Jack Kingsman's actual brain

Jack's Brain

Hi! I’m Jack Kingsman, an SRE @ Atlassian in Seattle. In my free time stay busy as a volunteer EMT, Divemaster, and amateur radio operator.

Page 6


I couldn’t sleep tonight, so I built a little toy that interfaces with Facebook’s TTS system for generating speech. The interface connects to both the standard pronunciation system, and the ‘echo’ system, which uses a custom implementation of IPA to generate speech from precoded phonemes. I’ve written more about both types, as well as included download links for generated audio, at the CodePen I wrote. Check it out, if you feel so inclined.

I troubleshoot a lot of systems that are designed to send emails, usually expecting a SMTP server to send from. However, I dislike using my personal email credentials (usually the only ones I have on hand) and setting up a local mail server or a mail server snippet isn’t always practical – so I wrote Mockbox.io.

Mockbox is free, ephemeral, and simple SMTP server simulation – it’s essentially a free, open source alternative to MailTrap.

Dec 10, 2015

FALL QUARTER IS DONE. Man, that feels good.

I’ve been pretty busy with school stuff but still put off homework find enough time to work on some personal projects. Recently, I’ve been putting most of my work into the SupTracked UI and API, a system for tracking and analyzing my nootropic consumptions. The API is all nice and tidily documented, and I’m nearly done with v1.0 of the UI, which is prototyped with jQuery (I know, I know…) before I lock down the design I want and move over to React or Angular.

Oct 10, 2015

I got inspired by a reddit post, and wrote a philosophical counterpart: whyami. Now you can get the meaning of life according to various philosophies, right on your command line.

Sep 30, 2015

I’ve just gotten all my identities loaded into Keybase, a fantastic identity clearinghouse. Check it out for my PGP key, GitHub verification (and by extension, my SSH keys at https://github.com/jkingsman.keys), and more.

I am Jack Kingsman on Keybase.io.

Sep 15, 2015

TL;DR: Make sure your GitHub organization is secure by checking that your org’s users have a sufficiently large key bittages and types (including elliptic) using this tool I wrote.


It wasn’t long ago that [Ben Cox’s fantastic blog post][2] revealed the potential threats from weak SSH keys installed on GitHub user profiles (and GitHub now disallows the installation of keys with <1024 bits). While 1024 bits is secure for now, it’s never been the tendency of the software industry to sit on its security laurels. 2048 or even 4096 bit RSA and DSA keys are now commonplace and becoming the norm, and elliptic curve keys are slowly but surely gaining traction as the industry continues to break the bad habit of assuming anything is uncrackable.

Sep 15, 2015

I’m upgrading my SSH RSA key to a higher bittage.

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "Jack Kingsman RSA"
AAAAB3NzaC1yc2EAAAABJQAAAgEAtBF4UbmlPNzUIUpHE4v1SrbvBKx5ULmjq/eU
1solR7efI5H0V9+XyPy6CcaNXlxlKGLvyIygC70s0cAA2tKkqp/TAyDyGeHwV+5e
rS3RTs0eS5NfJlMp/7cW9vpmppEgYCLCsB92a7mTrFavR3NCxW+6RujSReFmn/l2
aq2NOdzRS1sqV+ooOTSzlvTW5fU7afSwhgawUxTdOQjypI3aQ7oB8CoMouapLx38
X9pMhzE+oypwKpujotCXKtVQg/+Sli1cIaPePcdGd9ithhRw5nVdv9fzpS//XIng
aRjE/uWF08QtKQ6GYB/cauk+pe49KzsBLQH/irai3n78JP8svkXdRtCZetk0Np4c
q/BrVOt6JVPaNYNmYoxsKJw+RTtHM5xuRYWMlnm/Sb0s3FwFByE7de6stZPlYORJ
9e3pVMSBTNIxPpMVqS9fv1Q7+l1u7xflWDh7KLSlD5t7QhlYzL1zA3nup/7ZTYks
5f7MRAqsLOiNBOHNGSC7+2YlZMiQYnqELbX9LGbH0DN0xOw1jqv97Xf4BAHMp7BK
+3R6NuSiDH1hukSR+UC2LrNL2uLfOPQ0fmhqS7OoUMu4VzI1qmke+q+T3eRZ0DLM
FASjB0jLfLhM84OpW9BXgcoTVdD3b0+ple1qoByW3PX6M18HfoB7cXkmBV1q7XRo
Y9SIJh8=
---- END SSH2 PUBLIC KEY ----

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAtBF4UbmlPNzUIUpHE4v1SrbvBKx5ULmjq/eU1solR7efI5H0V9+XyPy6CcaNXlxlKGLvyIygC70s0cAA2tKkqp/TAyDyGeHwV+5erS3RTs0eS5NfJlMp/7cW9vpmppEgYCLCsB92a7mTrFavR3NCxW+6RujSReFmn/l2aq2NOdzRS1sqV+ooOTSzlvTW5fU7afSwhgawUxTdOQjypI3aQ7oB8CoMouapLx38X9pMhzE+oypwKpujotCXKtVQg/+Sli1cIaPePcdGd9ithhRw5nVdv9fzpS//XIngaRjE/uWF08QtKQ6GYB/cauk+pe49KzsBLQH/irai3n78JP8svkXdRtCZetk0Np4cq/BrVOt6JVPaNYNmYoxsKJw+RTtHM5xuRYWMlnm/Sb0s3FwFByE7de6stZPlYORJ9e3pVMSBTNIxPpMVqS9fv1Q7+l1u7xflWDh7KLSlD5t7QhlYzL1zA3nup/7ZTYks5f7MRAqsLOiNBOHNGSC7+2YlZMiQYnqELbX9LGbH0DN0xOw1jqv97Xf4BAHMp7BK+3R6NuSiDH1hukSR+UC2LrNL2uLfOPQ0fmhqS7OoUMu4VzI1qmke+q+T3eRZ0DLMFASjB0jLfLhM84OpW9BXgcoTVdD3b0+ple1qoByW3PX6M18HfoB7cXkmBV1q7XRoY9SIJh8= Jack Kingsman RSA

You can easily replace my old key with the new one by running the following commands as my user (su jkingsman or something to that effect):

sed -i.bu 's/^ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBmpnxEFZE.*/ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAtBF4UbmlPNzUIUpHE4v1SrbvBKx5ULmjq\/eU1solR7efI5H0V9+XyPy6CcaNXlxlKGLvyIygC70s0cAA2tKkqp\/TAyDyGeHwV+5erS3RTs0eS5NfJlMp\/7cW9vpmppEgYCLCsB92a7mTrFavR3NCxW+6RujSReFmn\/l2aq2NOdzRS1sqV+ooOTSzlvTW5fU7afSwhgawUxTdOQjypI3aQ7oB8CoMouapLx38X9pMhzE+oypwKpujotCXKtVQg\/+Sli1cIaPePcdGd9ithhRw5nVdv9fzpS\/\/XIngaRjE\/uWF08QtKQ6GYB\/cauk+pe49KzsBLQH\/irai3n78JP8svkXdRtCZetk0Np4cq\/BrVOt6JVPaNYNmYoxsKJw+RTtHM5xuRYWMlnm\/Sb0s3FwFByE7de6stZPlYORJ9e3pVMSBTNIxPpMVqS9fv1Q7+l1u7xflWDh7KLSlD5t7QhlYzL1zA3nup\/7ZTYks5f7MRAqsLOiNBOHNGSC7+2YlZMiQYnqELbX9LGbH0DN0xOw1jqv97Xf4BAHMp7BK+3R6NuSiDH1hukSR+UC2LrNL2uLfOPQ0fmhqS7OoUMu4VzI1qmke+q+T3eRZ0DLMFASjB0jLfLhM84OpW9BXgcoTVdD3b0+ple1qoByW3PX6M18HfoB7cXkmBV1q7XRoY9SIJh8= Jack Kingsman RSA/' ~/.ssh/authorized_keys
Sep 15, 2015

I’m proud to announce my very first module released on NPM! This module parses and extracts info from OpenSSH authorized_keys format public keys. It’s simple, minimal, but functional, and plays a key role in an upcoming utility I’ll be releasing the next few days for GitHub Organization security auditing.

If you’ve ever needed to copy chunks of code from GitHub but hate having to deal with removing the pluses and minuses in the diff view, I just wrote bookmarklet for you – it removes them with a couple lines of JavaScript.

Check out the gist, or just drag this link into your bookmarks bar: [No Diff Markers][2].

Click to enlarge image

[2]: javascript:(function(){for(var elements=document.getElementsByClassName(“blob-code-inner”),i=0;i<elements.length;i++)(elements[i].parentNode.classList.contains(“blob-code-addition”)||elements[i].parentNode.classList.contains(“blob-code-deletion”))&&(elements[i].innerHTML=elements[i].innerHTML.substring(1));})();

Aug 06, 2015

I’ve been working on a little side project for the last couple days: NaughtyBot.

This Chrome extension allows you to quickly and easily browse the contents of robots.txt ‘Disallow’ directives, and check the HTTP status of each path. This can be a fun way to find hidden site functionality, poorly designed security through obscurity, or just plain old stuff people don’t want Google finding.

It’s not ready for Chrome App Store release yet, but you can install it as an unpacked Chrome extension from the tagged release. It’s only just functional, but it’s fun to play with and bug fixes/improvements will be forthcoming in the next few days once I catch up on some sleep and work slows down a bit.

« Older posts Newer posts »