[wp-hackers] Plugin update & security / privacy

Roy Schestowitz r at schestowitz.com
Mon Sep 24 01:37:54 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Captain's log. We received a signal from Matt Mullenweg on StarDate
24/09/07 00:29. Translated to English it stated:
>
> Just like there is premature optimization we could argue about for
> days, I think there is also premature paranoia. What's in trunk is
> what is shipping with WordPress tomorrow. I don't think your
> concerns are valid in the real world, and even if you assume a
> malicious wordpress.org the security and privacy of WordPress users
>  will be no different tomorrow than it is today. It's optimized for
> a reasonable person, but with hooks and filters for those with
> niche concerns.
Pardon me for asking something which might already have an answer on
the Web (I read this before), but do you know the figure that
corresponds to #/% of WordPress blogs that run the very latest (as of
today), i.e. least insecure version of WordPress?

It's an honest question, by the way; no provocation intended at all,
but one has to be realistic. Patching it about liability more than
practicality, IMHO.

- --
        ~~ Best of wishes

Roy S. Schestowitz, Ph.D. Candidate in Medical Biophysics
http://Schestowitz.com  |  GNU/Linux  |     PGP-Key: 0x74572E8E
http://othellomaster.com >> GPL-licensed 3-D Othello
http://iuron.com >> proposing an Open Source, non-profit search engine
Open Source journalism contributer @ http://newassignment.net
Freelance writer @ http://itmanagement.earthweb.com/
Joint Editor @ http://boycottnovell.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG9xTvU4xAY3RXLo4RAoFyAJ9Y28ebqbj+S3AMjDAGRy8aw9VfQgCeOwAG
lN80sXLsRqE83z/vWnu7cPI=
=gfDa
-----END PGP SIGNATURE-----



More information about the wp-hackers mailing list