<zarvox>
paulproteus: all right, I'll shoot Steve a line, and see if he any connection to the HTK folks; if not I'll follow up and send them an email directly
<paulproteus>
zarvox: I didn't realize HTK is "just" a library for training hidden Markov models.
<posix4e>
Stupid question guys curl https://install.sandstorm.io | bash(wont that run even if it partially downloads?)
<paulproteus>
posix4e: Yes, but read the script to see how we avoid this being a practical problem. (-:
<posix4e>
nice :)
bb010g has quit [Quit: Connection closed for inactivity]
<paulproteus>
(-:
maurer has quit [Ping timeout: 256 seconds]
maurer has joined #sandstorm
aldeka_limechat has joined #sandstorm
aldeka_limechat has quit [Client Quit]
<posix4e>
Confused with gitlab, from the directions I see "To access this repository from a git client, first generate a webkey by clicking the icon on the Sandstorm top bar. "
<posix4e>
But i see no key
<paulproteus>
posix4e: Even in the black top bar?
<paulproteus>
The one that says "Untitled GitLab Repository"?
<paulproteus>
Oh your window might be too small.
<paulproteus>
You might have to click on the top-left "hamburger menu" to see it.
<posix4e>
kk
<posix4e>
one sec
<paulproteus>
Obviously this calls for a screencast that someone should make.
<paulproteus>
(I was Googling [sandstorm top bar])
<posix4e>
Oh crap, how does ssl work?
<paulproteus>
Tell me more?
<posix4e>
I can't seem to connect over ssl
<paulproteus>
Curious. What error do you get? Consider using a pastebin e.g. https://paste.debian.net/ to store a copy of the full terminal transcript.
<posix4e>
Maybe it's a different port?
<posix4e>
by default i'm running http on 6080
<paulproteus>
But you have HTTPS in front via e.g. nginx, routing to the port 6080 thing? It should be OK to git clone a HTTPS URL, then.
<posix4e>
Ahh ok
<posix4e>
I set that up then?
<paulproteus>
I presume so. Basically, "try it"
<posix4e>
:)
<posix4e>
OK cool, got some good stuff running. I'm moving all my docs to this.
<posix4e>
I really need to write a web irc client that doesn't suck
<paulproteus>
There are a few that are maybe OK!
<paulproteus>
One day they can be Sandstorm'd.
<posix4e>
They suck
<posix4e>
thus far
<posix4e>
no offense to them
<posix4e>
god it would be cool if i didn't need root
<mcpherrinm>
I would love a sandstorm web IRC client!
<posix4e>
They are all pretty terrible none have a decent mobile client
<mcpherrinm>
I would extra love a sandstorm mobile web IRC client!
<paulproteus>
There was also a Sandstorm presence at an EFF-affiliated event, which I added to the Meetup calendar, where Jack Singleton talked about Hacker Slides and his perspective on Sandstorm as an app developer.
<posix4e>
so why do i feel secure running sandstorm, it looks like a normal app server to me.
<posix4e>
it's not like the redis is containerized is it?
<paulproteus>
That reassuring top bar!!
<posix4e>
Should I be running sandcats inside of a docker container and forwarding?
<kentonv>
the databases are containerized together with the apps
<paulproteus>
Hackeresque front page with slick animated SVG -- try logging out, going to your Sandstorm site's front page, and clicking!!
<paulproteus>
I like the first paragraph of the Security Practices Overview page. I like to say, "Sandstorm looks like a usability project, but is secretly a security project."
<dwrensha>
paulproteus: I like to steal your sound bites. :)
<kentonv>
I like secretly packaging security inside usability. It's like a trojan horse, except with the reverse outcome.
* kentonv
adds link to security overview from front page
<kentonv>
I feel like we should have snazzier HTML-ified pages for each of Usability, Security, and Freedom.
joshbuddy has quit [Quit: joshbuddy]
joshbuddy has joined #sandstorm
joshbuddy has quit [Client Quit]
joshbuddy has joined #sandstorm
joshbuddy has quit [Client Quit]
darius has joined #sandstorm
bb010g has joined #sandstorm
paroneayea has quit [Read error: Connection reset by peer]
<ocdtrekkie>
zarvox: Can you translate that link and it's relevance and how I should feel about it into "I don't know what the heck I'm looking at" speak? :D
<zarvox>
ocdtrekkie: it means I can't rely on "Content-Security-Policy: sandbox" for Firefox
<zarvox>
to isolate grains from each other and the rest of the network
<ocdtrekkie>
Ah. IIRC, the plan was to do so, but nothing's implemented yet?
<zarvox>
I'm hoping to get CSP enabled in Sandstorm Soon™ so that app developers can start noticing that they need to include e.g. fonts and JS that they'd otherwise pull from CDNs
<zarvox>
Well, we have CSP enabled for the shell, but not for grains yet.
<zarvox>
And maybe we can put together a tighter policy.
<ocdtrekkie>
zarvox: I've been making a point to look for said includes and converting them in my ports. Scrumblr was particularly guilty of this.
<zarvox>
Hooray!
<XgF>
Somewhat unrelated to Sandstorm, but I was mulling through a technicall issue today
<XgF>
Related to the inability to practically authenticate access to a video file used by the <video> tag
<XgF>
I came up with a solution... using the most hated W3C specification ever
<zarvox>
Heh.
<paulproteus>
Wait, which one is that?
<XgF>
EME
<paulproteus>
XHTML1.1?
<paulproteus>
Oh my!
<paulproteus>
You win, XgF!
<XgF>
EME has a mandatory to implement "DRM system" in which JavaScript provides the decryption key
<paulproteus>
Yeah, I remember. Encrypted Media Extensions.
<ocdtrekkie>
zarvox: I also found it funny that like half of the forks of Scrumblr all started with "remove Google Web Fonts dependency".
<ocdtrekkie>
Which is where I got the code to fix it. :D
<ocdtrekkie>
jQuery I just saved the files that were linked to and made them local, whatever versions happened to be in use by the app.
<XgF>
Hmm, will there be a way for an app to opt-out of CSP (presumably with a warning)? E.G. RSS readers would want that
<zarvox>
ocdtrekkie: heh, good to know that it's not just us with that use-case :)
<ocdtrekkie>
paulproteus told me about bower, which I assume would be quite useful if I was maintaining a repository actually being developed, but I figured I didn't need it just to include a couple files for the Sandstorm package.
<zarvox>
Paperwork uses bower
<ocdtrekkie>
XgF: That's a good point. I wouldn't want to download all of the images from various blogs into TTRSS.
<XgF>
ocdtrekkie: Even worse, embedded videos!
<ocdtrekkie>
My notion, XgF, is that there will need to be a Sandstorm permission to grant access to a specific domain for fetching outside content or something similar.
<XgF>
That sounds like its' never going to support embedded youtube videos
<zarvox>
XgF: Hmmm, good question. That does sound a tad tricky.
<ocdtrekkie>
Because obviously, the RSS reader needs to be able to hit those XML files in the first place. But like, if you were following Engadget, you could grant access for it to embed stuff from Engadget's CDN.
<ocdtrekkie>
Allow engadgetwhatever.com/*
<XgF>
ocdtrekkie: Is a Real User going to understand when its. s23.akamaihd.com? :P
<ocdtrekkie>
XgF: I'm wondering if it can be automated a bit by the app.
<zarvox>
;_; but referrer leakage oh noes
<XgF>
Hows' a normal person supposed to distinguish akamaihd.com from istealyourdata.com?
<ocdtrekkie>
When you add a feed, app checks the image links in it, and asks if Sandstorm can allow whatever.com/*
<ocdtrekkie>
Ideally, an RSS reader is relatively devoid of private data.
<ocdtrekkie>
If TTRSS had read-only support, I'd link you mine. :P
<zarvox>
I could maybe see a world in which granting access to the feed should also grants access to the content that the feed embeds.
<XgF>
I still see this falling apart on embedded youtube videos and whatnot
<ocdtrekkie>
zarvox: Yeah, that sort of thing. I assume the app would have to look at where that content was coming from to adjust the policy.
<ocdtrekkie>
I guess revealing those domains to the user would likely be someone pointless in most cases.
<ocdtrekkie>
While it doesn't stop referrer leakage oh noes, I assume you'd still want to set limits on what type of content you can remotely pull with an RSS feed.
<XgF>
HTTPS stops referer leakage
<paulproteus>
Only to other HTTP sites. HTTPS->HTTPS, referrers leak!
<ocdtrekkie>
Images, fine, mp3s, sure (b/c podcasts), but if you want to pull arbitrary JS, you should probably just click through to the RSS feed's source URL for that post.
<zarvox>
mmmm, yeah, being able to frame HTML seems generically useful for a slides app.
<zarvox>
I suppose you could sorta work around that if hackerslides used the publishing functionality.
<zarvox>
And then you presented from the published slideset.
<zarvox>
But that does complicate things a touch.
<dwrensha>
you might also not want your presentation to be public
<zarvox>
"then you keep the public URI a secret"
<zarvox>
but yeah, point taken
<kentonv>
killing blackrock nodes and watching the network self-heal without interrupting the user is weirdly fun.
<dwrensha>
zarvox: draw.io hits exp2.draw.io for export functionality
bb010g has quit [Quit: Connection closed for inactivity]
<kentonv>
dwrensha: FWIW, the draw.io people say they're going to fix that.
<kentonv>
move export client-side
natea has quit [Quit: natea]
maurer has quit [Ping timeout: 252 seconds]
maurer has joined #sandstorm
bb010g has joined #sandstorm
nwf has quit [Ping timeout: 252 seconds]
<zarvox>
okay, so these (potential CSP violations) seem to break down into a few categories:
<zarvox>
1) things where apps are reasonably under our control and we can fix them to not use external resources (e.g. draw.io, sharelatex)
<zarvox>
2) things where the apps already need access to the outside world to be useful (e.g. RSS reader, email) but limiting access may be a potential security/privacy win
<zarvox>
3) things where the apps are enriched by external things (e.g. gravatar) where we could maybe make some sort of capability for accessing those specific things
<zarvox>
The sooner we deploy CSP, the sooner people will discover all of their instances of #1.
<zarvox>
To the extent that we can make exceptions, doing so for #2 (where we've already done something via hackSessionContext) doesn't seem any worse than the status quo.
<zarvox>
#3, however, is hard. I don't really want to grant wordpress/gitlab the world, but I also don't really want to break gravatars, when they work today.
natea has joined #sandstorm
<kentonv>
well, Sandstorm intends to support avatars directly
<kentonv>
giving them to the app along-side your display name
<kentonv>
are there examples in this category that don't make sense for Sandstorm to directly support?
<zarvox>
not that I've encountered yet!
<zarvox>
IPython notebook is probably tricky, as usual. Programming environments and sandboxing have, shall we say, an impedence mismatch.
<zarvox>
To the extent that other apps also allow some amount of programmability/embedability (e.g. hackerslides) those things run slightly into platform constraints.