[wp-hackers] Themes Being Unofficially Distributed with Security
Vulnerabilities - Time for an Official Theme Repository?
viper at viper007bond.com
Thu Nov 29 05:34:01 GMT 2007
Human > machine.
On 11/28/07, Computer Guru <computerguru at neosmart.net> wrote:
> On 11/29/07, Robin Adrianse <robin.adr at gmail.com> wrote:
> > But that's easily gamed by spammers. They're not *that* stupid, you know
> > ;).
> > I don't think machine-verification would be that productive, to be
> > And it wouldn't really be that hard for a human to just give the theme
> > files
> > a quick look-over.
> I agree 100%
> No matter what you do, there'll always be a "easy" workaround to avoiding
> machine detection. It can include() code from another URI, rot* text,
> etc.... and worst of all, you'll give people a false sense of security,
> Best is to just have a central repository. "Verified" members of the
> community can officially mark a theme clean. Users can rate themes on
> quality, and report a theme as dangerous if they feel it warrants further
> That's far more productive, a lot more bullet-proof, and feels more like
> WordPress way :)
> Computer Guru
> NeoSmart Technologies
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
Viper007Bond | http://www.viper007bond.com/
More information about the wp-hackers