freenode/#clasp - IRC Chatlog
Search
19:30:08
drmeister
http://ec2-18-220-160-93.us-east-2.compute.amazonaws.com:8888/?token=025d8f75a19fbc8f3f42c252a05eaab170ab70bd91cd0b85
19:31:53
drmeister
You can currently evaluate arbitrary code in that thing - so... well... you know.
19:32:28
drmeister
ACTION should be pretty safe with "security through obscurity" with the people that he will first show this too.
19:33:49
drmeister
I forgot to mention - if you get in you can click on "demos" -> "catalyst-trial-demo" -> "design-catalyst.ipynb"
19:34:05
drmeister
And then click on an input cell and Shift-Enter to evaluate the input cells one at a time.
19:37:08
Shinmera
Not seeing anything significant in the JS console other than a font access that was blocked.
19:37:41
drmeister
Argh - ok, I know what's wrong. I didn't push the latest docker image to dockerhub
19:38:22
drmeister
Yeah - I will - right now it's like a garage with all the parts lying all over the place.
19:40:24
drmeister
I don't have the :cl-jupyter-user package set up properly to access symbols in the various packages that provide the functionality that the notebook needs to run.
19:40:50
drmeister
I want to set up a package where all common operations don't require package qualifiers.
19:47:43
drmeister
ACTION is puzzled why it worked last night - he must have transported the docker image through the AWS s3 service rather than using dockerhub
19:48:32
drmeister
because the one on dockerhub (that is running in that demo is 24 hours old) and the one on my machine is 14 hours old
19:53:03
drmeister
I would like to set up something else for the landing screen other than a file browser.
20:05:12
drmeister
http://ec2-18-220-223-106.us-east-2.compute.amazonaws.com:8888/notebooks/demos/catalyst-trial-demo/design-catalyst.ipynb
20:05:58
drmeister
This is the url with the key: http://ec2-18-220-223-106.us-east-2.compute.amazonaws.com:8888/?token=02a4921fefa6915a94ec5f1f4fdd511b37bfc347e0ac4cea
20:11:35
Shinmera
Too much difference between browsers and browser kinds / versions out there in the wild.
20:13:53
Shinmera
There recently was an impressive demo that showed chaining several exploits together to attack a host from a webpage in a browser in a VM.
20:14:28
Shinmera
People that block JS do so less out of attack vector concerns, and more so out of privacy concerns (tracking, etc).
20:14:55
Shinmera
as in, you run VMWare, and inside there you run Linux, and inside there you run a browser, that shows a website with JS
20:16:09
Shinmera
Too few people with too little time on their hands, to produce software that doesn't break.
20:16:33
Shinmera
Most bugs happen because of time constraints, overworking, and too little training.
5:28:04
drmeister
::notify Bike With the traitlets stuff - do we have any way to mimic the @observe decorator?