Comments on: Upgrade Wordpress Now http://www.audioactivism.org/2005/08/15/upgrade-wordpress-now/ Metadata about *Media* Activism Sat, 05 May 2007 06:45:03 -0400 http://wordpress.org/?v=2.8.4 hourly 1 By: Brian R. http://www.audioactivism.org/2005/08/15/upgrade-wordpress-now/comment-page-1/#comment-1189 Brian R. Thu, 18 Aug 2005 20:43:56 +0000 http://www.audioactivism.org/?p=290#comment-1189 I suggested you upgrade WordPress because of a security exploit <strong>that I heard </strong> was using XML-RPC in the earlier version of WordPress I used on this site. Before I wrote that warning post my site was remotely damaged. Fortunately it was easy to repair. I now backup often. I suggest you do the same. I'm not hiding the details of this exploit to convince users that WordPress is perfect. Fact is I don't know a ton about the bugs. I just don't care to give script kiddies and bad hackers the satisfaction by winning how my blog got hacked or something. In response to this from Dennis Howlett from <a href="http://www.bazaarz.com/archives/2005/08/wordpress_152_-.php" rel="nofollow">Bazaarz blog</a>: <blockquote> "Brian Russell at Audio Activism urges users to upgrade to the WP latest release but doesn't comment on the security flaws. He does however "thoroughly recommend" upgrading. Why? Security reasons and then adds a smiley. Hmm... This raises a wider issue. With so much Web 2.0 software in what seems permanent beta, how will those who wish to punt this stuff (blog/RSS/social software/wiki etc etc) at corporates get past the IT gatekeepers?" </blockquote> As for the "wider issue"... I can handle beta software, I like it. I'm a earlier adopter. Though I haven't consider it until now, I don't really care if WordPress or other "web 2.0" software "get[s] past the IT gatekeepers". Let corporations continue to over pay for peace of mind and shitty software. I suggested you upgrade WordPress because of a security exploit that I heard was using XML-RPC in the earlier version of WordPress I used on this site. Before I wrote that warning post my site was remotely damaged. Fortunately it was easy to repair. I now backup often. I suggest you do the same.

I’m not hiding the details of this exploit to convince users that WordPress is perfect. Fact is I don’t know a ton about the bugs. I just don’t care to give script kiddies and bad hackers the satisfaction by winning how my blog got hacked or something.

In response to this from Dennis Howlett from Bazaarz blog:

“Brian Russell at Audio Activism urges users to upgrade to the WP latest release but doesn’t comment on the security flaws. He does however “thoroughly recommend” upgrading. Why? Security reasons and then adds a smiley. Hmm…

This raises a wider issue. With so much Web 2.0 software in what seems permanent beta, how will those who wish to punt this stuff (blog/RSS/social software/wiki etc etc) at corporates get past the IT gatekeepers?”

As for the “wider issue”… I can handle beta software, I like it. I’m a earlier adopter. Though I haven’t consider it until now, I don’t really care if WordPress or other “web 2.0″ software “get[s] past the IT gatekeepers”. Let corporations continue to over pay for peace of mind and shitty software.

]]>