My take on assertions, which I also tried to stick to in Wikibase, is as
follows:
* A failing assertion indicates a local error in the code or a bug in PHP;
They should not be used to check preconditions or validate input. That's what
InvalidArgumentException is for (and I wish type hints
Hi Tyler,
good to see that since the last discussion of this topic, more people
are in favor of allowing asserts :-)
On Tue, Jul 30, 2013 at 06:45:37PM -0400, Tyler Romeo wrote:
I think the real issue here is just that assertions sometimes aren't used
correctly.
I wholeheartedly agree.
Best
Hi,
On Wed, Jul 31, 2013 at 10:36:56AM +0200, Daniel Kinzler wrote:
* Use boolean expressions in assertions, not strings.
I do not agree that this is best practice in PHP.
Execution time being only part of argument here. Among other arguments
are readability of the error message. When using
On 31/07/13 18:36, Daniel Kinzler wrote:
Assertions are things that should *always* be true.
In my mind, assertions should just throw an (usually unhandled)
exception, like Java's AssertionError.
Indeed. In C, assert() will abort the program if it is enabled, which
is hard to miss. It is not
For storing updateable indexes, Berkeley DB 4-5, GDBM, and higher-level
options like SQLite are widely used.
LevelDBhttps://code.google.com/p/leveldb/ is
pretty cool too.
I think that with the amount of data we're dealing with, it makes sense to
have the file format under tight control.
On Wed, Jul 31, 2013 at 7:42 AM, Tim Starling tstarl...@wikimedia.orgwrote:
Indeed. In C, assert() will abort the program if it is enabled, which
is hard to miss. It is not comparable to the PHP assert() function.
...except PHP's assert() *also* aborts the program if enabled. What am I
$_GET[foo] = 'include( evil_file.php )';
assert( '$_GET[foo] == fluffy bunny rabbit' ); // This is fine
assert( $_GET['foo'] == 'fluffy bunny rabbit' ); // But this is not
Deliberately using a function which reduces the security of your
application to relying on everyone choosing the correct type
On Wed, Jul 31, 2013 at 8:38 AM, Happy Melon happy.melon.w...@gmail.comwrote:
Deliberately using a function which reduces the security of your
application to relying on everyone choosing the correct type of quotes is
definitely asking for trouble.
I don't see how this is an issue.
On 31 July 2013 15:01, Tyler Romeo tylerro...@gmail.com wrote:
On Wed, Jul 31, 2013 at 8:38 AM, Happy Melon happy.melon.w...@gmail.com
wrote:
Deliberately using a function which reduces the security of your
application to relying on everyone choosing the correct type of quotes is
On Wed, Jul 31, 2013 at 10:24 AM, Happy Melon happy.melon.w...@gmail.comwrote:
Yes, IMO, it should be abstracted away with a carefully-written wrapper
function that bridges the semantic gap between I want to do some character
conversions and I want to make this text safe to echo to the
Metadata Set Repo
-
one of the goals of the project is to store Metadata Sets, such as XML
under some type of version control. those Metadata Sets need to be
accessible so that the extension can grab the content from it and process
it. processing involves iterating over the
Hey all,
Mozilla made an announcement yesterday about a new framework called Minion:
http://blog.mozilla.org/security/2013/07/30/introducing-minion/
https://github.com/mozilla/minion
It's an automated security testing framework for use in testing web
applications. I'm currently looking into how
Jimmy just tweeted this:
https://twitter.com/jimmy_wales/status/362626509648834560
I think that's the first time I've seen him say fuck in a public
communication ...
Anyway, I expect people will ask us how the move to all-SSL is
progressing. So, how is it going?
(I've been telling people it's
On Wed, Jul 31, 2013 at 11:23 AM, Tyler Romeo tylerro...@gmail.com wrote:
Hey all,
Mozilla made an announcement yesterday about a new framework called Minion:
http://blog.mozilla.org/security/2013/07/30/introducing-minion/
https://github.com/mozilla/minion
It's an automated security
On Wed, Jul 31, 2013 at 11:23 AM, Tyler Romeo tylerro...@gmail.com wrote:
Hey all,
Mozilla made an announcement yesterday about a new framework called Minion:
http://blog.mozilla.org/security/2013/07/30/introducing-minion/
https://github.com/mozilla/minion
It's an automated security
Good question.
There are two steps to this:
1) Move all logins to TLS
2) Move all logged in users to TLS
The former was dependent on a bug with E:CentralAuth that was causing
$wgSecureLogin to malfunction. I am not sure whether this bug was ever
fixed (I remember seeing Chris submit a patch for
Hallo,
I would like to announce the release of MediaWiki language extension
bundle 2013.07
*
https://translatewiki.net/mleb/MediaWikiLanguageExtensionBundle-2013.07.tar.bz2
* sha256sum: ca381ea1bc1f10c56df28353f91a25129c604ff11938b424833925e8716e2ff3
Quick links:
* Installation instructions
It was so obvious that int. agencies were doing that. It was discussed in
past threads in the mailing list too.
Also, I have read that SSL is not secure neither. So, bleh...
2013/7/31 David Gerard dger...@gmail.com
Jimmy just tweeted this:
On 31 July 2013 19:36, David Gerard dger...@gmail.com wrote:
Jimmy just tweeted this:
https://twitter.com/jimmy_wales/status/362626509648834560
I think that's the first time I've seen him say fuck in a public
communication ...
And wow, this is the NSA slide that triggered it:
On 31 July 2013 19:46, Emilio J. Rodríguez-Posada emi...@gmail.com wrote:
Also, I have read that SSL is not secure neither. So, bleh...
PFS.
http://news.netcraft.com/archives/2013/06/25/ssl-intercepted-today-decrypted-tomorrow.html
Also, https://en.wikipedia.org/wiki/Nirvana_fallacy - this
On Wed, Jul 31, 2013 at 11:40 AM, Tyler Romeo tylerro...@gmail.com wrote:
Good question.
There are two steps to this:
1) Move all logins to TLS
2) Move all logged in users to TLS
3) Serve all traffic via HTTPS
4) With PFS and long HSTS timeouts
The former was dependent on a bug with
Which kind of ignores the issue that encrypting with ssl doesn't do a
lot against traffic analysis, when its publicly known how big the
pages you're downloading are, and how many images/other assets they
have on them. NSA certainly has the resources to do this if they want.
If you can do this
On Wed, Jul 31, 2013 at 2:50 PM, Chris Steipp cste...@wikimedia.org wrote:
3) Serve all traffic via HTTPS
4) With PFS and long HSTS timeouts
Indeed. I need to be more optimistic. :)
The bug has been fixes as part of the new SUL code. Yay!
Nice!
*-- *
*Tyler Romeo*
Stevens Institute of
On Wed, Jul 31, 2013 at 11:55 AM, Brian Wolff bawo...@gmail.com wrote:
Which kind of ignores the issue that encrypting with ssl doesn't do a
lot against traffic analysis, when its publicly known how big the
pages you're downloading are, and how many images/other assets they
have on them. NSA
On Jul 31, 2013, at 3:01 PM, James Alexander jalexan...@wikimedia.org wrote:
Time to start adding a random amount of extra packets with each request? :)
This is what freenet does, but I think supporting SPDY/HTTP 2.0 [1] will help
in this regard as well, as it essentially pipelines requests
Time to start adding a random amount of extra packets with each request? :)
We would need to be very careful to not cause detectable entropy changes
which is not trivial!
Perhaps we promote the deployment of SPDY/QUIC which interleaves requests?
~Matt Walker
Wikimedia Foundation
Fundraising
Like dgerald said, let's not let the perfect distract us from the
better. It will be impossible to 100% secure our visitors' traffic
against an adversary with as many resources as the NSA. But we can
secure our users against adversaries with fewer resources, and we can
increase the cost of a
There was the lofty notion of including all images, CSS/JS/whatnot as CDATA
elements in the page itself, for browsers that support it. That would get
around the one issue, but still allow size-based fingerprinting, especially
since most users will follow links within the site, so the search space
Just one question from a relatively non-technical person: What falls off
the map if everything is done using SSL? Is this the protocol that would
make it essentially impossible to read/edit Wikipedia using a normal
internet connection from China?
Risker
On 31 July 2013 15:12, Magnus Manske
On Jul 31, 2013, at 3:12 PM, Magnus Manske magnusman...@googlemail.com wrote:
There was the lofty notion of including all images, CSS/JS/whatnot as CDATA
elements in the page itself, for browsers that support it. That would get
around the one issue, but still allow size-based fingerprinting,
On 31 July 2013 19:48, David Gerard dger...@gmail.com wrote:
PFS.
http://news.netcraft.com/archives/2013/06/25/ssl-intercepted-today-decrypted-tomorrow.html
Keeping in mind that PFS is not actually perfect either:
http://tonyarcieri.com/imperfect-forward-secrecy-the-coming-cryptocalypse
-
Oh - if anyone can authoritatively compose a WMF blog post on the
state of the move to SSL (the move to logins and what happened there,
the NSA slide, ongoing issues like browsers in China, etc), that would
probably be a useful thing :-)
- d.
___
On Wed, Jul 31, 2013 at 1:06 PM, David Gerard dger...@gmail.com wrote:
Oh - if anyone can authoritatively compose a WMF blog post on the
state of the move to SSL (the move to logins and what happened there,
the NSA slide, ongoing issues like browsers in China, etc), that would
probably be a
OK, so after a bit of trouble I managed to get it working on my Vagrant
instance.
Here's a brief summary of what I learned:
* It uses a MongoDB backend with Python and Flask as a front-end
* There are plugins that implement certain tests (e.g., nmap, skipfish)
* Plans are combinations of plugins,
Oh - if anyone can authoritatively compose a WMF blog post on the
state of the move to SSL (the move to logins and what happened there,
the NSA slide, ongoing issues like browsers in China, etc), that would
probably be a useful thing :-)
I'll be posting blog posts each step of the way as we move
On 07/31/2013 03:23 PM, Risker wrote:
Just one question from a relatively non-technical person: What falls off
the map if everything is done using SSL? Is this the protocol that would
make it essentially impossible to read/edit Wikipedia using a normal
internet connection from China?
Risker
Like I've said before, the NSA spying on what users are reading is still
the least of our concerns. We should focus on making sure passwords aren't
sent over plaintext before attempting to evade a government-run
international spy network.
*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class
Can we enable full security mode (as an optional feature) geographically
based on the most concerned governments, if the whole thing isn't going
fast due to lack of resources?
On Wed, Jul 31, 2013 at 11:35 PM, Tyler Romeo tylerro...@gmail.com wrote:
Like I've said before, the NSA spying on
On Wed, Jul 31, 2013 at 1:39 PM, Paul Selitskas p.selits...@gmail.comwrote:
Can we enable full security mode (as an optional feature) geographically
based on the most concerned governments, if the whole thing isn't going
fast due to lack of resources?
No. That's in fact much, much harder.
Yes, that is exactly what I do. But Google, for instance, redirects me to
HTTP, and if I've logged via HTTPS recently, I would have to log in once
again via HTTP. It's very frustrating. Are there public statistics on HTTPS
v. HTTP processed requests share for Wikimedia? Rough numbers?
For
quote name=Tyler Romeo date=2013-07-31 time=16:21:50 -0400
What might be useful is to have a security instance running MediaWiki with
a similar setup to the actual en-wiki, and then have Minion running on an
instance and have it run the tests that way. Unfortunately, I don't know
how we would
@Paul - Some links that might interest you.
On Wed, Jul 31, 2013 at 4:56 PM, Paul Selitskas p.selits...@gmail.comwrote:
But Google, for instance, redirects me to
HTTP
https://bugzilla.wikimedia.org/show_bug.cgi?id=51002
For inexperienced users yet concerned about privacy, there should be an
On Wed, Jul 31, 2013 at 8:56 PM, Paul Selitskas p.selits...@gmail.com wrote:
Yes, that is exactly what I do. But Google, for instance, redirects me to
HTTP, and if I've logged via HTTPS recently, I would have to log in once
again via HTTP. It's very frustrating.
I think you've misinterpreted.
On Wed, Jul 31, 2013 at 5:00 PM, Greg Grossmeier g...@wikimedia.org wrote:
Tyler: mind reporting this as an enhancement bug in deployment-prep?
Include things like what is needed to get it working etc.
Might be something we could get running against the beta cluster,
perhaps.
Sure thing:
On 07/31/2013 04:35 PM, Tyler Romeo wrote:
Like I've said before, the NSA spying on what users are reading is still
the least of our concerns. We should focus on making sure passwords aren't
sent over plaintext before attempting to evade a government-run
international spy network.
I'm not
On Wed, Jul 31, 2013 at 5:29 PM, Matthew Flaschen
mflasc...@wikimedia.orgwrote:
I'm not sure what that has to do with the the message you replied to. I
completely support rolling out HTTPS where possible (I'm using HTTPS
Everywhere already).
Sorry I might have highlighted the wrong message
On Wednesday, July 31, 2013, Ryan Lane wrote:
On Wed, Jul 31, 2013 at 1:06 PM, David Gerard
dger...@gmail.comjavascript:_e({}, 'cvml', 'dger...@gmail.com');
wrote:
Oh - if anyone can authoritatively compose a WMF blog post on the
state of the move to SSL (the move to logins and what
It would be useful to focus on the short term problem and solution; the coming
quantum computer factoring factory issue which will render large-prime crypto
less useful is still on the horizon.
The big threat is lack of basic HTTPS everywhere. The second is site key
security (ensuring the NSA
On 31/07/13 22:19, Tyler Romeo wrote:
On Wed, Jul 31, 2013 at 7:42 AM, Tim Starling tstarl...@wikimedia.orgwrote:
Indeed. In C, assert() will abort the program if it is enabled, which
is hard to miss. It is not comparable to the PHP assert() function.
...except PHP's assert() *also*
On Wed, Jul 31, 2013 at 7:28 PM, Tim Starling tstarl...@wikimedia.orgwrote:
The php.ini option assert.bail is 0 by default.
So? It's the same way in Java. You have to turn on assertions. It's kind of
natural to assume that if assertions are off the won't cause fatal errors.
*-- *
*Tyler
Also, on a side note, Facebook *just* made HTTPS the default:
https://www.facebook.com/notes/facebook-engineering/secure-browsing-by-default/10151590414803920
*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2016
Major in Computer Science
www.whizkidztech.com | tylerro...@gmail.com
On Wed, Jul 31, 2013 at 5:22 PM, Tyler Romeo tylerro...@gmail.com wrote:
Also, on a side note, Facebook *just* made HTTPS the default:
https://www.facebook.com/notes/facebook-engineering/secure-browsing-by-default/10151590414803920
As an FYI - facebook, a site where every person is logged in
On 01/08/13 10:05, Tyler Romeo wrote:
On Wed, Jul 31, 2013 at 7:28 PM, Tim Starling tstarl...@wikimedia.orgwrote:
The php.ini option assert.bail is 0 by default.
So? It's the same way in Java. You have to turn on assertions. It's kind of
natural to assume that if assertions are off the
Hi,
I noticed some pages we crawled containing error message like this;
div id=mw-content-text lang=zh-CN dir=ltr class=mw-content-ltrp
class=errorFailed to render property P373:
Wikibase\LanguageWithConversion::factory: given languages do not have the
same parent language/p
But when I open
On Wed, Jul 31, 2013 at 5:59 PM, George Herbert george.herb...@gmail.comwrote:
The second is site key security (ensuring the NSA never gets your private
keys).
Who theoretically has access to the private keys (and/or the signing key)
right now?
The third is perfect forward security with
On Wed, Jul 31, 2013 at 9:28 PM, Anthony wikim...@inbox.org wrote:
On Wed, Jul 31, 2013 at 5:59 PM, George Herbert george.herb...@gmail.com
wrote:
The second is site key security (ensuring the NSA never gets your private
keys).
Who theoretically has access to the private keys (and/or
On Thu, Aug 1, 2013 at 4:28 AM, Anthony wikim...@inbox.org wrote:
On Wed, Jul 31, 2013 at 5:59 PM, George Herbert
george.herb...@gmail.comwrote:
The second is site key security (ensuring the NSA never gets your private
keys).
Who theoretically has access to the private keys (and/or the
On Wed, Jul 31, 2013 at 10:47 PM, Tim Starling tstarl...@wikimedia.orgwrote:
If the error is serious
and unexpected, and likely to cause undesirable behaviour
If this is the case, then you don't use assertions. You would use
assertions for things that don't have major side effects on the
58 matches
Mail list logo
