[development] WordPress 2.3 Spies On Users
Kevin Reynen
kreynen at gmail.com
Tue Sep 25 18:09:30 UTC 2007
I don't know whether to laugh or cry. It is really sad to see a someone in
a leadership role abuse their community this way. Hopefully Matt will come
to his senses, add (or better, default to) an opt-in feature, and apologize
for this lapse in judgment.
This is being dugg as well...
http://www.digg.com/security/Developers_Admit_WordPress_2_3_Spies_On_Users
I think users are more likely to f*ck WorkPress than fork it.
- Kevin Reynen
On 9/25/07, Gerhard Killesreiter <gerhard at killesreiter.de> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Khalid Baheyeldin schrieb:
> > The drupal module in 5.x sends a subset of this (site name, URI, IIRC).
> > The new update module in 6.x supersedes that, but I am not up to date
> > on the details. It includes installed modules too.
> >
> > I think the data is in the DB of drupal.org.
> >
> > Is it a big deal if the that info is sent? The highest rated comments so
> far
> > downplay that it is an issue at all.
>
> I think the main issue (and a serious one) is that this is done without
> asking the user and without the possibility to switch it off without
> extra work. Drupal's phone home feature has always been "opt in".
>
> Cheers,
> Gerhard
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFG+Uy8fg6TFvELooQRAtOuAJ4odYtpUcpG4DJI/YEFT2zKpKqEkgCghYwY
> +WLvisIZurxg9bTimksiyJY=
> =UevE
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20070925/9a2c4528/attachment-0001.htm
More information about the development
mailing list