Comments on: WordPress Takes It On the Chin

By: Matt Brett - Freelance Web Designer with a magic touch | We Like Your Stuff

Matt Brett - Freelance Web Designer with a magic touch | We Like Your Stuff — Sat, 10 Oct 2009 06:41:11 +0000

[...] WordPress Takes It On the Chin (markevanstech.com) [...]

By: bsharwood

bsharwood — Wed, 09 Sep 2009 21:13:48 +0000

Good post. I'm looking after 4 blogs right now, and all of them when I sign in recommend the upgrade right when it's available. (my company blog is on a separate secure server so the upgrade required logging in on SFTP using another program and carefully putting folders and files in the right place) So the issue is whether that's enough. Or whether there's fear of upgrading because certain features might not become available. Did Scoble not upgrade when recommended? does he have so many features up that he's worried some of them might not work?

It reminds me that I posted on my http://www.think-forward.ca blog last week that when I upgraded my OS to snow leopard (figuring there's many benefits, including security) my Rogers Rocket Stick was made inoperable.

So the question still becomes: what is the risk of upgrading, vs the reward of new features or security?
Wordpress's attitude is that everyone should upgrade, features and plug-in be darned. That's not everyone's attitude.

By: Boris

Boris — Tue, 08 Sep 2009 16:17:33 +0000

"From the optics perspective, WordPress dropped the ball by slightly scolding people for not upgrading. That may be the case but it was the wrong message at the wrong time." — sorry, but no. Either a) run on a hosted service where you don't do upgrades or b) learn how to work the complex stack of machinery that makes up modern CMS / blog / hosting.

It just SEEMS easy most of the time, and a lot of people have had to work very hard to make it seem that way. Any bitching about WP or any other CMS is FUD — learn how to backup, learn how to upgrade, or pay someone to do it for you. EVERYONE that isn't technical enough to do this has been accumulating "technical debt" for a long time.

Learn or pay.

Also "WordPress's response". The company? The open source project? Various people that volunteer their time to work on it? It saddens me that people STILL don't understand that THEY are a part of this system, and this isn't just some corporation.

By: A Long Weekend of Deep Thoughts | Mark Evans Tech

A Long Weekend of Deep Thoughts | Mark Evans Tech — Tue, 08 Sep 2009 10:58:12 +0000

[...] Skip to content homeAboutContactPrivacy « WordPress Takes It On the Chin [...]

By: Smart Boy Designs

Smart Boy Designs — Tue, 08 Sep 2009 01:27:11 +0000

Thanks for sharing this information Mark. It's important that we update as quickly as possible when it comes to WordPress – but I do agree – a few weeks isn't much time. If it is something very important- or a crucial update – we need a messaging system.

By: Liston

Liston — Tue, 08 Sep 2009 00:49:07 +0000

The upgrade message was front and centre on my page – it was quite clear – was it not for some people?

By: markevans

markevans — Mon, 07 Sep 2009 23:43:08 +0000

Thanks, Matt. I think what you're suggesting is the kind of information that people were seeking initially. They took the hit for not upgrading to 2.8.4 so they were looking for insight about how to make things right again, and what to keep an eye on. Wordpress has a loyal following that wants and needs to be kept in the loop. From the optics perspective, Wordpress dropped the ball by slightly scolding people for not upgrading. That may be the case but it was the wrong message at the wrong time.

Mark

By: Joseph Thornley

Joseph Thornley — Mon, 07 Sep 2009 17:21:28 +0000

Nice post Mark. A good overview of what happened with an insightful analysis of the shortcomings of WordPress' response. Case study material.

By: photomatt

photomatt — Mon, 07 Sep 2009 15:44:16 +0000

If you need help upgrading your blog let me know, there are no unsolvable issues with regards to plugins or themes and new versions of WP.

Unfortunately on the other side if your blog has been compromised things get infinitely harder and you really need your web host or someone savvy with systems to clean up the damage. Even if you fix WP there's no guarantee they didn't leave a backdoor somewhere else in your account and you need to diligently check for that. (Like if you get spyware on your computer.)

By: Liston

Liston — Mon, 07 Sep 2009 12:20:03 +0000

Mr Scoble is worked up because he neglected to backup his work. Quite surprising. To blame WordPress when they fixed this issue is poor form. Do you not update Windows, Office, AV, etc applications when patches come out? So why blame WP for you laziness?
It you put yourself online, there is a risk someone will hack into your info. Thus, if you're going down that path you and you alone should be diligent to not only backup your work, but pay attention to what vulnerabilities are out there.
Hackers will ALWAYS attack the most popular services AND popular people.
Looks like he was using a old version ["2.8.4, the current version of WordPress, is immune to this worm. (So was the release before this one.}]
Mr Scoble, of all people, should understand these issues – he worked at Microsoft!!