#dev 2017-08-31

2017-08-31 UTC
jjuran_, snarfed1, snarfed, KartikPrabhu and jjuran joined the channel
# 00:57 
tantek Next time someone says something is "easy" about configuring a web server, please send them this: http://bgr.com/2017/08/30/spambot-leak-addresses-passwords-security/
# 00:57 
tantek "The leak is being called one of the largest of all time, and it was discovered thanks to a poorly configured web server which was hosting the files in a way that allowed it to be accessed by just about anyone."
snarfed and [miklb] joined the channel
# 01:16 
[miklb] I can say it’s easy to secure your home, and someone who doesn’t have a good lock on their front door doesn’t mean I’m wrong.
# 01:51 
KartikPrabhu [miklb]: it is great that you know the details of locks to decide which one is "good" but to someone who doesn't know those things it is not easy
# 01:54 
aaronpk There is no absolute scale of "easiness"
# 01:54 
[miklb] oh, I didn’t know a thing about locks until I bought a home. But then it was important to figure out.
# 01:55 
[miklb] on the other hand I pay a professional to work on my car.
# 01:56 
aaronpk 1) it's not always important (there are plenty of examples of people who don't lock their front door) and 2) the lock required is heavily dependent on the threat model you're protecting against which depends on the specific location of the house and other factors
# 01:57 
[miklb] sure, the context of securing is what I why I used a lock as an example.
# 01:57 
[miklb] mumbles about typos
# 01:59 
KartikPrabhu [miklb]: yes, but as aaronpk said "easiness" is relative to your own knowlegde and experience
# 02:01 
[miklb] I do not disagree with that either. And yes, degree of threat model is relative, but the context was “hosting the files in a way that allowed it to be accessed by just about anyone”
# 02:01 
[miklb] that sounds like having no front door or lock.
# 02:03 
[miklb] I contend there is a dearth of information and tutorials to allow anyone interested in setting up a server to at least have a decent strength door and a good lock on it. And backdoor for that matter.
# 02:09 
KartikPrabhu yup, that is the issue^
# 02:10 
KartikPrabhu also people without this knowledge don't have many tools to verify security either
# 02:17 
[miklb] we are still talking about a web server, right?
# 02:20 
KartikPrabhu sure
KartikPrabhu, jjuran, tantek, loicm, cweiske, EmreSokullu, barpthewire, [kevinmarks], j12t and [pfefferle] joined the channel
# 10:01 
loqi.me edited /license (+22) "sebsel added "/2017/Nuremberg/law" to "See Also"" (view diff)
EmreSokullu joined the channel
# 10:07 
seblog.nl edited /license (+305) "added "Why and when" to brainstorming" (view diff)
# 10:22 
seblog.nl edited /license (+78) "/* Why and when */ add comments and likes" (view diff)
EmreSokullu, loicm, [kevinmarks], jeremycherfas, EmreSoku_, [pfefferle], singpolyma, snarfed and eli_oat joined the channel
# 15:07 
snarfed annoyance of the day: webfinger is HTTPS-only, which makes localhost testing difficult :( file:///Users/ryan/docs/rfc_7033_-_webfinger.html#section-4
# 15:08 
cweiske your URL is file-based, which makes opening it remotely difficult
# 15:08 
sebsel :')
# 15:09 
snarfed lol sorry https://tools.ietf.org/html/rfc7033#section-4
# 15:34 
KartikPrabhu !tell snarfed: quite a few new web-techs are https only for instance service workers
# 15:34 
Loqi Ok, I'll tell them that when I see them next
# 15:42 
aaronpk i finally have a pretty solid setup for local development with https without needing to create a certificate for each site. i should really blog about it
# 15:43 
cweiske I'm still looking for a way to get letsencrypt to hand out a localhost certificate to me
# 15:43 
singpolyma ngrok ?
EmreSokullu joined the channel
# 15:47 
cweiske [ ] ngrok is useful when developing locally without an internet connection
# 15:48 
singpolyma Oh, I missed the "without an internet connection" part, sorry
# 15:48 
cweiske I wouldn't want a https certificate for "localhost" otherwise
# 15:53 
aaronpk I don't think any cerificate authority will issue a localhost cert, that kind of doesn't make sense
# 15:54 
singpolyma can always make your own CA and sign your own certs :)
# 15:54 
aaronpk but you could use a real domain to issue the cert then set it to 127.0.0.1 in your hoss file
# 15:55 
cweiske and then I have to import that root cert in every device. no thanks
# 15:55 
aaronpk singpolyma: https://ssl.indieweb.org
# 15:55 
singpolyma aaronpk: right, like that :)
# 15:55 
singpolyma cweiske: how many dev devices do you have?
# 15:56 
aaronpk i made myself a cert with a bunch of SANs, *.com.dev *.org.dev *.net.dev etc, so now I just add .dev to the end of my domains to get to the local copy
# 15:56 
cweiske that's not important
jeremycherfas and [keithjgrant] joined the channel
# 16:09 
[keithjgrant] cweiske - the issues you posted for Omnibear... are those in Chrome or in Chromium browser?
# 16:09 
cweiske chromium
# 16:09 
cweiske sorry, haven't had the time to debug further
# 16:10 
[keithjgrant] interesting. I encountered similar errors, both authenticating and posting, in Firefox
# 16:10 
[keithjgrant] I've got those fixed, so once I iron out the next release in the next day or two, it might be worth seeing if that fixes Chromium as well
# 16:11 
[keithjgrant] mostly had to do with permissions settings in the extension
snarfed and KartikPrabhu joined the channel
# 16:59 
@phpugl Gleich ist wieder Zeit für die #php #usergroup #Leipzig. Heute geht's u.a. um #webmention und #micropub. 20:30 im @localhostLE (twitter.com/_/status/903301162786541569)
EmreSoku_, j12t, snarfed and [cleverdevil] joined the channel
# 17:41 
[cleverdevil] So, I am doing a fun project, if anyone wants to join in and help.
# 17:41 
[cleverdevil] I found a copy of the 1946 original Trader Vic's Book of Food and Drink in PDF format, and its one of the most fun and gorgeous campy cocktail party books ever written.
# 17:42 
[cleverdevil] I'm extracting all of the text from it, and producing a properly marked up HTML copy of it, with microformats for things like recipes.
# 17:42 
[cleverdevil] My goal is to then make it super pretty, as well, with a tribute to the original.
EmreSoku_ and EmreSokullu joined the channel
# 18:00 
snarfed [cleverdevil]++ cool!!!
# 18:00 
Loqi cleverdevil has 5 karma in this channel (51 overall)
# 18:00 
Loqi snarfed: KartikPrabhu left you a message 2 hours, 26 minutes ago: quite a few new web-techs are https only for instance service workers
# 18:00 
snarfed ^ sad
# 18:01 
snarfed (great overall, but sad that they don't special case local hostnames)
# 18:12 
[cleverdevil] My biggest question is copyright.
snarfed joined the channel
# 19:05 
@wpmudev What the New Webmention and Annotation W3C Standards Mean for WordPress https://premium.wpmudev.org/blog/?p=166420 #wpmudev (twitter.com/_/status/903332819350499328)
# 19:12 
@muc_webdesigner What the New Webmention and Annotation W3C Standards Mean for WordPress https://premium.wpmudev.org/blog/?p=166420 #wpmudev (twitter.com/_/status/903334615733202944)
# 19:14 
@wpsheeteditor wpmudev: What the New Webmention and Annotation W3C Standards Mean for WordPress https://premium.wpmudev.org/blog/?p=166420 #wpmudev (twitter.com/_/status/903335288306634752)
[manton] joined the channel
# 19:17 
[manton] cleverdevil Just did a little research on this because I was curious. Sounds like if the 1946 book's copyright had been renewed after the initial 28 years, it would be automatically extended and still under copyright today. But if it hadn't been renewed, it should be in the public domain now. (In theory you can search the copyright office, but not seeing how without contacting them.)
# 19:19 
[cleverdevil] I'm pretty sure its under copyright still, which sort of sucks.
# 19:19 
[cleverdevil] But, hey, maybe I'll just do it for personal use ?
EmreSokullu joined the channel
# 19:19 
snarfed forgiveness not permission
# 19:20 
snarfed probably worst case they send you a takedown and you...take it down :P
# 19:20 
[manton] It seems extremely unlikely that anyone who worked on that book is still alive and/or cares. Is the publisher still in business?
# 19:20 
[manton] (Disclaimer: I'm not a lawyer, etc.)
KartikPrabhu joined the channel
# 19:26 
[cleverdevil] Indeed, I am guessing its likely pretty safe, especially if its a loving tribute ?
# 19:26 
[cleverdevil] (Oh, and also I don't plan on trying to profit off it in any way...)
[miklb] joined the channel
# 19:27 
[miklb] doesn’t seem to be still in print either.
# 19:29 
[cleverdevil] A little preview of what I've got so far - http://share.cleverdevil.io/S8jT0BVaNT.png
EmreSokullu joined the channel
# 19:31 
[manton] Unfortunately looks like they did print other editions of the book as late as 1982, so it's probably still technically under copyright. Bummer.
# 19:32 
snarfed lol "some people like bourbon or scotch with plain water"
# 19:32 
snarfed heathens!
# 19:32 
[manton] (But I'm speculating, so I'll step away now... Looks cool, though!)
# 19:32 
snarfed (i'm one :P)
[kevinmarks] joined the channel
# 19:33 
[kevinmarks] Unmung.com has a nice recipe previewer
# 19:33 
[kevinmarks] In other news https://developers.facebook.com/blog/post/2017/08/31/instagram-api/
# 19:33 
[kevinmarks] Instagram api is changing
# 19:34 
snarfed "The new API is now available to all developers." !!!
# 19:34 
snarfed now to see what it actually has
# 19:34 
aaronpk Without manual approval?
# 19:35 
[kevinmarks] http://www.unmung.com/indiecard?url=http%3A%2F%2Faaronparecki.com%2Frecipes
# 19:35 
Loqi [Aaron Parecki] Fire-Roasted Instant Pot Enchilada Sauce
# 19:35 
[miklb] “Build tools for businesses to help them manage their presence on Instagram” ?
# 19:35 
[kevinmarks] That was for cleverdevil
# 19:36 
snarfed yup :( https://developers.facebook.com/docs/instagram-api/v2.10
# 19:36 
[cleverdevil] YAY MORE ENGAGING WITH MY FAVORITE BRANDS
# 19:36 
Loqi ?
# 19:36 
[manton] On first glance, still not seeing a way to upload photos to Instagram. Sigh.
# 19:36 
[cleverdevil] Thanks for that kevinmarks
# 19:36 
snarfed continues to scrape (and get rate limited) like a farmer
# 19:37 
[miklb] for a brief gleaming moment, I thought I might be using Instagram again.
snarfed joined the channel
# 19:46 
[cleverdevil] http://share.cleverdevil.io/ZSRoq3rLg5.png
# 19:46 
[cleverdevil] LOL
EmreSokullu and loicm joined the channel
# 20:03 
aaronpk huh what's going on here https://commentpara.de/comment/115.htm
# 20:03 
Loqi [micropub.rocks] Like #115 
micropub.rocks   likes
https://aaronparecki.com/2017/08/31/6/.
# 20:04 
@megarush1024 @DerekRiemer Now we just need to get your WordPress set up with webmention support and connected to Bridgy so replies from social come in. (twitter.com/_/status/903347894773800960)
tbbrown, sebsel and [kevinmarks] joined the channel
# 21:00 
[kevinmarks] You could use a ½ character
[cleverdevil] joined the channel
# 21:20 
[cleverdevil] kevinmarks yeah, but I have a bunch of vim macros that are doing the dirty work for me, and they're automatically converting 1/2 to that markup.
# 21:20 
[cleverdevil] Plus, there are fractions in the book that don't have associated characters.
snarfed and KartikPrabhu joined the channel