[wp-trac] [WordPress Trac] #16778: wordpress is leaking user/blog information during wp_version_check()

WordPress Trac wp-trac at lists.automattic.com
Wed Mar 9 15:05:30 UTC 2011 

#16778: wordpress is leaking user/blog information during wp_version_check()
----------------------------+-----------------------
 Reporter:  investici       |       Owner:
     Type:  defect (bug)    |      Status:  reopened
 Priority:  normal          |   Milestone:
Component:  Administration  |     Version:
 Severity:  minor           |  Resolution:
 Keywords:  legal           |
----------------------------+-----------------------
Changes (by hakre):

 * keywords:   => legal
 * status:  closed => reopened
 * resolution:  worksforme =>


Comment:

 Replying to [comment:13 westi]:
 > This has been discussed many times in the past.
 >
 > There are plugins available already which allow you to disable the
 checks if you don't want to send the data.
 >
 > We are not going to add any UI option for this and I don't see that we
 need a new filter either as plugins have already sucessfully been created
 using the filters/actions we already have.

 Please be so kind and leave the ticket open until it's solved. I'm sure
 that for you personally this is all okay but this should be about the
 common user.

 Tscho is right in the point that the privacy concerns were not resolved.
 That those have been discussed in the past did obviously not help much so
 far to increase the awareness within the wordpress core team.

 I think the problem is that most users are not aware which of their data
 is spread to which third parties and for what reason.

 And wouldn't it be such an important topic, I'm sure this wouldn't come up
 again.

 Even if a user knows that some data needs to be passed for a version check
 of core, plugins or themes, the amount of data passed to remote is
 obiously more than needed to do the version check. It has been already
 written in this ticket that the additional data get's passed for for
 stats.

 But users should be made aware upfront so they can freely decide on their
 own if they want to instead of being forced to support the project with
 their usage-data. They could be offered an opt-in to do so.

 But instead, you're promoting that users that have no clue what a plugin
 is should search through many of them and probe some until they luckily
 find one that prevents leaking their data. It's more likely that they can
 not even verify if a plugin is doing what it announced. So the only safe
 bet is to have that as part of the application itself.

 Wordpress does not offer such and the privacy settings page in the backend
 is not informative at all about this issue. The installation screens do
 not contain a single word about this either.

 Maybe I've just overlooked it, but where is the information available
 which data gets transfered to whom, for what reason and how this can be
 prevented? Please keep in mind that this is about the average user and not
 plugin coders that have no problem to remove such a check within a minute.

 Let's be more constructive here. Probably it can be created a statement so
 users can learn more about the privacy issues when downloading from
 worpdress.org.

 Additionally I'm intereseted to learn about the reasons to not offer an
 option for submitting stats.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/16778#comment:14>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list