[x-posted]
Hello,
The Wikimedia Language Engineering team will be hosting the monthly IRC
office hour on February 12, 2014 (Wednesday) at 1700 UTC/ 0900 PDT on
#wikimedia-office.
This time we would be talking about the recent changes made to the
Universal Language Selector (ULS) - the
Am 05.02.2014 23:03, schrieb Brion Vibber:
Is the 72-byte truncation a general bcrypt problem or specific to
password_hash()? Any concerns or a non-issue? Note that some non-Latin
strings can only fit 24 chars in 72 bytes of UTF-8. Long enough for most
passwords, but some people like
Where we are at it:
This en-wiki article
[2] - https://en.wikipedia.org/wiki/Bcrypt
currently lacks the important information of the password limitation. Should be
added by someone who's an expert in that field.
___
Wikitech-l mailing list
On Wed, Feb 5, 2014 at 8:00 PM, MZMcBride z...@mzmcbride.com wrote:
Hi.
Tyler Romeo wrote:
On Wed, Feb 5, 2014 at 2:20 AM, MZMcBride z...@mzmcbride.com wrote:
Ultimately, account security is a user's prerogative. [...] Banks and
even e-mail providers have reason to implement stricter
Hey all,
Not sure if anyone else noticed or not yet, but at least the English Wikipedia
appears to be having some intermittent issues.
Request: GET http://en.wikipedia.org/wiki/Super_Bowl_XXVII, from 10.64.32.105
via cp1052 cp1052 ([10.64.32.104]:3128), Varnish XID 4288339681
Forwarded
On Thu, 2014-02-06 at 11:41 -0500, Derric Atzrott wrote:
Not sure if anyone else noticed or not yet, but at least the English Wikipedia
appears to be having some intermittent issues.
This is being worked on currently on IRC in #wikimedia-operations
currently, plus was reported to
On Thu, Feb 6, 2014 at 8:41 AM, Derric Atzrott datzr...@alizeepathology.com
wrote:
Hey all,
Not sure if anyone else noticed or not yet, but at least the English
Wikipedia
appears to be having some intermittent issues.
Request: GET http://en.wikipedia.org/wiki/Super_Bowl_XXVII, from
On Feb 6, 2014 11:48 AM, Andre Klapper aklap...@wikimedia.org wrote:
On Thu, 2014-02-06 at 11:41 -0500, Derric Atzrott wrote:
Not sure if anyone else noticed or not yet, but at least the English
Wikipedia
appears to be having some intermittent issues.
This is being worked on currently on
On Thu, Feb 6, 2014 at 9:58 AM, Chris Steipp cste...@wikimedia.org wrote:
1) As I understand it, the reason we went from 0 to 1 character required is
spammers were actively trying to find accounts with no password so they
could edit with an autoconfirmed account. We rely on number of
I agree that this mailing list is a reasonable place to discuss the
interfaces.
Notes from the Architecture Summit are now up at
https://www.mediawiki.org/wiki/Architecture_Summit_2014/TitleValue# . At
yesterday's RFC review we agreed that we'd like to hold another one next
week (will figure out
brion ain't secure
TimStarling password isn't secure either, and that's 8
It seems to me that a pretty secure approach would be to have the system
give the user his 8-12 character password, rather than letting him pick a
password. Then we can be assured that he's not
On Thu, Feb 6, 2014 at 3:26 PM, Brian Wolff bawo...@gmail.com wrote:
Well if we are going to go down that road, requring public/private key
pairs would also be more secure. However i doubt either would be acceptable
to users.
Actually, I think it might be better if we just have people come
Well if we are going to go down that road, requring public/private key
pairs would also be more secure. However i doubt either would be acceptable
to users.
Actually, I think it might be better if we just have people come on down to
the San Francisco office and show their government ID. Then
Better late than never :)
Relevant to today's outage.
-Chad
-- Forwarded message --
From: Schubotz, Moritz schub...@tu-berlin.de
Date: Thu, Feb 6, 2014 at 2:04 PM
Subject: FW: effects on caching
To: innocentkil...@gmail.com innocentkil...@gmail.com
FYI
*From:* Schubotz,
On Thu, Feb 6, 2014 at 4:54 PM, Derric Atzrott datzr...@alizeepathology.com
wrote:
Actually to be honest, if I could login to Mediawiki with a public/private
keypair I would actually really enjoy that. Certainly it shouldn't be the
default, but in a very non-joking way, I would support an
On Wed, Feb 5, 2014 at 8:26 PM, C. Scott Ananian canan...@wikimedia.orgwrote:
Password hashing algorithms are not the same as general hash algorithms. I
would prefer we didn't use whirlpool; it is recommended by NESSIE and ISO
as a hash function, but as a password hash. CWE916 recommends
Hi, the registration to the Zürich Hackathon will open very soon.
https://www.mediawiki.org/wiki/Zurich_Hackathon_2014
Wikimedia CH is doing a great work putting in place the foundations of
the event. There are two areas where they need help from the tech community:
* defining the schedule
*
Chad wrote:
*From:* Schubotz, Moritz
*Sent:* Mittwoch, 29. Januar 2014 14:33
*To:* wikitech-l@lists.wikimedia.org
*Subject:* FW: effects on caching
Looking at http://lists.wikimedia.org/pipermail/wikitech-l/2014-January/
I guess this message never made it through.
MZMcBride
Chris Steipp wrote:
1) As I understand it, the reason we went from 0 to 1 character required
is spammers were actively trying to find accounts with no password so they
could edit with an autoconfirmed account.
Err, citation needed. :-)
I'd forgotten that I'd filed
19 matches
Mail list logo