Technosailor.com Readers! Donate today to assist the VIDA/COADHA Haiti Medical Response in their efforts.

6 September 2009 20 Comments

WordPress Security and How I’m Going to Take All Your Money

So, it’s happened again. Another vulnerability discovered in WordPress that is now becoming the raging topic around the blogosphere. Is WordPress insecure? Should people move to another platform? If we stomp our feet loud and enough and whine enough, then we can make WordPress look like a ridiculous piece of software that only amateurs should use.

I call bullshit. Here’s why.

26 January 2009 15 Comments

Security Problems and Government 2.0

The other day, I made a very serious point about the fad that is “Government 2.0″. I was pleased by the amount of attention it received and the large number of very reputable and poignant comments it recieved. However, it was largely a philosophical post, and did not provide anything concrete.

Today, that concrete example fell in my lap as I read this post by IT Security company, Websense. The post outlines how malicious users added an image to a “user generated” section of My.Barack.Obama. The image led to a trojan download site that is infecting user computers.

30 June 2008 17 Comments

10 Things You Need to Know About WordPress 2.6

WordPress 2.6 is around the corner, and as usual, there’s a bunch of changes, improvements, enhancements that have went into this version. In my opinion, this is an odd major release. While there are certainly major new changes that warrant a new major release, much of the release consists of various improvements generally saved for “dot releases”. Security and enhancement type stuff. The thinking is that WP 2.6 can be released so a WordPress 2.7 can come in the early fall timeframe and integrate new features developed in conjunction with the Google Summer of Code project.

1 November 2007 2 Comments

NSA: in ur treo eavesdropping on u. Kthxbai

A story breaking in the security community but I’ve filed under “Does this surprise anyone, really? Come on!” has to do with smartphones running Windows Mobile. According to the filing from Cryptome.org reports that there is a Windows OS backdoor being used by the National Security Agency and agencies and contractors employed by the federal [...]

5 January 2007 12 Comments

How to Handle Security Flaws

Yesterday, over at Blog Herald, the new management demonstrated the entirely wrong way of handling security flaws. (The flaw I detailed here)
WordPress celebrated it’s 500,000 install last month and cheers to them. The platform is stable, fast, easy to use. It has no cumbersome plugin architecture (like Textpattern). That’s not to say that it has [...]

5 January 2007 10 Comments

WordPress 2.0.6: CRITICAL Security Release

WordPress 2.0.6 was released today. This is a critical security release (There are at least two security flaws that I know of that were fixed in this version). I went ahead and upgraded all of our blogs successfully.
If you manage more than, say, 10 blogs then perhaps Brian Layman’s script will be useful for you. [...]