[development] WordPress 2.3 Spies On Users

Gerhard Killesreiter gerhard at killesreiter.de
Tue Sep 25 18:55:34 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gerhard Killesreiter schrieb:
> Khalid Baheyeldin schrieb:
>> The drupal module in 5.x sends a subset of this (site name, URI, IIRC).
>> The new update module in 6.x supersedes that, but I am not up to date
>> on the details. It includes installed modules too.
> 
>> I think the data is in the DB of drupal.org.
> 
>> Is it a big deal if the that info is sent? The highest rated comments so far
>> downplay that it is an issue at all.
> 
> I think the main issue (and a serious one) is that this is done without
> asking the user and without the possibility to switch it off without
> extra work. Drupal's phone home feature has always been "opt in".

Apparently, update.module in D6 is not opt-in. Bad decision.

Cheers,
	Gerhard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG+Vmmfg6TFvELooQRApXNAJ0eOIQTRktWLwcsnoAxdRVX5BdmvgCgu4Er
n4kIQNNUtg2/gFerBrQELDE=
=/QWn
-----END PGP SIGNATURE-----


More information about the development mailing list