On Sun, Jan 25, 2015 at 1:27 PM, Legoktm legoktm.wikipe...@gmail.com wrote:
On 01/15/2015 08:26 PM, Chad wrote:
I've been saying for over a year now we should just drop the 1. from
the 1.x.y release versions. So the next release would be 25.0, 26.0,
etc etc.
-1 from me, for what little that's
On Sun, Nov 16, 2014 at 7:27 PM, svetlana svetl...@fastmail.com.au wrote:
On the second edit conflict, I read the message at the page top. It says:
Someone else has changed this page since you started editing it. The upper
text area contains the page text as it currently exists. **Your
On Mon, Oct 20, 2014 at 1:38 PM, Chris Steipp cste...@wikimedia.org wrote:
* Tokens can be time limited. By default they won't be, but this puts
the plumbing in place if it makes sense to do that on any token checks
in the future.
* The tokens returned in a request will change on each request.
On Mon, Oct 20, 2014 at 3:34 PM, Chris Steipp cste...@wikimedia.org wrote:
On Mon, Oct 20, 2014 at 11:00 AM, Zack Weinberg za...@cmu.edu wrote:
1) Since this is changing anyway, it would be a good time to make the
token size and structure independent of whether the user is logged
On Wed, Jun 11, 2014 at 10:58 AM, Tyler Romeo tylerro...@gmail.com wrote:
On Wed, Jun 11, 2014 at 10:56 AM, Brad Jorsch (Anomie)
bjor...@wikimedia.org wrote:
... That's just awful.
How so?
Well, it makes *me* wince because you're directing people to pull code
over the network and feed it
On Wed, Jun 11, 2014 at 11:21 AM, Tyler Romeo tylerro...@gmail.com wrote:
It's over HTTPS. As long as you trust that getcomposer.org is the domain
you are looking for, this is really no different than installing via a
package manager.
Nothing stops you from installing it over insecure HTTP.
I'd like to restart the conversation about hardening Wikipedia (or
possibly Wikimedia in general) against traffic analysis. I brought
this up ... last November, I think, give or take a month? but it got
lost in a larger discussion about HTTPS.
For background, the type of attack that it would be
On Sun, Apr 6, 2014 at 8:39 PM, Steven Walling steven.wall...@gmail.com wrote:
I too was surprised at how many users are A) on XP with ClearType off,
which is the default there or B) turn font smoothing off intentionally.
I have no comment on any of the rest of this, but with my Firefox dev
On Sun, Jan 12, 2014 at 11:46 PM, Gryllida gryll...@fastmail.fm wrote:
On Mon, 13 Jan 2014, at 15:29, Gregory Maxwell wrote:
What freenode does is not functionally useful for Tor users. In my
first hand experience it manages to enable abusive activity while
simultaneously eliminating Tor's
On Mon, Jan 13, 2014 at 11:43 AM, Marc A. Pelletier m...@uberbox.org wrote:
On 01/13/2014 11:32 AM, Zack Weinberg wrote:
Assume a person under continual surveillance.
If they have to reveal their true IP address to Wikipedia in order to
register their editor account, the adversary will learn
On Mon, Jan 13, 2014 at 2:51 PM, Gryllida gryll...@fastmail.fm wrote:
On Tue, 14 Jan 2014, at 3:32, Zack Weinberg wrote:
I rather think it does. Assume a person under continual surveillance.
If they have to reveal their true IP address to Wikipedia in order to
register their editor account
On Tue, Oct 29, 2013 at 9:55 AM, Dan Andreescu dandree...@wikimedia.org wrote:
I think Ori's original point stands though. Configuration could be used to
redact fully / not redact at all for local debugging purposes. But a black
list for what to redact is bad for all the reasons black lists
Hi, I'm a grad student at CMU studying network security in general and
censorship / surveillance resistance in particular. I also used to work
for Mozilla, some of you may remember me in that capacity. My friend
Sumana Harihareswara asked me to comment on Wikimedia's plans for
hardening the
On 2013-08-18 1:04 PM, Bjoern Hoehrmann wrote:
an elision mark that does not explain itself. Makes you come across as
hit send too early.
My email client appears to have decided to post an early draft of the
messages I sent on Friday. Sorry about that. Please ignore.
For the record, I
Hi, I'm a grad student at CMU studying network security in general and
censorship / surveillance resistance in particular. I also used to work
for Mozilla, some of you may remember me in that capacity. My friend
Sumana Harihareswara asked me to comment on Wikimedia's plans for
hardening the
(Please see the thread titled Wikimedia's anti-surveillance plans: site
hardening for who I am and some general context.)
Once Wikipedia is up to snuff with all the site-hardening I recommended
in the other thread, there remain two significant information leaks (and
probably others, but these
16 matches
Mail list logo
