- @jtimothyking You can write quickly or well. Choose one. in reply to jtimothyking #
Twitter Updates for 2009-09-18
Twitter Updates for 2009-09-18
- Theater is still used to fight against censorship and oppression: http://planetmike.com/x/38 (The Belarus Free Theatre) #
- @eFax Why was my free account terminated without a word to me about it? And how do you find the free service? It's not visible on your site. in reply to eFax #
- DCist: Signature's Salute to Kander & Ebb, First You Dream: http://showbizradio.net/x/3s #
- 15 Things I Don’t Get, written by the Loose Parts comics, Dave Blazek: http://www.planetmike.com/x/3t #
Twitter Updates for 2009-09-16
- Why in the world is someone at the Pentagon using IE 6.0 to surf the web, with tons of MS discussion toolbars activated? Doesn't seem secure #
- @perishable No, most people think Facebook is the internet. Walled gardens suck. in reply to perishable #
Twitter Updates for 2009-09-15
- eFax did away with their free fax services earlier this year. Thanks for letting me know. Now that I need to get a fax, I can't. grumble. #
- I just used zamzar.com to convert a MS Works file to something useful. (It's been years, and then I get two .wps files this week) #
- Just recommended a friend use OpenOffice over MS Works. http://www.openoffice.org/ #
Twitter Updates for 2009-09-14
- I really dislike Ticketmaster's web site. #
Twitter Updates for 2009-09-12
- Just learned about the fdisk and ethtool commands for linux. Thanks ServerBeach tech guy! #
Twitter Updates for 2009-09-11
- @biz from new TOS "If your updates consist mainly of links, and not personal updates" giving links to relevant interests areas is bad? #
- Where was I on 9/11: http://planetmike.com/x/911 #
- It seems strange to have to track down my sales guy at my webhost so I can buy a new server. Emails haven't been acknowledged. #serverbeach #
- @ServerBeach Thanks, I just talked with someone at your 800#, he told me the same thing. in reply to ServerBeach #
- Very pleased with my interaction just now with my Serverbeach sales guy. Now I wait for the tech guys to put the server together & email me. #
Twitter Updates for 2009-09-10
- The Last Will and Testament of Silverdene Emblem O'Neil http://planetmike.com/x/1o #
- Apple has done something sneaky in the new iTunes: http://planetmike.com/x/2d #
Two Ideas for Mitigating Future WordPress Vulnerabilities
This weekend there has been a plethora of news stories about pre-2.8.4 versions of WordPress being hacked (Lorelle, Matt or the Guardian). The official way to protect yourself is to install an upgraded version of the system.
My first suggestion: The administrators of a WordPress blog should be sent an email once a new release has occurred. Unfortunately, I believe the “update release check” only occurs when someone is looking at the admin pages. Perhaps a hook can be added that once a day if the public site is accessed, the version check will be done. If a new version has been released, an email message is sent to the administrators.
My second suggestion: Have WordPress expire after a fixed amount of time. For example, let’s say one year after a version is released, it will lock itself down. At that point it will not allow new comments, posts or pages. Then six months after that, edits can no longer be made to existing pages or posts. Then 6 months after that, a full two years after a new release has been issued, posts, pages and comments will no longer even appear on the site. They’ll still be in the database, but they won’t be displayed at all.
Radical? Absolutely! But I think this would be a prudent way to minimize future problems, as well as forcing (encouraging) people to keep their WordPress installation up to date.