The Latest

Detecting Proxy-Based Phishing

I recently learned about a new sophisticated type of phishing scheme. Traditionally, a scammer looking to steal information from someone has to go through the effort of building a fake website to spoof the target site. These spoof sites aren’t usually very good copies, so a victim can spot that something is amiss and leave. The new trend, however, is to load the target site through a proxy server. The victim is, for the most part, interacting with the real target site, with a couple catches.

  • The scammer can monitor whatever is submitted through forms on the site.
  • The scammer can modify any content as they see fit.

Wow, scary right? A scammer could be hijacking your user’s info and you may never even be aware that the proxy exists.


Automating MySQL Backups with Bash

I’ve been putting more effort lately on disaster-planning, and a big part of that is having backups. Linode automatically backs up my entire system, but I noticed something troubling in their documentation:

This method is very reliable, but can fail to properly back up the data files for database services like MySQL. If the snapshot occurs during a transaction, the database’s files may be backed up in an unclean state.

Yikes! So while my system and files may be backed up, my databases- which mean everything to the various WordPress sites I host- could potentially be unrecoverable. That is no solution at all.

Following their advice, I decided to write a script I could use to automate this. mysqldump is the obvious tool for this job, and the output can be compressed with gzip to conserve space. The resulting bash script could then be added as a cron job to automate it.


Debouncing Scroll Events with Request Animation Frame

I was working on an update to Redactor, the text editor used in Beam, that would allow the toolbar to stay visible even when scrolling on long pages. Correctly positioning the toolbar would require using a callback that would need to fire every time the browser was scrolled or resized. Which works, but there’s a problem.


Prepping for a Surge

It’s always good to be prepared. So while I don’t imagine my posts going viral anytime soon, I thought it would be a fun thought experiment to figure out what I’d do. An important first step would be serving up a static version of the viral page. Here’s the plan I put together!



I had a little free time yesterday evening so I spent it experimenting with Astra‘s API. Astra is a really cool service created by my talented coworker John Workman. The idea is to provide intelligent cloud storage and CDN services with a straightforward API, with much simpler (and cheaper!) pricing than you get with similar providers.