[sugar] Invitation to connect on LinkedIn
LinkedIn I'd like to add you to my professional network on LinkedIn. - Luke Luke Faraone Software Engineer at Humbug, Inc. Greater Boston Area Confirm that you know Luke Faraone: https://www.linkedin.com/e/e4qzkj-hgdqgalf-5m/isd/13023859507/prxXkRSv/?hs=false&tok=2cM_gIYTOUT5I1 -- You are receiving Invitation to Connect emails. Click to unsubscribe: http://www.linkedin.com/e/e4qzkj-hgdqgalf-5m/Xe0WyfGUtsDkzt-3uxW0n5e2VQfvkQ758Rl/goo/sugar%40lists%2Elaptop%2Eorg/20061/I4312104247_1/?hs=false&tok=2R3JuRTsuUT5I1 (c) 2012 LinkedIn Corporation. 2029 Stierlin Ct, Mountain View, CA 94043, USA. ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] Unable to exit Etoys.
Hi Rafael, On 13 February 2013 11:14, Rafael Ortiz wrote: > We are having an error while trying to exit etoys > This mailing list is no longer actively used; you want to email sugar-de...@lists.sugarlabs.org instead. -- \___/ |___| Luke Faraone, Web Infrastructure \___\ One Laptop Per Child - http://laptop.org/ ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
Ever seen those popups that try to look like windows dialogs to get you to install spyware? The same can be done here, and sugar doesn't help by naming browse's spawned windows as "rainbow-daemon"... The point is moot, however, because the user is simply giving his authorization (not a password), and the jabber authentication messages have to originate from the actual XO. (or machine with that JID). -lf On Dec 4, 2008, at 10:59, "Sebastian Silva" wrote: > Second, and more importantly, if we do this right, his description of > the problem does not bite us because a child is already logged in by > the time he goes outside to the wild phishing monster filled world. > If the fake OpenID sends you to a fake user/pass page (weren't we > discussing passwordless?) - it should be suspicious since he'll know > he's already logged in. > > Also, more importantly, if the login confirmation is done via the GUI > (and not a website), then the problem is gone (how can you fake a > sugar dialog from a website?). -LF ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Thu, Dec 4, 2008 at 19:17, Greg Smith <[EMAIL PROTECTED]> wrote: > I'm copying in Devel and will drop the sugar list on further replies > (hope that's the right netiquette in this case...). (note: I'm not on devel, so please keep me CC'd) > > security) who are the principals? > > what are their goals? > > what attacks concern us? > > GS - In general I don't want any other devices to be able to appear to > be the XO. We can assume that the XS <-> XO is a secure network not > visible to the outside workd (whether that is true in practice is > another story). So I moved the encryption and stringent security > requirements to the optional case where the XO is talking to a non-XS > server. > I'd rather not make that assumption. Some schools may not have a _local_ school server (even dispite our best wishes) or a student may want to access the server from a non-local connection. The XS, IMHO, should support the "road warrior" use case (at least for post-registration) -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
Oops, sent from the wroong address: On Dec 4, 2008, at 11:39, Luke Faraone <[EMAIL PROTECTED]> wrote: > Ever seen those popups that try to look like windows dialogs to get > you to install spyware? The same can be done here, and sugar doesn't > help by naming browse's spawned windows as "rainbow-daemon"... > > The point is moot, however, because the user is simply giving his > authorization (not a password), and the jabber authentication > messages have to originate from the actual XO. (or machine with that > JID). > > -lf > > On Dec 4, 2008, at 10:59, "Sebastian Silva" > <[EMAIL PROTECTED]> wrote: >> Second, and more importantly, if we do this right, his description of >> the problem does not bite us because a child is already logged in by >> the time he goes outside to the wild phishing monster filled world. >> If the fake OpenID sends you to a fake user/pass page (weren't we >> discussing passwordless?) - it should be suspicious since he'll know >> he's already logged in. >> >> Also, more importantly, if the login confirmation is done via the GUI >> (and not a website), then the problem is gone (how can you fake a >> sugar dialog from a website?). ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Thu, Dec 4, 2008 at 07:18, Martin Langhoff <[EMAIL PROTECTED]>wrote: > Moodle is PHP and there are PHP libs and I > suspect there may be sample implementations. The "standard" PHP-OpenID library is at http://openidenabled.com/php-openid/ An example of OpenID implemented in another PHP application (MediaWiki) is at http://www.mediawiki.org/wiki/Extension:OpenID More examples are detailed at http://wiki.openid.net/Website_Software -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Tue, Dec 2, 2008 at 20:28, Sebastian Silva <[EMAIL PROTECTED]>wrote: > (except I just realized another kid can still see all your stuff by > using your laptop) > That's always the case with the XO's security model; they can view your journal, access your keys, etc. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Tue, Dec 2, 2008 at 19:32, Sebastian Silva <[EMAIL PROTECTED]>wrote: > Well initially, it was stated the problem was only to identify the > laptop, not the user, right? > (the ssh way) > That is, user=laptop is assumed so no need to even bug the user. > I'm not liking it much because it would me another kid could take your > laptop and log into all your stuff (which is true whichever way we > implement it, its the problem with user=laptop). Otherwise, how can be be sure that _any_ human _physically_present_ at the laptop authorized the request, and not a remote user? If we just have the laptop "accept all"... -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Tue, Dec 2, 2008 at 18:35, Sebastian Silva <[EMAIL PROTECTED]>wrote: > 3.- The laptop confirms the user is requesting from it. This is somewhat of a problem: how can we do this without giving the user too many "did you really mean this" prompts? -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Tue, Dec 2, 2008 at 17:42, Martin Langhoff <[EMAIL PROTECTED]>wrote: > If we could switch to https easily, we could skip all this song and > dance and just use client certs. Why can't we, exactly? More and more non-standardness is _bad_ for security. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Tue, Dec 2, 2008 at 17:29, Benjamin M. Schwartz <[EMAIL PROTECTED] > wrote: > You misunderstand our purpose. The immediate technical goal is to > authenticate that a given connection goes to a particular XO. The machine > itself then becomes the identifying token used to authenticate the > identity of the user. Unfortunately that will only work for web applications which are "sugar-aware"; the plus of openID is it's one standard, and everyone (soon) will support it. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Tue, Dec 2, 2008 at 17:07, Sebastian Silva <[EMAIL PROTECTED]>wrote: > > OpenID, specifically, would be hard to implement in the current version > of > > the spec, as our devices FQDNs will be changing often. Locally, it might > > work, but remote identification is a problem. > > Actually, my regular laptop's FQDN changes all the time and I have no > problem remembering my OpenID ? Perhaps my browser can help me with > this? That's a different model. We want the openID _provider_ to be either on the laptop itself or on the school server. Since the _server_ has a changing FQDN, this becomes harder. The solution would be to propose a change to the protocol or register the school servers domains (or subs) with a Dynamic DNS provider. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] XO identity shared via Browse
On Tue, Dec 2, 2008 at 16:32, Yamandu Ploskonka <[EMAIL PROTECTED]>wrote: > Also, re:spoofing, there would need to be an update of the data being > sent, maybe changes with the clock, daily? Don't know how to keep the > algorythm secure and still have this Open. > That is mistake #1: Secret algorithms are _less_ secure than open ones, as secret ones have a smaller group of testers. There's a reason why _everybody_ uses AES, Blowfish, and the lot; it's because they've been publicly tested and held up to it. OpenID, specifically, would be hard to implement in the current version of the spec, as our devices FQDNs will be changing often. Locally, it might work, but remote identification is a problem. A tried-and-true way to go about this would be using Client Side Certificates, which has found to work under browse. In addition, the user data can be encrypted using GPG prior to transmission/storage, and if you want escrow of data you can encrypt it for two keys. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] Sugar on Ubuntu Intrepid broken
On Thu, Nov 27, 2008 at 13:52, Edward Cherlin <[EMAIL PROTECTED]> wrote: > On Thu, Nov 27, 2008 at 7:45 AM, Erik Blankinship <[EMAIL PROTECTED]> > wrote: > > Perhaps address how Activity authors might need to handle / work > > around the different distro specifics on one page, unless the goal is > > to have different activity releases per distro. > > We think that most of the distro specifics are packaging problems, > specifically missing or incorrect dependencies. So they should be > reported to the distro concerned, except when, on investigation, some > deeper error surfaces. In this case, we have at least two dependency > problems. > > o sugar.py or something like that didn't get installed Sugar-on-ubuntu (fresh intrepid install) works for Morgan and myself, as well as various other testers, so the problem is most likely one of local configuration. Please try the following: # sudo apt-get purge sugar sugar-\* # sudo apt-get install sugar sugar-activities sugar-emulator o sugar-datastore should have been removed automatically, and > python-olpc-datastore installed. You've worked around that one, and it's been reported. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] Sugar on Ubuntu Intrepid broken
On Wed, Nov 26, 2008 at 17:07, Edward Cherlin <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED]:~$ sugar-emulator > Traceback (most recent call last): > File "/usr/bin/sugar-emulator", line 22, in >from emulator import main > File "/usr/share/sugar/shell/emulator.py", line 31, in >from sugar import env > ImportError: No module named sugar Edward, this is not a Sugar problem, please ask about it on the sugar-ubuntu mailing list. In any case, how did you install sugar, exactly? It works fine for me on a fresh intrepid install. Please provide more details. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] [IAEP] list of complaints from sugarcamp community building talk
On Tue, Nov 25, 2008 at 08:48, Simon Schampijer <[EMAIL PROTECTED]> wrote: > Carol Farlow Lerche wrote: > > Please DON'T introduce more sugarisms like "BEET", especially for > novices. > > How are they supposed to know what to put as a tag, even if the tag makes > > sense? > > > > They read it when they subscribe to the mailing list - and find it on > the wiki pages for example 'Getting involved'. I don't mean to beet > someone when he does not use the tag - but I don't want to create > another list neither. This still raises the bar for asking a question, which is the opposite of what we are trying to accomplish. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] list of complaints from sugarcamp community building talk
On Sun, Nov 23, 2008 at 11:22, Jameson Chema Quinn <[EMAIL PROTECTED]>wrote: > +1 > >> >> embedding >> mibbit or cgiirc in our wiki? >> > I'll work on that in [[IRC]], as well as explaining all the different channels. (this will have some duplication from [[olpc:IRC]]) I think Mibbit, while not FOSS, is superior to CGIIRC, and moreover it is externally hosted by a provider known to freenode. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] Sugar unusable as an e-book reader
On Thu, Nov 20, 2008 at 18:24, Greg Smith <[EMAIL PROTECTED]> wrote: > Any opinions? Is it fatally broken or does it just needs some tweaking > to make it more usable? I use my XO to read books all the time, I just don't use sugar... In my experience, the best "format" to use is plain old UTF-8 text and vim. The current major blockers for me with using... say... Browse as a HTML-ebook-reader is the ease of access to the "end" button when in book mode; one false press and you've skipped to the end of a document, not to mention the fact that you cannot save your place. Other than that, it works well for simple (non-AJAXY) books. And PDF rendering, on 8.2.0 at least, is too slow in my opinion for book-reading. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] Sugar on Edubuntu
On Wed, Nov 5, 2008 at 20:18, David Van Assche <[EMAIL PROTECTED]> wrote: > The problem here is that edubuntu and its packages are in Ubuntu Main, > and for sugar to be in there, there must be no non-free software in > it, and squeak is not totally free. Apple fonts not being modifiable, > iirc. Its pretty much the same policy as debian. This does not seem to be the case, according to http://www.ubuntu.com/community/ubuntustory/components : "The licences for software applications in main must be free, but main may also may contain binary firmware and selected fonts that cannot be modified without permission from their authors. In all cases redistribution is unencumbered." -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] USB Based Community Access - What could work technically?
On Thu, Oct 30, 2008 at 20:05, David Farning <[EMAIL PROTECTED]> wrote: > > > On Thu, Oct 30, 2008 at 6:03 PM, Caroline Meeks < > [EMAIL PROTECTED]> wrote: > >> >> >> On Thu, Oct 30, 2008 at 6:42 PM, David Farning <[EMAIL PROTECTED]>wrote: >> >>> *Clinic next door to a School* - A health clinic located right next door >>> Sasha's school has a close partnership with the school. Many students are >>> scene there so they decided to add a donated computer to their waiting room >>> just for kids to use Sugar. This computer still has its hard-drive, but its >>> dedicated for Sugar. Some of the basic sugar files are located on the hard >>> drive and it is set up to allow students to log out rather then shutting >>> down and restarting between each student. >>> >>> This is an very interesting idea. A hybrid harddrive usb solutions. From >>> a technology perspective it would not be that hard to implement. When the >>> computer boots from the hard drive it waits at a login prompt for the user >>> to either login or insert a USB with the users /home directory. The current >>> generation of linux distribution has excellent support for DBUS to >>> communicate the status of hot swapped devices such as USBs. >>> >> Great idea. We can also make the USB stick (assuming it has enough storage) bootable, allowing for use wherever. > *The Zoo*: >>> >>> This seems very similar to the clinic. >> >> >> Interestingly when I discussed this with Marco the Zoo is hard use case. >> Everywhere else we can assume the kids are all attending the same school >> district, thus we can assume they are all running the same version of >> Sugar. For the Zoo we might have kids from different towns all coming with >> Sugar USBs but different versions. This might be harder to support. >> > Well, assuming that the host has a few gigs of harddrive space, we can suggest that the Zoo keeps muliple sugar versions (say... a copy of each one that was backwards/forwards incompatable, a list we'd provide). -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] 9.1 Proposal: Files
On Wed, Oct 29, 2008 at 20:50, Bill Bogstad <[EMAIL PROTECTED]> wrote: > > the fact that they will quickly disappear off the screen, and may be > > auto-deleted by the system greatly limits their value. > > Only if they don't get used. In which case, those entries should > scroll off the bottom and get auto-deleted. The same way that email > client users usually delete the 'welcome to the system' email that > many systems generate. Once a user learns the basics of the > activities, they will spend less and less time consulting the manual > and the screen real-estate it takes up in the Journal is better suited > for other things. Until they need to consult their manual, which sugar decided they didn't need and expunged. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] [Server-devel] 9.1 Proposal: Printing support
On Wed, Oct 22, 2008 at 08:36, Walter Bender <[EMAIL PROTECTED]>wrote: > Personally, I am on Yama's side on this one, if only for environmental > reasons. (Although it would be great if someone could design a > solar-powered printer where the toner was simply locally ground-up > charcoal.) But a technical solution whereby some enterprising > Bolivia--the next Marcelo Claure--can set up their own Kinko's-like > service would be perhaps a nice compromise. Marvin Minsky once said: > "Some day paper will be a luxury item for the rich." But in the > meantime, let's enable local entrepreneurship. > Not to mention, sugar should also target more developed nations, and one of the questions I _always_ get from teachers at talks I give is "Can I print?". -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
[sugar] Feature freeze for 0.84
Hey all, I've been working on packaging Sugar for Ubuntu, and have looked forward to what will be Sugar (and Ubuntu )'s next release cycle. Per http://sugarlabs.org/go/ReleaseTeam/Roadmap , it seems that the first release candidate of Sugar will be out on Feb. 13th. Afterward, I take it there will only be bugfixes until the final? This is important from a packaging point of view, because Ubuntu's roadmap is very closely aligned with Sugar's, our feature freeze (after which non-bugfixes will require an exception, which takes a while to apply for) will be around the 18th of February. -- Luke Faraone ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] (very) Little Proposals for 9.1
On Tue, Oct 14, 2008 at 08:32, Walter Bender <[EMAIL PROTECTED]>wrote: > For non-XO Sugar, it would be nice to be able to log out as oppose to > shutdown. (Yes, you can always ctrl-alt-delete, but that is not > exactly friendly. Yeah, I agree. I filed http://dev.laptop.org/ticket/8815 a few days ago on that. -lf ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] New jhbuild dependency: gconf bindings
Ubuntu has switched over to Debian packaging, I'll forward this to the debian maintainer. -lf On Sat, Oct 11, 2008 at 14:20, Marco Pesenti Gritti <[EMAIL PROTECTED]>wrote: > Hello, > > we now require the gconf bindings. I added sysdep for Fedora but I > need someone to do debian and ubuntu. > > Thanks, > Marco > ___ > Sugar mailing list > Sugar@lists.laptop.org > http://lists.laptop.org/listinfo/sugar > ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] [Cross Posted] High res screenshots of Sugar
To take a screenshot in sugar, press "Alt+1". It will be saved to the journal. That's the highest resolution they will get on the XO, otherwise they can use sugar-emulator and crop it themselves. -lf On Fri, Oct 10, 2008 at 11:11, Sayamindu Dasgupta <[EMAIL PROTECTED]> wrote: > Hello, > The Turkish team is trying print sugar manuals and they need high res > (300 dpi ??) screenshots of sugar for that. Any idea on how to do that > ? > Thanks, > Sayamindu > > > -- > Sayamindu Dasgupta > [http://sayamindu.randomink.org/ramblings] > ___ > Sugar mailing list > Sugar@lists.laptop.org > http://lists.laptop.org/listinfo/sugar > ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] frame gets in the way when alt-tabbing
On Mon, Sep 22, 2008 at 16:58, Mikus Grinbergs <[EMAIL PROTECTED]> wrote: [Since there is a key dedicated > to bringing up Journal when needed, I sometimes patch homemodel.py > to not even show Journal during alt-tabbing.] > I was thinking about posting this even before I finished reading this. +1 on both hide-the-frame and dont-alt-tab-to-journal. -LF ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar
Re: [sugar] which fedora for sugar?
On Sat, Sep 20, 2008 at 19:10, Erik Blankinship <[EMAIL PROTECTED]> wrote: > I recently reformatted my drive. > > What is the suggested fedora system for sugar development? > Fedora 9, that's what we're running on the XO (AFAICT) -LF ___ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar