[wp-hackers] Plugin update & security / privacy

Jamie Holly hovercrafter at earthlink.net
Mon Sep 24 04:27:06 GMT 2007

>> Mark Jaquith wrote:
>I'm not about to douse myself with gasoline here, but it does seem
>like we could address the privacy concerns (edge/paranoid though they
>may seem) without affecting the functionality in a negative way and
>without affecting WP.org's future ability to track WP/plugin version
>statistics.  If you have some killer feature that could be enabled on
>WP.org without a WP update and that would require the use of blog
>URLs (but doesn't expose private data like which plugins they have
>installed), then please share.  Maybe that will be enough to set
>people at ease about the data they're providing.

I was just looking at Drupal status update module, and they do this very
thing. They create a site key that is sent:

$site_key = md5($base_url . $drupal_private_key);

That does offer a nice way to distinguish unique installs. 

I also looked into PHPBB's core update checked. That just downloads a text


So that means no version checking or anything. 

I was curious and decided to look at some other methods out there :)

Jamie Holly

>wp-hackers mailing list
>wp-hackers at lists.automattic.com

More information about the wp-hackers mailing list