livetraffic NSW - bit of flooding, eh?

ah ok.. i see now.. is noted and i will add links

I was looking at diabook when I wrote that. There are links to profiles/$profile_id but no link to profperm/$profile_id

See the page /profiles for an example (though the profperm link won't show up unless you've created at least one alternate profile besides the default)

just checked it in diabook... seems there are these option in edit-drop-down... if there are further requests to meet more privacy for user, let me know

@Friendica Theme Developer

Just a note that we don't have a link to the /profiles management page on many of the newer themes. This allows one to restrict profiles for specific audiences and this option isn't exposed through any other links on some themes.

There was some backend work done to provide these management links from the "edit-profile" submenu (near the profile photo on the page). However the templates don't currently provide  this "edit visibility" option, so it might be a good idea to provide a 'manage profiles' link either in this sub-menu or one of the other menu drop-downs on the short term - and add the necessary links to (profile_vcard.tpl) with appropriate theming to edit visibilities in the long run.

besides, hallucinations can be fun!

oooh, unit tests

I made use of SSL an option in fren.tcl for friendica posting.

Yep... fine.

Yeah, I like a @howtobreakfriendica group.

I started writing #unit tests today. I didn't push them right now, because there aren't much yet and the #phing script to execute them is not ready.
I've seen a few things I didn't expect by now (anyone: what happens, if the autoname function in text.php is called with 0 as argument?). Those are not really "bugs", but undocumented behaviour, so things that may lead to confusion.

What bothers me most is that get_tags() seems to be missing tags. Maybe it is my test case, so I'm going to have another look into it tomorrow. If I can not find the problem, I'll file a bug report.

"..mild hallucinations at times during waking hours.."

Sweet dreams!

Nobody should have a popup at free-haven.org anymore. I bought a cert.
Only, now my posts with fren.tcl aren't coming through.
And all my posts with curl, I had to add -k.
This may be due to forcing ssl.
I'm going to have to make ssl optional in fren.tcl, I think.

or local caching, on disk, refreshed when needed. mechanisms already in place (please ignore if i said this already in this thread)

yeh @Paul Taylor, where?

@Tony Baldwin I had no problems with Diaspora until I installed SSL. After that, things became rocky, and I thought my SSL installation was the problem, but it later turned out that the Diaspora server I tested with simply had massive post losses in both directions. m(

@Mike What if people's avatars were served by the server they are viewed at, not by the author's server? This would make the cert popup problem vanish.

@Paul Taylor Really? Where? 8-I

Of course there are...

I'm just trying to keep "normal people" from leaving Friendica because they get a bunch of cert warnings.

Do we have any normal people on ~friendica yet?
I haven't seen any...

I was receiving no updates from Diaspora contacts here until I installed a proper SSL certificate, then dumped and re-added my Diaspora* contacts.
Now I'm at least getting their updates, but still can't comment on them.
I do have D* connectivity turned on in the admin panel.

Happy digital dreams @Mike

Loss of productivity, really strange dreams, mild hallucinations at times during waking hours. I recall these symptoms quite well from the browser wars.

Chronic sleep deprivation has started to set in. 'night folks.

it would be good if browsers tracked server key signatures like ssh.

@Simon L'nu :) yeah i think in every neighborhood. Few years ago dated a mysterious chick, doorbell during dinner - she answered the door to a guy and a chick in suits. The guy said "We are here to talk about Global Warming." Girlfriend looked back at me across the room and said "I can't right now. Come back later." and closed the door. hmmmmmmmmmmmm don't know what all that noise was about.

@Mike @zottel @tony baldwin

If I'm understanding a recent tangle of threads correctly, SSL is no longer necessary for federation with D*. Since it's also not needed for message encryption on Friendica, no SSL whatsoever might be preferable to a self-signed certificate. The snag is that your user details are then sent unencrypted when you log on. People who can live with that caveat can save themselves the trouble of SSL cert installation. So perhaps documentation should be amended to reflect this - and also point out that certificate procurement and installation can be non-trivial. In another step, we could provide a tutorial for startssl (free variant). For that, we'd need an author who has recently done this job successfully. I, for instance, have forgotten most of the steps and can only see the result in httpd.conf.

Hmmm... 6 hours later. Where's that ers group?

For what it's worth, the Electronic Frontier Foundation feels sufficiently strongly that people should be using SSL that they offer an HTTPS everywhere plugin for Firefox and Chrome.

Further, not all of my web communications are public. I am keeping some data that should not be public on my web server. It wouldn't be the end of the world if it became public, but I need to at least attempt to keep it private.

Finally, I invest the effort because as a scholar who may occasionally need to protect confidentiality, I want to have secure communication already set up. So I try, as much as is practicable, to be secure by default.

Mike is now friends with Jeremy Pope

Mike is now friends with Cory Bryant

1273 is a "build" number which increments daily (as long as I check it in each day).

There doesn't appear to be any way of specifically inserting the id of the last git checkin into the code and I came up with the daily build number as an alternative.

So if somebody tells me they're running 1222 and have a bug that was fixed in 1245, I can tell them to update rather than spend time chasing a bug which no longer exists.

Someone correct me if I'm wrong, but to get an idea of where your release is in relation to the tagged release, you can check the boot.php at GitHub for that specific tag:

https://github.com/friendica/friendica/blob/2.38/boot.php

In this case, 2.38 == 2.3.1273.

that, too

2.38 is the stable point release that comes in a nice zip file.

2.3.1273 is the latest git release.

or your next door neighbour who's really $pick_your_"favourite"_spy_agency :P

10-4

Sorry folks but that fix wasn't quite enough. The 2.38 tag has just been rolled forward with another late breaking fix. This was related to the original privacy issue but hidden a bit deeper.

Will advise if we encounter any more issues.

yes! 'ers!!!

I'll create the @beerlovers group!
(bad joke sorry, too late here)

you talking to yourself again @tony baldwin ?

I was thinking there should be an @friendica-dev group or something.

Then there's going to be the @howtobreakfriendica group, which I will be spearheading, being the resident expert on breaking stuff.

Upgraded! Now

@Mike I saw the Theme Dev group was created.
Is there a (core) Dev group created?

The dbg's are harmless (though I usually try to remove them once I'm done with them) - Tony had a merge conflict.

@Markus I. - relax - you haven't abused anything.

It encrypts communications between two points, yes? And the certs are to certify the identity of the entity at the other end, so, for instance, when I'm signing into paypal, I know it's paypal, and not some dude in Nigeria, or worse places, riddled with shifty criminal types, like, say, Australia, or even Vermont.

omg, really, old man, calm down. (who IS this tony guy? He's very handsome, but clearly a flake...)

i see @Mike had the forethought (and probably a long time ago ^^) to include that neat little function

ok

grep for 'dbg\(' in either include or mod there's some extra functions. they stick out as they're totally left aligned.

and it's ok, relax

it's back...I borked include/text.php when trying to merge my changes...my bad.

sorry for frantic messages.

yup

i've used to do secure logins so i don't send my password in the clear, which can be seen all too readily with tcpdump or ethershark/tshark or anything else that sniff traffic, really.

but lately i've been doing openid. openid can be used from a centralised server, but you can also set up your own. i have one set up for this domain. yes i use a third party, but i can pull that by switching the dns over to point here if they decide to screw me

(myopenid.com, fyi)

Netscape invented SSL to protect credit card numbers and make the internet safe for business.

Please, hello, I just spent 5 days getting the site up and running, spent money on a certificate, etc., etc., and the whole thing went bye-bye after a git pull.
Somebody help me out here.