By John Gruber
Upgraded — Get a new MacBook every two years. From $36.06/month with AppleCare+ included.
Linked List: September 5, 2009
Saturday, 5 September 2009
- Matt Mullenweg on How to Keep WordPress Secure ★
-
Matt Mullenweg on WordPress security:
Where worms of old would do childish things like defacing your site, the new ones are silent and invisible, so you only notice them when they screw up (as this one did) or your site gets removed from Google for having spam and malware on it. I’m talking about this not to scare you, but to highlight that this is something that has happened before, and that will more than likely happen again.
And:
There is only one real solution. The only thing that I can promise will keep your blog secure today and in the future is upgrading.
- Scoble on WordPress Security ★
-
Robert Scoble:
A few weeks ago some hackers broke into my blog here (this was before 2.8.4 was released). At first I thought they just left some porn sites in a couple of blog entries. So we upgraded Wordpress (I was on 2.7× back then). Deleted a fake admin account. Deleted the porn sites. And thought we had solved the problem. We didn’t.
They broke back in, but this time they did a lot more damage. They deleted about two months of my blog.
- Large Scale Attack Against WordPress Installations Under Way ★
-
All versions other than the very latest are apparently susceptible. I have to wonder when WordPress users will start switching to some other platform.