web page. I just don't have a link to it, nor do I > tell anyone the URL. Interesting and useful. A next version could include some means to store the usernames and sitenames into a small centrally-maintained DB. So I could type 'amazon' and it would search the DB, and pop in amazon.com (which I previously put in as the canonical name) along with my username for Amazon. Could search on the username too. I'd also include a special 'copy' button next to each field, so that I can just click that instead of highlighting the text and typing Ctrl-C. Maybe have a local DB using SQLite, and then download / upload the file using scp or WebDAV with SSL. Thanks, James _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
Re: Wiki access policy
by Karp, Alan H
::
Rate this Message:
James Graves wrote:
> > A next version could include some means to store the usernames and > sitenames into a small centrally-maintained DB. So I could type > 'amazon' and it would search the DB, and pop in amazon.com (which I > previously put in as the canonical name) along with my username for > Amazon. Could search on the username too. The product version does better than that. It includes a petname field that links the https connection to your sitename and userid. (Thank Ping for that bit of brilliance.) You only have to click a button on the toolbar to fill in your userid and computed password. Unfortunately, that version is only being distributed via third parties that license it from HP. Ping's PassPet goes one better, letting you specify a server that stores your info. > > I'd also include a special 'copy' button next to each field, so that I > can just click that instead of highlighting the text and > typing Ctrl-C. > The product version provides that feature. ________________________ Alan Karp Principal Scientist Virus Safe Computing Initiative Hewlett-Packard Laboratories 1501 Page Mill Road Palo Alto, CA 94304 (650) 857-3967, fax (650) 857-7029 http://www.hpl.hp.com/personal/Alan_Karp _______________________________________________ e-lang mailing list e-lang@... http://www.eros-os.org/mailman/listinfo/e-lang |
|
|
|
|
|
Re: Wiki access policy
by Karp, Alan H
::
Rate this Message:
|
