[wp-hackers] Long term suckage
peter.westwood at ftwr.co.uk
Fri Jun 18 20:56:32 UTC 2010
On 18 Jun 2010, at 19:02, Doug Stewart wrote:
> I'm sort of in your court, but something you said struck very close to
> home and, well, has me a bit hot.
> On 6/18/10, Matt Mullenweg <m at mullenweg.com> wrote:
>> I used to think this was valid, hence the 2.0 LTS branch. Now, after
>> working with hundreds of the largest companies and media properties in
>> the world, I am philosophically opposed.
>> While I like the theory of LTS, what happens in practice is it covers up
>> the incompetence of IT or developers because they put off small slightly
>> painful upgrades until they get so out of date of trunk (3 years? 5
>> years?) and you have to go through a giant, painful, screws everybody
>> over upgrade.
> You know what? You haven't dealt with real IT professionals and decent
> developers then.
> 9 times out of 10, it's not IT's fault -- it's idiotic "change
> management" "controls" that require 15 forms of sign-off so that a
> single install of something can be upgraded. Most halfway-decent
> admins that I know and have interacted and, yes, worked with can
> process an upgrade (particularly a well-written one) in a very decent
> amount of time and, when upgrades go awry, will stick through to see
> the upgrade to the end, regardless of the lateness of the hour.
> So don't go the "blame IT!" route, thankyouverymuch.
Indeed poorly implemented change management control can be a real pain.
This tends to get in the way of /any/ change though so I'm not sure that a security backport process would help.
I sometimes wonder if one of the blockers to upgrade for sites is where the site has been sold as a one of cost.
i.e. I will create you a site for X
The end-customer hasn't been pre-cultured to the need for an ongoing service of maintenance and upgrades to keep them secure and therefore they only upgrade in a panic once they have been hacked.
http://blog.ftwr.co.uk | http://westi.wordpress.com
C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5
More information about the wp-hackers