[wp-hackers] Summary of the update security & privacy discussion
Denis de Bernardy
denis at mesoconcepts.com
Tue Sep 25 23:38:19 GMT 2007
Much of the discussion is blah blah, really...
- The WP update notification procedure collects more information than it
needs to; Someone who deals with privacy-aware people raised a concern
- (Lots of trolling on the topic...)
- Matt dismissed the concern (the information is not stored and who cares if
it is), and pointed out a means to disable the WP update notification
procedure entirely as a workaround
- (More trolling...)
- Someone vented his frustration on slashdot (and digg?); Matt reprioritized
his day and sought to douse what now amounted to a greek fire
- (More trolling still...)
- Matt posted a privacy policy on wordpress.org in an effort to terminate
the discussion
The privacy policy personally left me scratching my head:
"WordPress.org collects such information only insofar as is necessary or
appropriate to fulfill the purpose of the visitor's interaction with
WordPress.org" and "visitors can always refuse to supply
personally-identifying information" are simply not true. These two points
were what the trolling was all about in the first place.
Bottom-line:
- WP 2.3 got released as is
- The update procedure still collects more information than it needs to
- The privacy policy could use some correction, and maybe a lawyer's touch
Hope this helps...
Denis
More information about the wp-hackers
mailing list