GitHub SSH Public Key Fingerprint Checking

A security vulnerability was discovered at GitHub back in 2012 that made it possible for an attacker to add new SSH keys to arbitrary GitHub user accounts. Although there was no known malicious activity using this exploit, they took the responsible step to email all their users that have SSH keys associated with their account to verify and approve them before they could be used to clone/pull/push repositories over SSH again.

Continue reading GitHub SSH Public Key Fingerprint Checking

Javascript Word Wrapping

I recently needed to do some manual word wrapping (and possibly hyphenation) of strings in JavaScript and found some interesting code projects:

Counting your top WordPress comment spam source IPs and URLs

A picture of a pizza with the word "SPAM" spelled out in Spam toppings
Photo Credit: Flickr/Jerry Pank

I launched a new WordPress blog for a client a few months ago and have been watching as comment spammers find the site and do what they do best, leave spam. As the first few spam comments started coming in I would flag them then manually copy/paste the source IPs and URLs to the built-in WordPress “Comment Blacklist“.

Over time I obviously started seeing some duplicates and I noticed bursts of spam from certain IPs or linking to specific spam URLs. I was curious to see what these top IPs and URLs were, as they would seem the best candidates to include in the blacklist.

So, let’s dig around in the database a bit…

Continue reading Counting your top WordPress comment spam source IPs and URLs

Manually triggering Google Apps account transition

A screenshot of the Google Apps Transition announcement page

If you want to be an early adopter, and haven’t already automatically been given the option to transition your Google Apps account to the new infrastructure, here’s a handy tip to manually trigger the upgrade process.

Point your browser to the following URL, using your own Google Apps domain name, like so:[]/GoogleAccountUpgrade