Dr Dave has announced that there is a security exploit affecting WordPress 1.5 and WordPress 2.0.
In a nutshell, stuff could happen to your blog if you don’t turn off “Anyone can register” on your WordPress options. If it’s on, DO IT NOW. Dr Dave adds that you should also disable any guest accounts you are unsure about.
I have no idea what the hell is going on - but take it from Dr Dave and disable it now. There is no real known proof about this exploit, but I am going to take it as a matter of trust to a respected blogger who is also the developer of Spam Karma. Let’s hope the WordPress dev guys realize this and patch it - really wicked quickly. Do not hesitate - disable it on your blog now. Dr Dave can’t give us anything on the exploit since not enough blogs are protected now - information may fall in the wrong hands and the exploit may come.
The last word is to take Dr Dave’s word - he’s tested it and it’s “shown to exist with varying levels of danger on all versions of WP up to the very last one.”
Notified by Kamigoroshi on IRC.
The following is a partial theory thought of for either no reason or some reason. Not sure which.
So, as Saturday dawns upon us soon, I haven’t gotten a sponsor since Monday. Which kinda sucks - I need as many sponsors as possible. I have been told to take it easy the first year. I have also been told that I probably will get some sponsors during the ‘thon. I’m guessing that during the Blogathon the blogosphere sees that there are lots of new posts in these 400 blogs - wtf!?
My schedule messes the blogathon up - since I’ll be traveling around (thankfully for no more than 30 minutes) for the first part of the day (9AM, when the blogathon starts.) I could leave later than 9AM - but I have to be at my destination (MIT) at 9:30 to write a quick blog post, of course. Therefore, my first two blog posts might be slightly poor, then the rest will be better in quality.
The real part of this theory is that I believe the better the first blog posts are, the better chance of more pledges being pledged. That is set by a matter of time, every increment of time passed people may be less inclined to pledge money, I guess. Not sure why, but that’s what I think - if I have strong posts at 9AM people would be more inclined to pledge since they think the rest of the blog posts will be strong. Yet my first two will be pretty weak, and the rest will be strong. Once some poeple see the first post, and they think it sucks, they might not pledge and not visit the blog again - they think that the rest will suck. Which kind of sucks. A lot.
Therefore, I’d like to say that even though my first few will be weak, please consider pledging still - there will be a lot of good articles. I have about five minutes to write a blog post at 9AM - not long enough to write a good article. This article took at least fifteen minutes to write, so there you go, a gauge. Thank you