Skip to content

Year: 2015

Are You Putting Your WordPress Site at Risk?

WordPress as a platform has been a solid, secure application over the years. The few times a vulnerability has been found, the WP team has been super-fast to patch it, publicize it, and take care of business.

That said, there are two major areas where WordPress lacks in security:

1. Plugins

2. Administrators

There are so many plugins for WordPress, which is part of what makes it so great. However, those plugins can also present attack vectors, and we see evidence of this almost every day.

It was just revealed that most WP users have very little understanding of the risk they are lending to their own websites. Not updating plugins, not updating WP itself, and not doing backups, are the most easily fixed things that people tend to not do.

This puts WP websites at risk, lets them get hacked, and gives WordPress as a whole a bad wrap.

The survey of 503 WordPress users, which took place online during February this year, revealed that WordPress users are more exposed to security problems than expected. In total, 54 percent of respondents said they updated WordPress between once a week and every few weeks, and yet only 24 percent back their websites up — and only 23 percent have received training in the use of tools such as backup plugins.

ZDNet

On that note, I thought I’d mention that the most popular SEO plugin for WordPress, Yoast’s WP SEO, has a new, major vulnerability in it. GO UPDATE!

Why I Left Facebook For Good

I have quit Facebook for good, in case you came here trying to find out what’s up. Why have I done this?

Facebook made changes to their user agreement on January 30, and I don’t feel OK about them at all. This article, Get Your Loved Ones Off Facebook, factually sums up everything Facebook can do, and does do, with the information it collects about you, and it might give you the same uneasy feeling it gave me.

The information grabbing and sharing Facebook does reaches far and deep, and it’s not limited to what you do while on Facebook itself. Anything you do anywhere on the Internet where a Facebook Like button is present reports your activity back to Facebook. And that means just about everywhere.

“I have nothing to hide”, you say?

The issue here isn’t what we have to hide, it’s maintaining an important right to our freedom — which is the right to privacy, and the right to have a say in how information about us is used. We’ve giving up those rights forever by using Facebook.

I want to quote the part of that article that gave me the biggest heebie-jeebies, because I know most of you won’t actually go read it yourselves. As of 3 days ago:

Facebook is demanding to track what you buy, and your financial information like bank account and credit card numbers. It’s already started sharing data with Mastercard. They’ll use the fact that you stayed on Facebook as “permission” to make deals with all kinds of banks and financial institutions to get your data from them. They’ll call it anonymous, but like they trick your friends to reveal your data to the third-parties with apps, they’ll create loopholes here too.

Facebook is also insisting to track your location via your phone’s GPS, everywhere and all the time. It’ll know extactly who you spend your time with. They’ll know your habits, they’ll know when you call in sick at work, but are really out bowling. “Sal likes 2pm Bowling at Secret Lanes.” They’ll know if you join an addict support group, or go to a psychiatrist, or a psychic, or a mistress. They’ll know how many times you’ve been to the doctor or hospital, and be able to share that with prospective insurers or employers. They’ll know when you’re secretly job hunting, and will sell your endorsement for job sites to your friends and colleagues — you’ll be revealed.

They’ll know everything that can be revealed by your location, and they’ll use it however they want to make a buck.

And — it’ll all be done retrospectively. If you stay on Facebook past January 30th, there’s nothing stopping all of your past location and financial data to get used. They’ll get your past location data from when your friends checked-in with you, and the GPS data stored in photos of you. They’ll pull your old financial records – that embarrasing medicine you bought with your credit card 5 years ago will be added to your profile to be used as Facebook chooses. It will be sold again and again, and likely used against you. It will be shared with governments and be freely available from loads of “third-party” companies who do nothing but sell personal data, and irreversibly eliminate your privacy.

There you have it. You can still find me here and on G+. For now.