[development] WordPress 2.3 Spies On Users

Morbus Iff morbus at disobey.com
Tue Sep 25 20:07:53 UTC 2007

>> I think the main issue (and a serious one) is that this is done without
>> asking the user and without the possibility to switch it off without
>> extra work. Drupal's phone home feature has always been "opt in".
> Apparently, update.module in D6 is not opt-in. Bad decision.

Yes, I think that's a problem. I'd much rather it be opt-in or during 
installation (for new users only, of course). Alternatively, I would 
also support a admin/ page message that /always/ said "update checker is 
not enabled; please check drupal.org for the latest security updates", 
and have that message only be disabled through a settings.php var tweak. 
There is no underscoring how important the update checker is, but 
there's also no underscoring of how important people's illusion of 
privacy and choice is.

Morbus Iff ( i put the demon back in codemonkey )
Technical: http://www.oreillynet.com/pub/au/779
Enjoy my: http://www.disobey.com/ and http://www.60bwc.com/
aim: akaMorbus / skype: morbusiff / icq: 2927491 / jabber.org: morbus

More information about the development mailing list