Recent changes to this wiki:
creating tag page tags/person
diff --git a/tags/person.mdwn b/tags/person.mdwn new file mode 100644 index 0000000..d3b7dfa --- /dev/null +++ b/tags/person.mdwn @@ -0,0 +1,4 @@ +[[!meta title="pages tagged person"]] + +[[!inline pages="tagged(person)" actions="no" archive="yes" +feedshow=10]]
import from http://dm.spodcast.net/misc/2011-11-23_carrier_iq_pr_withdrawal_of_cease_and_desist.html
diff --git a/posts/Carrier_IQ_press_release_--_withdrawal_of_cease_and_desist.mdwn b/posts/Carrier_IQ_press_release_--_withdrawal_of_cease_and_desist.mdwn new file mode 100644 index 0000000..2381a1c --- /dev/null +++ b/posts/Carrier_IQ_press_release_--_withdrawal_of_cease_and_desist.mdwn @@ -0,0 +1,62 @@ +--- +title: Carrier IQ press release -- withdrawal of cease and desist +created: !!timestamp '2011-11-23 20:00:00' +tags: + - retropost + - law + - communication + - mobile + - software + - freedom + - copyright + +--- +{% mark excerpt -%} + +Carrier IQ issued this press release, dated 2011-11-23, withdrawing its cease and desist demand. + +{%- endmark %} + + +<article> +**FOR IMMEDIATE RELEASE** + +#Carrier IQ Press Statement + +**Mountain View, CA - November 23, 2011 -** As, of today, we are withdrawing +our cease and desist letter to Mr. Trevor Eckhart. We have reached out to Mr. +Eckhart and the Electronic Frontier Foundation (EFF) to apologize. Our action +was misguided and we are deeply sorry for any concern or trouble that our letter +may have caused Mr. Eckhart. We sincerely appreciate and respect EFF's work +on his behalf, and share their commitment to protecting free speech in a rapidly +changing technological world. + +We would like to take this opportunity to reiterate the functionality of Carrier IQ's +software, what it does not do and what it does: + +* Does not record your keystrokes. +* Does not provide tracking tools. +* Does not inspect or report on the content of your communications, such as the content of emails and SMSs. +* Does not provide real-time data reporting to any customer. +* Finally, we do not sell Carrier IQ data to third parties. + +Our software is designed to help mobile network providers diagnose critical +issues that lead to problems such as dropped calls and battery drain. + +Here's what our software does: + +* Our software makes your phone work better by identifying dropped calls and poor service. +* Our software identifies problems that impede a phone's battery life. +* Our software makes customer service quicker, more accurate, and more efficient. +* Our software helps quickly identify trending problems to help mobile networks prevent them from becoming more widespread. + +We look forward to a healthy and robust discussion with EFF that we believe will +be helpful to us, to our customers, and to consumers that use mobile devices. +We welcome feedback on our products and understand that Mr. Eckhart and +other developers like him play an important role by raising questions about the +complicated and technical aspects of the mobile ecosystem. + +Carrier IQ Inc. 1200 Villa Street, Suite 200, Mountain View, CA 94041 +</article> + +source: [Carrier IQ News](http://carrieriq.com/company/news.htm)
http://dm.spodcast.net/misc/2011-11-21_eff_response_to_carrier_iq_cease_and_desist.html
diff --git a/posts/EFF_response_to_the_Carrier_IQ_cease_and_desist_demand.mdwn b/posts/EFF_response_to_the_Carrier_IQ_cease_and_desist_demand.mdwn new file mode 100644 index 0000000..0706112 --- /dev/null +++ b/posts/EFF_response_to_the_Carrier_IQ_cease_and_desist_demand.mdwn @@ -0,0 +1,125 @@ +--- +title: EFF response to the Carrier IQ cease and desist demand +created: !!timestamp '2011-11-21 20:00:00' +tags: + - retropost + - law + - communication + - mobile + - software + - freedom + - copyright + +--- +{% mark excerpt -%} + +The Electronic Frontier Foundation sent this letter, dated 2011-11-21, to Carrier IQ Inc on behalf of Trevor Eckhart. + +{%- endmark %} + + +<article> + +November 21, 2011 + +VIA EMAIL + +#**Re: Carrier IQ's Cease-and-Desist Demand to Trevor Eckhart** + +Dear Mr. Dullea: + +As you know, the Electronic Frontier Foundation represents Trevor Eckhart, the security researcher who +published an analysis of Carrier IQ's software at http://androidsecuritytest.com/features/logs-and- +services/loggers/carrieriq, and posted copies of Carrier IQ training materials at +http://www.androidfilehost.com/main/.TrevE/CIQ/ and http://www.multiupload.com/BAAKNNSM3J. +Prior to Mr. Eckhart's publication, these materials were freely available to the public on a Carrier IQ +website, http://dis1.water.carrieriq.com. + +We have now had a chance to review your allegations against our client, and have concluded that they +are entirely baseless. Mr. Eckhart used and made available these materials in order to educate consumers +and security researchers about the functionality of your software, which he believes raises substantial +privacy concerns. Mr. Eckhart's legitimate and truthful research is sheltered by both the fair use doctrine +and the First Amendment. + +##Copyright Issues + +With respect to your allegations of copyright infringement, Mr. Eckhart's analysis and publication of +Carrier IQ's training materials is a classic fair use and, therefore, non-infringing. 17 U.S.C. § 107 ("the +fair use of a copyrighted work . . . for purposes such as criticism, comment, news reporting . . . or +research, is not an infringement of copyright."). Courts generally consider four factors in a fair use +analysis: 1) the purpose and character of the use, 2) the nature of the copyrighted work, 3) the amount +and substantiality of the portion used, and 4) the effect of the use on the potential market for the work. +*Id.; Campbell v. Acuff-Rose Music*, 510 U.S. 569, 577 (1994). Each of these factors favors Mr. Eckhart. + +*Purpose and character of the use*. Mr. Eckhart's copying of any Carrier IQ materials was intended not to +replicate Carrier IQ's original purpose for the documents, but rather to facilitate research and critical +commentary about Carrier IQ's software. It is therefore a highly transformative use. See generally +Campbell, 510 U.S. at 579 (transformative works "lie at the heart of the fair use doctrine's guarantee of +breathing space within the confines of copyright"); *Castle Rock Ent. v. Carol Pub. Group, Inc.*, 150 F.3d +132, 141 (2d Cir. 1998) (a transformative work "is the very type of activity that the fair use doctrine +intends to protect for the enrichment of society."); *Online Policy Group v. Diebold, Inc.*, 337 F. Supp. 2d +1195, 1201 (N.D. Cal. 2004) (finding students' publication of voting machine manufacturer's email +archive to support public criticism of voting machines a transformative use). + +*Nature of the copyrighted work*. The materials in question are factual rather than creative, and therefore +subject to only the thinnest copyright protection. *See Harper & Row, Publrs., Inc. v. Nation Enters.*, 471 +U.S. 539, 563 (1985) ("The law generally recognizes a greater need to disseminate factual works than +works of fiction or fantasy."). + +*Amount and substantiality used*. Mr. Eckhart has copied no more than necessary for purposes of his +research. His analysis of Carrier IQ software was based in significant part on the training materials, +which he provided to the public for the purpose of allowing others to independently verify his findings. +As the Supreme Court has recognized, fair uses often involve substantial portions of an original work. +*Campbell*, 510 U.S. at 588; *see also Mattel, Inc. v. Walking Mountain Prod.*, 353 F.3d 792, 803 n.8 (9th +Cir. 2003) (holding that "entire verbatim reproductions are justifiable where the purpose of the work +differs from the original."). + +*Effect of the use on the potential market for the work*. Critical transformative uses rarely -- if ever -- +supplant markets for the original material. *Campbell*, 510 U.S. at 591-92; *Harper & Row*, 471 U.S. at +567-69. The training materials published by Mr. Eckhart plainly do not invade any licensing market for +works that may be copyrighted by Carrier IQ. + +More broadly, Mr. Eckhart published his analysis of Carrier IQ and the underlying training materials to +educate the public about privacy concerns raised by your software, which is installed by default on many +mobile devices, unbeknownst to most consumers. Dissemination of this information unquestionably +serves the public interest. Nimmer on Copyright, § 13.05[B][4] ("the public interest is also a factor that +continually informs the fair use analysis."); *see also Sony v. Universal*, 464 U.S. 417, 431-32 (1984) +("courts are more willing to find a secondary use fair when it produces a value that benefits the broader +public interest."); *Mattel*, 353 F.3d at 806 ("the public benefit in allowing . . . social criticism to flourish +is great."); *Online Policy Group*, 337 F. Supp. 2d at 1203 (students' publication of voting machine +manufacturer's emails to inform the public about problems in voting machines served the public +interest). + +##"False Allegations" Issues + +You also claim that Mr. Eckhart published "false allegations" that are "without substance," "untrue," +and that Carrier IQ considers "damaging to [its] reputation and the reputation of [its] customers." We +have repeatedly asked you to specify the statements you believe are actionable. You have failed to do +so, and have instead merely repeated your broad accusations. We believe you are not able to +substantiate your allegations because Mr. Eckhart's factual findings are true. If you are able to specify +any statement that you believe is false, Mr. Eckhart will be happy to provide you with the +documentation of that finding. + +Moreover, your client is a public figure. Under well-established Supreme Court precedent, commentary +and criticism regarding Carrier IQ's professional activities receive additional protections under the First +Amendment, because there is a heightened public interest in facilitating such speech. *See, e.g., New +York Times Co. v. Sullivan*, 376 U.S. 254, 270 (1964); *Hustler Magazine v. Falwell*, 485 U.S. 46 (1988). +Given that there is no basis for your legal claims, we must conclude that your threats are motivated by a +desire to suppress Mr. Eckhart's research conclusions, and to prevent others from verifying those +conclusions. Mr. Eckhart stands by his research and, accordingly, declines to meet your demands. We +ask that you immediately withdraw your allegations in writing. + +Nothing in this letter shall be deemed to waive any of Mr. Eckhart's rights or remedies, all of which are +expressly reserved. + +If you have any further concerns, please do not hesitate to contact me. + +Sincerely, + +[signed] + +Marcia Hofmann, Esq. +Senior Staff Attorney +</article> + +source: [Carrier IQ Drops Empty Legal Threat, Apologizes to Security Researcher | Electronic Frontier Foundation](https://www.eff.org/deeplinks/2011/11/carrier-iq-drops-empty-legal-threat-apologizes-security-researcher)
import from http://dm.spodcast.net/misc/2011-11-16_cease_and_desist_demand_sent_to_trevor_eckhart.html
diff --git a/posts/cease_and_desist_demand_sent_to_Trevor_Eckhart.mdwn b/posts/cease_and_desist_demand_sent_to_Trevor_Eckhart.mdwn new file mode 100644 index 0000000..c34b73f --- /dev/null +++ b/posts/cease_and_desist_demand_sent_to_Trevor_Eckhart.mdwn @@ -0,0 +1,90 @@ +--- +title: cease and desist demand sent to Trevor Eckhart +created: !!timestamp '2011-11-16 20:00:00' +tags: + - retropost + - law + - communication + - mobile + - software + - freedom + - copyright + +--- +{% mark excerpt -%} + +Carrier IQ Inc sent this letter, dated 2011-11-16, to Trevor Eckhart. + +{%- endmark %} + + +<article> +#CEASE AND DESIST DEMAND + +Sent by Certified Mail and email + +November 16, 2011 + +Trevor Eckhart + +[redacted] + +Dear Mr. Eckhart: + +I am writing on behalf of my employer, Carrier IQ, Inc., to notify you that your unlawful copying of Carrier IQ, Inc.'s training materials on your website<sup>1</sup> (the "Training Materials") infringes on Carrier IQ, Inc.'s exclusive copyrights. Accordingly, you are hereby directed to + +**CEASE AND DESIST ALL COPYRIGHT INFRINGEMENT.** + +All copyrightable aspects of the Training Materials are copyrighted under United States copyright law and Carrier IQ, Inc. is the owner of such copyright. Under United States copyright law, Carrier IQ, Inc.'s copyrights have been in effect since the date that the Training Materials were created. + +It has come to our attention that you have been copying the Training Materials. We have copies of your unlawful copies to preserve as evidence. Your actions constitute copyright infringement in violation of United States copyright laws. Under 17 U.S.C 504, the consequences of copyright infringement include statutory damages of between $750 and #30,000 per work, at the discretion of the court, and damages of up to $150,000 per work for willful infringement. If you continue to engage in copyright infringement after receiving this letter, your actions will be evidence of "willful infringement." + +**CEASE AND DESIST ALL FALSE ALLEGATIONS.** + +In addition to infringing Carrier IQ, Inc.'s copyrights, you have made allegations on your website (see footnote 1), that are without substance, untrue, and that we regard as damaging to our reputation and the reputation of our customers. At this time we demand that you remove such allegations from the web and cease and desist from making any allegations or passing any false and unsubstantiated public comment directly or indirectly on our company, products, services or companies who may use our technology. + +**We demand that you immediately** + +* cease and desist your unlawful copying of the Training Materials; +* contact all persons and entities to whom you have directly or indirectly provided copies of the Training Materials and inform them that such materials are confidential/copyright-protected materials belonging to Carrier IQ, Inc. were provided improperly in infringement of the rights of Carrier IQ, Inc.; +* provide Carrier IQ, Inc. with contact information for all such persons and entities; +* cease and desist from making any unsubstantiated allegations or passing any false or unsubstantiated public comment directly or indirectly relating to Carrier IQ, Inc. technology; +* send written retractions to all persons and entities to whom you have directly or indirectly distributed the unsubstantiated allegations relating to Carrier IQ, Inc. products or services; +* issue a public press release on the AP wire containing the following statement: +* remove all content and references to Carrier IQ, Inc. (including references to Carrier IQ and/or CIQ) from the website androidsecuritytest.com, any mirrors and references and replace your original "CarrierIQ" article with the following statement: + + "Carrier IQ, Inc. has requested that I remove my original article entitled "CarrierIQ" as it contained numerous inaccuracies and material subject to their copyright. I would also like to apologize to Carrier IQ, Inc. for misrepresenting the capabilities of their products and for distributing copyrighted content without permission. + + "On clarifying the actions of Carrier IQ, Inc. software, it is clear that while they inspect many aspects of device performance they are not in fact recording keystrokes or providing user tracking tools and have no intention of doing so. + + "Carrier IQ, Inc. technology does not allow their customers to task devices which are no longer in their service (for example when a subscriber of one operator moves their phone to another operator) and restricts each customer to its own subscribers. + + "The Carrier IQ, Inc. software is integrated by intent by device manufacturers and operators; it does not meet the definition of a rootkit and does not subvert the operation of the device as I previously claimed. Under my previous definition, any software loaded by an OEM that shipped with a device would meet my criteria for rootkit." + +* provide Carrier IQ, Inc. with prompt written assurance by 12.00pm EST on November 18th that you will comply with the foregoing. + +If you do not comply with these cease and desist demands withing this time period, please be advised that Carrier IQ, Inc. will pursue all available legal remedies, including seeking monetary damages, injunctive relief, and an order that you pay court costs and attorney's fees. In addition, Carrier IQ, Inc. is entitled to use your failure to comply as evidence of "willful infringement" of copyright and seek monetary damages and equitable relief for your copyright infringement. In the event you fail to meet this demand, your liability and exposure under such legal action could be considerable. + +Before taking these steps, however, Carrier IQ, Inc. wishes to give you one opportunity to discontinue your illegal conduct by complying with this demand by 12.00pm EST on November 18th. Accordingly, please sign and return the attached *Agreement* by 12.00pm EST on November 18th to + +Joseph J. Dullea +c/o Jewel Rich +1200 Villa St., Suite 200 +Mountain View, Ca 94041 + +With an email copy to [redacted]@carrieriq.com, [redacted]@carrieriq.com + +If you or your attorney have any questions, please contact me directly. + +Sincerely, +Carrier IQ, Inc. +[signed] +Joseph J. Dullea +General Counsel +[redacted] + +---- +<sup>1</sup> http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/ ; http://androidfilehost.com/main/.TrevE/CIQ/ +</article> + +source: [Carrier IQ Drops Empty Legal Threat, Apologizes to Security Researcher | Electronic Frontier Foundation](https://www.eff.org/deeplinks/2011/11/carrier-iq-drops-empty-legal-threat-apologizes-security-researcher)
searchable: "googleplus"
diff --git a/posts/TWiG_101_show_notes__44___Google_Plus.mdwn b/posts/TWiG_101_show_notes__44___Google_Plus.mdwn index e9121c3..592241b 100644 --- a/posts/TWiG_101_show_notes__44___Google_Plus.mdwn +++ b/posts/TWiG_101_show_notes__44___Google_Plus.mdwn @@ -1,6 +1,6 @@ [draft] -This Week in Google, episode 101 +This Week in Google, episode 101: Inside Google+ (googleplus) Playing twig0101_h264b_864x480_2000.mp4.
Added a comment: Seth's examples
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks/comment_2_96e127e909e122a8ec4884466324112b._comment b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks/comment_2_96e127e909e122a8ec4884466324112b._comment new file mode 100644 index 0000000..fd2c204 --- /dev/null +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks/comment_2_96e127e909e122a8ec4884466324112b._comment @@ -0,0 +1,17 @@ +[[!comment format=mdwn + username="http://merriam.myopenid.com/" + nickname="merriam" + subject="Seth's examples" + date="2011-07-22T04:36:23Z" + content=""" +Seth, thanks for your comment. Your example passwords are safe for banking (and overkill for casual websites), as long as you don't discuss your scheme. I've cut the examples out of your comment in case they reveal to much about your actual passwords. That's unlikely, but I'm being careful. + +You're using repetitions of long patterns inserted into conventional passphrases, which makes your examples much stronger than the short patterns shown on [Security Now 303 at 76 minutes (YouTube)](http://www.youtube.com/watch?v=YjdYgc9cUtI#t=76m20s) and Steve Gibson's website. + +But the repetition doesn't help because it makes more work for _you_ faster than it makes more work for the attacker. Your examples are over 30 characters long. You could probably choose a 10 character password without repetition that's quicker to type, harder to attack and no harder to remember. + +Sorry for my slow response. Comments here are currently moderated, and the comment system doesn't allow me to edit your comment, so I've reposted it after a long delay. + +I've improved and expanded this post. I hope it's clearer now. + +"""]]
Added a comment: [from Seth, reposted by merriam] I don't understand your concern of Steve Gibson's "password padding"
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks/comment_1_ab7391c58449bc2820608fd8b67ad0a4._comment b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks/comment_1_ab7391c58449bc2820608fd8b67ad0a4._comment new file mode 100644 index 0000000..8181582 --- /dev/null +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks/comment_1_ab7391c58449bc2820608fd8b67ad0a4._comment @@ -0,0 +1,13 @@ +[[!comment format=mdwn + username="http://merriam.myopenid.com/" + nickname="merriam" + subject="[from Seth, reposted by merriam] I don't understand your concern of Steve Gibson's "password padding"" + date="2011-07-22T04:12:27Z" + content=""" +I read his article found @ https://www.grc.com/haystack.htm. It makes a lot of sense. But he did say not to just add periods into your password to make it longer, but to come up with your own padding and make sure you have at least 1 each upper case, lower case, number, and symbol. If you build your own padding that has all 4 elements and is at least 10 digits long, would that not be pretty secure? For example... + +[examples removed] + +Are you saying that is an easy password to crack? I would love your followup thoughts on this. + +"""]]
improvements and additions; encryption keys
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn index 3e3e86e..ac4890b 100644 --- a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn @@ -1,14 +1,14 @@ -Steve Gibson is recommending [long, low-entropy passwords](https://www.grc.com/haystack.htm "GRC, Gibson Research Corporation"). He's assuming a simple method of exhaustive key search, specifically __lexical order__. This can give an advantage of convenience only in the short term. If there is a significant advantage to the password user, attackers will optimize for this type of low-entropy password by changing the search order. +Steve Gibson is recommending [long, low-entropy passwords](https://www.grc.com/haystack.htm "GRC, Gibson Research Corporation"). This can give an advantage of convenience only in the short term. If there is a significant advantage to the password user, attackers will optimize for this type of low-entropy password by changing the search order. -Any gain in convenience you get by using long passwords with low entropy is lost when the attack methods change. Attackers adopt heuristics to target patterns in passwords, and you're back to relying on entropy. Now Steve Gibson's approach just means uselessly typing more characters. The convenience gain is reversed. +Gibson implies in his reasoning that short passwords will be tried first. The efficient way to crack passwords is to try them roughly in the order of __increasing entropy, not length__. Increasing length is conventional, not essential. -Worse, if you were really benefiting from dumb lexical order brute force attack by using lower entropy than you should, you have to __change__ your passwords to compensate for the loss of safety as the attack methods are adjusted to neutralize the length advantage. +Any gain in convenience you get by using long passwords with low entropy is lost when the attack methods change. Attackers adopt heuristics to target patterns in passwords, and you're back to relying on entropy. At that point, Gibson's approach just means uselessly typing more characters. __The convenience gain is reversed__. -It's very hard to estimate how fast the advantage is lost. You should assume it's _too_ fast to gain a real advantage. Stick with entropy. +Any public recommendation of a low entropy scheme, at any level of detail, is self-defeating. The more it's adopted, the faster it weakens relative to entropy. -*** +Worse, if you were really getting the benefit of convenience by assuming dumb lexical order brute force attacks and using lower entropy than you should, you have to change your passwords to compensate for the loss of safety as the attack methods are adjusted to neutralize the length advantage. -It's conventional to search short keys first. If attackers haven't already learnt to search low-entropy keys first with a lower priority on shortness, they soon will. +Worse still, Steve Gibson is recommending low entropy for __encryption keys__, for example in WPA2 wireless encryption. When you use encryption for wireless transmission, you intentionally expose the cyphertext immediately, expecting it to be stored by keen attackers, and to be safe for some required period according to the strength of the key. In the long term, only the entropy of your key can reliably slow down decryption attempts. By the time you realize your key isn't as strong as you were led to believe, it's too late to change it. Your attacker already has your weakly encrypted data. at technophobe: <a href="http://technophobe.net/haystack/">bad security advice: Steve Gibson's password haystacks</a>
time 005216-005500. comparison with Wave. Hangout, Huddle
diff --git a/posts/TWiG_101_show_notes__44___Google_Plus.mdwn b/posts/TWiG_101_show_notes__44___Google_Plus.mdwn index 38a7fa9..e9121c3 100644 --- a/posts/TWiG_101_show_notes__44___Google_Plus.mdwn +++ b/posts/TWiG_101_show_notes__44___Google_Plus.mdwn @@ -75,3 +75,17 @@ time 004945. Jeff Jarvis. Google Plus has circles from day one. Once you had time 005030. Leo Laporte. I can share an article on Sparks at the same time publicly, and with friends, including by email people not using Google Plus. It's a very powerful sharing system. It's a conversation starter. It sparks a conversation. time 005140. Gina Trapani. Google Plus is for people who want something better than Facebook. See the xkcd about Google Plus. http://xkcd.com/918/ + +time 005216. Gina Trapani. Google Wave and Google Plus are trying to solve different problems. Wave is more about collaborating on documents. Plus seems more about connecting people. I'm obsessed with Google Hangout. Google Huddle is available now in the Android app only. It will be in the ios app, and it will integrate with sms, so it will be easy to set up a lunch buddy circle and say "Hey, where do you want to meet today?" Google Plus is trying to tackle a much less geeky problem than Google Wave. + +time 005300. on video: Google Huddle on the Android app. + +time 005317. Jeff Jarvis. Why isn't it on the web interface? + +time 005330. Gina Trapani. I'm getting from ios folks the feeling of being left out, not being able to try Huddle because it's Android only for now. + +time 005354. I was really shy about video chat before we started doing Twig, and then when I saw Hangout, I was like, "Yes, exactly! I'm going to be able to do my own Twig, that isn't broadcast." The fact that you can't record a Hangout, unless you're using screen recording software... it let's you talk about people who came in and left. If you come into a Hangout, you don't see what people said before you came in. It's ephemeral, like a cocktail party conversation. I really like that. It's not about broadcasting; it's about just hanging out. + +time 005437. Leo Laporte. I just figured out how you can play Werewolf with it too. + +time 005500. on video: Google Hangout awake check. Jeff Jarvis. Like a dead man's switch.
draft
diff --git a/posts/TWiG_101_show_notes__44___Google_Plus.mdwn b/posts/TWiG_101_show_notes__44___Google_Plus.mdwn new file mode 100644 index 0000000..38a7fa9 --- /dev/null +++ b/posts/TWiG_101_show_notes__44___Google_Plus.mdwn @@ -0,0 +1,77 @@ +[draft] + +This Week in Google, episode 101 + +Playing twig0101_h264b_864x480_2000.mp4. + +1038. + +time 000130. Googler Bradley Horowitz. vice president of products and Google Plus team. + +time 000148. Googler Vic Gundotra. + +time 001500. Sparks. + +time 002040. Bradley Horowitz. privacy settings on Google Plus. + +time 002430. Huddle -- group text messaging. + +time 002500. end of the interview. Bradley Horowitz and Vic Gundotra leave. + +time 002904. Gina Trapani. On Google Hangout Jeff Jarvis asked Vic Gundotra and Bradley Horowitz to be on twig today. They paused, and then said okay. + +time 003000. Jeff Jarvis. You're too polite. You've been in California too long. + +time 003010. Jeff Jarvis. Tim Shea, head of Neptune Networks, which was bought by Google, says he hasn't had a phone call with anyone since he's been at Google. All he's done is Hangout. + +time 003140. Will Norris and his cat on Hangout. + +time 003305. bumping. a problem inherited from Google Buzz. + +time 003345. Leo Laporte. Let's keep nit picking. What else is wrong with Google Plus? + +time 003351. Jeff Jarvis. The main problem is siloing. How is Plus going to connect to Twitter and Facebook? + +time 003410. Leo Laporte. What about a firehose? This question came from Lou of Microsoft in our chat room. + +time 003500. Buzz became just another Twitter, because everyone was pumping their Twitter into it. + +time 003600. [Jeff Jarvis means it's asymmetric, like Twitter, not "async".] Not symmetric, like Facebook. Can it be like Twitter, with public posts? These things are confusing me. + +1249. + +time 003700. Gina Trapani. Google search: site:plus.google.com jarvis ~27 results + +1251. + +Google search: site:plus.google.com chromebook ~52 results + +time 003835. Jeff Jarvis is talking to Robert Scoble on Hangout about public and private Google Plus posts. + +time 003912. Leo Laporte. Speak to us, Matt Cutts. This is so cool! I'm going to use this from now on on all the shows! 10 of you will get to talk. I'm gonna try to compose myself and be a journalist here. But it's kinda hard not to jump up and down. + +time 004012. Doug Kaye on Hangout. + +time 004100. trouble with feedback because some people on Hangout are not using headphones, watching twit live with speakers. + +time 004130. They're watching twit live because they can hear only Leo Laporte via Hangout. + +time 004151. Jeff Jarvis. Leo Laporte, we were talking last week about having a wall of screens where you have twit listeners able to join in and talk. Google just made it for you. + +time Gina Trapani. + +time 004412. This solves the penis problem. There's enough identity. Anonymous people are still friends of friends. + +time 004530. Leo Laporte. You have the penis problem, and then you have the Robert Scoble problem. + +time 004650. I will use this on twit like crazy. My mind is reeling with the possibilities here. I wanted to use friendfeed and Buzz, and they just didn't take off, and I ended up back at Twitter, and I've never been fully happy with Twitter. I keep hoping someone will come up with the next thing, and this, in some respects... Is it too soon to say feels a little bit like that? + +time 004755. Jeff Jarvis. I think we have to ask why Google's doing this. Om Malik says this is a lot about search. I have been arguing that the war now is over the best signal generation. Google has to learn more about us. Facebook had better have this video feature fast, or something equally cool. Sparks is better than Facebook's "Hey, I got drunk last night!", which is what has been interpreted as "social". So Sparks adds substance to social. + +example "Android" search on Sparks on Leo Laporte's screen: "from fragmentation to obsolescence" + +time 004945. Jeff Jarvis. Google Plus has circles from day one. Once you had 1000 friends on Facebook, you were never going to organize them. I think we're going to see some interesting competition on features, and it's going to be good for both of them. And Twitter, and Twitter clients, and Foursquare, and so on. + +time 005030. Leo Laporte. I can share an article on Sparks at the same time publicly, and with friends, including by email people not using Google Plus. It's a very powerful sharing system. It's a conversation starter. It sparks a conversation. + +time 005140. Gina Trapani. Google Plus is for people who want something better than Facebook. See the xkcd about Google Plus. http://xkcd.com/918/
update. "DigitalOne has confirmed that our server was one of the ones taken during the FBI raid."
diff --git a/posts/pinboard.in_status_2011-06-21.mdwn b/posts/pinboard.in_status_2011-06-21.mdwn index ab43546..89d5d55 100644 --- a/posts/pinboard.in_status_2011-06-21.mdwn +++ b/posts/pinboard.in_status_2011-06-21.mdwn @@ -43,4 +43,11 @@ Next status update at 12:30 PM PST. Please see our Twitter stream (@Pinboard) f <p>I've turned user+tag pages back on, as well as bookmark imports. Still no further word from our hosting providers. I'm provisioning a new server, but setup will take at least a day to complete. No RSS feeds or API access until then unless it turns out our server wasn't one of the ones taken in the raid.</p> +---- + +<p><b>June 22, 8:42 AM PST</b></p> + +<p>Service has stabilized and I've been able to turn on the API. Still not working: some archive links, search, global tag pages, RSS, tag clouds, user stats. I hope to get these back online during the day. +<p>DigitalOne has confirmed that our server was one of the ones taken during the FBI raid. I have no reason to believe it had anything to do with us, but unfortunately these blade servers pack many to a single box. +
update
diff --git a/posts/pinboard.in_status_2011-06-21.mdwn b/posts/pinboard.in_status_2011-06-21.mdwn index 3849a69..ab43546 100644 --- a/posts/pinboard.in_status_2011-06-21.mdwn +++ b/posts/pinboard.in_status_2011-06-21.mdwn @@ -37,3 +37,10 @@ Next status update at 12:30 PM PST. Please see our Twitter stream (@Pinboard) f <p>I will update this page with news, but for the latest please follow our <a href="http://twitter.com/pinboard">Twitter feed</a>. +---- + +<p><b>June 21, 15:41 PM PST</b></p> + +<p>I've turned user+tag pages back on, as well as bookmark imports. Still no further word from our hosting providers. I'm provisioning a new server, but setup will take at least a day to complete. No RSS feeds or API access until then unless it turns out our server wasn't one of the ones taken in the raid.</p> + +
pasted from a 2011-06-21 1706Z version of http://status.pinboard.in/
diff --git a/posts/pinboard.in_status_2011-06-21.mdwn b/posts/pinboard.in_status_2011-06-21.mdwn index c51241b..3849a69 100644 --- a/posts/pinboard.in_status_2011-06-21.mdwn +++ b/posts/pinboard.in_status_2011-06-21.mdwn @@ -1,3 +1,19 @@ +June 21, 8:40 AM PST + +Pinboard is down for most users right now. We're running off of backup but many people report not being able to reach +the site at all. + +Our main database server is still unreachable and so is our ISP (!). I've moved the service to our backup DB server, but since it's in the same data center I can't guarantee that it won't also be affected by whatever is plaguing our hosting provider. + +Your bookmark data is safe, but none of us can get to it right now. I'm provisioning a new server in a different locat +ion, but it will take a while to load the backup into it. + +Next status update at 12:30 PM PST. Please see our Twitter stream (@Pinboard) for blow-by-blow updates. + +-Maciej Ceglowski + +---- + <p>Pinboard Status</p> <p><b>June 21, 12:38 PM PST</b></p>
pasted from http://status.pinboard.in/
diff --git a/posts/pinboard.in_status_2011-06-21.mdwn b/posts/pinboard.in_status_2011-06-21.mdwn new file mode 100644 index 0000000..c51241b --- /dev/null +++ b/posts/pinboard.in_status_2011-06-21.mdwn @@ -0,0 +1,23 @@ +<p>Pinboard Status</p> + +<p><b>June 21, 12:38 PM PST</b></p> + +<p>Just received word from our hosting company that they were raided by the FBI who pulled some racks of equipment. No word on whether our server was among those machines, or whether it is just offline. In the meantime the site is running on a backup server with reduced capabilities (see below). All bookmarks are intact. + +<p><b>June 21, 12:26 PM PST</b></p> + +<p>Here's more detail on what's going on:</p> + +<p>We have three big servers with one hosting company (DigitalOne). Two of them are online, but our main database server is unreachable. Basically it is cut off from the world because of network problems at our provider. + +<p>A bunch of us who host at DigitalOne are trying to track them down right now for a status update, but have not had any luck. Last I heard from them (Monday night PST) they were fixing a router problem. + + +<p>In the meantime, I'm running the site off of our backup database server. This server is weak, so to keep it from bogging down I have turned off the API, RSS feeds, the popular and recent page, as well as all user tag pages. I will turn these services back on as soon as possible. + +<p>Search and global tag pages are also unavailable, since they run on the unreachable machine. + +<p>One thing that does work is our <a href="http://pinboard.in/export/">export page</a>, and if you're feeling nervous about your data I encourage you to use it. We have fresh backups (from one day ago) safely stored on S3, but in these matters you can't be too careful. + +<p>I will update this page with news, but for the latest please follow our <a href="http://twitter.com/pinboard">Twitter feed</a>. +
bliki, recent changes
diff --git a/posts/how_to_use_this_site.mdwn b/posts/how_to_use_this_site.mdwn index 065f1c4..31d74b1 100644 --- a/posts/how_to_use_this_site.mdwn +++ b/posts/how_to_use_this_site.mdwn @@ -1,5 +1,5 @@ -I don't know yet. I'm thinking of editing posts here and then manually publishing them to a static site. +This site is a combination of a weblog and a wiki -- a *bliki*. I will be editing posts more than is usual on a blog. In addition to the usual feeds of new posts comments, you can follow the recent changes feed to get all updates. -I want static page serving and raw referrer logs, and I don't think I can get those here. +Despite using wiki software, this site is not currently open to editing by other people. -I'd also like private and secure ikiwiki sites with automated publishing. In other words, I'd like to use ikiwiki as a content management system. +I want a plain static version of the site on generic hosting with raw logs, but that isn't currently possible. Instead, I'm manually copying some static versions of pages to [technophobe.net](http://technophobe.net/).
remove taglink
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn index fb79d4d..3e3e86e 100644 --- a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn @@ -10,8 +10,6 @@ It's very hard to estimate how fast the advantage is lost. You should assume it' It's conventional to search short keys first. If attackers haven't already learnt to search low-entropy keys first with a lower priority on shortness, they soon will. -[[!tag security]] - -tag: [[!taglink netsecfail]] - at technophobe: <a href="http://technophobe.net/haystack/">bad security advice: Steve Gibson's password haystacks</a> + +[[!tag security netsecfail]]
taglink netsecfail; link to technophobe
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn index 2656394..fb79d4d 100644 --- a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn @@ -10,4 +10,8 @@ It's very hard to estimate how fast the advantage is lost. You should assume it' It's conventional to search short keys first. If attackers haven't already learnt to search low-entropy keys first with a lower priority on shortness, they soon will. -[[!tag security netsecfail]] +[[!tag security]] + +tag: [[!taglink netsecfail]] + +at technophobe: <a href="http://technophobe.net/haystack/">bad security advice: Steve Gibson's password haystacks</a>
creating tag page tags/netsecfail
diff --git a/tags/netsecfail.mdwn b/tags/netsecfail.mdwn new file mode 100644 index 0000000..0da5cf2 --- /dev/null +++ b/tags/netsecfail.mdwn @@ -0,0 +1,4 @@ +[[!meta title="pages tagged netsecfail"]] + +[[!inline pages="tagged(netsecfail)" actions="no" archive="yes" +feedshow=10]]
creating tag page tags/security
diff --git a/tags/security.mdwn b/tags/security.mdwn new file mode 100644 index 0000000..d42e5e2 --- /dev/null +++ b/tags/security.mdwn @@ -0,0 +1,4 @@ +[[!meta title="pages tagged security"]] + +[[!inline pages="tagged(security)" actions="no" archive="yes" +feedshow=10]]
tag security netsecfail
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn index bf4ae9e..2656394 100644 --- a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn @@ -9,3 +9,5 @@ It's very hard to estimate how fast the advantage is lost. You should assume it' *** It's conventional to search short keys first. If attackers haven't already learnt to search low-entropy keys first with a lower priority on shortness, they soon will. + +[[!tag security netsecfail]]
added the alphabetic site name "dotmisc" as a heading for search
diff --git a/sidebar.mdwn b/sidebar.mdwn index e0895f6..7dbb0fa 100644 --- a/sidebar.mdwn +++ b/sidebar.mdwn @@ -1,3 +1,5 @@ +<h1>dotmisc</h1> + [[!if test="enabled(calendar)" then=""" [[!calendar pages="page(./posts/*) and !*/Discussion"]] """]]
low entropy first
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn index f1d2d55..bf4ae9e 100644 --- a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn @@ -5,3 +5,7 @@ Any gain in convenience you get by using long passwords with low entropy is lost Worse, if you were really benefiting from dumb lexical order brute force attack by using lower entropy than you should, you have to __change__ your passwords to compensate for the loss of safety as the attack methods are adjusted to neutralize the length advantage. It's very hard to estimate how fast the advantage is lost. You should assume it's _too_ fast to gain a real advantage. Stick with entropy. + +*** + +It's conventional to search short keys first. If attackers haven't already learnt to search low-entropy keys first with a lower priority on shortness, they soon will.
a marked up copy of the 2011-06-01 21:52 version
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn index 41a6db1..f1d2d55 100644 --- a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn @@ -1,7 +1,7 @@ -Steve Gibson is recommending long, low-entropy passwords. He's assuming a simple method of exhaustive key search, specifically lexical order. This can give an advantage of convenience only in the short term. If there is a significant advantage to the password user, attackers will optimize for this type of low-entropy password by changing the search order. +Steve Gibson is recommending [long, low-entropy passwords](https://www.grc.com/haystack.htm "GRC, Gibson Research Corporation"). He's assuming a simple method of exhaustive key search, specifically __lexical order__. This can give an advantage of convenience only in the short term. If there is a significant advantage to the password user, attackers will optimize for this type of low-entropy password by changing the search order. Any gain in convenience you get by using long passwords with low entropy is lost when the attack methods change. Attackers adopt heuristics to target patterns in passwords, and you're back to relying on entropy. Now Steve Gibson's approach just means uselessly typing more characters. The convenience gain is reversed. -Worse, if you were really benefiting from dumb lexical order brute force attack by using lower entropy than you should, you have to change your passwords to compensate for the loss of safety as the attack methods are adjusted to neutralize the length advantage. +Worse, if you were really benefiting from dumb lexical order brute force attack by using lower entropy than you should, you have to __change__ your passwords to compensate for the loss of safety as the attack methods are adjusted to neutralize the length advantage. -It's very hard to estimate how fast the advantage is lost. You should assume it's too fast to gain a real advantage. Stick with entropy. +It's very hard to estimate how fast the advantage is lost. You should assume it's _too_ fast to gain a real advantage. Stick with entropy.
a plain text copy of the 2011-06-01 21:52 version of http://technophobe.net/haystack/
diff --git a/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn new file mode 100644 index 0000000..41a6db1 --- /dev/null +++ b/posts/bad_security_advice:_Steve_Gibson__39__s_password_haystacks.mdwn @@ -0,0 +1,7 @@ +Steve Gibson is recommending long, low-entropy passwords. He's assuming a simple method of exhaustive key search, specifically lexical order. This can give an advantage of convenience only in the short term. If there is a significant advantage to the password user, attackers will optimize for this type of low-entropy password by changing the search order. + +Any gain in convenience you get by using long passwords with low entropy is lost when the attack methods change. Attackers adopt heuristics to target patterns in passwords, and you're back to relying on entropy. Now Steve Gibson's approach just means uselessly typing more characters. The convenience gain is reversed. + +Worse, if you were really benefiting from dumb lexical order brute force attack by using lower entropy than you should, you have to change your passwords to compensate for the loss of safety as the attack methods are adjusted to neutralize the length advantage. + +It's very hard to estimate how fast the advantage is lost. You should assume it's too fast to gain a real advantage. Stick with entropy.
a vague and uninformed start
diff --git a/posts/how_to_use_this_site.mdwn b/posts/how_to_use_this_site.mdwn new file mode 100644 index 0000000..065f1c4 --- /dev/null +++ b/posts/how_to_use_this_site.mdwn @@ -0,0 +1,5 @@ +I don't know yet. I'm thinking of editing posts here and then manually publishing them to a static site. + +I want static page serving and raw referrer logs, and I don't think I can get those here. + +I'd also like private and secure ikiwiki sites with automated publishing. In other words, I'd like to use ikiwiki as a content management system.
calendar update
diff --git a/archives/2010.mdwn b/archives/2010.mdwn new file mode 100644 index 0000000..3ffa196 --- /dev/null +++ b/archives/2010.mdwn @@ -0,0 +1 @@ +[[!calendar type=year year=2010 pages="page(posts/*) and !*/Discussion"]] diff --git a/archives/2010/01.mdwn b/archives/2010/01.mdwn new file mode 100644 index 0000000..56739b3 --- /dev/null +++ b/archives/2010/01.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=01 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(01) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/02.mdwn b/archives/2010/02.mdwn new file mode 100644 index 0000000..241b093 --- /dev/null +++ b/archives/2010/02.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=02 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(02) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/03.mdwn b/archives/2010/03.mdwn new file mode 100644 index 0000000..63b0241 --- /dev/null +++ b/archives/2010/03.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=03 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(03) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/04.mdwn b/archives/2010/04.mdwn new file mode 100644 index 0000000..35c0c4d --- /dev/null +++ b/archives/2010/04.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=04 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(04) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/05.mdwn b/archives/2010/05.mdwn new file mode 100644 index 0000000..bb31f75 --- /dev/null +++ b/archives/2010/05.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=05 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(05) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/06.mdwn b/archives/2010/06.mdwn new file mode 100644 index 0000000..64e8981 --- /dev/null +++ b/archives/2010/06.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=06 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(06) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/07.mdwn b/archives/2010/07.mdwn new file mode 100644 index 0000000..fb68134 --- /dev/null +++ b/archives/2010/07.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=07 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(07) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/08.mdwn b/archives/2010/08.mdwn new file mode 100644 index 0000000..17b7b5a --- /dev/null +++ b/archives/2010/08.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=08 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(08) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/09.mdwn b/archives/2010/09.mdwn new file mode 100644 index 0000000..68b46eb --- /dev/null +++ b/archives/2010/09.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=09 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(09) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/10.mdwn b/archives/2010/10.mdwn new file mode 100644 index 0000000..2b9046a --- /dev/null +++ b/archives/2010/10.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=10 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(10) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/11.mdwn b/archives/2010/11.mdwn new file mode 100644 index 0000000..69059a6 --- /dev/null +++ b/archives/2010/11.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=11 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(11) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]] diff --git a/archives/2010/12.mdwn b/archives/2010/12.mdwn new file mode 100644 index 0000000..034de53 --- /dev/null +++ b/archives/2010/12.mdwn @@ -0,0 +1,5 @@ +[[!sidebar content=""" +[[!calendar type=month month=12 year=2010 pages="page(posts/*) and !*/Discussion"]] +"""]] + +[[!inline pages="creation_month(12) and creation_year(2010) and page(posts/*) and !*/Discussion" show=0 feeds=no reverse=yes]]
initial commit
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b84c806 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/.ikiwiki +/recentchanges diff --git a/archives.mdwn b/archives.mdwn new file mode 100644 index 0000000..d07b73b --- /dev/null +++ b/archives.mdwn @@ -0,0 +1,8 @@ +[[!if test="archives/*" then=""" +Browse through blog archives by year: +[[!map pages="./archives/* and !./archives/*/* and !*/Discussion"]] +""" +else=""" +You need to use the `ikiwiki-calendar` program to generate calendar-based +archive pages. +"""]] diff --git a/comments.mdwn b/comments.mdwn new file mode 100644 index 0000000..e22b50a --- /dev/null +++ b/comments.mdwn @@ -0,0 +1,10 @@ +[[!sidebar content=""" +[[!inline pages="comment_pending(./posts/*)" feedfile=pendingmoderation +description="comments pending moderation" show=-1]] +Comments in the [[!commentmoderation desc="moderation queue"]]: +[[!pagecount pages="comment_pending(./posts/*)"]] +"""]] + +Recent comments on posts in the [[blog|index]]: +[[!inline pages="./posts/*/Discussion or comment(./posts/*)" +template="comment"]] diff --git a/index.mdwn b/index.mdwn new file mode 100644 index 0000000..7914cd2 --- /dev/null +++ b/index.mdwn @@ -0,0 +1,11 @@ +[[!if test="enabled(sidebar)" then=""" +[[!sidebar]] +""" else=""" +[[!inline pages=sidebar raw=yes]] +"""]] + +[[!inline pages="page(./posts/*) and !*/Discussion" show="10" +actions=yes rootpage="posts"]] + + +This blog is powered by [ikiwiki](http://ikiwiki.info). diff --git a/posts.mdwn b/posts.mdwn new file mode 100644 index 0000000..08e0148 --- /dev/null +++ b/posts.mdwn @@ -0,0 +1,3 @@ +Here is a full list of posts to the [[blog|index]]. + +[[!inline pages="page(./posts/*) and !*/Discussion" archive=yes feedshow=10 quick=yes]] diff --git a/posts/first_post.mdwn b/posts/first_post.mdwn new file mode 100644 index 0000000..343497d --- /dev/null +++ b/posts/first_post.mdwn @@ -0,0 +1,2 @@ +This is the first post to this example blog. To add new posts, just add +files to the posts/ subdirectory, or use the web form. diff --git a/sidebar.mdwn b/sidebar.mdwn new file mode 100644 index 0000000..e0895f6 --- /dev/null +++ b/sidebar.mdwn @@ -0,0 +1,10 @@ +[[!if test="enabled(calendar)" then=""" +[[!calendar pages="page(./posts/*) and !*/Discussion"]] +"""]] + +[[Recent Comments|comments]] + +[[Archives]] + +[[Tags]]: +[[!pagestats style="list" pages="./tags/*" among="./posts/*"]] diff --git a/tags.mdwn b/tags.mdwn new file mode 100644 index 0000000..b5eca5b --- /dev/null +++ b/tags.mdwn @@ -0,0 +1,3 @@ +[[!pagestats pages="./tags/*" among="./posts/*"]] + +On the right you can see the tag cloud for this blog.