[wp-hackers] Summary of the update security & privacy discussion

Moritz 'Morty' Strübe morty at gmx.net
Wed Sep 26 00:17:41 GMT 2007

IMO you missed the security point.
And Probably B should be: Both sides agree on.

And I don't completely understand the following points

>   * P: It is possible to send fake data (URL, more plugin details than
> are needed) and still utilize the service
>   * B: Blog URLs are transmitted, allowing for statistical analysis

Otherwise I think at least I can live with that list. :-)

>   * (Unknown: When, where and if the implementation was discussed;
> which stakeholders were present, if any.)

As far as I understood it, this was implemented by Matt, and if so -
nobody who reviewed it had a concern. None the less there was a
discussion on this group about collecting statistical data (When, where
to opt in or to opt out and whether to submit the data by php or the
browser, to make the origin even harder to track ) But all the people
participating in this discussion were not aware that this was already
implemented. Unfortunately nobody aware of this already being
implemented posted a comment.
I'm not sure whether the thread was on Matts ignore list. But if it
wasn't this thing should have been foreseeable for him, but thats my
personal opinion.

I hope this wasn't to biased. ;-)


More information about the wp-hackers mailing list