Wedge

Public area => The Pub => Off-topic => Topic started by: Arantor on April 14th, 2011, 12:35 AM

Title: And so...
Post by: Arantor on April 14th, 2011, 12:35 AM

http://www.theregister.co.uk/2011/04/13/wordpress_hack_attack/

WordPress is beginning to demonstrate its level of vulnerability... I think there may be some ground here :niark:

Title: Re: And so...
Post by: Nao on April 14th, 2011, 12:43 AM

Why? We aren't certain Smf or Wedge are safe either ;)

Hey.  Funny quote from mister "gpl is god, fuck you if you plan to sell a non-gpl plugin!"

Matt Mullenweg, wrote. “We presume our source code was exposed and copied. While much of our code is open source, there are sensitive bits of our and our partner's code.

Title: Re: And so...
Post by: Arantor on April 14th, 2011, 12:52 AM

Let's see. SMF 1.1 has had 13 post-final patches, which are all security related. That's in 5 years.

Just take a look through http://wordpress.org/news/category/releases/ and see how many of the patches were security related.

To be fair, even with SMF 2.0's long life cycle, the team were pretty prompt about getting security patches out. There are vulnerabilities in RC2 (patchwise, equivalent to 1.1.11), some in RC3/4 (equivalent to 1.1.13), and let's not forget the vulns that were fixed as 2.0 RC1-1 and 2.0 RC1.2 (1.1.9 and 1.1.10 respectively)

I still say SMF and by proxy Wedge have a better track record of security that WP does. And before anyone gives me the crap of 'it's a bigger target', WP is a simpler application than SMF is, so by definition it should be safer - and yet...

Title: Re: And so...
Post by: DoctorMalboro on April 14th, 2011, 01:01 AM

Thank god my blog is so crappy no one would bother in hacking it :P

Title: Re: And so...
Post by: chilly on April 14th, 2011, 11:36 PM

blog? url? xD

would need people with skills and knowledge in this area to just try to find weaknesses. (and report them ofc.) ;)