Sometimes I forget about personal security. From a design perspective this is a relatively easy task with acceptable solutions, whether it be hashing passwords or doing some crazy salt implementation to keep your clients passwords secure. Unfortunately I was a little lazy with my own passwords. My main Dreamhost FTP account was compromised in the past week sometime (I expect it was in the last week at least) and I found some rather interesting results from this invasion. So what’s in a dreamhost FTP account? When you log in you see a list of domains that user has access to (for my username it’s everything of course), with full access to everything. There’s also ssh access with the same credentials, but that seems to have been left untouched. Instead the perpetrator grabbed every single index.* file and added their own text to the bottom of it — about 70k of links that were hidden. The dangerous part was that I didn’t even notice this, so I’m not completely sure when it happend!

Dreamhost has a great backup plan luckily. You can login and CD over to /.snapshot and it contains folders with a full snapshot of your files at various times (1 hour ago, 2 hours ago, 1 day ago, 2 days ago, 1 week ago). The files from a week ago were last edited on 5/27 with this malicious code, although that could have been done directly in the snapshot directory. On the bright side for the most part it’s just a matter of removing the offending code and reuploading the files; with the exception of one or two files which actually broke due to this editing. Lucky they did too because that’s how I noticed something was wrong.

Moral of the story is don’t take your hosting passwords lightly! They need to be changed and checked on just like anything else important. I’m lucky that the worst something like this could’ve done is hurt my pagerank (or possibly offend someone if they actually read the links). I’m slowly removing them and cleaning up the rest of my hosting now which is why there has been no ColdFusion 8 headline today, aside from the one Digg was nice enough to do for me. Wait for it tomorrow.

In case you hadn’t heard, Feedburner was acquired by Google. Feedburner rates as one of my favorite services I use, and a free one at that. They take all the bandwidth to run things too, so your site gets hit by less feed readers by the thousands, possibly hundreds of thousands a day. The knowledge required to make it work is also next to nothing. If you have a blog, they’re one service I’d recommend checking out.

What will this mean for users like me? Well that’s a ways off, but we can start speculating can’t we? One of the most valueable aspects of Feedburner is the in depth analysis they provide, and also the ads able to be placed on higher read blogs. Stats and ads? Sounds like Adsense and Analytics. Can’t wait to see how these are incorporated into the ever growing entity that is Google.

One Firefox extension I’ve always had installed is the SearchStatus extension (I wouldn’t recommend running it at work though, as the Alexa stats can be skewed by a single developer hitting a page repeatedly). I’ve had a few sites throughout the years, none too popular, but to my surprise today I noticed the pagerank on AdamFortuna.com shot up to a 7 since Googles last update! Funny as well considering how many times I’ve changed my layout and entire html+style. This site gets so few hits, but it’s fun to challenge myself to find new and interesting things to write about; or create something if nothing comes to mind. I really need to do more of both, but it seems to be working as far as Google is concerned.

One thing that always seemed interesting to me was that although the ColdFusion community is relatively small, and primarily located on a few mailing lists, popular blogs and hubs; the pageranks all around are relatively high in comparison. The main reason for this? Content! Even if the ColdFusion community isn’t the largest, there’s a ton of bloggers out there adding in their take on everything. This makes for great cross talk of ideas, links and everything else that works out to some interesting solutions. The relatively small number of hubs is an asset in bringing people together — just look at how Riaforge draws out community and hopefully will continue to bring more people to help. There’s great new blogs popping up left and right such as CFInternals or the many many others that show up at Fullasagoog everyday. For all those who think the CF community is in trouble, there’s where to start.