[wp-hackers] Making Updates Friendlier?

Jeremy Clarke jer at simianuprising.com
Wed Sep 9 17:05:34 UTC 2009

On Wed, Sep 9, 2009 at 10:56 AM, Hacker Scot<shacker at birdhouse.org> wrote:
> On Sep 9, 2009, at 5:00 AM, wp-hackers-request at lists.automattic.com wrote:
> This is something the Drupal world gets right, IMO. Lots of security
> information consolidated here: http://drupal.org/security also available as
> RSS feeds and ALSO available as email. I subscribed to the emails for a
> while and was really impressed that they covered not just core but issues
> with 3rd party Drupal modules as well.  This kind of thing could have a huge
> security benefit for WP.

Not sure who's in charge of it but WP's updates email list is
completely desolate most of the time. It should have strongly worded
terrifying emails when there are security updates. As it is its pretty
neglected, and IMHO the dashboard feed just doesn't replace it. Lots
of people use WP casually, and the once or twice a month they log in
they don't have time to read everything on the dashboard.

IMHO telling people to sign up when downloading is not too spammy, its
realistic. The fact is that when you get entangled with WP you are
signing up for a security problem, and telling people to sign up to a
list about security updates is a good way to let them know that they
NEED security updates. Giving out wordpress without telling people
there's a security risk is like giving out Windows without any
anti-virus software: very misleading and dangerous.

Jeremy Clarke | http://jeremyclarke.org
Code and Design | http://globalvoicesonline.org

More information about the wp-hackers mailing list