sudo-sys April 2014

sudo-sys@sudoroom.org

4 participants
11 discussions

Deleted extra users for sudo room calendar / blog

by Matthew Senate

If you want to check to see if your user account was deleted, please try to log in here: https://sudoroom.org/wp-login If you forgot your password, use this: https://sudoroom.org/wp-login.php?action=lostpassword To register for the first time to post on the events calendar and sudo room blog (NOT THE WIKI), then register here: https://sudoroom.org/wp-login.php?action=register Let me know if any data is missing, I have a backup to restore if necessary. // Matt

10 years, 7 months

Website Upgrades

by Matthew Senate

Hey all, I'm working on a series of upgrades for the website. Testing out a new wordpress theme and event management / calendaring plugin on our development site. Please take a look: http://dev.sudoroom.org/ I plan to have www.sudoroom.org direct users to a landing page on this site, with clear donation and calendar information, rather than directing them to the wiki (as it does now). I'll also need a few people to help migrate content, is anyone interested? No coding skills required, just copying old event information into the new event form so we can preserve the historical data. // Matt

10 years, 7 months

Re: [sudo-sys] Website Upgrades

by Yar

On Tue, Apr 29, 2014 at 4:37 PM, Matthew Senate <mattsenate(a)gmail.com> wrote: > I plan to have www.sudoroom.org direct users to a landing page on this site, > with clear donation and calendar information, rather than directing them to > the wiki (as it does now). Why can't we just work to put clear donation and calendar information on the wiki? You probably know that my preference has been to deprecate wordpress and eventually move everything onto the wiki. I put a lot of work into that project after first seeking input from everybody else involved. I think the wiki format has potential to be more transparent and hierarchical.

10 years, 7 months

Re: [sudo-sys] Website Upgrades

by Yar

On Tue, Apr 29, 2014 at 5:58 PM, Matthew Senate <mattsenate(a)gmail.com> wrote: > [snip] Okay, thanks so much for explaining at length. This decision does seem reasonable. I suppose we'd never get rid of wordpress entirely since we already have a rich blog history, so it just makes sense to use its other strengths too. I still am apprehensive about other things creeping out of the wiki and onto the wordpress, and information being duplicated in both places. I hope we can stay vigilant about that. I apologize for what must come off as a series of terse negative emails the past few days. I know this is a critical formative time for Sudo and I hope to be more available to help in depth again sometime soon.

10 years, 7 months

Re: [sudo-sys] [sudo-info] paying for domain transfer

by Yar

On Mon, Apr 28, 2014 at 3:11 PM, Matthew Senate <mattsenate(a)gmail.com> wrote: > Can we submit a support ticket with godaddy to remove the lock? You can try, I doubt it though. The internet seems to be full of people who have tried and failed. Sorry for my mistake.

10 years, 7 months

Re: [sudo-sys] New Calendar w/ Booking, Recurring Events, and Feeds (ical)

by Yar

On Tue, Apr 29, 2014 at 12:50 AM, Matthew Senate <mattsenate(a)gmail.com> wrote: > create your own account on the dev.sudoroom.org site using: > > user: sudoer > pass: superuserdoroom I appreciate all your hard work on this, but I would advocate for a more security-conscious approach to this. My two concerns are: 1) We should not share a wordpress admin account passwords on a public mailing list. Admin accounts are able to modify files on the server and execute arbitrary code. This creates a very easy way for anybody on the internet to pwn our entire web server and attack our users. 2) We should not serve the dev site on http or encourage users to create accounts in cleartext. I can move it seamlessly to https://sudoroom.org/dev/ with your consent. I think we owe our users better than this, especially since we've taught some of them to use Tor at our cryptoparties. They have trusted us with email addresses and passwords in (among other things) the blog, wiki, and mailman. This puts them and us at risk. It also nullifies a lot of past time and effort that's gone into keeping our server secure.

10 years, 7 months

New Calendar w/ Booking, Recurring Events, and Feeds (ical)

by Matthew Senate

http://wordpress.org/plugins/events-manager/ coupled with the jquery ui fullcalendar plugin: https://wordpress.org/plugins/wp-fullcalendar/ we have a potentially vastly improved calendaring system. You can see it here: http://dev.sudoroom.org/calendar create your own account on the dev.sudoroom.org site using: user: sudoer pass: superuserdoroom // Matt

10 years, 7 months

Re: [sudo-sys] [Reboot] Authentication system

by Yar

On Mon, Apr 28, 2014 at 2:46 PM, Matthew Senate <mattsenate(a)gmail.com> wrote: > Given that it was a pain in the butt and took a bunch of time, at the very > least it may be worth it (in the long term) to use Mozilla Persona to hack ... > > Added a wiki page with more details here: https://sudoroom.org/wiki/Persona Persona's future is uncertain. Mozilla is no longer developing it, and while they still host the servers, the most they can say is that decommissioning "will absolutely not happen in 2014." :P http://identity.mozilla.com/post/78873831485/transitioning-persona-to-commu…

10 years, 7 months

Re: [sudo-sys] [sudo-info] paying for domain transfer

by Yar

On Mon, Apr 28, 2014 at 2:33 PM, Matthew Senate <mattsenate(a)gmail.com> wrote: > So for some reason this didn't go all the way through. I'm not sure why. > Does anyone want to state the next step, or should we start from scratch? It didn't go through the first time because Jacob's email was the admin contact in whois, Godaddy sent him a confirmation link, and he never clicked it. So I changed the admin contact to be info(a)sudoroom.org and tried again. Which was a mistake because it apparently triggered a 60-day transfer lock, so Godaddy won't let us try again until mid-June.

10 years, 7 months

[Reboot] Authentication system

by Matthew Senate

I've been thinking about how we could to encourage app development without having to increase the administrative costs, especially for user authentication. Does anyone have any thoughts or experience with authentication systems (CAS or otherwise) that they can share? Specifically, it seems like Mozilla Persona is a really good solution for us to implement and work towards: https://en.wikipedia.org/wiki/Mozilla_Persona A lot of systems already have libraries or support: https://developer.mozilla.org/en-US/Persona/Libraries_and_plugins It would be easy to implement using Mozilla.org as the provider, but due to decentralization of the system, we should be able to point to our own implemented server instead in the future. Or perhaps there is a better alternative? // Matt

10 years, 7 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

sudo-sys April 2014