IRC log of dig on 2012-03-06

Timestamps are in UTC.

01:07:01 [scor]
scor (~scor@drupal.org/user/52142/view) has joined #dig
01:24:17 [Pipian_]
Pipian_ has quit (Quit: Pipian_)
01:29:11 [cheater__]
cheater__ (~cheater@dslb-084-057-046-242.pools.arcor-ip.net) has joined #dig
01:31:54 [cheater_]
cheater_ has quit (Ping timeout: 252 seconds)
01:45:39 [scor]
scor has quit (Quit: scor)
02:04:46 [tlr]
tlr has quit (Quit: tlr)
02:30:33 [timbl]
timbl (~timbl@c-24-62-225-11.hsd1.ma.comcast.net) has joined #dig
02:40:51 [scor]
scor (~scor@drupal.org/user/52142/view) has joined #dig
03:01:13 [scor]
scor has quit (Quit: scor)
03:30:41 [timbl]
Ooops http://tabulator.org/
03:32:11 [timbl]
Thought I had somethng at http://tabulator.org/wiki/annnotation/www.w3.org/ns/pim/trip
03:33:54 [rszeno]
rszeno has quit (Quit: Leaving.)
03:35:48 [timbl]
ah no I didn't , the form was in elsewhere .. http://www.w3.org/ns/pim/trip#TripForm
03:40:16 [timbl]
The form stuff seems to be breaking in FF10 with lots of errors "Error: [Exception... "'JavaScript component does not have a method named: "handleEvent"' when calling method: [nsIDOMEventListener::handleEvent]" nsresult: "0x80570030 (NS_ERROR_XPC_JSOBJECT_HAS_NO_FUNCTION_NAMED)" location: "<unknown>" data: no]"
03:52:00 [presbrey]
tabulator.org was on http://dig.xvm.mit.edu
03:52:34 [presbrey]
but the server is stuck in 'Waiting for'...
03:53:39 [presbrey]
so now its pointed at data.fm which has plenty of free capacity and should be responding
03:53:58 [presbrey]
I haven't been able to ssh either so the data is missing :( sorry
03:54:24 [presbrey]
still waiting for the master reset to come
03:54:41 [Pipian_]
Pipian_ (~pipian@18.111.115.21) has joined #dig
03:55:06 [kennyluck]
kennyluck has quit (Quit: kennyluck)
04:06:48 [timbl]
Ah I see.
04:07:14 [timbl]
So the annotation index could come back if you can jet the data from the xvm
04:07:41 [timbl]
Is this a problem the MIT xvm people could help with?
04:36:41 [presbrey]
maybe so
04:37:03 [presbrey]
I just changed it from ParaVM to HVM and the dig.xvm website loads again
05:23:06 [kennyluck]
kennyluck (~kennyluck@114-43-126-158.dynamic.hinet.net) has joined #dig
06:16:15 [Pipian_]
Pipian_ has quit (Quit: Pipian_)
07:26:32 [melvster]
melvster (~melvin@p5797EF68.dip.t-dialin.net) has joined #dig
07:38:59 [bblfish]
bblfish has quit (Quit: bblfish)
07:40:14 [bblfish]
bblfish (~bblfish@ALagny-551-1-184-97.w90-3.abo.wanadoo.fr) has joined #dig
07:57:34 [rszeno]
rszeno (~rszeno@79.114.101.216) has joined #dig
08:40:28 [bblfish]
bblfish has quit (Quit: bblfish)
08:42:12 [bblfish]
bblfish (~bblfish@AAubervilliers-651-1-340-214.w83-114.abo.wanadoo.fr) has joined #dig
08:50:47 [bblfish]
github hacked http://chrisacky.posterous.com/github-you-have-let-us-all-down
09:10:17 [tlr]
tlr (~tlr@88.207.137.200) has joined #dig
10:03:03 [presbrey]
yes rails fails again
10:03:41 [presbrey]
http://tabulator.org/wiki/annnotation/ is online
10:03:48 [presbrey]
but doesn't it have 2 n's?
10:16:26 [melvster]
presbrey: ah nice! tabulator.org is a wiki now ... PS shouldnt you be asleep?
10:18:45 [cheater__]
cheater__ has quit (Read error: Operation timed out)
10:20:38 [cheater]
cheater (~cheater@dslb-084-057-046-242.pools.arcor-ip.net) has joined #dig
10:25:24 [cheater]
cheater has quit (Ping timeout: 252 seconds)
10:27:47 [bblfish]
yes, but this rails failure is of EPIC proportions http://shiflett.org/blog/2012/mar/hacking-rails-and-github
10:27:53 [cheater]
cheater (~cheater@dslb-084-057-046-242.pools.arcor-ip.net) has joined #dig
10:28:09 [bblfish]
it is so glaring a security hole, In my view it even shames hackers into having taken so long to reveal it
10:37:39 [melvster1]
melvster1 (~melvin@p4FF967D4.dip.t-dialin.net) has joined #dig
10:38:15 [melvster]
melvster has quit (Ping timeout: 265 seconds)
10:54:29 [rszeno]
i think you exagerate, bugs, arrogants developers and idiots who try to prove that they are right with any price can be found easy everywhere. This doesn't mean everybody must be blamed for few peoples
11:13:17 [bblfish]
bblfish has quit (Quit: bblfish)
11:14:39 [bblfish]
bblfish (~bblfish@AAubervilliers-651-1-340-214.w83-114.abo.wanadoo.fr) has joined #dig
11:18:14 [melvster]
melvster (~melvin@p4FF96EB7.dip.t-dialin.net) has joined #dig
11:19:39 [melvster1]
melvster1 has quit (Ping timeout: 272 seconds)
11:24:11 [bblfish]
bblfish has quit (Ping timeout: 252 seconds)
11:45:54 [bblfish]
bblfish (~bblfish@ALagny-551-1-178-105.w90-3.abo.wanadoo.fr) has joined #dig
11:46:23 [bblfish]
if you look at the article it just required chugging the html form of github to break in. So first they ask people to put in public keys, then you find you can break it by just editing any account with a hacked form.
11:46:39 [bblfish]
s/chugging/changing/
11:48:36 [rszeno]
that prove they have a problem that's all
11:48:57 [rszeno]
i doubt they will not fix it
11:49:28 [rszeno]
this is happend every year one or twice
11:50:01 [bblfish]
yes, but it's such an amazingly STUPID bug
11:50:23 [bblfish]
you know there are differences in the sizes of bugs
11:50:50 [bblfish]
some you can forgive because understanding them pushes back the frontiers of security
11:51:20 [bblfish]
others just show that the person has NO understanding AT all of security
11:52:11 [bblfish]
I mean just read it a bit more carefully http://shiflett.org/blog/2012/mar/hacking-rails-and-github
11:53:06 [rszeno]
yes, i read it, it remember me about about daily problems of php coders with sql injection
11:53:45 [rszeno]
the difference is that github is a centralized system and affect a lot of people
11:55:32 [bblfish]
sql injection sounds complicated
11:55:39 [bblfish]
as I see this is even simpler than that
11:55:48 [bblfish]
nearly like: you go edit the database yourself
11:56:03 [rszeno]
same mechanism
11:57:10 [rszeno]
ending a field in a form with one of the php string terminators + not validation of user input => sql injection
11:58:14 [rszeno]
user name: mimi '; some sql query here
11:58:49 [rszeno]
after few tests if is vulnerable it get access to db
12:01:09 [bblfish]
well, that's just another reason not to use php
12:01:46 [bblfish]
frankly I'll just laugh at anyone who says they do PHP or Ruby and talks to me about security
12:01:50 [rszeno]
is not php fault that some developers are dump and is not a php specific problem
12:02:16 [bblfish]
it is a problem when you build your language FOR dumb people and then don't put any security guards in
12:02:20 [rszeno]
same problem apear if you use java
12:02:57 [bblfish]
yes, though here the ruby community was warned, and they preferred to have a convention that was blatantly unsafe
12:03:39 [bblfish]
and even if this were the case you'd think the github people would at least be educated enough to correct what seems to have just been a configuration problem
12:04:14 [rszeno]
is documented how to make it safe, and same thing in php, you can found thousend of recomandation how to avoid problems
12:04:30 [bblfish]
yes, and they did not
12:04:38 [rszeno]
but programming is a 'popular' sport, :)
12:05:02 [bblfish]
good but it's important to put people back in their place and show them exactly how bad they are
12:05:21 [bblfish]
because otherwise their egos become very big
12:05:27 [rszeno]
i'm for learning them, :)
12:05:48 [bblfish]
and the worse is that they then start lecturing about security
12:06:16 [bblfish]
let's not forget that github allows everyone to pu their public key up
12:06:21 [bblfish]
for security
12:06:44 [bblfish]
[ and then forgets to make it difficult for people to changing other people's public keys! ]
12:06:49 [rszeno]
yes agree, the onces from github was arogants
12:11:05 [rszeno]
anyway igor was plain idiot doing this and arogant too
12:13:31 [melvster]
http://stream4.messe.de/dmag/popup/cebit2012/cgc2012/cgc06032012/index.html
12:20:53 [bblfish]
bblfish has quit (*.net *.split)
12:20:53 [rszeno]
rszeno has quit (*.net *.split)
12:23:48 [rszeno]
rszeno (~rszeno@79.114.101.216) has joined #dig
12:27:26 [bblfish]
bblfish (~bblfish@ALagny-551-1-178-105.w90-3.abo.wanadoo.fr) has joined #dig
12:27:45 [bblfish]
hi
12:30:54 [bblfish]
bblfish has quit (Remote host closed the connection)
12:31:54 [rszeno]
hi, :)
12:32:19 [bblfish_]
bblfish_ (~bblfish@ALagny-551-1-178-105.w90-3.abo.wanadoo.fr) has joined #dig
12:36:19 [bblfish_]
bblfish_ has quit (Client Quit)
12:42:25 [bblfish]
bblfish (~bblfish@ALagny-551-1-178-105.w90-3.abo.wanadoo.fr) has joined #dig
12:49:22 [bblfish]
bblfish has quit (Remote host closed the connection)
12:51:59 [bblfish]
bblfish (~bblfish@AAubervilliers-651-1-340-214.w83-114.abo.wanadoo.fr) has joined #dig
13:01:17 [Ralph]
Ralph (Ralph@30-7-118.wireless.csail.mit.edu) has joined #dig
13:01:28 [Ralph]
Ralph is now known as RalphS
13:08:35 [bblfish]
/me reading through Play! 2.0 doc on github (at least their UI is good)
13:16:16 [melvster]
bblfish: check this out ...
13:17:00 [melvster]
try this in Chrome http://testing.data.fm/foaf
13:17:12 [melvster]
then where it says 'Knows' ... click on 'card'
13:17:25 [melvster]
the SECOND one
13:17:32 [melvster]
that should be a link to you
13:18:03 [melvster]
if you click the FOAF icon you'll see a whole foaf address book!
13:18:13 [melvster]
even with webid login
13:18:22 [melvster]
and creation!
13:18:37 [bblfish]
yes.
13:18:53 [bblfish]
the UI sucks though
13:19:28 [bblfish]
which is why I was working on the address book
13:19:31 [melvster]
just change it any way you want it
13:19:42 [melvster]
it's in panes/social
13:19:50 [bblfish]
I think there is a tension between a generic UI and a specialised data UI
13:20:00 [melvster]
did you click the foaf icon?
13:20:09 [melvster]
that's specialized for FOAF
13:20:34 [melvster]
it's even got microblogging like twitter or facebook
13:21:18 [melvster]
note: it all works without any extension ... just from the web
13:21:22 [bblfish]
yes. It asked me to sign in but that does not ask me for certificate
13:22:07 [bblfish]
yes, it's a very good proof of concept. But you need to rework it completely with artists
13:22:25 [bblfish]
and I am not sure one needs to keep the fully generic view of data
13:22:58 [bblfish]
I find the concept prooved very convincing
13:25:22 [melvster]
oh nice, i can click from your profile to get my FOAF
13:29:22 [melvster]
i wonder if we could put a diaspora skin on it
13:34:06 [melvster]
i normally have about 9000 statements in my knowledge base, it's roughly 25,000 after looking at the social stuff
13:34:43 [melvster]
quite interestingly the brain has on average 10,000 connections per neuron I think
13:38:47 [melvster]
ahhhhhh i get the green circles and blue circles now!
13:39:03 [melvster]
just like the original hypertext!
14:05:58 [timbl]
yes, if you pant to make a pane better, just do it
14:06:18 [timbl]
The social pane I made was an attenp to look like fb at the time
14:08:10 [timbl]
the microblogging pane charles made ...it has some nice tabs and things, but it is confusd about who "you" is, it the bits need moving around so it always refers to you as the logged in person
14:08:20 [timbl]
same code, just fired at different points
14:09:26 [timbl]
We should make panes so that they can nest and open out in various different scales so any pane can use a small rendering of a related objcet from anotehr pane
14:18:28 [timbl_]
timbl_ (~timbl@c-24-62-225-11.hsd1.ma.comcast.net) has joined #dig
14:18:34 [timbl_]
timbl_ has quit (Client Quit)
14:22:13 [timbl]
timbl has quit (Ping timeout: 276 seconds)
14:40:54 [melvster]
timbl: I like the coloured circles in tabulator
14:41:12 [melvster]
green and blue ... are they modeled on the original hypertext?
14:41:48 [melvster]
ie green for internal links and blue for external ... red I guess is not on the web ... it reminds me of the light sabres in star wars :)
14:43:22 [melvster]
facebook keep changing their layout ... the dieaspora front end looks quite nice
14:46:53 [melvster]
i think i need to put my webid under https
14:53:23 [scor]
scor (~scor@drupal.org/user/52142/view) has joined #dig
15:55:23 [Pipian_]
Pipian_ (~pipian@31-35-101.wireless.csail.mit.edu) has joined #dig
16:05:22 [timbl]
timbl (~timbl@w3cdhcp5.w3.org) has joined #dig
16:51:26 [presbrey]
http://akka.io/news/2012/03/06/akka-20-released.html
16:57:22 [melvster]
nice
16:58:59 [melvster]
presbrey: we just had our monthly webid conf call ... quite a few interesting things lined up
16:59:11 [melvster]
lod2 is going to be looking at webid
16:59:15 [melvster]
(the eu project)
16:59:45 [melvster]
bergnet is going to upgrade its social skin to be more like foafpress
17:00:38 [melvster]
a bit more work on linked social data
17:24:37 [presbrey]
awesome
17:27:13 [bblfish]
betehess: The Jena folks told me that SysRIOT.wireIntoJena() was important to get the latest parsers
17:27:52 [bblfish]
see https://issues.apache.org/jira/browse/JENA-216
17:31:30 [presbrey]
GitMagic book: http://www-cs-students.stanford.edu/~blynn/gitmagic/
17:32:15 [melvster]
some nice resources at: http://gitready.com/
17:33:44 [betehess]
the latest parser ?
17:34:57 [bblfish]
betehess: I think they are rewriting their parsers somewhere
17:35:10 [bblfish]
can't remember the name of the packages
17:35:30 [bblfish]
all the info I have is from that bug report, though they had told me the same thing on another occasion
17:35:32 [betehess]
hrmmm, I don't like this very side-effect oriented way of doing things
17:35:41 [betehess]
I thought it was for logging, or something like that
17:35:53 [bblfish]
I think it's not meant to last
17:35:54 [betehess]
I would prefer call directly the new API
17:35:57 [betehess]
is it possible?
17:36:01 [bblfish]
perhaps
17:36:05 [bblfish]
you could ask on the list
17:36:09 [betehess]
ok, I'll look into that
17:36:09 [bblfish]
on the bug report
17:36:34 [bblfish]
I think they are in fact looking for feedback on how to restructure their Libs
17:37:00 [bblfish]
but that's perhaps not a discussion worth getting into - better show them how one does it right
17:37:57 [betehess]
heh
17:38:06 [betehess]
ok, I'll look into that
17:39:41 [bblfish]
I'd be interested if you manage to reduce the number of bugs my Turtle test suite shows for their parser
17:40:13 [bblfish]
s/interested/interested to know/
17:40:27 [bblfish]
I just finished reading the doc for Play
17:40:44 [bblfish]
now I am wondering where I should move the work
17:41:08 [bblfish]
of porting read-write-web to it
18:00:47 [tikiman]
tikiman (18e578fe@gateway/web/freenode/ip.24.229.120.254) has joined #dig
18:02:07 [tikiman]
tikiman has left #dig
18:31:55 [timbl]
timbl has quit (Ping timeout: 265 seconds)
18:32:26 [timbl]
timbl (~timbl@31-34-21.wireless.csail.mit.edu) has joined #dig
19:20:49 [bblfish]
Ah they have documentation on Enumertor https://github.com/playframework/Play20/wiki/Enumerators
19:21:01 [bblfish]
I don't like the name they chose though
19:24:34 [Pipian_]
Pipian_ has quit (Quit: Pipian_)
19:33:52 [betehess_]
betehess_ (~betehess@31-35-85.wireless.csail.mit.edu) has joined #dig
19:35:33 [betehess]
betehess has quit (Ping timeout: 272 seconds)
19:53:23 [bblfish]
Iteratees, Enumerators, Enumeratees... interesting, but just perhaps a little bit confusing naming system
20:04:55 [bblfish]
soon it will seem completely natural
20:39:33 [timbl]
timbl has quit (Quit: timbl)
20:56:10 [timbl]
timbl (~timbl@w3cdhcp5.w3.org) has joined #dig
21:03:44 [Pipian_]
Pipian_ (~pipian@31-35-101.wireless.csail.mit.edu) has joined #dig
21:08:31 [betehess_]
betehess_ has quit (Ping timeout: 265 seconds)
21:19:50 [RalphS]
RalphS has quit ()
21:22:47 [betehess_]
betehess_ (~betehess@betehess.w3.org) has joined #dig
21:26:21 [bblfish]
betehess_: so I am going to start tomorrow building something with Play2.0 and mini I think. Perhaps see if I can put WebID auth in there
21:29:44 [bblfish]
It would be good to perhaps put a licence on pimp-my-rdf README
22:43:50 [timbl]
timbl has quit (Read error: Operation timed out)
23:10:17 [Pipian_]
Pipian_ has quit (Quit: Pipian_)
23:10:28 [melvster]
melvster has quit (Ping timeout: 245 seconds)
23:14:48 [scor]
scor has quit (Quit: scor)
23:35:48 [scor]
scor (~scor@drupal.org/user/52142/view) has joined #dig
23:46:47 [timbl]
timbl (~timbl@c-24-62-225-11.hsd1.ma.comcast.net) has joined #dig