Seriously,
http://wordpress.org/news/2011/06/passwords-reset/
And to crap on top of it, I actually do have W3 Total Cache installed and did update it just the other day.
However, it only updated “because it’s there” — I don’t actually use it. I just never happened to delete it after I deactivated it. I guess I was hoping I’d figure out how to enable something useful like cacheing without it destroying the usability of my site.
So now I’ve had a “cleverly disguised backdoor” installed on my web site (which can thus access ALL my domains) for a few days.
Of course, I don’t even know what to look for regarding this exploit.
How could I have protected myself from this? Checking the WordPress.org news minute by minute for their latest security issues? Can I afford to ever sleep? Or maybe I just need to read through every single line of code for every single theme and plugin? Oh — but I probably have to scan the entire WordPress core as well. How long could that take?
Oh – the only solution is to buy VaultPress for ALL my domains… That makes sense. At least then I’ll be making somebody else’s monthly Corvette payment.
That’s the problem I keep running into with WordPress — it’s a bunch of very pretty cards and when you’re done… you’ve built a house of cards.
From my admin page — I gave up on even having this plugin activated in January.
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Ahh… the dreaded
…a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”
Yeah. What that says to me is, “A hacker has already looked at the vulnerabilities in 3.0.3 and written a script to exploit it and deployed it on the websites he/she has already hacked so that it can go out and get access to even more web servers by simply crawling the web looking for WordPress installations that haven’t been updated yet.”
Read the rest of this entry »
I’ve been noticing lately that there’s a bunch of cars on the read with “industrial equipment” yellow license plates. Today I thought I’d look into that and see what the story is.
I remember when New York state switched to the white background license plates (this must have been in the late 1980′s). My boss at the time pointed out that even though some people didn’t like the idea of change, overall most car colors look better with a white license plate against them then with that garish yellow.
Apparently, someone decided to “bring it back” — because nothing looks better than putting something that looks like World War II surplus paint color against a car with a modern paint job. To add injury to the insult, the new plate fee for cars will be $25 instead of $15. Hurray for progress!
Read NY State’s proud press release here.
In the U.S., where each state issues plates, New York State has required plates since 1901. Apparently they’ve changed colors a lot over the years until the 1970′s-1980′s where they fixed on the ugly yellow. Having switched to a classy white plate (like so many other states use) for so many years, there’s nothing to do but change it back so that it’ll be easier for cops down south to spot New Yorkers at a distance and give them speeding tickets. Your tax dollars at work!
Here’s a site with pictures of licences plates in NY from various years, so you can wax nostalgic.
