[wp-hackers] Summary of the update security & privacy discussion

Denis de Bernardy denis at mesoconcepts.com
Tue Sep 25 23:38:19 GMT 2007

Much of the discussion is blah blah, really...

- The WP update notification procedure collects more information than it
needs to; Someone who deals with privacy-aware people raised a concern

- (Lots of trolling on the topic...)

- Matt dismissed the concern (the information is not stored and who cares if
it is), and pointed out a means to disable the WP update notification
procedure entirely as a workaround

- (More trolling...)

- Someone vented his frustration on slashdot (and digg?); Matt reprioritized
his day and sought to douse what now amounted to a greek fire

- (More trolling still...)

- Matt posted a privacy policy on wordpress.org in an effort to terminate
the discussion

The privacy policy personally left me scratching my head:

"WordPress.org collects such information only insofar as is necessary or
appropriate to fulfill the purpose of the visitor's interaction with
WordPress.org" and "visitors can always refuse to supply
personally-identifying information" are simply not true. These two points
were what the trolling was all about in the first place.


- WP 2.3 got released as is

- The update procedure still collects more information than it needs to

- The privacy policy could use some correction, and maybe a lawyer's touch

Hope this helps...


More information about the wp-hackers mailing list