bdmac97 | 6 years ago | on: Strong_password Rubygem hijacked
bdmac97's comments
bdmac97 | 9 years ago | on: 5 Skills You Need to Develop to Be a Better CTO
Sorry I meant to lump that in under the soft skills section. It was not meant to be an exhaustive list, there would be far more than 5 items :-)
bdmac97 | 9 years ago | on: 5 Skills You Need to Develop to Be a Better CTO
There could have certainly been some of that but it didn't feel like it in the context (which I realize I didn't provide). I read the question as sincere but admit there's a chance it wasn't.
At any rate, I tried to answer him honestly with what I'd have told myself and it didn't have any bearing on the outcome one way or another.
bdmac97 | 9 years ago | on: Memory Debugging – A Cautionary Tale
Apologies in advance for the length (8 minutes). I've tried to whittle it down but it's a year of anguish for me. :-)
bdmac97 | 9 years ago | on: Some Thoughts on Hiring at a New Startup
IMO, and as you mentioned, your best bet in those early days is to rely on your network and have that insanely compelling vision with which to sell them on. I think you need a certain level of trust with people for them to be willing to bet a significant chunk of their time and such an inordinate amount of energy on your vision. Conversely no matter how much the person may love you, if your vision for the company is a giant pile of "meh" then you won't (and shouldn't) have much luck convincing them either.
The two go hand in hand for your first few hires.
bdmac97 | 9 years ago | on: Some Thoughts on Hiring at a New Startup
Absolutely agree with these points!
bdmac97 | 15 years ago | on: Tell HN: I accidentally ran up a $1000 Heroku bill
I got burned by this on Heroku recently as well but to a much lesser extent $$$-wise. My app typically runs on 1 dyno because it's basically not supported anymore. At some point I must have been messing around in the interface and accidently bumped my dynos. Oops.
I personally think they should have a "WTF your load is like zero, you normally have X dynos, but you're using Y dynos for no real reason... dumbass" alert email... I certainly would have appreciated it!
bdmac97 | 16 years ago | on: CloudApp is live
I'm getting the same thing. Tried redownloading/reinstalling and no love. Had to 'killall Cloud' to even get the thing out of my menubar...
bdmac97 | 16 years ago | on: Apple iPad
And yet every other device they make (basically) has one...
bdmac97 | 16 years ago | on: Apple iPad
No GPS???
bdmac97 | 16 years ago | on: IT job satisfaction plummets to all-time low
I wonder how much of that also has to do with people that simply chose the wrong line of work? Back when I was in school it was coming towards the peak of the dot com bubble and I know there were tons of new students in CS that were there just to make money.
In the long run they are now finding out that money wasn't enough to make them happy since they don't really enjoy programming and are thus unsatisfied...
bdmac97 | 16 years ago | on: Nexus One
I guess from that viewpoint it's moderately interesting but as a phone it's really not much to get excited about compared to other modern Android phones like the Droid. Bah... I was expecting something huge!
bdmac97 | 16 years ago | on: Nexus One
I really do not understand what all the fuss was about. It's just another HTC Android phone. What does Google really even have to do with it (any more than all the other Android phones)? It seems like HTC could've just held their own press conference without involving Google but of course then there'd be no hype!
bdmac97 | 16 years ago | on: Ask HN: What is the right way to ask for feedback twice?
The right way is to use my site, http://www.launchly.com.
I created launchly for this specific reason as a result of not being able to get good "additional rounds" of feedback here on HackerNews.
bdmac97 | 16 years ago | on: Ask HN: Please review my new startup. [Free account for HN community]
Am I missing something or hasn't this already been done by others like Twittermass?
bdmac97 | 16 years ago | on: Ask HN: Where do you go for adhoc/freelance design resource?
I used 99designs.
bdmac97 | 16 years ago | on: Ask HN: Link to a site designed using a CSS framework (Blueprint, 960,etc)?
My site uses 960.gs but not for EVERYTHING. Also not sure how creative the use is but here ya go - http://www.launchly.com
bdmac97 | 16 years ago | on: Ask HN: Need website screenshot generator
Other options include ShrinkTheWeb (http://www.shrinktheweb.com) and PageGlimpse (http://www.pageglimpse.com)
bdmac97 | 16 years ago | on: YouTube Comes To A 5-Star Realization: Its Ratings Are Useless
Kinda always had a feeling that's what happens but nice to see graphical proof! I feel good now about choosing +/- rating only for launchly.
bdmac97 | 16 years ago | on: Why Pair Programming Is Not For the Masses
I just want to point out that saying "You're doing it wrong" (as the article does) does not necessarily imply that you could be doing it right. It doesn't have to be taken as a condemnation of your skills/ability. It simply won't work in all situations and the article does a pretty good job of pointing out blockers to pairing working.
page 1
As already hypothesized in the comments I'm pretty sure this was a simple account hijack. The kickball user likely cracked an old password of mine from before I was using 1password that was leaked from who knows which of the various breaches that have occurred over the years.
I released that gem years ago and barely remembered even having a rubygems account since I'm not doing much OSS work these days. I simply forgot to rotate out that old password there as a result which is definitely my bad.
Since being notified and regaining ownership of the gem I've:
1. Removed the kickball gem owner. I don't know why rubygems did not do this automatically but they did not.
2. Reset to a new strong password specific to rubygems.org (haha) with 1password and secured my account with MFA.
3. Released a new version 0.0.8 of the gem so that anyone that unfortunately installed the bogus/yanked 0.0.7 version will hopefully update to the new/real version of the gem.