[wp-hackers] Plugin update & security / privacy
Jamie Holly
hovercrafter at earthlink.net
Mon Sep 24 04:27:06 GMT 2007
>> Mark Jaquith wrote:
>I'm not about to douse myself with gasoline here, but it does seem
>like we could address the privacy concerns (edge/paranoid though they
>may seem) without affecting the functionality in a negative way and
>without affecting WP.org's future ability to track WP/plugin version
>statistics. If you have some killer feature that could be enabled on
>WP.org without a WP update and that would require the use of blog
>URLs (but doesn't expose private data like which plugins they have
>installed), then please share. Maybe that will be enough to set
>people at ease about the data they're providing.
>
>--
I was just looking at Drupal status update module, and they do this very
thing. They create a site key that is sent:
$site_key = md5($base_url . $drupal_private_key);
That does offer a nice way to distinguish unique installs.
I also looked into PHPBB's core update checked. That just downloads a text
file:
http://www.phpbb.com/updatecheck/30x.txt
So that means no version checking or anything.
I was curious and decided to look at some other methods out there :)
Jamie Holly
http://www.intoxination.net
>_______________________________________________
>wp-hackers mailing list
>wp-hackers at lists.automattic.com
>http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list