[wp-trac] [WordPress Trac] #16778: wordpress is leaking user/blog information during wp_version_check()
WordPress Trac
noreply at wordpress.org
Mon Mar 13 18:56:45 UTC 2017
#16778: wordpress is leaking user/blog information during wp_version_check()
----------------------------+------------------------------
Reporter: investici | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version:
Severity: minor | Resolution:
Keywords: has-patch | Focuses:
----------------------------+------------------------------
Comment (by WraithKenny):
Folks on the ticket mentioned "lack of chiming in" as a reason to dismiss
the ticket, so naturally, I feel that's an invitation to comment. ;-)
On the topic of EU privacy regulation raised by @idea15 and others:
There's certainly '''blog''' identifying info transmitted, but not
'''person''' identifying info. I'm not a lawyer, nor an expert, nor do I
have access to api.wordpress.org's code, but I '''really don't''' think
this runs afoul of privacy regs in the EU (I'm not even European, so
'grain of salt' on this).
Because of the fact that I can only read the code that sends the data, and
not the code that creates the dataset, I have to make some assumptions.
And because I can't find any real source for how or where that data is
stored, I do have some concerns. I don't see how creating analytics that
can determine when a blog becomes abandoned by when it stops pinging
(which is how blogs drop off the php support on the stats page)
I assume that the ''potentially outdated and vulnerable versions'' are
aggregated by blog URL, into a list somewhere. Seems straight-forward
enough. What's the worst that can happen to such a list? :-/
Some commenters are expressing concerns about security and privacy, while
some are being dismissive and closing the ticket, or otherwise
trivializing the concerns. Perhaps a better way is to have someone who has
access and knowledge of the system adequately describe the potential
hazards that they've considered, and how they deal with those concerns,
and what security is in place to safeguard that list of vulnerable sites.
Basically, assure everyone that they've privately done what is usually
publically done with most other things WordPress.
For the record, while I see a potential concern here, I '''wouldn't'''
opt-out of the stats. And as I said above, I could be wrong about all of
this, since I don't have any access, I don't know.
TL;DR I don't think this is a minor enhancement. I think it's at least
somewhat security related, and of at least normal severity.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/16778#comment:92>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list