[00:00:12] OH NO [00:00:22] that's my single answer [00:01:21] Elaborate? [00:04:10] i found eightteen xsses in cargo [00:04:16] i don't think it's gonna go well for moderation [00:04:35] yikes [00:04:58] oh, and the ability to run arbitrary sql functions and two CSRFs [00:06:34] And this folks is why you have cargo in its own DB [00:06:51]  [00:07:14] So true [00:07:32] What other Yaron’s have you tried [00:10:24] not even my first program i wrote in 2018 can compete with cargo [00:10:31] it has zero security vulnerabilities [00:10:36] i barely knew how to use for loops back then [00:11:23] anyway [00:11:27] > [12/11/2024 11:07] What other Yaron’s have you tried [00:11:36] i tried to find vulns in replace text, but couldn't find any [00:11:46] but i think it's bundled with mediawiki normally? [00:11:53] ExternalData? [00:12:02] oh yeah, that too [00:12:10] couldn't find any vulns, even if i tried [00:12:16] Impressive [00:12:17] surprisingly [00:12:25] What others does he have [00:12:25] i should pick out a random yaron extension and do a sec review [00:12:28] as fun [00:13:51] Can you get the list [00:14:03] https://www.mediawiki.org/wiki/user:yaron%20Koren#My_extensions [00:14:59] Widgets [00:15:07] :pupCoffeeMH: [00:15:12] heh [00:15:32] If you can find a vuln in admin links [00:15:37] I’m fucking done [00:17:24] BlankEclair: I’d say try Page Exchange [00:17:33] i actually looked, couldn't find one [00:17:39] I’d be interested in seeing if it could be used on dev wiki [00:18:07] https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/DataTransfer/+/refs/heads/master/includes/DT_Utils.php#17 [00:18:13] i think someone doesn't know that you have to enable ooui [00:18:51] Think it would pass sec review? [00:18:59] so uh [00:19:03] how do i say this [00:19:13] That’s how you know it’s good [00:19:19] 🍿 [00:19:23] Let’s hear it love [00:19:26] i'll be testing the extension locally [00:19:40] use uselang=x-xss on a specific page [00:20:27] How many [00:20:41] now I want popcorn because of pixi lol [00:21:15] four system messages on a page so far [00:23:34] For page exchange [00:23:41] 4 xss [00:23:44] On one page [00:24:19] same cause [00:24:28] ugh, why does my server have to be so slow [00:24:33] okay, i have a phorge task to create now [00:24:47] Claire and Pix for SRE when [00:24:54] lol yeah [00:25:48] Isai [00:25:53] me for [00:25:56] nothing [00:25:57] yes [00:25:58] Did you see when I set up a local mediawiki [00:26:16] https://tenor.com/view/ghost-modern-warfare2-stare-meme-2022-gif-27104713 [00:26:20] lol [00:26:22] I did not [00:26:33] please give a summary [00:26:35] Count yourself fortunate [00:27:01] [1/2] Looked something like this [00:27:01] [2/2] https://cdn.discordapp.com/attachments/615786602454581249/1305690277758898278/image0.jpg?ex=6733f254&is=6732a0d4&hm=91fb9eaf3401c8c334e3a09d9ce5a62101a02d02417ff69756d6f891f12f10ba& [00:27:15] lol rip [00:27:16] This was when I first set it up fully from scratch on Ubuntu VM [00:27:26] Now i use [[mw:cli]] [00:27:26] https://www.mediawiki.org/wiki/cli [00:27:26] [00:27:36] on fresh install? [00:27:39] with no extensions? [00:27:44] I may or may not have [00:27:51] Dilly dallied [00:27:54] With chown [00:27:56] Just a bit [00:27:58] https://issue-tracker.miraheze.org/T12870 [00:28:09] yippe [00:28:25] Private task 😔 [00:28:31] must be serious [00:28:35] chown 655 usually fixes everything [00:28:44] i mean, private tasks for security vulns :p [00:28:46] That’s chmod [00:28:49] and chown www-data [00:28:51] i'll send the first part of the task though [00:29:01] > so uh, pixl and i were criticising yaron's security posture in his extensions, and i decided to randomly pick an extension and do a security review on it [00:29:03] > uhhhh [00:29:05] > (image of xss) [00:29:16] I tried that [00:29:19] be sure to be as unprofessional as possible in your tasks! [00:29:22] chmod 777 also works \:P [00:29:22] That VM is probably dead now [00:29:28] I mean it’s private [00:29:31] agentisai: please don't [00:29:35] yes [00:29:42] lol [00:29:44] yamete kudastop [00:29:51] embrace bad permissions [00:29:51] wow, lots of traffic here [00:30:01] oh hey juest [00:30:02] Replace SRE with MWS(much less braindead) and we probably would [00:30:09] i did a security review in a yaron extension for the lolz [00:30:11] hey how its going, i should probably not be joined to the miraheze irc channels, right? [00:30:24] I forgot that SRE doesn’t exist anymore [00:30:28] oh wait, there's a couple more [00:30:57] But we both can’t [00:31:13] For one reason or another with is definitely not NDA [00:31:22] i've been having sort of a connection hazard with znc [00:31:23] Hola [00:31:36] Secretary’s been delaying with the NDA form \>:( [00:31:36] so i think maybe i should leave some channels like this one [00:31:59] you can still be here even if you don't use mh if you want to [00:32:08] hmm, do BNC services still exist [00:32:14] yeah i know, but im on mh discord so i guess its pointless to be joined here [00:32:24] on irc that is [00:32:28] except for tech-ops [00:32:30] I was on the irc channel too at one point [00:32:36] I think at least 75% of IRC members are also on Discord [00:32:39] so its not that unheard of [00:32:45] yeah, not unheard of [00:32:51] rhinosf1 is both on irc and the discord [00:32:53] I’m also on IRC just because why not [00:32:57] lol [00:33:17] anyways been quite a while since i wasnt here :) [00:34:06] good to see you [00:34:23] Secretary is finishing his Masters [00:34:27] Same [00:34:30] is it a good idea to try a billion laughs attack on my server [00:34:44] I’m finishing my doctorate, no excuse \:P [00:34:57] Wait shit really? [00:35:00] must be cool [00:35:05] I didn't even finish community college [00:36:51] okay cool, i found yet another xss [00:36:58] this time because of a print() statement (?????) [00:37:29] print doesn’t even exist in JavaScript [00:37:33] php [00:37:46] i didn't even know that function existed [00:38:03] Yaaaaaaaarrrooooonn [00:38:11] huh [00:38:24] there's a debug() function defined with a commented out print() [00:38:26] and yet... [00:38:32] there's a direct call to print() anyway [00:39:48] oh wait, print is a keyword [00:40:00] @agentisai id make a joke calling you doctor but I don’t remember your surname:waah: eh retcon. Hi Dr. Penguin! [00:40:21] Dr. Isai [00:40:26] lol? [00:41:39] lol [00:41:46] No isai is his first name though [00:41:52] huh okay [00:42:16] yeah, agent is basically agent prefix like type of person [00:43:10] Agent is actually derived from my childhood fascination of becoming an EPF agent (read: Club Penguin spy) [00:43:11] https://files.catbox.moe/i4s5g5.png [00:43:13] avghelper: i did it [00:43:18] took me a month, but you're welcome [00:43:43] I have memories of being on the Club Penguin Wiki too [00:43:53] interesting [00:45:13] my childhood fascination was either being a pokemon trainer or being on a virtual world like in one of the old cartoons I used to watch [00:49:19] or I dreamed of being in outer space because I was really into astronomy when I was much younger [00:50:38] I’m surprised meteorologist wasn’t in the mix [00:50:58] Hmm that was in my teenage years but it was there [00:51:13] just later on [00:52:32] according to my dad I used to have the stats of the planets memorized [00:52:36] (I don't anymore) [00:53:46] Actually this reminds me of when I met a local meteorologist in my senior year of HS. The school I was in made it happen and I was like [00:53:47] omg no way [00:56:57] lol, i figured out a way to make mediawiki core eat 100% cpu [00:57:19] hmm [00:57:19] I'm scared to know how [00:57:22] is it supposed to stop? [00:57:27] it's not stopping... [00:57:59] Please don’t do that on prod [00:58:02] oh okay, it stopped [00:58:25] pixldev: what's stopping me? :3c [00:58:28] (/lh) [00:58:31] lol [00:58:43] i wonder if i can dos my own server this way [00:58:46] The toggle on Special:CentralAuth/BlankEclair [00:58:50] a [00:58:52] touche [00:58:52] oop [00:59:31] congratulations, girl made her server eat up 100% cpu on all cores [01:00:09] nothing like some old fashioned murder can't fix [01:00:12] rip I'm scared to know how that can happen [01:00:16] Om nom nom [01:00:17] Claire [01:00:22] Would this work on beta [01:00:47] maybe [01:00:51] > [12/11/2024 12:00] rip I'm scared to know how that can happen [01:00:53] htop [01:01:13] htop? [01:01:29] you top your system [01:01:32] or dom [01:01:42] oh [01:01:47] lmao- [01:01:48] interesting [01:01:56] okay okay, htop is a process manager xD [01:02:05] i just killed the php processes that were being hit [01:02:12] oh [01:02:17] sounds interesting [01:02:44] … [01:02:52] Tell me about this please [01:02:55] a [01:02:57] about what? [01:03:18] OOMing beta [01:03:36] i don't think it can oom [01:03:38] i hope? [01:03:46] but it can make it use 100% cpu until it hits the time limit [01:04:42] I don’t wanna hope on IRC if I make a PGP key on my phone rn do you wanna tell me how it works lol [01:04:57] lmao that works, i guess? [01:06:00] The key is 1k over the char limit [01:06:09] eks dee [01:06:14] Waaah [01:06:20] awawa [01:06:21] I could email it to you [01:06:21] But [01:06:23] At that point [01:06:28] We could just email talk [01:06:37] imagine [01:06:40] private phorge task where we talk [01:06:52] But talking to each other in public with PGP is funny af [01:07:02] oh wait [01:07:03] paste [01:07:19] On phorge? [01:07:24] yeah? [01:07:31] or do you want me to make a task so we can talk [01:07:39] conpherence, task edition [01:08:16] Nah lmao [01:08:29] i can make it visible to just the two of us ;) [01:08:35] why did i wink [01:08:35] I’ll email you my public key and you send me yours [01:08:37] Funnier [01:08:58] lmao sure [01:09:09] 8866 53BF BBA3 1BC2 4904 2484 6F08 77E2 8B7F E933 [01:09:21] Sent [01:10:07] Is it on a key server [01:10:11] yeah? [01:10:16] omg why is it so long [01:10:25] Pffft [01:10:39] Idk I’m using the PGPro app on my phone I had [01:10:49] What’s the email associated with it [01:11:06] Disroot? [01:11:09] yeah? [01:11:27] Huh [01:11:38] The app may just be stupid [01:11:42] > > gpge --import gay.asc [01:11:43] > gpg: no valid OpenPGP data found. [01:11:45] > gpg: Total number processed: 0 [01:11:55] What [01:12:40] ??? there's a BOM? [01:12:44] > gay.asc: Unicode text, UTF-8 (with BOM) text, with CRLF line terminators [01:12:45] Wat [01:12:57] so there is [01:13:43] okay, imported [01:14:24] Still can’t find yours [01:14:30] Let me look on the server directly and copy [01:16:01] okay, so [01:16:25] -----BEGIN PGP MESSAGE----- [01:16:27]  [01:16:29] hQGMA+MNwhoknZkrAQv9Ff94u6Q/sBMfU3ZPLfBS1DZILZ71FX84h7qEwyJ88Fj8eEwFV6uApIjsx3mh1ieNQdnFiIAaguI80VJShieJ/8t3oCvGzhiDB5XylC0iwmu+uRSDdL13/uIkkxHZwCTH6t0o5GMC2vF+LsOvpJKLEq5MpV/OXYU2a/Jo7YQrSi/n/bo2iw+UIcTLCL/0H40Nz+ROHzMXT+Ot7K5vFztx29F17114KxwZOQWMamXPanOaCcdwct6m2/Yh0SAGbS/dAg5EzIAQ08tAvaXs7VmT2T8T3VRFYsXztJvd7jhLQKljK3HPrWjH99dY0dLPUdzJdVhFl21X2X/M4SHIxmGkjfvL0+mhx7cSNjM63sPYnNlbwA2UExauEDpOcqqPHqBojojZOu/ [01:16:30] S1ZwAlWSpbCd6vqbeonO5LeKt7tLXPCGcGg4iFlfxhjANCtSze0J/QRG5sBWhzrzfLD7GDE2SPcYLi4x2Jed94xQ0iuDpfldc3SbscIiUheod9PlSbkZ0dfjNhF4Db+LqT23UpncSAQdADzr4o5BvO0nXpHhxzKexMZxXHeosXT73ThfLfFYaljMwkPF9kwLd35Wg70+YTzwWyuRkHHxzZ3ifJECESWWtpC07hOQyCPQ10Z31/8BZAsTF0sAKAbY4P08ujl22pT1i5tumqbNxTjE0EUWvZjxHr6RW6X7iO3GZBAI7oss/4kuRLYqjPK/Vbo/CVMFsQjdzkVU37tbicDXTG3tgzT73L4UXAE7wITCTY/kJur/lwCmv8yOqcMlSPkQzuuC/ [01:16:32] ChLWx3Fv+pOtNNzp9pWrZwjiQfOrnbDhyTSuaNnACNQRfMa9++nPnGiiGyRWPQs2rEeYlUXu+cHUhtxDGJDAYRgH4S4j8sc429RY7BxMIUYGwC6aeXyE6TBQo/+5BtlPxw===LJIp [01:16:33] -----END PGP MESSAGE----- [01:16:58] It’s split between messages by lmao [01:17:07] nothing like cutting can't fix :3 [01:17:34] > > wl-paste | cut -d' ' -f4- | gpge --decrypt |& head -n1 [01:17:36] > gpg: encrypted with cv25519 key, ID 6FE2EA4F6DD4A677, created 2024-10-09 [01:18:00] You forget I’m on mobile [01:18:15] brb getting openkeychain and revolution irc on my phone [01:18:26] Could’ve at least send as a txt [01:18:34] (/j) [01:18:56] Where the hell is your key server though [01:20:33] https://keyserver.ubuntu.com/pks/lookup?search=886653BFBBA31BC2490424846F0877E28B7FE933&fingerprint=on&op=index [01:20:34] For a bit I forgot why we doing this [01:20:43] lmfao [01:20:54] Oh sweet [01:20:57] alternyatively [01:21:02] https://github.com/BlankEclair.keys [01:21:05] When I open the public key I can just open with the app and it imports [01:21:06] wrong link [01:21:09] https://github.com/BlankEclair.gpg [01:21:48] [1/24] -----BEGIN PGP MESSAGE----- [01:21:49] [2/24] Version: ObjectivePGP [01:21:49] [3/24] Comment: https://www.objectivepgp.com [01:21:49] [4/24] Charset: UTF-8 [01:21:49] [5/24] wV4Db+LqT23UpncSAQdAfUUV4/YTgQsn0VlGqDmm6QweXkf+hZJZLlLKadjtrHgwo+Z/QGidAS0i [01:21:50] [6/24] 2hc6fkPpLfSTKCUcBKkv854tPmQMhE90qP1KEZDNsVVsBW0P3fFMwcDMA+MNwhoknZkrAQwAv/Yq [01:21:50] [7/24] qCzB7uCkO1NJfPzXLTb73yHIJQtafa8lrbXQifskXkCEgpJo70J6zcgENZiJ+ygY2U1xA6TqT9lw [01:21:50] [8/24] wKwlmf7gsd9zbZqAZ5rYZYD7YILVFKAsT0eqzg3lNr7jPKmXGbOm9sRzu/XgoAIdjlCg+IApUrna [01:21:51] [9/24] dtkOp1zdTIAF43IWdhQS5MtpJVZ0n8D+a+4fQluPazVOe6BOHQPABAHKMmaIbRNa2F3hJrL5fcxU [01:21:51] [10/24] U2n8PFCUBSdux8nQcJkUWgX6qAl0oOHtarGD3jJQCjjbE2qGXYM00SwSeJ+21VsxT1Vs9JEH3VTN [01:21:51] [11/24] XCJNjS2vYHr52AO92iXFzrDSIlILVPIHD3cWLyid4B1JAntyueDnO11oyxZ6CYYEaMkTcgpC3uSY [01:21:52] [12/24] SwyKHC76ageGzoQ74q932IztMMEEeNuH4QF/6gIO1N0pYtp1Ph+Rc20TTXnoT8jAGV0faDhBFU5l [01:21:52] [13/24] XaaHiCRypwgtYnQeSLBC29ztzySZFdh2mVlgd20pdjhCuJU4Y6BE0sFPAXIH/a4MtfUzMl+oRnrU [01:21:53] [14/24] zGmVrIu+bclBaJXVvfO9sFbd7/DpkkD2ivBS8TLg2bX8z56UoCbrfuwK1/tOsLHMlefgWSxbKK2h [01:21:53] [15/24] YLK7YNabWhr3zL1a8v1R0z5oGn5w3wwurRxMzP0Qs3FDPYMmsvbZUOcdvW6xiB2ElV57RQ04Uw/2 [01:21:54] [16/24] vQJKi8dorO9GQT9X08GfNxytPs8iiEtYHsNdvykyUm+FSvEkwbx+O6Biytuh3+Bkq3ZUQ18Gx1Px [01:21:54] [17/24] Gc4KPmnMpd6jwTvxM04Z8PTmH3AQx2E/Qmk29VLb048eclwqNZhMd/eUyk/8CvI/m7YN/6Gv82g+ [01:21:55] [18/24] sLQ900mGRRaITbwRQ34/GHookPe+PDU8Y0vL3BXPgpMFUedCoGbf2Y1nWs2ym+fo2JQ2Rxz6ImcD [01:21:55] [19/24] slqS8CtX/zuZuRhxDPb4Xgc7IbELhUfsxB3d+FZRh6vUvvzmJcjcgpY72MOSNsm2fYvUHUayLj0Z [01:21:56] [20/24] wGLXpS5vuUZOVqjPxSKm/OSlyz7Pu9kqc/5VJkXJNUtw+KXt8cHjV0qbjwrzTe8aIOecsQshhkfe [01:21:56] [21/24] UaYvcdIdSH6ipdEuSP9lllwdLEkFC4SzkDxr8BSSec4f8Ad3mXgeJxWCsjtU5dUqMqUb45GLBAq4 [01:21:57] [22/24] LveuYGMWY1d9+XDAxJEzca9ywXBp3/lceUDZ3eBZ58bRFtYab6FRak6CENieleY8iDoj4k2Zjkk= [01:21:57] [23/24] =sEzU [01:21:58] [24/24] -----END PGP MESSAGE----- [01:22:06] Oh shit wait [01:22:21] https://github.com/pixDeVl.gpg [01:22:28] Huh [01:22:35] I don’t have that key on my phone though [01:23:08] -----BEGIN PGP MESSAGE----- [01:23:09] [01:23:11] hQGMA+MNwhoknZkrAQwA4OZsU/PAAOcc5XrSs1xXkq0QJnE6MzTn3DAyuaE5jm8LlKPB3rNf471tOR2WW74RP3QpeThrSWj3FpNyAdwcFJSx2HwmfIkYLGP+2AoP4NotSiUthcZsasglmKY0FRvhl8Am8lOW8xl7Md7LmDTG0FrVJKWsHYfayLrx63BZO+sSFaunq5VGXUIqmwjlzW4t/lg/+sMJmZhtMLmnTg2Ovp7vkTlZm9Mq3uf8QXQKnqN1wmmFxaj6UDtoAJ8schHRWbK+bWFu6dJ+neeaFatUKQL44HTNZ/nMinTkjnU76/nJwHleXpCsTsBZLsy76Lr8rLnCTFqIqwLZBNGZQ14rW9NiPQqoyudPZ1Jj5SK4SGvAknYVVCsPraY2vQ7rd2IgchqEd/ [01:23:12] xoAl1nCoC2zZ0UYhZM5nA8TH57TY6AvY8wjJQJBMjd/McLGLxJLhF0rHiPrK9RW5u4lgNLn36OLAtwbHVK99FNBgs0tZAM6bUVkuGnbfgMInU8KUgduTzTQmrQhF4Db+LqT23UpncSAQdAutqWk7hj9JeZHTPKwXJNKEPF/sLOULKZcQJ3jHbCN0swWQqCSrn/C40i01I2/u1eq8OpOQv30lIDUAtkwbj2hzsi7XVdE2Gai9hhMbunwwib0sAFARVOgaV9wy2Io+hZDKFaJXqgzIiSkUxVo/KsVPBhgmYxZc/iVkMv6Tya6jLTGXLdgHaWVUNyq1GoRHxbHdkmqA3JuVVxNJXZF2TsfU5viY+g+cjMv0j5/hz1l8Wfah7IzxMLe3uYuuoOox+KuB32Nz6AbyP/VN1/ [01:23:14] RxLN4k+IEHME7V21paqYQXjUAJVM83u/NVTEMTRomGP7Dv3+R2ah1Q6p3aS0QyavHyy+lVgAulCon+E9NqTf3leKPIc0AtmtzJK9Cnw==gr5l [01:23:15] -----END PGP MESSAGE----- [01:23:31] Ooooooh. Fuck decryption is gonna hurt [01:24:42] maybe this was a bad idea [01:24:48] fedi [01:24:55] home timeline for the lolz [01:25:22] oh wait [01:25:26] what's your character limit? [01:25:45] 500 LMAO [01:26:03] oh [01:26:07] lame [01:26:08] Bluesky has it worse. [01:26:14] 300 😂 [01:27:03] be a catgirl and get access to 10000 characters [01:27:54] I thought it was 3k [01:28:14] tested just now :p [01:28:18] if i ever migrate off of wikis.world im gonna go somewhere with a sane limit [01:28:57] We could have like [01:28:58] just [01:29:03] email chained [01:29:34] lmao yeah [01:29:41] hi average [01:29:57] [1/2] > @Average i did it [01:29:57] [2/2] epic 💜 [01:30:11] you're welcome 💜 [01:30:17] we're currently doing end-to-end encryption [01:30:22] ooooo [01:30:24] fun [01:30:28] Badly [01:30:31] very badly [01:30:35] there are some [01:30:41] "is this what end-to-end encrypted rooms are?" [01:30:46] Platform difficulties [01:31:10] We could send txt files [01:31:12] what happens if i use /me with a gpg-encrypted message [01:31:21] Hm [01:31:23] * BlankEclair hQGMA+MNwhoknZkrAQwA4OZsU/PAAOcc5XrSs1xXkq0QJnE6MzTn3DAyuaE5jm8LlKPB3rNf471tOR2WW74RP3QpeThrSWj3FpNyAdwcFJSx2HwmfIkYLGP+2AoP4NotSiUthcZsasglmKY0FRvhl8Am8lOW8xl7Md7LmDTG0FrVJKWsHYfayLrx63BZO+sSFaunq5VGXUIqmwjlzW4t/lg/+sMJmZhtMLmnTg2Ovp7vkTlZm9Mq3uf8QXQKnqN1wmmFxaj6UDtoAJ8schHRWbK+bWFu6dJ+neeaFatUKQL44HTNZ/nMinTkjnU76/nJwHleXpCsTsBZLsy76Lr8rLnCTFqIqwLZBNGZQ14rW9NiPQqoyudPZ1Jj5SK4SGvAknYVVCsPraY2vQ7rd2IgchqEd/ [01:31:24] xoAl1nCoC2zZ0UYhZM5nA8TH57TY6AvY8wjJQJBMjd/McLGLxJLhF0rHiPrK9RW5u4lgNLn36OLAtwbHVK99FNBgs0tZAM6bUVkuGnbfgMInU8KUgduTzTQmrQhF4Db+LqT23UpncSAQdAutqWk7hj9JeZHTPKwXJNKEPF/sLOULKZcQJ3jHbCN0swWQqCSrn/C40i01I2/u1eq8OpOQv30lIDUAtkwbj2hzsi7XVdE2Gai9hhMbunwwib0sAFARVOgaV9wy2Io+hZDKFaJXqgzIiSkUxVo/KsVPBhgmYxZc/iVkMv6Tya6jLTGXLdgHaWVUNyq1GoRHxbHdkmqA3JuVVxNJXZF2TsfU5viY+g+cjMv0j5/hz1l8Wfah7IzxMLe3uYuuoOox+KuB32Nz6AbyP/VN1/ [01:31:26] RxLN4k+IEHME7V21paqYQXjUAJVM83u/NVTEMTRomGP7Dv3+R2ah1Q6p3aS0QyavHyy+lVgAulCon+E9NqTf3leKPIc0AtmtzJK9Cnw==gr5l [01:31:28] that... works, i guess [01:32:06] :SXFAnyaDizzy: [01:33:15] i just realized [01:33:20] with cat mode, refering to Ana becomes Anya [01:33:25] I manually copied the sections [01:33:28] invalid message [01:33:32] huh [01:33:34] weird [01:33:38] bashing my head [01:34:08] Do you wanna just sent as a txt on litterbox [01:34:21] > ~ $ my head [01:34:23] > No command my found, did you mean: [01:34:31] but doing it over irc is way funnier [01:34:59] I know we left practicality behind 3 stations ago but still [01:35:03] if it like [01:35:06] worked [01:35:09] pretty fun [01:37:55] i have so many discord roles lmao [01:38:56] CA is the only i see with more [01:39:04] and void is tied with me [01:39:09] [[WP:HATC]] [01:39:09] https://meta.miraheze.org/wiki/WP:HATC [01:39:11] (/j) [01:39:16] Hush [01:39:34] actually once i unlock tech ill be tied with CA [01:39:45] tech dlc [01:39:49] coming soon [01:39:50] then i just need to join TS and the board [01:40:01] :EpicFaceMH: [01:40:19] sooner then you may think [01:40:23] lol [01:40:26] tomorrow [01:40:31] (psych warfare enabled) [01:40:38] nnnnot that soon [01:40:42] hehe [01:40:59] People have lives [01:48:34] imagine [02:07:07] arcane soundtrack slaps [02:08:07] BlankEclair do you wanna explain your evil idea in PMs like normal people [02:08:10] well [02:08:18] am snaccing [02:08:19] but l8r [02:08:24] IRC already pulls us out of normal [02:08:44] thank you i need to finish 2 more math problems and am procrastination [02:09:01] watched the yubikey intro video cause why not [02:09:12] have you ever used a hardware token [02:32:48] https://www.yubico.com/works-with-yubikey/catalog/internet-explorer/ not being a 404 is crazy [02:32:56] https://www.yubico.com/works-with-yubikey/catalog/?sort=popular-for-individuals decent list [02:53:53] > [12/11/2024 13:09] have you ever used a hardware token [02:53:54] not yet [02:54:16] looking to try? [02:54:25] ..i sound like a drug dealer :sus: [02:55:01] hey did, you wanna try some _yubikey_??? [02:55:01] lol [02:55:15] i'll be getting a yubikey soon enough ;) [02:55:31] wow I'm on IRC with the cool kids now [02:55:37] no way [02:55:40] lol [02:56:21] ngl i'd get a yubikey that i could leave in my laptop if it actually has more than three usb ports [02:56:23] BlankEclair omg same [02:56:40] Mine has 3 too rip [02:57:07] there are keys that are meant to stay in your computer [02:57:38] interesting [02:57:57] https://www.yubico.com/au/product/yubikey-5-series/yubikey-5c-nano/ [02:58:18] problem is i use two ports for charging (usb c on both sides on the laptop, depending on what position in bed i'm laying) [02:58:29] and one port i use for plugging in my backup hard drive (usb a) [02:59:05] also, the price of the keys would make me spontaneously explode if i had to pay for them lmao [02:59:10] i need to get a new laptop so ill see [02:59:16] yeah its smt [02:59:22] Secure it Forward? [02:59:27] yeah [02:59:39] god bless our lord and savior samuel [02:59:47] oh and uh ig yubico [02:59:54] and the wikitide foundation [03:00:01] yeah them too [03:00:16] also finally made my first donation to miraheze(!!!) [03:00:22] epic [03:00:29] does it count as a donation if it was ~a requirement [03:00:40] i also love how i did two currency conversions lmao [03:01:01] BlankEclair I donated thrice the amount asked to cover shipping [03:01:06] so [03:01:08] oh nice [03:01:29] +1 discord role lmao [03:01:53] i told rhinos now that he has my address i expect holiday cards [03:02:12] meanwhile me: [03:02:13] > [Sunday, 10 November 2024] [21.21.54 Australian Eastern Daylight Time] i'm tempted to say "now never refer me by that name ever", but i feel like you have enough tact xD [03:02:37] ah [03:02:42] huh [03:02:45] hm? [03:02:46] paperwork didnt wanna catch up? [03:03:02] in theory, i could deliver it to claire [03:03:11] but then i'd've to pick it up in person, and uhh [03:03:18] let's just say i haven't transitioned yet [03:03:51] you're already most certainly a gay girlthing to me lmao [03:03:54] on a more positive note, i used this opportunity to send a well-timed meme to rhinos [03:03:55] https://files.catbox.moe/4oqc54. [03:03:59] bruh i forog tthe url [03:04:04] https://files.catbox.moe/4oqc54.jpg [03:04:19] a lmao [03:04:21] > [12/11/2024 14:03] you're already most certainly a gay girlthing to me lmao [03:04:22] hell yeah [03:04:26] i haven't come out to the government tho [03:05:36] if you dont mind me asking(im just morbidly curious, something you should be familiar with) is claire the name you use/intent to use IRL or is it a specific internet name [03:05:48] yeah i like claire [03:06:30] It's a very nice name [03:06:34] thank you <3 [03:06:52] and thank you IZ (BLUE STAR ENTERTAINMENT) for creating Witch's Heart xD [03:06:59] https://vgperson.com/games/witchheart.htm [03:07:21] and since as far as I care then, Clair is your name, that means i can add that to my mental tally of people's whos real names i know [03:07:36] oh neat [03:07:41] which looking at the tech page. is more then you'd think [03:07:51] I will eventually change my name [03:07:55] oh? [03:08:09] oh wow, the tech page is big [03:08:12] but its probably not gonna happen for quite a while yet [03:13:47] Clair or Claire? [03:19:11] BlankEclair/ Clare [03:19:21] i [03:19:25] that [03:19:27] is an option [03:20:12] (it's Claire) [03:40:45] pixldev: https://www.trustpanda.com.au/products/yubisocks-passwords-stink [07:06:50] The thanks is 100% with yubico for giving us free keys [19:06:02] @bluemoon aforementioned episode is now live on the site [19:06:07] @bluemoon0332 [21:00:11] nice, will check out tomorrow [21:00:52] why aren't the high ranking officers of the WikiTide Foundation going on PBS as well, like what are they doing? [21:00:54] smh [21:01:24] Uuuuuuh, we got a few directors on Between the Brackets? [21:01:37] 1. Takeover wmf [21:03:15] Oh yubico oh [21:03:21] Good plan! [21:03:37] (I do recall getting yubikey from you, except it wasn't free) [21:03:50] Yes, they were extremely cheap last time [21:03:52] Probably not for your mental health tho [21:04:00] This time it's only postage to pay [21:04:05] Oh heh [21:04:10] I think the foundation is footing the bill [21:04:26] The foundation has a discretionary budget to support [21:04:28] Probably their ESG blah blah [21:04:39] But so far we've only used an estimated 30p of it [21:04:54] Mostly thanks to @pixldev's generous donation of triple the suggestion [21:05:07] I actually haven't used that cheap yubikey [21:05:22] (It is in standby; I still use my 2015 yubikey) [21:05:38] At the moment, most current volunteers can claim up to 2 through the secure it forward [21:05:39] Not yet broken, so that is [21:05:56] If it's a success, I may expand it to a wider group of volunteers and former ones too [21:06:12] But I'd probably have to use a fufillent provider if it was too wide a group [21:06:22] Cause I have to put my home address on the customs paperwork [21:06:33] True [21:06:50] Fly to US just to send using corporate address /joke [21:06:51] something is in the work, trust [21:07:15] Ofc it will cost damn [21:07:15] I did some research and found a pretty cheap fulfilment option [21:07:17] Money [21:07:23] But I need to confirm pricing on it [21:08:00] For now I'm more of in need of a new desktop anyway [21:08:08] To use anything yubikey or blah blah [21:08:24] I don’t think there are any roles we’re missing ngl [21:08:29] If any [21:08:29] My desktop decided to commit suicide after 10 years of reboot-once-a-month. [21:08:46] (Yes, no shutdown) [21:08:49] rip [21:09:08] Once-a-month-reboot was actually 'Windows Update mandated reboot' [21:09:11] I might add commons admins / crats (so @rodejong) and testwiki consuls [21:09:13] So it was not even taking a rest [21:09:29] And former holders of any of the groups too [21:09:40] As a phase 2 [21:09:47] do you have a large number of keys? [21:09:48] Eh, would hardly make a difference. Former holder would be more impactful [21:09:52] At least I only had meta admin and sysadmin [21:10:06] but not really useful for the purposes of securing the farm \:P [21:10:09] At least those who remain friendly with current ppl? [21:10:13] We have a few spare if everyone takes up the offer but they said we can ask for more [21:10:24] force them to rejoin in order to get a free yubikey 😆 [21:10:26] Is meta admin covered? I know IA is [21:10:28] Someone like @pancake.aurora being compromised would still have an impact [21:10:28] IE? [21:10:34] arguable [21:10:44] Agreeable [21:10:51] :-p I no longer hold any sensitive user rights [21:10:52] someone on left on friendly terms will find it very easy to get access again [21:10:55] “I’m a former sysadmin. Give me all the passwords” [21:11:01] I can see that happening tbh ^ [21:11:02] protecting their accounts makes sense [21:11:02] Except my mailbox hold some sensitive data I think [21:11:06] Yes but people know who you are [21:11:10] I would give over revi a copy of mhglobal if asked [21:11:13] Indeeeed [21:11:21] So like your account gets compromised and its reputation [21:11:23] I never visit China for that reason [21:11:29] You're also probably at higher risk of an idiot [21:11:32] I believe CCP is interested in torturing me [21:11:39] Or targeted compromise [21:11:47] (For targetting Chinese Wikipedia) [21:12:03] I would like the scheme to be open to as many people are reasonably possible [21:12:11] While it still having bounds [21:12:35] I never even left North-Western Europe 😂 [21:12:43] I'd also consider admins and crats of high profile wikis but I don't know how I'd define that [21:12:56] That is, I live next to China. [21:13:03] maybe certain Discord regulars like those in the “MediaWiki Support Volunteers” group should be eligible as well [21:13:12] And usual cheap airlines are usually china [21:13:21] Maybe [21:13:25] So it cost me a bit more to avoid china (and now HK included) [21:13:29] best for you to not go east or southeast 😆 [21:13:33] Discord admins & mods are but nothing else yet [21:13:46] To me I think reputation/good standing is a must. [21:13:51] I expect phase 2 of the scheme will open in the new year [21:13:56] We shall see [21:14:02] I think Legroom and Ro are reasonable to give keys to as discord regulars [21:14:07] Or I should return to activity to get my revi@miraheze back /joke [21:14:18] you should consider it [21:14:23] or else reviwiki gets dropped [21:14:34] Is there a list of what groups actually exist on discord [21:14:35] More email address to abuse for my test inbox [21:14:51] I suppose mods have access to it [21:14:51] :blobsob: [21:14:54] I know we have MW Support & CSS/JS Support [21:15:02] Take a screenshot of it [21:15:59] Here you go [21:16:19] Except '15 only' [21:16:21] Shit. [21:16:54] An application? [21:17:01] Yup [21:17:04] enjoy abusing the bot :-p [21:17:16] I'd rather some idea of a ruleset [21:17:23] Objective criteria is better [21:17:33] [1/3] https://cdn.discordapp.com/attachments/615786602454581249/1306004986445959250/IMG_5159.jpg?ex=6735176d&is=6733c5ed&hm=28af5117dbbf831db7865521d5d9be0c1e4aeaa0ec59e832ee5d92db69fb28fc& [21:17:33] [2/3] https://cdn.discordapp.com/attachments/615786602454581249/1306004986869842020/IMG_5160.jpg?ex=6735176d&is=6733c5ed&hm=e463264c7132cb3f7b82e80716da002049200994c8a3ae516db8d4a65072fc55& [21:17:34] [3/3] https://cdn.discordapp.com/attachments/615786602454581249/1306004987393998899/IMG_5161.jpg?ex=6735176d&is=6733c5ed&hm=67c8e86cff30cd67efbcecde95643e75b67eea79b4d958b5203b96fb5da85600& [21:17:53] Board election committee [21:18:07] /me immediately thought of Ltd stuff [21:18:09] I guess Board Election Committee should be eligible too [21:18:16] Also discord manager [21:18:21] Isn’t that just mainly stewards [21:18:28] yeah, ElectCom was just Stewards [21:18:30] Discord Admin & Mod is though so I guess manager is redundant [21:18:31] That’s an additional thing to discord admin [21:18:34] So already covered [21:18:55] IIRC it was for the server user no. 1 [21:18:58] MW & CSS/JS Support should probably be included next round [21:18:58] Aka NDK [21:19:22] NDK is honorary Discord Manager [21:19:32] even though the role doesn't exist by RfC [21:19:41] Yeah. He founded the server anyway [21:19:50] I recall it because I was member no. 2 [21:20:03] that's quite a flex [21:20:15] lol [21:20:33] That was why I used to have write permission at #info-and-rules ('s predecessor) [21:20:48] As I was the author of the message which was the rule… :-p [21:20:59] Heh [21:21:07] I remember that [21:21:23] So I could amend the rule at my will /joke [21:21:26] I always found the no ghost pings rule funny because it's the only actual "rule" [21:21:40] all the rest were just to follow CoC and Discord ToS [21:21:45] Yeah. [21:21:46] People were dumb enough it was needed [21:22:05] And that brings me to CoCC [21:22:12] That times… oh. [21:22:18] Too much nostalgia [21:22:27] CoCC was good intentioned but wow was it stagnant [21:22:33] CoCC while I was on it never closed a case [21:22:33] Yep. [21:22:39] It was useless [21:22:40] Me neither IIRC. [21:22:51] I don't think it ever closed a case [21:22:58] according to Doug, there was still a "pending" case which Stewards were in the process of "handling" [21:23:00] Maybe one? i don't recall [21:23:02] it never got handled [21:23:06] So John got pissed off and RfC closed it [21:23:08] it's still marked as pending on stewardswiki [21:23:12] Barely used [21:23:22] how many years ago [21:23:31] Doug was as usual talking crap [21:23:34] very funny yes [21:23:41] Back to me being on CoCC [21:23:44] 3+ years [21:23:48] I know the case [21:23:57] I think I remember it [21:23:58] At least 2018 [21:24:06] discord actually changed it so you cant edit permissions you don’t have write access too [21:24:08] When I was member [21:24:13] messages* [21:24:16] Someone should formally close it [21:24:18] Yup, that is why [21:24:47] At this point i just wanna see how far we can go [21:25:02] it'd be funny to leave it open [21:25:22] My search of `miraheze-cocc` in my mailbox yielded fun names [21:25:29] Which I shall not name [21:25:54] (For ofc confidentiality reasons) [21:26:24] The case wasn't strong back in like 2020 [21:26:36] It's not going to be useful now [21:27:03] But ye it was the only case CoCC ever accepted and it never ruled on it [21:27:09] Give me a free seat where I can sit back and watch fun stuff [21:28:05] It only accepted one case? [21:28:09] We can still watch fun stuff [21:28:14] Formally ye [21:28:24] yeah i dont think John was particularly wrong in sniping it [21:28:26] Informally a bit more come and go [21:28:28] In 4 years [21:28:35] But never formally acted upon [21:28:41] Only one case was formally investigated [21:28:49] Insane [21:28:52] And we never closed it [21:30:04] [1/2] Such history [21:30:04] [2/2] https://cdn.discordapp.com/attachments/615786602454581249/1306008136905130066/IMG_6767.png?ex=67351a5c&is=6733c8dc&hm=05b0351c00cfc4f9b7fcb2cc617dbfdb2ad70e3234932a82522d368318b139e4& [21:30:08] John was pissed off cause he reported the issue [21:30:53] I do end up saying 'oh fuck nagios warnings' [21:30:59] Wait what? [21:31:23] By the code of conduct commission [21:32:35] And my inbox search also says 'Travis CI' [21:32:44] I get too much… dopamine [21:32:54] Sometimes the lack of will to do something because it's to bureaucratic or work-intensive really makes me shake my head in disbelief. [21:33:09] heh [21:33:38] I doubt it was only that [21:33:40] I remember Travis [21:33:43] And how it died [21:33:49] Yeah [21:34:00] Or don't want to enter conflicts. [21:34:00] And december 2015 when something happened [21:34:11] I'm not sure how much of the case is public knowledge but I have an idea of why it's never been closed [21:34:25] Omg omg this full of source of nostalgia [21:34:56] december 2015 was an interesting month [21:35:02] Oh you do recall [21:35:07] Yeah it truly was [21:35:21] /me was wondering if people know what happened behind the scene at that time [21:35:27] December 2015 [21:35:31] That's pre us [21:35:45] the incidents are somewhat know [21:35:52] Yep [21:36:17] > [13/11/2024 08:28] And we never closed it [21:36:19] lmfao [21:36:25] I had a wiki on MH at the time and I remember lurking on IRC during that [21:36:36] I know much more than I can say (via some other NDA), and I don't know what is safe to release so I won't speak much [21:37:01] it's been discussed in length before [21:37:01] But I can say there was a blog entry on WMF blog. [21:37:08] it's pretty easy to clue from the blog post, yeah [21:37:15] Yeah lol [21:37:20] That is public info. [21:37:27] And that guy got WMFBANned [21:37:29] I think almost everyone knows [21:37:36] Now no more mystery [21:37:37] I check in and there's unresolved ancient drama? [21:37:57] Ye that WMF ban is public knowledge [21:37:57] ah [21:37:59] This one resolved archaeology [21:38:02] just like unresolved childhood trauma [21:38:13] but this time, way more fun to watch from the sidelines [21:38:14] A certain member of wmf management didn't have nice things to say [21:38:23] it's a long stale drama [21:38:31] More of history book. [21:38:54] It became problem because he… held miraheze domain at that time [21:39:04] And he disappeared with WMF blog entry. [21:39:30] that legacy really impacted us for a long time [21:39:37] Yeah. [21:39:41] Wikimedians would openly be hostile towards us [21:39:54] I think the reason you were denied WMF security pre-notice was it [21:39:59] yep [21:40:03] (At least security told me so) [21:40:15] it's only been recently that we've started to be treated nicer [21:40:17] (While I had security bug access via WMF steward…) [21:40:38] we could probably see if WMF grants us security prenotices now [21:40:48] I don't think there's a good reason to deny it anymore [21:41:00] (To be fair, my security bug access was given after my MH resignation) [21:41:14] dual agent \:P [21:41:31] (The incident that led to security bug access happened May 2018, I resigned June or July 2018, I got security bug after probably after that) [21:41:36] secret agent [21:41:46] And I lost it with my S resignation [21:41:56] I sorta miss that access [21:42:29] (Not that I need access) [21:43:17] the curiosity is always there [21:43:23] I'm sure ops@lists.wm.o would have much more funny archives w/r/t that but I never got access to it [21:43:32] interesting [21:43:47] discord remembers my setting from when i had nitro last time [21:43:57] makes sense i guess [21:44:08] why delete data when you can just ignore it at runtime [21:44:10] Because it's probably just a paywall? [21:44:21] Which controls your access to paid features [21:44:24] Absolutely lol [21:44:33] And if anyone is wondering [21:44:37] i didnt pay for this [21:44:48] smart [21:45:07] oh wow [21:45:07] I paid too much uh [21:45:15] Or too long [21:45:23] its been so long since i had nitro my bio said semi official support guy [21:45:27] https://cdn.discordapp.com/attachments/615786602454581249/1306012006641565707/image.png?ex=67351df6&is=6733cc76&hm=b20480fe58c771e0a173268735a567326f72b44b83eab68dc0d69eec3a742300& [21:46:16] re song name: i think at least some of us find anime girls at least pretty [21:46:23] [1/2] Lmao [21:46:23] [2/2] https://cdn.discordapp.com/attachments/615786602454581249/1306012240981266572/image.png?ex=67351e2e&is=6733ccae&hm=017d09bf93d166e205bfc33943ad09158a355e8cff140700bfbd8fb4fa150780& [21:46:35] the song is more aboht gacha games and addiction lol [21:46:38] [1/2] Mine… (don't attempt to talk to me) [21:46:38] [2/2] https://cdn.discordapp.com/attachments/615786602454581249/1306012305477206170/IMG_6768.png?ex=67351e3e&is=6733ccbe&hm=ffc3f34e671e6006e6ee8dcdcee7829815b2bae7ab833a2a16624eb6ba2810c9& [21:46:39] MIraheze my beloved <3 [21:46:55] light mode user detected [21:46:57] that's a pretty theme <3 [21:47:17] [1/2] Super light. [21:47:17] [2/2] https://cdn.discordapp.com/attachments/615786602454581249/1306012469566767156/IMG_6769.png?ex=67351e65&is=6733cce5&hm=a4a2ca4487ba215c970e4a15092695a035f822e8fad7357e2865a6eefba73b56& [21:47:26] And I'm still not sleeping at 06:47. [21:47:31] (24h notation) [21:47:32] that is a nice theme actually [21:47:47] yellow slays too actually [21:47:54] i prefer dark themes, but these are pretty nice [21:48:05] same [21:48:11] and what is that emoji [21:48:15] in your bio [21:48:17] I like the idea of don't talk to me. [21:48:26] me or revi [21:48:27] I wish I could put that in my work status [21:48:30] revi [21:48:30] Lol [21:48:44] I even had this on WMF google chat I think [21:48:58] (Before they settled @ Slack I think) [21:49:03] WMF…. Google chat? [21:49:04] i don't even know the name of that emoji, so i can't type out the link lol [21:49:14] I use google chats for Scouting [21:49:16] WMF product team used google chat briefly [21:49:19] I hate it [21:49:23] It sucks [21:49:27] Google chats isn't awful [21:49:28] i have to readd everyone [21:49:33] permissions are fucked [21:49:35] i hate that there are no modern and good chat platforms [21:49:40] Slack is not great [21:49:41] Had I been WMF when they adopted slack, I would yell at them [21:49:41] (irc does not count as modern, to my dismay) [21:49:46] are we talking bout the same platform [21:49:47] I'm in 2 very large slack groups [21:49:57] (I yell at anything wmf mostly) [21:49:59] It's better than Cisco jabber [21:50:21] i (metaphorically) yell at yaron whenever i find a security vulnerability in his extensions [21:50:24] I dislike teams a lot but that's cause a certain strategic partner set it up for us [21:50:27] Jesus [21:50:35] _wonders if @originalauthority knows which one_ [21:50:40] At least they got enterprise plan now [21:50:42] Print out a picture of hs face and put it on the wall [21:50:47] or a duck [21:50:51] https://wikimedia.enterprise.slack.com resolves correctly [21:51:03] lmao [21:51:04] Wow okta [21:51:06] time to use this as precedent for us to move to Google Chats [21:51:08] Sadly only one of my 2 work slack servers has enterprise [21:51:14] he can watch me criticize his extension as a joke [21:51:16] I don't but teams fuckin sucks bad [21:51:23] then find so many sec vulns that i give up documenting them [21:51:24] It really makes me suicidal [21:51:28] You said you work for one that I dislike. [21:51:28] Hearing that PING [21:51:31] Back in my time, I used custom LDAP to reset passwords [21:51:42] So it's either your work or the other one I've expressed dislike for in here [21:51:56] Me never [21:51:56] I think I've only ranted about 2 strategic partners [21:52:01] And the concept of it [21:52:04] If you do I’m resigning from tech [21:52:21] We have free slack for one of them although slack randomly upgrades us to pro for a bit every so often [21:52:31] huh, why? [21:52:34] No, go for blackberry. [21:52:53] mandate to use talk(1) [21:52:54] Claire; I assume cause slack want to give us a taste and assume we have money [21:52:58] lol I do know that kind of thing [21:52:59] We don't have money though [21:53:25] ah yes xD [21:53:36] I just have a slack instance for myself for those integrations demanding 'slack' and not slack-compatible APIs [21:53:38] Blackberry was the SHIT back in the day [21:53:49] (That's the point) [21:53:51] that was fun [21:53:56] i think i'm sitting in the most bisexual position ever oh my god [21:54:00] I still miss BBM [21:54:23] i can't really take a pic tho [21:54:36] Today's random DYK [21:54:42] Samsung allows iPhone at work [21:54:46] lmao [21:54:51] (I mean, Samsung Electronics) [21:55:02] Except, you need to have a sticker put on your camera. [21:55:12] i occasionally randomly realize that 2020 was almost five years ago [21:55:12] And that is checked on entry and exit. [21:55:14] a:waaa: [21:55:31] lmao what [21:55:36] Samsung phones do not have sticker restriction [21:55:42] No suprise, they provide a lot of the tech that builds them [21:55:46] smh, discrimination [21:55:54] people can use smasnug phones to spy too [21:55:58] Because MDM you know [21:55:59] BlackEclair: wait until you get older and realise that people you've taught when they were 7 can now take GCSEs [21:56:02] oh [21:56:07] They build their own MDM for samsung [21:56:16] So they can do whatever they please for their phones [21:56:19] Not so much for Apple [21:56:27] https://cdn.discordapp.com/attachments/615786602454581249/1306014775276474378/20241020_213441.jpg?ex=6735208b&is=6733cf0b&hm=4fca96a2a557006cef503e3919e9459964d36acaa7c9470392568e8f47b7836d& [21:56:29] right, i think you can disable the camera with device admin [21:56:32] Apple doesn't really do doing whatever you want [21:56:36] ie. They cannot reset their samsung phones [21:56:37] Apple is the worst [21:56:43] They assume users are stupid [21:56:43] 1. those are some abs [21:56:48] Havs you ever tried developing for iOS? [21:56:49] Which tbh is a good assumption [21:56:53] Yes [21:56:53] 2. those abs look like bread omg [21:56:59] And then when you… sell your mdm registered home phone [21:56:59] Bros gotta have about 400 gb free storage just to download xcode [21:57:03] Disaster time for buyer [21:57:17] > wtf I cannot reset this phone [21:57:18] and I thought Zenless was bad [21:57:20] Ye that's basically true [21:57:25] > why do I get asked for Samsunrg internal credentials [21:57:27] Xcode is awful [21:57:42] Also VS2022 is like 70GB tbh [21:57:45] Samsung ended up opening 'MDM HelpDesk'. [21:57:45] frp: samsung edition xD [21:57:56] For non-samsung people [21:58:08] To make it possible to disable mdm. [21:58:14] that's hilarious [21:58:20] Yeah. [21:58:27] > [13/11/2024 08:57] Also VS2022 is like 70GB tbh [21:58:29] that's horrifying [21:58:29] BlankEclair: you get my email too [21:58:31] mhm [21:58:50] Someone go look at mwtask too [21:59:04] that's when i learned that despatch is a word [21:59:14] always seen it spelt as dispatch [21:59:17] WikiaDispatchableObject [21:59:28] Wikiaaaaaaaa [21:59:34] aaaaaaaaaaaaaaaaaaaa [21:59:35] what do you mean its not dispatch??? [21:59:36] I still type wikia for fandom [21:59:43] pixldev: yes?? [21:59:55] thanks redirection [21:59:58] anyways claire did you manage to decide on a key cover [22:00:05] antifandom <3 [22:00:18] https://files.catbox.moe/f8581l.png [22:00:25] BlankEclair: Royal Mail are lying anyway. It has not been dispatched to them. It's sat on my dining room table in an envelope [22:00:27] wordnet says that despatch exists [22:00:29] lmao [22:00:30] I just purchased the postage [22:00:48] i assumed that royal mail meant that they're waiting for your package [22:00:51] Again, I always go for shortest typings(even on desktop) [22:00:53] So all I have to do is scan a qr code [22:00:59] BlankEclair: yes that's what they mean [22:01:01] are you sending me a holiday card rhiiiiiinos [22:01:04] > [13/11/2024 08:59] anyways claire did you manage to decide on a key cover [22:01:05] yeah [22:01:06] No pix [22:01:09] one diamong prism + one purple [22:01:14] a:waaa: [22:01:16] also, i can't spell diamond to save my life [22:01:18] I ended up running my own url shortener for even less typing [22:01:20] You're not getting a Christmas card pix [22:01:35] http://go/b/wmf/1 > phab task 1, for example [22:01:37] All addresses will be destroyed once delivery is confirmed [22:01:50] :TechnoHeartBroken: [22:01:53] (Thanks Google for inspiration) [22:02:04] so that means that pixl has to send his address to rhinos a second time [22:02:14] And I should, too. [22:02:19] /me likes one [22:02:21] If he wants a Christmas card [22:02:26] (I mean, postcards) [22:02:32] He can send another donation to the foundation too [22:02:39] xD [22:02:56] Fine [22:03:00] never said how much [22:03:08] Rip bros pocket money 😛 [22:03:12] you think you can send $0.01 through paypal? [22:03:17] @pixldev enough I can bill harej for it [22:03:33] How much is that [22:03:42] i donated via GitHub [22:03:43] 4.75 pounds? [22:03:46] huh okay [22:03:47] Please don't donate money to the foundation to get a Christmas card for the record [22:03:56] I like that idea, tho [22:04:01] Well a card is like £3 at the post office [22:04:04] puts card back in wallet [22:04:07] Plus postage [22:04:14] It would actually be a nice idea [22:04:40] I shall see when my Government will reimburse me [22:04:50] Or I gotta go to court to get my due money [22:05:09] is accidentaly spelling diamond as diamong a common occurance? [22:05:29] Uh no don’t believe so [22:05:44] WHY TF I HAVE 8 EMAILS [22:05:50] @pixldev I got another job for you [22:06:04] i wonder if auto-replace will handle diamond? [22:06:06] hell yeah [22:06:13] More emails [22:06:15] It should [22:06:16] More!!!! [22:06:21] Only 8 [22:06:31] I get 8 emails at work if I go to the loo some days [22:06:32] 17 emails in inbox lol [22:06:35] 3.1K in archive [22:06:57] https://cdn.discordapp.com/attachments/615786602454581249/1306017420191862784/IMG_6771.png?ex=67352301&is=6733d181&hm=9477001ea0e1e3a154067f90902ce7943d75a242cb7e85e5a3aafcf8db60433f& [22:07:02] i checked like less then an hour ago [22:07:25] Let’s hear it [22:07:26] @pixldev find us a print on demand Christmas card service too [22:07:29] huh, interesting ticketing system i found [22:07:57] https://files.catbox.moe/mhbhy6.png [22:08:04] [1/3] And there's even more [22:08:04] [2/3] https://cdn.discordapp.com/attachments/615786602454581249/1306017698286796871/IMG_6772.png?ex=67352343&is=6733d1c3&hm=2b910a130709d91a20ba133b7b2a55a269a1fdb3102092eb904528b5b122c1f7& [22:08:04] [3/3] https://cdn.discordapp.com/attachments/615786602454581249/1306017698622345318/IMG_6773.png?ex=67352343&is=6733d1c3&hm=a19c60770bd20978d6fc80c82994e8fb2c70bf6a145d493f8982653b5b7c2174& [22:08:05] define the requirments and give me 2 days [22:08:21] Same as merch but for Christmas cards [22:08:40] guess i'm gonna buy these covers from yubico :3 [22:08:53] If you can find a service we can use to ship cards people purchase, I will buy you the first one @pixldev [22:09:00] Uh image never loading lol [22:09:33] ship directly to them? [22:10:01] organization [22:10:17] It's mostly controlled by filters to auto-sort [22:10:26] And then I only skim the subject [22:10:35] And read what I want to read based on subject [22:10:42] such power [22:10:56] Like this bugzilla mail https://bugzilla.mozilla.org/show_bug.cgi?id=1930759 [22:11:26] > [Bug 1930759] New: DigiCert: Domain used for CRLs and OCSP has expired [22:11:31] lol. [22:12:31] I use the numbers in front of label name, just to force correct sorting [22:12:38] Thanks Dewey [22:12:49] (Dewey the DDC) [22:13:06] Yes [22:13:12] Reminds me, i wonnder if bumping a task on chrome’s issue tracker is a bad idea [22:13:43] _dunno because he doesn't use chrome_ [22:13:55] Firefox’s? [22:14:54] Yup [22:15:08] [[mh:revi:Google Chrome]] has my curse at them I think [22:15:08] https://mh.wikipedia.org/wiki/revi:Google_Chrome [22:15:09] [22:15:19] Uh nope [22:15:33] It was [[mh:revi:H:Google Chrome]] [22:15:33] https://mh.wikipedia.org/wiki/revi:H:Google_Chrome [22:15:34] [22:15:47] But then Korean only. [22:15:55] h indeed [22:16:08] Let me search… [22:17:43] > [13/11/2024 09:08] guess i'm gonna buy these covers from yubico :3 [22:17:46] on second thought, no [22:17:53] This made me consider Chromium 'a program that abuses the word 'Browser' while not being one' [22:17:56] https://issues.chromium.org/issues/40462201 (this) [22:18:00] dang [22:18:38] Anyways uh breaking news i have a cake in my Fridge i fucking forgot about [22:18:43] uh [22:18:44] EAT [22:19:07] I was literally thinking “i want dessert, did I finish all of that cake” [22:19:10] And then later Google removing the https:// and the www./m. from url bar further confirmed my logic :-p [22:19:18] guess i'll use double rainbow as my backup one [22:19:36] ugh yeah, that’s so annoying and they didn’t even leave a flag in to disable that [22:19:49] They later re-added the option [22:19:57] But fuck you Google [22:19:59] oh nice [22:19:59] also have some golden kiwi left mmmmm [22:20:03] Boat is already gone [22:20:37] I'm not particularly happy with the Mozilla's direction (doing some non-browser things) but at least better than Google. [22:21:29] (I think right clicking that browser bar now have 'always display full url', that was what I saw in the summer) [22:21:44] Instead of the hidden flags [22:21:53] At least more accessible for most non-nerds [22:22:13] Did you hear about the google drive developer bullshit [22:22:24] The payment? [22:22:58] If I am thinking the correct thing that was probably some audit with wtf money of payments? [22:23:03] Not exactly [22:23:06] yea [22:23:06] Heh. [22:23:09] Oh right. [22:23:13] gimmi a sec [22:23:23] theo made a good video on it, my memory is fuzzy [22:23:48] https://youtu.be/UMiB5Z7n6Y8 [22:23:53] https://help.panic.com/transmit/transmit5/google-drive/ [22:24:10] I learned of it here I think [22:24:50] yeah theo mentions panic [22:26:21] Om tasty cake [22:26:33] back to watching She-Ra [22:27:20] So yeah, I've been just using b2 as daily storage (lol) [22:27:32] which one is b2 [22:27:43] https://backblaze.com/ [22:27:52] S3 compatible storage [22:28:00] But I still somewhat have Google Drive for their… google docs. [22:28:31] They never have been third party friendly anyway so not really surprised they chose to go even more 3rd party unfriendly [23:27:48] @bluemoon0332 what did data transfer do again [23:28:07] hm? [23:29:31] right [23:29:33] irc [23:29:49] can you see this [23:29:57] i can see that it's a reply to yourself [23:30:01] but not the actual text [23:30:14] are you asking while dt was disabled? [23:31:33] yea [23:31:48] its a forward of OS’s announcement bout it [23:32:01] wait [23:32:06] os made an announcement? [23:33:19] https://cdn.discordapp.com/attachments/615786602454581249/1306039151203717140/image.png?ex=6735373e&is=6733e5be&hm=35cf578bb7f0b1a3a13db40dbe5495a6a8a8767638d41d56304d0c74451f1ad4& [23:33:29] oh hey neat [23:33:33] not sure if i should say this [23:33:50] but let's say that i renamed the task from "XSS in Extension:DataTransfer" to "Security vulnerabilities in Extension:DataTransfer" [23:34:39] also, you're partially to blame for indirectly making me look at it [23:35:04] (does strikethroughs relay to irc?) [23:35:21] s/irc( i can't write sentences omg)?/discord/ [23:35:48] it does [23:35:52] oh yay [23:36:05] i actually haven't finished the sec rev yet [23:36:06] the discord formatting for it is `this` [23:36:32] i just gave up, and plan to make patches as i find the problems [23:36:42] because i have a gut feeling that it'll spiral to something like the 18 cargo xsses [23:37:18] I think worse [23:37:25] oh no [23:37:29] please don't [23:37:33] the extension is smaller [23:37:37] Is it a Yaron? [23:37:40] (i think i'll find like 9 xsses) [23:37:44] the extension? [23:38:06] ya [23:38:20] yeah ofc [23:38:32] it's not every day that i give up mid-security review [23:38:48] hopefully i can get to it by the end of this week or next week [23:39:04] i am procrastinating instead of studying for exams [23:39:10] i have one due in a couple hours :3 [23:39:32] i should revise, but i don't know how to to save my life [23:40:48] i think Extension:FlexForm was the worst extension though [23:40:53] code structure made me had a breakdown [23:42:03] Oh yea [23:42:38] you have a very bright career ahead of you as a security reviewer [23:42:42] Know what we need [23:42:44] thank you <3 [23:42:55] hmm, i wonder if i can say a slightly-nsfw statement here [23:42:59] an episode of Between the Brackets [23:43:23] where claire interrogates erm interviews Yaron [23:43:36] that might take a couple years [23:43:43] but oh dear, it'll be painful for him [23:43:55] > [13/11/2024 10:42] hmm, i wonder if i can say a slightly-nsfw statement here [23:44:05] asking for permission :point_right::point_left: [23:44:14] as IRC oper, I say yes [23:44:21] yay [23:44:35] it's wild how i had a more negative reaction to flexform than watching two girls one cup [23:45:20] i watched the entire thing, and personally, it was just boring to me [23:45:52] I think Yaron will collapse if he hears that [23:46:05] luckily, flexform wasn't by yaron [23:46:28] whos [23:46:41] dunno, lemme check [23:47:01] https://www.mediawiki.org/wiki/Extension:FlexForm [23:47:04] wikibase solutions or smth [23:47:21] COMMERCIAL? [23:47:58] huh [23:48:00] lmao [23:48:04] it brought this gem tho [23:48:05] https://transfem.social/notes/9ytsal7pscao008r [23:48:27] oh I remember that [23:49:43] tempted to talk about security vulns, but i don't think i should >_>