Some script-kiddie has demonstrated that storing passwords in plain text was (and still is) a pretty stupid idea. Caught perlmonks with pants down.
Promises were made:
Closing the Hole
PerlMonks admins are working with the Pair.com folks (who manage our hardware and connectivity resources) to evaluate and strengthen security on the servers. No information is available at this time as to the status of this effort.
The administrators are planning to implement hashed passwords (allowing more than 8 chars).
Now guess the current state. Or, just test it: Enter your user name into What's my password?. Click the submit button. Open your mail box.
This is what I received:
Subject: Password Mail
Date: Mon, 29 Jul 2019 12:46:51 -0400
X-Mailer: Perl script "index.pl"
using Mail::Sender 0.8.10 by Jenda Krynicky, Czechlands
running on perlmonks.com (18.104.22.168)
under account "root"
You or someone else has requested a password for your username or e-mail
Before you freak out, take a few deep breaths and remember that it's YOU
and not THEM who is getting this password.
Here's your info:
passwd: *** DELETED FROM THE MAIL BODY ***
human name: Alexander Foken
love, the management
Hello my fellow monks, I am new to this forum. I have been using perl now for a few years. I stopped using the language about 5 year ago. I have my regrets for doing that. Now i am learning everything from scratch. Well i hope it will be fun doing that with the companionship of other monks.
I wish to learn and contribute to this community and if possible to Perl itself. I am high impressed with the level of documentation found here. I know i have some more reading to do and i hope i can commit myself to study and learn.
Once again i humbly greet you all and wish to learn from you all.
This has been discussed in the ChatterBox several times, but it hasn't been mentioned in a more permanent manner.
I've created a ChatterBox client pm-cb-g that uses the New Chatterbox XML Ticker. When posting, sometimes the message is not displayed, but when I try to submit it again, I get back the dreaded Whoa, Cowboy! You said that already. Don't 'reload'? So somehow, PerlMonks thinks the message has been sent by me, but it doesn't display it.
It's never happened when posting from a browser.
I have a suspicion it's related to the fact one of our servers has a wrong timezone setting. When the message gets processed by it, the wrong timestamp makes it too old (or too far in the future) to be displayed. I tried to study the relevant nodes (chatrepeated and repeatedchatter), but my pmdev-fu is to weak. Can anyone help? Would it be possible to fix the timezone on the server so I can at least disprove the suspicion?
I usually append #2, #3 etc. to the message when reposting it to prevent the Whoa cowboy effect. My personal record is #7, the last message was posted via the browser as I lost patients.
We have a new feature: usergroup-private discussion threads.
This lets members of groups (such as pmdev) have threaded discussions, just like in the regular sections, but completely unvisible to anyone not in that user group (aside from gods, of course).
Up until now, user groups have always used wiki nodes
for intra-group discussion; but wikis are pretty suboptimal for this purpose.
(They remain useful for other purposes, such as collaboratively maintained documentation.)
The esteemed chromatic made such as observation way back when the concept of the wiki nodetype was first proposed:
IMHO wikis are best suited to accumulating community resources and keeping them relevant. I do not think that for general discussion that a wiki makes more sense than the usual noding. But if a topic comes up often, summarizing it in a wiki would make sense.
So this new feature is intended to replace the use of wikis for discussion.
One main way in which these threaded discussions are different from the regular sections is that nodes are not votable and will always have reputation zero
— the idea being that it wouldn't be fair for a monk to be able benefit monetarily from posts which are not accessible to the general public.
Consequent to that, replies are always shown newest first.
Whenever someone posts a direct reply to a group — which is essentially a top-level post under a group — it sends a message to all members of the group, something like this: