User talk:eighty5cacao

From Pin Eight
Jump to: navigation, search


Go ahead and create the StepMania and Patent pages. I've added Intellectual property#See also to link to pages about the individual exclusive rights. You should be able to create and edit mainspace pages as soon as you confirm your e-mail address; if not, I screwed something up in the upgrade to MW 1.16. --Tepples 13:13, 21 August 2010 (MST)

I'm sure I already did the email confirmation, but the problem is that I don't have content immediately ready for those articles; I will have to make drafts in userspace. Again, I acknowledge my lack of boldness... Eighty5cacao 22:33, 22 August 2010 (MST)
Userspace drafts are fine. I do the same thing on Wikipedia occasionally. --Tepples 04:35, 23 August 2010 (MST)
P.S. If I'm reading Special:ListGroupRights correctly, it looks like all "Users" are allowed to create content pages, regardless of emailconfirmed. Is this what you intended? Eighty5cacao 22:39, 22 August 2010 (MST)
In MediaWiki, ability to create a page requires ability to edit the page. So it'd still give logged-out and unconfirmed users a permission error. --Tepples 04:35, 23 August 2010 (MST)
IIRC, logged-out equals not an "User." But I stand corrected as to unconfirmed. Sorry. Eighty5cacao 09:58, 23 August 2010 (MST)

An apology[edit]

Sorry for multi-posting at Talk:Eloi language#One note about Morlock language a.k.a. User talk:Eighty5cacao/Eloi physiology#Neoteny vs. progenesis. I panicked after the edit conflict and was excessively eager to avoid another.

In summary, the points I was trying to make include:

  • I misunderstood slightly what progenesis meant (I was confusing it with paedogenesis).
  • Neoteny cannot be completely ruled out.
  • I felt the need to split the topic because it began to stray from the area of linguistics once we brought up comparative vocal tract anatomy.

--Eighty5cacao 23:19, 10 February 2011 (MST)

Multi-posting like that is OK by me. I've been known to ninja-edit my posts on more than once. --Tepples 08:29, 11 February 2011 (MST)
Ok. I have since made one more comment at the discussion. I hope I'm not wasting your time by writing useless junk... Eighty5cacao 10:27, 11 February 2011 (MST)

I was worried[edit]

When you didn't edit for over 48 hours after I had installed anti-spoof, I thought something in anti-spoof was interfering with your edits. I guess it's not now, and I can continue with edit filter installation. --Tepples 11:17, 17 February 2011 (MST)

In part, I was busy with schoolwork. (I thought my user page explained this possibility, but I just realized that it doesn't. Fixing now.) What did you expect me to do? Should I create something like User:Eighty5cacao/ping or [[User:Eighty5cacao/heartbeat]] to which I am supposed to post regularly?
If I am having any technical problems, I will notify you right away, via, uncyc:User talk:Tepples, and wikipedia:User talk:Damian Yerrick in that order. I will not silently put up with it.
What is the scheduled downtime for AbuseFilter installation? Eighty5cacao 14:23, 17 February 2011 (MST) (last edit 16:40, 18 February 2011 (MST))
Thanks. AbuseFilter is expected to go in tonight, with little or no downtime. It appears to be a couple CREATE TABLE statements pasted into phpMyAdmin, some files uploaded to the extensions folder, and a line added to LocalSettings.php. --Tepples 12:58, 18 February 2011 (MST)
Ok. Could you remind me what ABUSE means as a backronym?
When you are ready, I would like to be granted the abusefilter-view-private permission, if technically possible. (I realize that this may require the addition of another user group. Also, not to be confused with abusefilter-private.) I have no intention to edit the filters, only to view them if needed to diagnose problems. I promise not to leak information about the filters out to anyone else. Obviously, I do not have any commercial products to promote nor any conflict of interest with any spammer. (I assume that any filters targeted at human spammers will be marked as private; is this correct?) Eighty5cacao 16:40, 18 February 2011 (MST)
Previous proposed names on English Wikipedia included edit filter (which stuck) and action filter (which didn't). This covers two-fifths of it; for the rest, look for the bold letters in the intro to Special:AbuseFilter. The common practice on Wikipedia is that public filters don't apply to autoconfirmed users. This means not all filters targeted at human vandals must be private, only those targeted at "sleeper accounts" used to vandalize a week after registration. Fortunately, we're not big enough to attract spambots sophisticated enough or human vandals dedicated enough for sleeper account vandalism... yet. Should that come, I'll put in a group for troubleshooting defective private filters. --Tepples 17:47, 18 February 2011 (MST)

And about status updates: those shouldn't be too necessary except when I'm putting in an extension. ("Thanks" was for clarifying why you were away.) --Tepples 17:47, 18 February 2011 (MST)

YouTube ERROR: for the record[edit]

To clarify these edit summaries: The old links were indeed showing just the text ERROR rather than a more informative message. Eighty5cacao 18:51, 30 March 2011 (MST)

The last of those edits contained a typo which I corrected here. Eighty5cacao 18:54, 30 March 2011 (MST)

Thinking of adding HSTS[edit]

Windows XP has been without security updates for a month shy of a year. Would we consider IE 8 on Windows XP to be negligible enough that we can set the canonical origin to, enable $wgSecureLogin, and add the HSTS extension? --Tepples (talk) 16:48, 18 March 2015 (UTC)

No objections as to the wiki itself; if I understand correctly, non-wiki pages will not send HSTS headers because they don't call the MediaWiki PHP scripts, but if a new visitor sees the wiki first before going to /, HSTS will still enforce HTTPS for the entire site.
I thought you didn't want that due to potential problems with ads. If that is no longer the case, should I update this to cover all of and unconditionally, leaving as the only default-off issue?
Or did you want Extension:HSTS configured to apply only to registered users? --Eighty5cacao (talk) 18:44, 18 March 2015 (UTC)
I went ahead and did those ruleset changes [1][2]. (Currently, those pages are not meant to be read directly by the HTTPS Everywhere developers; they exist mainly for interested readers to copypaste them into user rulesets.) --Eighty5cacao (talk) 04:58, 19 March 2015 (UTC)
Bump. I never heard any objections to the aforementioned ruleset changes, so I assume this can proceed? I don't personally think it's a high priority to fix the issue that "non-wiki pages will not send HSTS headers." --Eighty5cacao (talk) 05:03, 7 June 2015 (UTC)
Over the past year, it has come to my attention that several people prefer cleartext HTTP because they have found it hard to set up a caching MITM proxy for HTTPS sites. (See Mini-rant archive#HTTPS.) So for now, I'll split the difference and offer opt-in HSTS. --Tepples (talk) 19:46, 22 December 2016 (UTC)

Ok, that seems to work as intended. (BTW: The email notification I got for this post contains http:// links; we should probably try to reconfigure that.) --Eighty5cacao (talk) 21:44, 22 December 2016 (UTC)

Stack Exchange bites[edit]

You wrote that you do not participate in Stack Exchange because you fear an indefinite ban for newbie mistakes. I realize I may have made my article too scary, stressing ways that newbies may end up bitten. But lately I've been describing some of the ways SE users can avoid falling into this trap. Editing for good style and helping with tag cleanup are essentially risk-free unless you go out of your way to abuse suggested edits. Answers don't appear to trigger bans nearly as quickly as questions, as long as an answer actually answers the question, so try answering questions in your strongest area of expertise before asking. Another trick is to prepare three questions that belong on a particular site and ask the clearest and most on-topic of the three. Besides, for the past half year, there have been rate limits before an indefinite ban gets applied. Should I add more about the 1 rep floor and other anti-frustration features? --Tepples (talk) 02:23, 7 May 2015 (UTC)

If you want, but don't stress over it.
First of all, my point was really meant to be more general than Stack Exchange; notice that it was in a section about Slashdot. My reference to "reputation systems" could also cover Reddit, but their wide range of subreddits (and good HTTPS support) makes it less relevant.
Second, perhaps I failed to make clear that the problem was just as much about not wanting to join a new community due to lack of time and interest. --Eighty5cacao (talk) 06:08, 7 May 2015 (UTC)
With respect to your first point, I didn't really see the connection with Slashdot because Slashdot's reputation system isn't nearly as intricate as SE's. I latched on to the "biting newbies" aspect mostly from Slashdot's quirk that -1 karma causes you to post below 1. There are plenty of subSEs (over 140 as of yesterday), and HTTPS works everywhere on SE but child metas of sites without their own domain. With respect to lack of time, I totally see where you're coming from; see my 2004 essay "Spreading Myself Too Thinly?" which sprang from the invite-only trend that was popular at the time. As for interest, Information Security Stack Exchange and the Law proposal may interest you. --Tepples (talk) 13:53, 7 May 2015 (UTC)
Yeah, I admit the connections were rather flimsy; the only valid point was lack of time. Admittedly, Reddit would probably not be any more "intricate" than Slashdot, but I was straining for examples.
I think I'll just remove the entire passage in question. --Eighty5cacao (talk) 17:55, 7 May 2015 (UTC)

If this edit summary was at all directed at me: No, the lack of time is the main concern. --Eighty5cacao (talk) 20:16, 10 May 2015 (UTC)