Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

WordPress 2.3 Does Not Spy On Users [UPDATED]

kdawson posted more than 6 years ago | from the if-you-don't-like-it-fork-it dept.

Privacy 229

Marilyn Miller writes "Popular open-source blogging engine WordPress has been upgraded to 2.3 — with some unexpected nasties in the mix. As of version 2.3, WordPress now periodically (every 12 hours) sends personally identifying information (blog name & URI) to the mothership, along with an alarming amount of information including $_SERVER dumps, a list of installed plugins, and your current PHP/MySQL settings. Most unfortunately, it does not provide any way of disabling this functionality, and WordPress does not have any privacy policy protecting this information. In a thread about the issue, lead developer Matt Mullenweg defends his actions and staunchly refuses to add an opt-in interface, telling users to 'fork WordPress' if they aren't willing to put up with this behavior." Update: 09/25 17:52 GMT by KD : This article is misleading enough to be called "just wrong." Matt Mullenweg writes: "As mentioned in our release announcement, the update notification sends your blog URL, plugins, and version info when it checks api.wordpress.org for new and compatible updates. It does not include $_SERVER dumps, or any settings beyond version numbers (for checking compatibility), or your blog name, or your credit card number. We do provide a way of disabling this feature; in fact I link to one of the plugins in the release announcement and in my original response to Morty's thread."

Sorry! There are no comments related to the filter you selected.

YAY! This saves me work. (-1)

seebs (15766) | more than 6 years ago | (#20745035)

I was gonna upgrade to WordPress from MT, but this may be enough to make me not bother. I mean, the entire point was to get away from an intrusive and privacy-clueless vendor. If I can't do that, why bother?

Re:YAY! This saves me work. (2, Informative)

thenextpresident (559469) | more than 6 years ago | (#20745555)

Dear god, you know that your slashdot comments show your URL?!?? You'd better stop there!

Thank you Mr. Did-Not-Read-The-Fscking-Article.

Re:YAY! This saves me work. (1)

penguinstorm (575341) | more than 6 years ago | (#20745585)

You consider that an upgrade? MT4 is vastly more powerful than WordPress.

http://blog.plasticmind.com/cms/why-you-should-upgrade-to-mt4/ [plasticmind.com]

Re:YAY! This saves me work. (1)

seebs (15766) | more than 6 years ago | (#20745649)

MT3 has been so abysmal that I'd pretty much written them off. Maybe I'll rethink it now.

Surprised/ (1)

Captain Splendid (673276) | more than 6 years ago | (#20745039)

You shouldn't be. Developers gotta eat.

Re:Surprised? (0, Troll)

imbaczek (690596) | more than 6 years ago | (#20745059)

And in this case, they're gonna eat their shit.

Re:Surprised? (2, Funny)

Joebert (946227) | more than 6 years ago | (#20745405)

Gives new meaning to the term Web Monkey.

Re:Surprised/ (4, Funny)

gclef (96311) | more than 6 years ago | (#20745107)

Crow isn't very nutritious.

Re:Surprised/ (1)

beavis88 (25983) | more than 6 years ago | (#20745127)

Yep. I hope for Matt's sake that crow is a tasty meal.

Re:Surprised/ (1)

jimstapleton (999106) | more than 6 years ago | (#20745147)

kindof actually, both at the summary, and the fact that the guy would bother...

"Popular open-source blogging engine WordPress has been upgraded to 2.3 -- with some unexpected nasties in the mix. As of version 2.3, WordPress now periodically (every 12 hours) sends personally identifying information (blog name & URI) to the mothership, along with an alarming amount of information including $_SERVER dumps, a list of installed plugins, and your current PHP/MySQL settings. Most unfortunately, it does not provide any way of disabling this functionality, and WordPress does not have any privacy policy protecting this information. In a thread about the issue, lead developer Matt Mullenweg defends his actions and staunchly refuses to add an opt-in interface, telling users to 'fork WordPress' if they aren't willing to put up with this behavior."


Doesn't the first bolded part contradict the second? It may not be easy, but disabling should be possible...

Re:Surprised/ (1)

Smidge204 (605297) | more than 6 years ago | (#20745201)

I think what was meant is: There is no "off switch" for the "feature". If you want to disable it, you have to manually track down all the code that enables the functionality and remove it yourself, as opposed to unchecking a box on an adminstration page or editing a line in a config file.

=Smidge=

Re:Surprised/ (4, Informative)

ZaMoose (24734) | more than 6 years ago | (#20745559)

Not true. There are two plugins that explicitly disable this functionality:
disable WordPress version check [wordpress.org] and disable plugin version check [wordpress.org] , both of which were mentioned by Matt in the thread above.

Suggestion (5, Funny)

Anonymous Coward | more than 6 years ago | (#20745083)

He can go fork himself.

You must be new here (1)

Edie O'Teditor (805662) | more than 6 years ago | (#20745505)

Correct format:

telling users to 'fork WordPress'
In Soviet Russia, users fork YOU!!!!

Which is why... (0)

Anonymous Coward | more than 6 years ago | (#20745101)

Our sysadmin insisted we use textpad... I disagreed with him for a bit, but now I trust him all the more.

Re:Which is why... (1)

UnknownSoldier (67820) | more than 6 years ago | (#20745309)

Are you thinking of WordPad [kellys-korner-xp.com] (text editor), not Word Press [wordpress.org] (blog software) ?

Fork (4, Insightful)

Spy der Mann (805235) | more than 6 years ago | (#20745111)

Cue OpenWordPress project appearing in Sourceforge in 5... 4... 3...

Re:Fork (1)

nofrak (889021) | more than 6 years ago | (#20745213)

Well, that's the beauty of open source, right? We can all say "Screw this guy" and take his code and make it better.

This thread would be longer... (5, Funny)

My name is Bucket (1020933) | more than 6 years ago | (#20745113)

...But people are busy checking their posts from the "Sony DRM" thread last month to make sure they don't look like hypocrites.

fork (2, Interesting)

rodentia (102779) | more than 6 years ago | (#20745121)

telling users to 'fork WordPress'

Consider it done.

I nominate the fork name to be: (5, Funny)

jbeaupre (752124) | more than 6 years ago | (#20745123)

PrivatePress

The Private Press (1)

HomelessInLaJolla (1026842) | more than 6 years ago | (#20745419)

Walkie Talkie

There's no money in it ... (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#20745145)

People do things for three reasons:
Money
Sex
Gun to their heads.

This isn't lucrative or sexy.

Who wants to take odds that the Department of Homeland Security and the FBI dumped a National Security Letter on his desk, requiring him to make this behaviour?

Re:There's no money in it ... (0)

ObsessiveMathsFreak (773371) | more than 6 years ago | (#20745361)

Isn't lucrative! Are you insane?! Market minions would pay handsomely for even a whiff of the askimet database as it currently stands. This latest farce is their wet dream come true. Mullenweg can essentially name his price.

I recently installed Wordpress 2.2.3 on a site server. I'm now going to have to consider uninstalling it. Even though 2.3 is the only version confirmed as effected, as of now, the entire Wordpress name is justifiably tainted. I can't really allow a piece of software on the server to send out a deluge of sensitive information to a third party server. It's asking for trouble.

well (4, Interesting)

stoolpigeon (454276) | more than 6 years ago | (#20745163)

one way to disable it is to go into the code and remove the offending portion. couldn't be that hard to do. and once somebody does it and posts instructions, it gets even simpler. no reason to fork the project.
 
and wordpress isn't that complicated that this is something that no one but the most hard core will do. tons of wordpress users regularly go in and tweak it for their own uses. i haven't moved to this new versions with my site yet - i always wait a bit for things to shake out, and stuff like this is why. when i do upgrade, i'll just fix my install.

Re:well (0)

Constantine XVI (880691) | more than 6 years ago | (#20745261)

It'll be necessary to fork if we want the spying bits to stay out, without each user having to strip them out themselves.

Re:well (1)

stoolpigeon (454276) | more than 6 years ago | (#20745359)

I guess - but that means finding a group that will do the amount of work that is being done to keep moving things forwards. I know I don't have that kind of time. But the whole thing is php - it's not an egregious amount of work to go in and cut or comment out some code - especially if I don't even have to look for it myself.
 
This isn't like having to download the source of open office to remove something and then recompile the whole deal from scratch. I don't need an ide or know about libraries, vi is all that's required.
 
Now if someone does fork it and does just as good a job as the current folks, then maybe I'd switch. But I'd wait to see if that really happens, or if someone forks it to make a point, and then the project just stagnates.

Re:well (2, Insightful)

SamP2 (1097897) | more than 6 years ago | (#20745325)

"one way to disable it is to go into the code and remove the offending portion."

Or take the even easier path and set up your firewall to block all packets from this application.

But neither of those options solve the underlying problem - the whole point of FLOSS is to prevent this from happening in the first place. If I have to take any extraordinary steps to secure myself against a free software application I'm using, if I have to go and turn an enemy into a friend through manual effort and each other user has to do the same thing (assuming they are even technically proficient enough to understand and modify the code), then that's a damn good sign it's time to fork the project and uproot the whole system once and for all.

The community deserves better than to be preyed upon. Community scrutiny is a critically important point in FLOSS. I want to get a piece of software and KNOW it's been thoroughly tested for safety and security and anything REMOTELY resembling a backdoor has been removed and verified that it's removed. Yes, I can go and analyze each bit of the code myself, but the whole beauty is that (unless I'm testing a beta) I don't have to, because it should have been done by thousands of others already.

Re:well (1)

cos(0) (455098) | more than 6 years ago | (#20745397)

Or take the even easier path and set up your firewall to block all packets from this application.

Easier? Do you mean block all outgoing HTTP traffic? If not, how do you plan to block packets from a specific set of PHP scripts?

Re:well (1)

stoolpigeon (454276) | more than 6 years ago | (#20745417)

I guess my point is that opening up a file in vi or notepad and cutting out a few lines isn't extraordinary in my mind. What I get in exchange is a good product with active and good development. So it's worth the trade off. If somebody does fork it and maintains all the aspects of WP that are good, I'd look at jumping over.

Re:well (1)

astrotek (132325) | more than 6 years ago | (#20745467)

If you are paranoid you only need to drop:
api.wordpress.org

You should probably drop pingomatic too:
api.pingomatic.com

Re:well (2, Insightful)

GeckoX (259575) | more than 6 years ago | (#20745351)

Not the right answer. Fork is better.

Why? Well anything else is supporting this developers decision, albeit indirectly.

He has every right to decide to do this, but users have every right to not use his code.

Let him be right and eat crow at the same time.

Ignorant bugger needs to learn a few hard lessons apparently.

Re:well (1)

stoolpigeon (454276) | more than 6 years ago | (#20745517)

It's the right answer for me at this point in time. It is debatable whether or not a fork would be better. You don't think so, but I do.
 
I'm not sure how using the software, but not enabling this functionality would be supporting the developer. But if by that you mean in essence saying to them, "I support you but not in regards to this one feature." then I'm cool with that. I don't think everything has to be all or nothing. I don't think that the developers of Wordpress have to match my every ideological demand in every way. They make great software that I love to use. Modifying it is so easy it isn't funny. I appreciate their hard work, and if they feel like they need this, more power to them. The only impact on me will be a bit of time researching where the code is and I'm guessing 10 minutes of my time when I get ready to move to the newer version. No biggie.

Re:well (1)

GeckoX (259575) | more than 6 years ago | (#20745549)

Sorry, I have to revoke what I originally posted as it has come to light that what kdawson posted in the summary and title is clearly flamebait as it has basically zero relation to what was actually said and is extremely inflammatory.

In light of that, I'd have to agree with you.

Re:well (1)

lawpoop (604919) | more than 6 years ago | (#20745465)

Hey, how about replacing the code with code that poisons the database with bogus data?

Re:well (1)

stoolpigeon (454276) | more than 6 years ago | (#20745589)

That's funny. I wouldn't do it personally - I appreciate the product the wordpress folks put out. I'm not going to support this effort, yet at the same time, I wouldn't try to actively undermine it. There may be a bunch of folks out there who are only too happy to participate.
 
I think that it would have been better if they had been up front and said themselves right off the bat, 'hey we have this in there - and if you want it off, you will have to do it yourself'. But aside from that I don't think this is a very big deal. Someone in the thread compared it so Sony and that is completely wrong. The source is available to anyone. The source is not that big, not that hard to read. The source is ridiculously easy to modify.

Re:well (1)

KlomDark (6370) | more than 6 years ago | (#20745615)

This would probably be the best way to teach this guy how to respect the privacy of others - Spam his database with bogus entries.

IN MY OPINION ONLY, not saying anyone actually is doing something like this, this whole thing smells like a way to generate money by reselling the information somehow.

Therefore, it make a lot of sense to either 1) Demand a way to shut the damn thing off, or if that fails, 2) Ensure the data is not very resellable by filling it with bogus data. Data resellers don't pay much for bad data.

Guys, the information is all really essential... (5, Insightful)

nweaver (113078) | more than 6 years ago | (#20745165)

So what does it send, according to the FA:
The blog's URL
A list of all plugins and versions
A list of the $_SERVER env variables

How is this information not necessary for a robust autoupdating/autonotifying infrastructure? Since the plugns are the source of so many vulnerabilities, you need to know their versions etc.

Since so much incompatibility may be caused by funky $_SERVER variables, you need to know their contents.

And the blog URL tells you who it is.

Windows Update has to send far MORE intrusive information.

Re:Guys, the information is all really essential.. (5, Insightful)

Anonymous Coward | more than 6 years ago | (#20745205)

Why can't they download a file with a list of "all updates" and check locally?

Mod Parent Up (0)

Anonymous Coward | more than 6 years ago | (#20745441)

Why doesn't it work in reverse? Each WordPress install should download a list of updates from the server and do the comparison/testing locally; not on WordPress' servers.

Re:Guys, the information is all really essential.. (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20745235)

Windows Update has to send far MORE intrusive information.

If you let it.

Re:Guys, the information is all really essential.. (-1, Troll)

Anonymous Coward | more than 6 years ago | (#20745247)

Liar. Piss off troll.

Re:Guys, the information is all really essential.. (2, Insightful)

Otter (3800) | more than 6 years ago | (#20745395)

At a minimum, I don't see why sending this information is so "alarming", even if it's inappropriate. Are your $_SERVER env variables such a sensitive bit of information?

Re:Guys, the information is all really essential.. (2, Interesting)

Billosaur (927319) | more than 6 years ago | (#20745401)

It isn't what information they are looking at but how. If they want the information and it will make the software better, fine, but do they really have to go about it in such a sneaky and under-handed way? Even Microsoft allows you to control how your system is updated (I never let it run automatically; I prefer to know what it's trying to put on my system.). As to the "fork" comment, while I thin the generic blogging community will be clueless and have no idea what this is all about, this will drive the OSS community to develop a better version and they will wish the phrase had never been uttered.

Re:Guys, the information is all really essential.. (1)

ImTheDarkcyde (759406) | more than 6 years ago | (#20745581)

I think you overestimate the OSS community, or you're confusing them with OSS developers, either way I'm not expecting a next-gen wordpress out of this.

Re:Guys, the information is all really essential.. (1)

Known Nutter (988758) | more than 6 years ago | (#20745609)

...go about it in such a sneaky and under-handed way? Even Microsoft allows you to control how your system is updated...
they do? [slashdot.org] sure about that?

Re:Guys, the information is all really essential.. (1)

GeckoX (259575) | more than 6 years ago | (#20745429)

If he can't test this stuff without scraping real live user data, do you really think you should be trusting his code?

This guy is arrogant and his attitudes are potentially dangerous. If he was a truly good developer, this would not be an issue whatsoever.

Sheesh, and trying to justify this behavior based on what MS does for an entire OS...a) this is not an OS and b) it's a bad MS practice which certainly does not make it right for others to do.

It'd be one thing if it was opt in, but this is just pathetic.

Re:Guys, the information is all really essential.. (1)

GeckoX (259575) | more than 6 years ago | (#20745577)

I take that back. That was stated based on the title and summary of the story.

Thanks for the flamebait there kdawson. That's about the worst case of it I've ever seen on /., you should be ashamed.

There is possibly an issue here, but not even remotely on the scale that this was made out to be.

Re:Guys, the information is all really essential.. (1)

dozer (30790) | more than 6 years ago | (#20745479)

Are you sure you understand the meaning of the word essential? WordPress made it to version 2.3 without this information... that doesn't sound very essential to me.

You probably meant "convenient" or "useful for monetizing."

Re:Guys, the information is all really essential.. (1)

A beautiful mind (821714) | more than 6 years ago | (#20745491)

Hey, slow down cowboy! We're talking about a blogging software here, written on a cross-platform interpreter called PHP, not an operating system with hundreds of components and different hardware configurations!

Windows Update might need the information, because it deals with a lot of programs and I guess it would be impractical to send a 2Mb+ list of current versions. There are no such limitations in case of wordpress. As far as I'm concerned the update checking tool shouldn't send anything at all, just retrieve the current version number and that's it.

Re:Guys, the information is all really essential.. (2, Insightful)

ObsessiveMathsFreak (773371) | more than 6 years ago | (#20745521)

How is this information not necessary for a robust autoupdating/autonotifying infrastructure?

Absolutely. However, you are assuming that I want my Wordpress installation to automatically update, and further that I am willing to give up a lot of sensitive information in order to get that done.

There should be a way to turn this feature off, plain and simple. There is no excuse whatsoever for forcing this down users throats. None. Yes, comment spam and other vulnerabilities are something that needs dealing with. Yes, many, many Wordpress users have the technical ability of Aunt Tillie, hence the 5 minute install. Yes, many of them will never update at all without an auto-update feature.

By all means, activate auto-updates by default. By all means, activate the logging by default. But what possible excuse is there for not allowing a competent end user, or indeed sysadm, to be able to easily turn it off? Simply laziness? Obstinacy? I suspect something else behind this debacle.

Re:Guys, the information is all really essential.. (1)

Bogtha (906264) | more than 6 years ago | (#20745541)

How is this information not necessary for a robust autoupdating/autonotifying infrastructure?

The argument is not that the information is unnecessary for an autoupdate/autonotify feature. The argument is that people should be able to easily opt-out from this feature. Having said that, the contents of $_SERVER seem unnecessary. That can leak things like usernames and paths.

Since so much incompatibility may be caused by funky $_SERVER variables, you need to know their contents.

Why does anybody other than the owner of the weblog need to know this?

Windows Update has to send far MORE intrusive information.

You can opt-out of Windows Update.

good! (0, Flamebait)

Anonymous Coward | more than 6 years ago | (#20745169)

It's always a good thing when PHP projects intentionally commit suicide. Opens up space for programs written in real languages. Hoprefully, the replacement for WordPress won't be written in ruby-on-rails, either...

Re:good! (0, Flamebait)

Professr3 (670356) | more than 6 years ago | (#20745353)

You're probably one of those psychopaths who dream in perl, right?

Re:good! (1)

KingSkippus (799657) | more than 6 years ago | (#20745463)

Okay, I'll bite. Which, pray tell, "real language" would be better?

Pyblosxom (4, Interesting)

Marcion (876801) | more than 6 years ago | (#20745173)

Well if anyone is looking for an alternate upgrade path, I 'upgraded' my blog from Wordpress 2.2 to Pyblosxom and am really enjoying using it:
- its really light and fast
- I can edit posts in a text editor rather than a web based interface
- its in Python and very easy to customise
- theming far simpler, just rip your HTML template into a header and footer, rather than having to make 12 files with Wordpress.

Plug over... Move along...

Re:Pyblosxom (1)

SpiritGod21 (884402) | more than 6 years ago | (#20745509)

Is there a way to cross-post entries automagically to LiveJournal and Xanga? Without having to do anything other than install a plugin?

I won't be upgrading WordPress until I read more about this, but I'd rather be blogging than coding... considering I'm a writer, not a coder. And having WordPress push out to LJ and Xanga, which is how most of my friends read my blog (as opposed to random people, who hit my site first) is fantastic. Don't really want to give that up.

Re:Pyblosxom (1)

Laebshade (643478) | more than 6 years ago | (#20745513)

I'm going to point out one blaring misconception you have about WordPress.

- theming far simpler, just rip your HTML template into a header and footer, rather than having to make 12 files with Wordpress.


You don't have to split it into 12 files. You can use one index.php file for the whole thing if you really want to.

Wordpress is still the best blogging script (0)

Anonymous Coward | more than 6 years ago | (#20745183)

If this pisses you off enough, just don't upgrade.

Basically, go fork ourselves? (1, Interesting)

CodeShark (17400) | more than 6 years ago | (#20745189)

Gladly. The arrogant attitude shown by these developers gives me not only a reason to think about how to fork the code, but the reasons we as a community should fork the code as soon as possible.

My thought is that though information wants to be free, my information wants to be more private, so any software that blatantly violates my privacy rights tends to not get or stay installed on my workstation.

Re:Basically, go fork ourselves? (1)

rockabilly (468561) | more than 6 years ago | (#20745355)

You'd better uninstall Windows then... ;-)

Re:Basically, go fork ourselves? (2, Informative)

Laebshade (643478) | more than 6 years ago | (#20745377)

The "fork wordpress" comment by Matt is taken out of context. See the link in the summary [google.com] and do a ctrl+f search for "Matt Mullenweg".

Re:Basically, go fork ourselves? (1)

LWATCDR (28044) | more than 6 years ago | (#20745519)

SO have you started yet?
Before you keep going off half cocked I suggest you read the mail list messages.

"Simply put, if you really insist on wearing a tin foil hat, it's uber easy
to disable the automatic update checker. For the other 99.99999% of people
out there, this feature will be a godsend to them in both terms of new
features and more importantly, the _only_ real way to make sure your site
doesn't get hacked -- by running the latest version. "

If you don't like it then take it out. You have the source for goodness sakes. If not then keep the auto update in.
The only arrogant attitude I have seen is from a bunch of tin foil hat wearing users that are too lazy to turn off this feature themselves.

Who cares? (1)

pathological liar (659969) | more than 6 years ago | (#20745223)

The versions it reports are for an autoupdate feature... and the $_SERVER and php/database settings are (I imagine) used to figure out what wordpress settings are common. How soon they can remove support for old versions of mysql and php, how many people use cgi instead of fastcgi instead of mod_php.

Tempest in a teapot.

Re:Who cares? (2, Insightful)

vux984 (928602) | more than 6 years ago | (#20745495)

The versions it reports are for an autoupdate feature...

And everyone knows that this can done equally well by having the client request the current version number, and then the client can decide based on that whether an upgrade is needed. There is no reason for the server to need to know the version number to support an autoupdate feature.

and the $_SERVER and php/database settings are (I imagine) used to figure out what wordpress settings are common. How soon they can remove support for old versions of mysql and php, how many people use cgi instead of fastcgi instead of mod_php.

Which is fine, but it should be an opt-in feature. Lots of people are happy submit their data for statistical purposes, but there is no reason anybody should -have- to if they don't wish to, or that the software should do it without telling them.

It would be bad enough if it was on by default without asking and you had to turn it off. Its ridiculous that you have to hack / fork / or install a plugin to get around it.

Tempest in a teapot.

Its bad design compounded by arrogance. It wouldn't be a tempest anywhere if they'd simply agreed that end users should decide what and how much information is sent to the mothership, and that software should err on the side of privacy.

Breathless Hyperbole. (5, Informative)

Some guy named Chris (9720) | more than 6 years ago | (#20745225)

Read the thread. This isn't a developer admitting to spying on users. This is debate over a new feature written to help you keep from getting your blog haxored. They are collecting server and plugin data to help you to keep your software up to date.

Matt Mullenweg is being very reasonable and reasoned in dealing with a small but vocal groups paranoia. In the same breath that he mentioned forking Wordpress, he also mentioned that another option is using a plugin that disables this behavior.

The submitter should be ashamed.

Re:Breathless Hyperbole. (3, Insightful)

vux984 (928602) | more than 6 years ago | (#20745319)

Matt Mullengweg is not being reasonable. He should simply make it an option. without requiring users to fork or install plug-ins or hack to overcome defective-by-design features.

It should be easy to turn on and off.
It should default to off.
It can ask one time during the upgrade, or first login after the upgrade, to be turned on, with an explanation of what it does and why he thinks it can be turned on.

There is no good reason the above cannot or should not be accomodated.

Re:Breathless Hyperbole. (3, Insightful)

kwandar (733439) | more than 6 years ago | (#20745387)

I agree. Matt Mullenweg based on what I read (and I don't use Wordpress or know Matt or anyone else there) was very reasonable, and laid out the reasons for this. Did the slashdot editor even read this?!

Re:Breathless Hyperbole. (1)

imbaczek (690596) | more than 6 years ago | (#20745563)

Did the slashdot editor even read this?!
You must be new here.

Re:Breathless Hyperbole. (1)

duncan (16437) | more than 6 years ago | (#20745407)

The point of the 'opposition' I think is that such a fundamental piece of the software such as auto-updates should be a configuration option out of the box, not a default requirement needing a plug-in to disable it.

Re:Breathless Hyperbole. (1)

LWATCDR (28044) | more than 6 years ago | (#20745411)

You mean this like this post. Yep I am afraid that Slashdot is once again producing a lot more heat than light.

"Your logic is flawed. You assume that someone looking to exploit won't
attack the latest version. This is usually untrue. If a serious exploit is
found, hackers usually just Google for "WordPress" (it's already on your
site for "powered by WordPress") or like wp-login.php and then attempt to
exploit it, regardless of version. If some database somewhere somehow did
get leaked, then all it'd do is just make the hackers job easier -- it
wouldn't enable them.

And by checking for an update, your server's IP address is sent
automatically. It wouldn't be hard to reverse lookup that IP.

Simply put, if you really insist on wearing a tin foil hat, it's uber easy
to disable the automatic update checker. For the other 99.99999% of people
out there, this feature will be a godsend to them in both terms of new
features and more importantly, the _only_ real way to make sure your site
doesn't get hacked -- by running the latest version. "

Re:Breathless Hyperbole. WRONG (1)

Nom du Keyboard (633989) | more than 6 years ago | (#20745483)

This isn't a developer admitting to spying on users. This is debate over a new feature written to help you keep from getting your blog haxored. They are collecting server and plugin data to help you to keep your software up to date.

Id that were the case, then rather than sending this information out secretly every 12 hours, pop a box up to the user and tell them that their software is obsolete, and a potential security problem, and these are the particular items in question.

Isn't this the point of FOSS? (4, Insightful)

Enlarged to Show Tex (911413) | more than 6 years ago | (#20745229)

If the developer decides to insert malware, or other forms of code not acceptable to you, the GPL gives you the freedom to modify it to suit your own needs. If that means you have to fork the project, so be it - that's within your rights under the GPL.

OTOH, the idea of using FOSS (good!) as a venue for spyware (bad!) is enough to make a guy's head explode...

Obligatory ISR joke (0, Funny)

Anonymous Coward | more than 6 years ago | (#20745243)

In Soviet Russia, WordPress forks YOU!

What Matt wrote (5, Informative)

imaginaryelf (862886) | more than 6 years ago | (#20745257)

Message-ID:
Date: Sun, 23 Sep 2007 12:35:26 -0700
From: Matt Mullenweg
To: wp-hack...@lists.automattic.com
Subject: Re: [wp-hackers] Plugin update & security / privacy
References:
In-Reply-To:

Moritz 'Morty' Strübe wrote:
> I know this will not change until Monday, but is it really necessary to
> transmit the URL?

Your blog URL and version has been sent by default for 4+ years to every
ping service in the world, including Ping-O-Matic, every time you make a
post. Of course you can turn that off, just like you can turn update
notification off, but statistically no one does.

The only new information being sent by the update checker is PHP version
and a list of plugins. If you don't like that feature, please install a
plugin to disable it:

http://wordpress.org/extend/plugins/disable-wordpress-core-update/ [wordpress.org]
http://wordpress.org/extend/plugins/disable-wordpress-plugin-updates/ [wordpress.org]

Of course don't forget the WP dev blog and planet RSS feeds, and most
importantly the incoming links feed which ALSO transmits your blog URL.

I would also recommend disabling the updates in Mac OS X, Firefox,
Windows, Thunderbird, Adobe Photoshop, and any other third-party
applications you have. As all of those are tied to your personal IP and
not your server IP they have far more implications for privacy.

> If that database
> gets public and you find a security bug in one of the plugins - there
> are enough - you can start a _very_ effective attack!

Such an attack would not be more effective, it would just be more
efficient. Historically, however, scripts that attack against WordPress
don't bother checking the version or if a plugin is there or not, they
just seek out every WP blog and check the specific capability or
vulnerability.

Nevertheless, we're beefing up the infrastructure and security of
WordPress.org, which Barry is working on right this instant. In 2 years
of running WordPress.com and Akismet, two extraordinarily
high-visibility targets, there has never been a problem on a server
Barry set up. The only problems we've had (once on WP.org, once on
PhotoMatt) have been things I set up, and I'm not setting up these new
ones. :)

I think this feature is actually going to dramatically improve the
security of WordPress overall. We all saw the survey that 95% of WP
blogs were vulnerable. That didn't even look a plugins. I think the
survey was flawed, but you still can't deny that for most people knowing
there is an update and actually updating just doesn't happen, and this
is a necessary first step. If the only "trade-off" is sending an ALREADY
PUBLIC blog URL to wordpress.org, then great!

I would like to remind the participants of this thread that WP.org !=
Automattic, so to be fair to the members of both please distinguish
which you're referring to.

Re:What Matt wrote (1)

$RANDOMLUSER (804576) | more than 6 years ago | (#20745393)

Oh sure, use logic and reason! That's no way to quench a flamewar!

Re:What Matt wrote (5, Insightful)

GeckoX (259575) | more than 6 years ago | (#20745499)

Well, shit, that's not even close to what was insinuated in the summary.

Thanks for your flamebait kdawson, really mature and appreciated.

WTF.

Rip out the code? (1)

e2d2 (115622) | more than 6 years ago | (#20745301)

It doesn't provide you a way to stop it? Hardly. They provide full source code under GPL. Rip it out, publish changes, DONE.

Do rip out the code, use it! (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#20745629)

Don't rip it out, just update it to fill his database with bogus info.

Fork we shall (2, Informative)

businessnerd (1009815) | more than 6 years ago | (#20745303)

This is once again proof that the open source model is a good thing for users and protects us from unknowingly being used as pawns. The win is two fold here. First, the source was open, so that it was available for audit by anyone. This appears to be how this functionality was discovered. Someone noticed what the code was doing and raised a red flag. Now the users are aware and can make a choice in whether they will make the upgrade, not make the upgrade or turn to a new application. In the closed source world, often we are unaware of "unsavory code" while we use it for some time, all the while being subjected to its unsavory effects.

The second way that the open source model has won, is that users who disagree with the direction the application is heading in can now fork. In fact, the head developer of the project suggests it.

Matt Mullenweg defends his actions and staunchly refuses to add an opt-in interface, telling users to 'fork WordPress' if they aren't willing to put up with this behavior."
I'm pretty confident that this will happen and happen fast. Given that people "fork" (some say hack/crack) closed source software all the time to leave out all of the "evil" modules (See Kazaa > Kazaa Lite > Kazaa Lite K++; and don't forget cracked Windows XP) forking an open source project to leave out all of the "evil" modules should be pretty easy. I'm no developer, but I could see this being as simple as taking the original source, commenting out/removing the bad stuff, and then redistributing.

Re:Fork we shall (1)

thenextpresident (559469) | more than 6 years ago | (#20745497)

It was never an issue before. More importantly, WordPress makes available the tools to stop this, and the developer in fact provides this information.

This is SENSATIONALISM (not Sparta) (4, Insightful)

Laebshade (643478) | more than 6 years ago | (#20745305)

When I first read the summary, I was a little worried. Then I went and read the actual reply in the WordPress Hackers mailing list Matt posted, and I was relieved. He points out that the blog name and URI has been sent to services like Ping-o-Matic (wordpress-run service) for 4 years now. For those wanting to disable it, he even posts links for plugins that will disable the feature of the 'update checker'. Seems to me this slashdot article was posted by someone who wants to take WordPress down. Here's a part of his post:

Your blog URL and version has been sent by default for 4+ years to every
ping service in the world, including Ping-O-Matic, every time you make a
post. Of course you can turn that off, just like you can turn update
notification off, but statistically no one does.

The only new information being sent by the update checker is PHP version
and a list of plugins. If you don't like that feature, please install a
plugin to disable it:

http://wordpress.org/extend/plugins/disable-wordpress-core-update/ [wordpress.org]
http://wordpress.org/extend/plugins/disable-wordpress-plugin-updates/ [wordpress.org]

Of course don't forget the WP dev blog and planet RSS feeds, and most
importantly the incoming links feed which ALSO transmits your blog URL.

I would also recommend disabling the updates in Mac OS X, Firefox,
Windows, Thunderbird, Adobe Photoshop, and any other third-party
applications you have. As all of those are tied to your personal IP and
not your server IP they have far more implications for privacy.


As to what the summary refers to, where Matt suggests a person fork Wordpress:

Moritz 'Morty' Strübe wrote:
> It can.

Your blog URL is completely harmless.

  > We only have your word for that. And sorry, that is not enough
  > for me. Especially if it does not have to be.

If you don't trust wordpress.org, I suggest you do one of the following:

1. Use different software.
2. Fork WordPress.
3. Install one of the aforementioned plugins.


Again, he gives the solution to the original poster's complaint (Moritz 'Morty' Strube). If this Moritz is really concerned, he can fork and remove the new code that transmits this information - or if he isn't too concerned, just install the plugins matt suggested.

This is making something out of nothing. Definitely nothing to see here, please move along.

Fork Them! (1)

MeBadMagic (619592) | more than 6 years ago | (#20745313)

Nice choice of words, don't you think?

B-)

Why is this even an issue? (1)

gillbates (106458) | more than 6 years ago | (#20745327)

You have the source code, right?

If you don't like the way the software behaves, you can change it. This is one of the fundamental freedoms the FSF endorses. In fact, I would say this is a perfect example of the open source model in action:

  1. User doesn't like a feature of the software.
  2. User disables feature in source code, recompiles, and improves the software.

The sad thing is that Microsoft and other proprietary vendors have been so successful at convincing the general public that they should be at the vendor's mercy when it comes to bug fixes and feature requests that even Open Source users have come to believe the software originator's blessing is required.

Un-warp your brains. Experience freedom. Fork it if you don't like it, and let the people decide which version they like better.

But you're little? (1)

jhRisk (1055806) | more than 6 years ago | (#20745335)

I love it when little guys act high and mighty. Yes, they're "little" as compared to say Apple or MS who can pull stunts like this and the general populous just acquiesces. I include myself in that statement as, at times, it still makes business sense to go with a product even if you don't agree with all aspects of what it does. This, however, IMHO is not one of those cases.

Ironically, I was considering global site licenses of this product for our public relations agency. Thanks for dropping out of the running!

Re:But you're little? (2)

syrinx (106469) | more than 6 years ago | (#20745605)

Ironically, I was considering global site licenses of this product for our public relations agency. Thanks for dropping out of the running!

I hope you actually read the article, and put some consideration into it, and aren't basing a business decision on a flamebait Slashdot summary.

Where did he say to just go fork?! (4, Insightful)

kwandar (733439) | more than 6 years ago | (#20745345)

Maybe I missed it, but it struck me that the developer's response was very civil, and well thought out. From the slashdot article you'd think he'd told the whole community to "fork off"?

So - did I miss something, or did everyone else not RTFA?

The Actual Quote (2, Informative)

michaelkpate (260010) | more than 6 years ago | (#20745349)

Since no had actually linked the Fork comment, http://groups.google.com/group/wp-hackers/browse_thread/thread/bdced7524fa79a18/f8b5bc6efc4a4005#f8b5bc6efc4a4005 [google.com]

> If you don't trust wordpress.org, I suggest you do one of the following:

> 1. Use different software.
> 2. Fork WordPress.
> 3. Install one of the aforementioned plugins.

Welll, I'll be... (-1, Troll)

MasterPoof (876056) | more than 6 years ago | (#20745373)

I do believe the Wordpress dev's have just officially killed the project (as it is now). People are NOT going to put up with this. "Fork the project" you say ? More like, "take said fork, and shove it up your @$$."

Re:Welll, I'll be... (1)

MasterPoof (876056) | more than 6 years ago | (#20745435)

His [Matt Mullenweg's], intent with that comment is irrelevant. This manner of action is unacceptable for the Lead Developer.

Hey don't worry, Barry will protect you! (1)

DysenteryInTheRanks (902824) | more than 6 years ago | (#20745375)

If you're worried about the security of the copious data being sent to Wordpress.org, don't be, there's this guy named Barry, he's awesome and he will keep your private information safe!

Or as the author of WordPress puts in TFA:

"In 2 years of running WordPress.com and Akismet, two extraordinarily
high-visibility targets, there has never been a problem on a server
Barry set up
."

Uh, right.

Don't worry (3, Funny)

m4g02 (541882) | more than 6 years ago | (#20745383)

As a rule spying on users shouldn't be a security concern as long as the person/corporation spying is honest, just and only concerned on improving their software and the user experience...

So... As a rule spying on users is always a security concern =P (name it WordPress or Windows Update).

Fork This! (1)

Nom du Keyboard (633989) | more than 6 years ago | (#20745413)

telling users to 'fork WordPress' if they aren't willing to put up with this behavior."

I think I'd rather "fork" him -- right in a tender spot.

It's bad enough to do it in the first place.

It's worse to do it in secret. (Did he really think it wouldn't be discovered?)

It's worst of all to actually defend it afterwards. (Who does the think he is? Dan Rather?)

You can't program people (1)

athloi (1075845) | more than 6 years ago | (#20745425)

A good process is important. Of course I agree with that! But at some point, for any area where decisions must be made, you will need a person. Or a HAL 9000. But either way, the individual is what determines what will occur. Bad leaders are doom, good leaders are bliss. There is no way to from a distance or with a policy escape this fact. You need to make sure the people in power are good people you can trust, because power does not corrupt that kind of person, at least not in important ways. I'd rather have a good leader who splurges on a BMW with taxpayer funds than a bad leader who drives a Honda.

In the case of WordPress, it's advantageous for them to be able to get diagnostic and statistical information. They will learn more about their users's needs, and will be able to see where bugs crop up and eliminate them more quickly. I have no problem with people I trust having this kind of information about my servers, especially if I trust them to keep it securely. But I don't know the WordPress team, so it could be a problem.

There are no solutions you can implement from the couch for this issue. People keep looking for from the couch solutions like "no one should retain any information about us" or "trust the government, no more 911s." But these are not realistic answers. You will have to trust some leader and there will always be both good and bad leaders, and the only way to remove the bad ones is with a sword. Oh well. Life is struggle, get used to it.

Fork (1)

Penguin Follower (576525) | more than 6 years ago | (#20745437)

If you can't wait for a Fork, there's a nice package called Textpattern [textpattern.com] that I used to use. It's kinda like WordPress. I liked it. Give it a spin and see if it works for you. :D (End shameless plug for favorite php app).

I'm too sexy for... a privacy policy. (1)

mnslinky (1105103) | more than 6 years ago | (#20745439)

It makes you wonder what they're going to do with the data. Anyone out there peeled out all the code that sends this data yet?

Google Cloaking (4, Informative)

Trillan (597339) | more than 6 years ago | (#20745487)

For those wondering what the big deal is, I expect a lot of the reaction is fueled by memories of Mullenweg being caught google cloaking [theregister.co.uk] in 2005. Once someone loses your trust, you don't really want to share any data with them.

Never mind... (0, Troll)

Brad_sk (919670) | more than 6 years ago | (#20745511)

Its not Microsfot...So we should not complain here...

You get what you ask for. (0)

Anonymous Coward | more than 6 years ago | (#20745551)

When our new boss arrived, he said "if you ever feel unappreciated or can find a place with better pay, leave." 2 years later, we've had 110% turnover in this department.

My guess is if he asked people to fork it, someone will.

Firefox is just as bad (0)

Anonymous Coward | more than 6 years ago | (#20745639)

Firefox also phones home.

I don't see why Firefox isn't also considered spyware.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?