Category Archives: Features

Update your Etherpad

Posted on by

Periodically we sweep through sites that run Etherpad and check for any instances that are out of date.. This time we were alarmed by the number of out of date instances that contain security issues..

Please update your instances.. This is the list of URLS of out of date instances that contain security issues.

· https://piratepad.ca

· https://factor.cc/pad/

· https://pad.systemli.org/ (pads removed after 30 days of inactivity)

· https://pad.fnordig.de/

· https://pad.lqdn.fr/

· https://tihlde.org/etherpad/

· https://etherpad.wikimedia.org

· https://bitpad.co.nz/ (Tor hidden service, pads removed after 30 days of inactivity)

· https://etherpad.mozilla.org/

· https://text.allmende.io/

· http://notas.dados.gov.br

· http://board.net (Demo and FAQ: http://board.net/p/community)

· http://notes.occupy.net/

· http://piratepad.be

· http://pad.openerp.com

· http://pad.planka.nu/

· http://pad.tn/

· http://etherpad.brownbag.me/

· http://lite.framapad.org

· http://pad.hdc.pw/ (Email-Notification,SSL coming next, running in Austria)

· http://pad.op99.org

Etherpad CLI Client

Posted on by

Interact with Pad contents in real time from within Node and from your CLI.

Screenshot from 2015-03-02 13:03:14
The CLI can be used to catch edit events from Etherpad. Changes are sent as Changesets so there is no performance drop or additional bandwidth required. We use the fastest possible method to reflected changes of a pad.

The CLI Client can also be used to append content to a pad.

5 seconds getting started…


sudo npm install -g etherpad-cli-client
etherpad https://beta.etherpad.org/p/clitest

See what else the Etherpad CLI Client can do!

The CLI Client was developed as part of our new load testing tool that we hope to release within the coming weeks. Development was funded by UCI & Primary Technology Ltd.

Etherpad v1.5.1 – “We’d rather die standing than live on our knees” edition

Posted on by

What’s new TLDR;

Mostly bugfixes, one security/privacy fix. One UI feature (Chat and Users always on screen)

Screenshot from 2015-01-24 18:14:11

NEW: High resolution Icon
NEW: Use HTTPS for plugins.json download
NEW: Add ‘last update’ column
NEW: Show users and chat at the same time (try it)
NEW: Support io.js
Fix: removeAttributeOnLine now works properly
Fix: Plugin search and list
Fix: Issue where unauthed request could cause error
Fix: Privacy issue with .etherpad export
Fix: Freeze deps to improve bisectability
Fix: IE, everything. IE is so broken.
Fix: Timeslider proxy
Fix: All backend tests pass
Fix: Timeslider stars
Fix: Translation update
Fix: Check filesystem if Abiword exists
Fix: Docs formatting
Fix: Move Save Revision notification to a gritter message
Fix: UeberDB MySQL Timeout issue
Fix: Indented +9 list items
Fix: Don’t paste on middle click of
SECURITY Fix: Issue where a malformed URL could cause EP to disclose installation location

Etherpad 1.5 – Turkey Slayer Edition

Posted on by

Usually on releases the first thing we do is tell you what’s new and why you should upgrade. If you are looking for this, scroll down.

This release is different. What makes Etherpad such a great project is the number of contributors that can maintain the software. This means that should one maintainer be unable to maintain Etherpad others can step in. So the first thing we want to do on this release is hat tip the contributors between 1.4.1 and 1.5. Now you know who to hire for your next Etherpad project!

Etherpad is mostly a British-German alliance. The majority of our funding comes through US organizations and Primary Technology. We’d like to see more funding arrive through donations and sponsorship. These donations have less strings attached so will keep us more independent and neutral. If you can help, please visit the donation section on Etherpad.org

@webzwo0i, @marcelklehr, @Gared, @simong, @BjarniRunar, @luto, @l-y-n-x, @beaugunderson, @cristo-rabani, @prtksxna, @0ip, TranslateWiki team
And finally Myself: @JohnMcLear

TLDR; What’s new and why should I care?
> Full Etherpad Pad Export and Import
> Bug fixes, tests, UI/UX polishing & updates of dependencies
> Speed improvements to all pages. Page load times improved by ~30%.
> Support for instance Sharding (Scaling Etherpad to multiple servers)
> Better documentation & more language support.

Nice things for users:
> Control 5 now does Strikethrough.
> Better experience at higher DPI screens (use of icons instead of fonts)
> 30% Faster page load
> Full Pad Portability (Export/Import)

While this release is mostly a bugfix & performance release we have updated about 20% of the overall Etherpad code since 1.4.1 so we have given it a major release number.

Our release schedule is heating up as we get more and more commercial support ergo more active development.

Some cool things Etherpad can do that it couldn’t before
> curl HTTP POST files right to your Etherpad Instance
> Export other HTTP block elements (Such as subscript/superscript)
> Talk to your pad
> Switch between pads without reloading the editor

Demo Etherpad

Demo Pad, have a play!

Etherpad Version 1.4.1 Released – Unpremature

Posted on by

Shut up rambling John. Just tell me what’s New and why should I upgrade/care?

Performance:
* Huge MySQL performance improvements (InnoDB to MyISAM)

Hooks:
* User Leave
* Export File Name
* Preprocessor Hook for DOMLine attributes

Scripts
* Script to reinsert all DB values of a Pad

Configuration:
* Allow for absolute settings paths

API:
* Get Pad ID from read Only Pad ID

Fixes:
* Exception on Plugin Search and fix for plugins not being fetched
* Font on innerdoc body can be arial on paste
* Fix Dropping of messages in handleMessage
* Don’t use Abiword for HTML exports
* Color issues with user Icon
* Timeslider Button
* Session Deletion error
* Allow browser tabs to be cycled when focus is in editor
* Various Editor issues with Easysync potentially entering forever loop on bad changeset

Shut up John, why no update for so long?
Thanks to you guys supporting my other project I have been crazy busy and that means no time for Etherpad, thankfully other project members have lead the way but things haved moved slower than we’d all like. Etherpad is still a project very close to my heart and I’m making plans to commit more time to move things forward in 2015.

Remember people, cloud hosting where you can’t replicate the system locally is going to cost you long term. Did anyone else just notice Google changed Google Drive/Docs interface yet again, can anyone find any of their documents? I tried.. Gave up.. Hillarious. TAKE CONTROL.

Also props to services such as Own Cloud gaining traction, we love you guys, you give control. Keep on being smashing.

Nginx reverse proxy SSL security issue

Posted on by

Until today the example Nginx reverse proxy config for Etherpad allowed for weaker SSL encryption than is acceptable.

You can see if your instance is vulnerable by checking your instances SSL cert

Check your Nginx config to see if this line exists:

ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

If so replace with:

ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 ECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";

Restart Nginx then check your instances SSL cert

We updated the wiki to reflect this change.

Skype and Hangouts alternative

Posted on by

We’re tired of being spied upon and we’re tied of tech companies colluding.

With no sign of an end we think it’s time to take control.

So.. We’re Introducing an Etherpad instance to serve as an alternative to Microsoft Skype and Google Hangouts, we’re using it internally but we’re inviting you to try it out too for your own chats and let us know what you think..

Try out Vetherpad at https://v.etherpad.org/

Naturally no plugins or extensions are required, just a gool ‘ol modern browser..

Wanna host your own? Just install Etherpad and the webrtc plugin, it takes minutes then you will have your own secure, private video chat and document editing facilities.

Found a bug and wanna fix it? Awesome! We gots the bug trackers.

Looking to see what else Etherpad can do? Check out our beta instance..

Try out Vetherpad at https://v.etherpad.org/

Etherpad for the masses

Posted on by

Over time Etherpad has grown, it’s become more than we aimed for it to ever be with many large tech and activist organizations deploying their own instances. However, one problem we have is the ability for smaller organizations to easily roll their own Etherpad instance on the web.

Don’t get us wrong, there are some great services such as PrimaryPad that exist and cater for individual markets but we feel we feel that as a community we can provide a richer, more configurable service that contributes more back to our core open source project.

So we’re considering building an easy way to deploy a private Etherpad instance for your organization on Etherpad.com

We don’t know exactly how this Etherpad as a Service will look like, but we will probably take inspiration from WordPress.com

We want everything to be kept open source, not just what we choose to push back to the core project.

We want to provide confidence that activists groups anonymity and data will be kept safe.

We want to create an ecosystem that has some finance involved but we want to keep the uptake for small organizations costs at a minimum. We have a small pool of start-up funds available. We’re not sure yet how we will go about assigning stakeholders for this new venture.

Services we have been offered help with so far..

  • Hosting: Rackspace
  • SSL Certificates: GlobalSign
  • Automated Testing: SauceLabs
  • Etherpad Development: Etherpad Foundation (naturally)
  • Ticketing and Support: Primary Technology
  • Security Auditing: Mozilla
  • Translations: Wiki Media Foundation
  • Etherpad.com: Google

Services we’re looking for help with, maybe your organization can help?

  • Pen testing (Security penetration testing, ensuring our overall service is as safe as possible from attackers)
  • Marketing (Press release drafting, branding etc.)
  • Management and business strategy (Deciding the best approach for us to ensure we’re providing the best service)
  • Billing and Invoice handling (Allowing for simple online payments(including crypto-currencies), creating invoices and chasing them when they are unpaid)
  • Sales consultancy (Discussing payment options with potential and existing Etherpad.com users)
  • Data analysis(Looking at our collected stats/data and provide Management with decisions to help them improve their overall strategy)

Our big problem is going to be monetization. We have a few options we want to get your feedback on…

Charge per changeset: 1M or so changesets free then 0.001p per changeset after. We think this will confuse too many people and potentially scare people off using the service.
Flat fee per month: 1 month free then pay per month. We feel we can do better than this.
Free to use with micropayments for plugins: Something along the lines of $0.50 for each plugin you enable. We’re keen on this model as it funds new plugin development.
Ad supported: We’re not overly keen on spamming your page with ads, we think it devalues the service.
Pay per user: Monthly Micro payment for each user account you add / uses Etherpad.
A choice of any of the above: This may be the most complex model for us to achieve technically but it might be the best for large and small organizations as they will be able to switch between payment options to secure the best deal for them.

So that’s our general goal, to create an ecosystem around Etherpad development to encourage more developers to take up Etherpad as their full time development job and to empower smaller organizations will the ability to quickly throw their own Etherpad instance up on the Web so they are in control.

Please do let us know your thoughts, we appreciate this isn’t ground breaking stuff but if we can build a stronger ecosystem it should lead to a more rapid release cycle and more innovation around Etherpad.