[wp-hackers] Themes Being Unofficially Distributed with Security
Vulnerabilities - Time for an Official Theme Repository?
Viper007Bond
viper at viper007bond.com
Thu Nov 29 05:34:01 GMT 2007
+1
Human > machine.
On 11/28/07, Computer Guru <computerguru at neosmart.net> wrote:
>
> On 11/29/07, Robin Adrianse <robin.adr at gmail.com> wrote:
> >
> > But that's easily gamed by spammers. They're not *that* stupid, you know
> > ;).
> >
> > I don't think machine-verification would be that productive, to be
> honest.
> > And it wouldn't really be that hard for a human to just give the theme
> > files
> > a quick look-over.
> >
>
> I agree 100%
> No matter what you do, there'll always be a "easy" workaround to avoiding
> machine detection. It can include() code from another URI, rot* text,
> etc.... and worst of all, you'll give people a false sense of security,
> too.
>
> Best is to just have a central repository. "Verified" members of the
> community can officially mark a theme clean. Users can rate themes on
> quality, and report a theme as dangerous if they feel it warrants further
> investigation.
>
>
> That's far more productive, a lot more bullet-proof, and feels more like
> the
> WordPress way :)
>
> --
> Computer Guru
> Director,
> NeoSmart Technologies
> http://neosmart.net/blog/
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
Viper007Bond | http://www.viper007bond.com/
More information about the wp-hackers
mailing list