[wp-trac] [WordPress Trac] #5066: Anonymize update checking
WordPress Trac
wp-trac at lists.automattic.com
Mon Dec 14 01:22:49 UTC 2009
#5066: Anonymize update checking
-------------------------------------------+--------------------------------
Reporter: zamoose | Owner: anonymous
Type: enhancement | Status: reopened
Priority: normal | Milestone: 3.0
Component: Administration | Version:
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion privacy |
-------------------------------------------+--------------------------------
Comment(by intoxination):
As one of the originals on this ticket I would like to throw in the issue
of the information being sent. I just saw Mark Jaquith's Twitter post
stating the items sent when checking for an update - including
plugin/theme author's name. When you think about that, it does present
another issue. For example -- John Smith maybe doing some little anonymous
blogging. He wanted some simple feature on his blog that there wasn't a
plugin for, so he header over to wp-hackers and someone said "hey just do
this quick filter". Now he uses one of the plugins packaged with WP and
grabs the top comment section that includes this information and replaces
it all with is own, thinking that no one will ever see it. Of course no
one should, but the fact that WP is sending it out means there is always a
chance.
Adding also that URL's are not always public. WP is a wide use
application, which speaks to the power of it, and in some cases people use
it on private corporate intranets complete with their own DNS server and
that gives them the power of having internal URLs that aren't for the
public's eye.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/5066#comment:37>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list