diff --git a/include/auth.php b/include/auth.php
index b87662fea2..cba6a67a7f 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -53,6 +53,8 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 		$check = get_config('system','paranoia');
 		// extra paranoia - if the IP changed, log them out
 		if($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
+			logger('Session address changed. Paranoid setting in effect, blocking session. ' 
+				. $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
 			nuke_session();
 			goaway(z_root());
 		}
diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php
index 8487f845a6..d86ba45437 100644
--- a/include/bb2diaspora.php
+++ b/include/bb2diaspora.php
@@ -221,13 +221,18 @@ function bb2diaspora($Text,$preserve_nl = false) {
 
 	$Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text);
 
-	$Text = preg_replace('/\[(.*?)\]\((.*?)\\\\_(.*?)\)/ism','[$1]($2_$3)',$Text);
+	$Text = preg_replace_callback('/\[(.*?)\]\((.*?)\)/ism','unescape_underscores_in_links',$Text);
 	
 	call_hooks('bb2diaspora',$Text);
 
 	return $Text;
 }
 
+function unescape_underscores_in_links($m) {
+	$y = str_replace('\\_','_', $m[2]);
+	return('[' . $m[1] . '](' . $y . ')');
+}
+
 function format_event_diaspora($ev) {
 
 	$a = get_app();