Thought Patterns

From WordPress Development Team:

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.

Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

What's the difference between a hacker and a cracker? Good question! I explored this difference nearly two years ago. It still holds true.

According to the How to be a Hacker website, "The basic difference is this: hackers build things, crackers break them."

With the latest WordPress, there's been a flurry of bitchin' about one of the changes. I don't understand why the change was made nor the reasoning behind it.

Previously, if I wanted to share a link, I could add one with relative ease.

I went into the Admin. Went to Links. Went to Add Link. I added the link.

If the new link didn't fit into any of my categories, I added another by going to 'Link Categories'.

Posts also had categories. They can be made to help with sorting and searching through a blog's posts.
(more…)

I just upgraded the blog from WordPress 2.0.4 to 2.1. Not a single problem.

I withdraw that statement. My links in the sidebar are all f-ed up. WTF is that mess? Later. I'll figure it out later.

BUT let me know if you come across any.

I'm also going through and seeing if there are any updates to my plug-ins (which takes for-ever) so there might be a few more hiccups.

I finally got around to doing the WordPress 2.03 to 2.04 upgrade that was put out way back in July.

I forgot to turn off all the plugins first but so far, it seems to be okay. Please, if you see any (new) errors, let me know immediately!

I just did an upgrade to this blog. It has hiccuped since then but that is my fault. I was a dweeb and moved some files prior to turning them off. Or something like that.

So if you've had trouble loading the site today, 'twas just me being, well, me.

I catch comment spam for this blog via a wonderful plug-in called "Spam Karma 2". It rocks. I have only had it let two by in all the time I've used it.

It works by setting up a bunch of criteria such as did the commenter/author put in a URL, how many URLs are in the comment itself, how old is the post, when was the last comment to the post, have they been caught (spanked) before, etc etc etc. It then gives the comment a score and based on that score, it puts the comment somewhere. All comments that are caught, I can then either "recover" them or send it through again, giving it a higher score. Each time I send it through, it gets spanked because it was through before so it builds up. I usually delete the comment (but not the score) after I've bumped it up to -1000 or more. (the lower the number, the more of a spanking it got)

I have my comment severity set to "Total Beeatch" which is as high as one can go. As a result, many legitimate comments get hung up until I recover them. Poor Sophia gets caught a lot. (I think it knows she is only making a comment to smart off or something.)

At any rate, I tell you this so that you understand what has happened. I have had some comments get a high score before of like, -2000 or more on its first go through. Mostly because the idiot has done this before. A few minutes ago I to see if any fish had got hung in the net. Yep, one new one. It has a score of, get this, -244555. I checked the comment to see why. The comment consisted of a crap load of links. As in, they go on forever. As in, 1217 URLs!! Holy Spam!

Putting two posts into one so try to not get confused.

I have successfully updated to WordPress 2.0.2. It was easy enough. While I was at it, I checked all my plugins for updates. Time consuming!

I also got some writing done earlier today. Wrote a short short story. It was fun, really. And funny. I also wrote some more on Centric. Not much, since I had to keep stopping and doing either more research or find my notes on the research I've already done. I don't know how long I'll keep this up. I like it and its fun to write too. Can't get much better than that.