[wp-hackers] Plugin update & security / privacy

Jamie Holly hovercrafter at earthlink.net
Mon Sep 24 14:21:57 GMT 2007

So that is also saying that if a security issue came up (hypothetical - your
database login information was obtainable), we would release 2.3 with it?
I'm sorry but security and privacy go hand in hand.

Since this is apparently going out as-is, my fix for clients that want the
update feature, but not their URL being sent is simple. I will be changing
it to send a different URL (perhaps photomatt.net - I mean since it doesn't
really matter).

Jamie Holly
1.513.252.2919 | Skype:intoxination

>-----Original Message-----
>From: wp-hackers-bounces at lists.automattic.com [mailto:wp-hackers-
>bounces at lists.automattic.com] On Behalf Of Aaron Brazell
>Sent: Monday, September 24, 2007 10:05 AM
>To: WP Hackers
>Subject: Re: [wp-hackers] Plugin update & security / privacy
>This conversation is pretty moot at this point. For 2.3 anyway. Ya'll
>can probably cool your heels. Like it or not, today is 2.3 launch date
>and everything has been pretty much frozen for weeks as its all been
>about bug fixing. I'd highly doubt that even if you convinced Matt, that
>_anything_ would or could be done for 2.3. So... Save your arguments and
>energy for 2.4.
>(This is my way of trying to end the argument peacefully)
>(via Blackberry)
>Aaron Brazell
>Director of Technology, b5media
>"A Global New Media Company"
>web:: www.b5media.com, www.technosailor.com
>phone:: 410-608-6620
>skype:: technosailor
>-----Original Message-----
>From: "Jamie Holly" <hovercrafter at earthlink.net>
>Date: Mon, 24 Sep 2007 09:42:54
>To:<wp-hackers at lists.automattic.com>
>Subject: RE: [wp-hackers] Plugin update & security / privacy
>What makes this issue so big is the "secrecy" involving what it is
>Adding a simple warning, or even an opt-in/out method would entail
>coding. The resistance against that leaves some with a feeling that
>maybe they are going to do something with this list of URLs". There is
>statement of privacy or anything. How is average Joe to be assured that
>isn't going to sell this collection of URLs to spam services? Every
>mainstream service/application that collects any information makes sure
>end user knows about this and has a privacy statement to go along with
>A golden rule of any product/service is that you *never* assume on
>behalf of
>the consumer/end-user. Transparency is the key to trust. Also the strong
>resistance to this transparency, given by Matt (who is more or less the
>voice of WP), is actually making a stronger argument for this
>When Matt said if you don't like it then "use another product, start a
>fork", it really gave a sense that he has something personally to
>profit/gain from this feature.
>Now for a question.
>I haven't looked into the code enough yet, but how effective will this
>plugin to remove it be? You can't install the plugin until after you
>the product. By that time hasn't a check already been done, or does a
>wait a
>predetermined amount of time after an install/upgrade to check for
>Jamie Holly
>>-----Original Message-----
>>From: wp-hackers-bounces at lists.automattic.com [mailto:wp-hackers-
>>bounces at lists.automattic.com] On Behalf Of Peter Westwood
>>Sent: Monday, September 24, 2007 8:34 AM
>>To: wp-hackers at lists.automattic.com
>>Subject: Re: [wp-hackers] Plugin update & security / privacy
>>On Mon, September 24, 2007 5:59 am, Matt Mullenweg wrote:
>>> Mark Jaquith wrote:
>>>>> 2. It's simple, easy, and self-evident.
>>>> It's a behind the scenes feature, so simplicity and ease don't
>>>> apply.  Self-evident?  Evident to whom?  Evident for what purpose?
>>> URLs are useful unique identifiers and in my opinion the best one to
>>> on the web. You can normalize them, organize them by domains and
>>> subdomains, look for odd characters or paths, create stats by TLDs,
>>> them to hosting providers, use them as a basis for a crawl, and
>>> associate them with WordPress.org profiles. MD5s are unique, but
>>> have a lot of value beyond that, and even a capitalization or
>>> slash change will change the whole MD5. There are also things I think
>>> haven't imagined yet that could make URLs useful. Maybe a .org
>>> that ties into your .org profile and makes it easy to manage multiple
>>> blogs and tie them together. If by the time 2.5 comes around we're
>>> not doing anything useful with it then we can re-examine it.
>>> I don't think an MD5 would be significantly more anonymous either.
>>> Anyone with a list of URLs could associate the md5 with a URL just by
>>> pre-computing the URL MD5s and comparing. So they would be different,
>>> but not really better. You'd have to add a salt of some kind. We're
>>> hours from the release arguing about a bikeshed that was checked in
>>> a month ago.
>>I think I agree with matt here.  The main point is this is a bikeshed
>>>From personal experience running the webservice for my version-check
>>plugin [1] I have had no complaints of issues with the fact that it
>>the blog url with every request.
>>For me the main points are:
>> 1. Sending the url doesn't expose any private information.
>> 2. We have been sending our urls out as pings for years without any
>> 3. Sending the url may allow Wordpress.org to do analysis of the user
>>base in the future - we should probably state this if and when it
>>In my view the best thing that could be done now is to document the API
>>the front page of api.wordpress.org and point there from the release
>>[1] http://blog.ftwr.co.uk/wordpress/wp-version-check/
>>Peter Westwood <peter.westwood at ftwr.co.uk>
>>wp-hackers mailing list
>>wp-hackers at lists.automattic.com
>wp-hackers mailing list
>wp-hackers at lists.automattic.com

More information about the wp-hackers mailing list