Calendar
Network
Feeds
kapheroph
Also worth a mention is to keep an eye on security sites like http://secunia.com and http://www.securityfocus.com for vulnerabilities and exploits.
One of the better things to come out these blogging applications from my point of view is it has taken the load off server admins as it is a lot easier to hack a wordpress site than it is than a server these days, read CSS, CSRF, SQL injection, XPath injection etc. And when something does go wrong it is usually only the one site. And so (sadly) it puts the responsibility upon the owner/maintainer of the site to make sure that they know what the code that they are using actually does.
Bloggers don't need to be developers or really even know how to code these days and it's quite inevitable that a majority of those who can code don't know how to code securely. As this type of application grows with the advances of the web there are going to be more and more of applications like wordpress and plugins for these apps showing up with and people blindly using them and adding bits and peices from here there and everywhere. Does this remind you of what happens with an operating system? Secure for the most part but once applications are installed from various sources, things start to go down hill... As mentioned in the article there are already what you could loosely consider AV and Firewall apps for wordpress and the like. Just what is going on here? Ajax and back end database controlled CMSs, it may look all nice and pretty to the website user but it also looks pretty nice to a malicious user as well.
Don't get me wrong, I enjoyed reading the article and think that there should be more of its type. It's just that we don't seem to be fixing the problem by tacking something on to cover the problem.
I apolagize for ranting on my first ever comment here but security and privacy are not only my work but my passion.
« previous1 next »
Story: The Ultimate Hacker Prevention Guide