[wp-trac] [WordPress Trac] #16778: wordpress is leaking user/blog information during wp_version_check()

WordPress Trac noreply at wordpress.org
Tue Jan 10 17:38:01 UTC 2017

#16778: wordpress is leaking user/blog information during wp_version_check()
 Reporter:  investici       |       Owner:
     Type:  enhancement     |      Status:  reopened
 Priority:  normal          |   Milestone:  Awaiting Review
Component:  Administration  |     Version:
 Severity:  minor           |  Resolution:
 Keywords:  has-patch       |     Focuses:

Comment (by celsobessa):

 Just sharing my support +1 for fixing this as "opt-in" and a UI setting
 for non-technical users for the reasons and rationales by @idea15 @mark-k
 @andreasnrb @NathanAtmoz @Rarst @roberteessels and others.

 And politely giving my cents:

 For what I could grasp from previous conversations, it's less about
 technical reasons (*) and more about decisions. So, besides the reasons
 state by others, i would add that this has a potential to become another
 #wpdrama really quickly (maybe even beyong WP community) and I don't think
 the project needs more of drama.  Specially if the project really want to
 gain traction with non-tech savyy users and corporative users. Maybe not
 because the #16778 issue on it's own, but because of the subject of
 privacy and the way the project handles it.

 The expectations and awareness about user privacy and transparency when
 this ticket was opened and discussed often has changed a lot. It's almost
 an cliché to cite #Snowden, #Wikileaks and all the NSA thing and in
 conversations, but, here I am citing these subjects along side
 transparency, privacy and data protection laws (EU, Brazil), corporative
 compliance, et cetera.

 So, maybe the we should go forward with fixing it while this is "small"?

 Best regards.

 PS: let's not forget: "What got us here won't get us there." (Mullenweg,

 (*) I'm not a specially talented developer and I could not patch this.
 Therefore, giving opinions is the only thing I can do right now.

Ticket URL: <https://core.trac.wordpress.org/ticket/16778#comment:80>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list