[wp-hackers] Plugin update & security / privacy

Omry Yadan omry at yadan.net
Sun Sep 23 19:21:15 GMT 2007 

Matt Mullenweg wrote:
> Kimmo Suominen wrote:
>> Why are the plugin versions sent to the server?  It should be
>> enough to send the plugin filename and/or name, so the server can
>> return a list of current versions.  The client (WP) can then figure
>> out which plugins need updating.
>
> The system was designed to keep the client side as light as possible 
> so the heavy lifting can be done on the server side, allowing us a lot 
> more flexibility and agility in adapting the service as it gets rolled 
> out and evolves.
some heavy lifting, comparing versions.
with Akismet the server actually provide a dynamic service to the 
client, here all it needs to do is to tell it the latest version.
it can be as simple as storing a static file on the server.

>
> For example right now nothing is done with regards to localization, 
> but because of the data being sent and the lightness of the client 
> side we could introduce that feature in the future without having to 
> update every install of WordPress in the world. This philosophy has 
> worked very well for Akismet over the past 2 years. I believe it is 
> also the best approach for WordPress.
Localization of what?


I feel like I am wasting my time trying to convince you, but here are my 
arguments anyway:
1. you have stated yourself that you don't need the url.
2. the url breaks the anonymity of the request, and many people will not 
like it at all. most will only find about it once it blows up - and by 
then they will feel installing a plugin to prevent it is like closing 
the stable after the horses ran away.
3. it will blow up because bloggers are one most privacy aware 
populations, and I give it less than a week from the official release 
date. also expect a "Wordpress is spying on users" article on Slashdot 
(This is not a threat, just an attempt to predict the near future).
4. you can't compare this to sending blog url (and version, why?!) to 
technorati because people opt-in to send that information, and it's 
required to provide them with the service they are receiving.
5. you can't compare it closed source programs with high opacity, that 
may or may not send system information regularly. the reasons are that 
people does not know what they send (binary/encrypted protocols, no 
source) and that the companies cover their asses with the EULA. (so in a 
way the users agree).

    Omry.

More information about the wp-hackers mailing list