Technosailor.com

So, it’s happened again. Another vulnerability discovered in WordPress that is now becoming the raging topic around the blogosphere. Is WordPress insecure? Should people move to another platform? If we stomp our feet loud and enough and whine enough, then we can make WordPress look like a ridiculous piece of software that only amateurs should use.

I call bullshit. Here’s why.

The other day, I made a very serious point about the fad that is “Government 2.0″. I was pleased by the amount of attention it received and the large number of very reputable and poignant comments it recieved. However, it was largely a philosophical post, and did not provide anything concrete.

Today, that concrete example fell in my lap as I read this post by IT Security company, Websense. The post outlines how malicious users added an image to a “user generated” section of My.Barack.Obama. The image led to a trojan download site that is infecting user computers.

WordPress 2.6 is around the corner, and as usual, there’s a bunch of changes, improvements, enhancements that have went into this version. In my opinion, this is an odd major release. While there are certainly major new changes that warrant a new major release, much of the release consists of various improvements generally saved for “dot releases”. Security and enhancement type stuff. The thinking is that WP 2.6 can be released so a WordPress 2.7 can come in the early fall timeframe and integrate new features developed in conjunction with the Google Summer of Code project.

A story breaking in the security community but I’ve filed under “Does this surprise anyone, really? Come on!” has to do with smartphones running Windows Mobile. According to the filing from Cryptome.org reports that there is a Windows OS backdoor being used by the National Security Agency and agencies and contractors employed by the federal [...]

Yesterday, over at Blog Herald, the new management demonstrated the entirely wrong way of handling security flaws. (The flaw I detailed here)
WordPress celebrated it’s 500,000 install last month and cheers to them. The platform is stable, fast, easy to use. It has no cumbersome plugin architecture (like Textpattern). That’s not to say that it has [...]

WordPress 2.0.6 was released today. This is a critical security release (There are at least two security flaws that I know of that were fixed in this version). I went ahead and upgraded all of our blogs successfully.
If you manage more than, say, 10 blogs then perhaps Brian Layman’s script will be useful for you. [...]