WordPress and phone home

[Brad]

While we are discussing these type of things, does anyone care whether or not theme developers know which websites have their themes installed?

[Otto]

Do I need to continue? Do I really need to explain that suddenly I have millions of dbs on my desktop, with access to working passwords. Passwords which will probably also work for many emails accounts, maybe even PayPal.

Yeah, you need to explain, because I read that three times and still can't figure out what you're talking about.

Another thing I never understood about WP: back in the day of *nuke, Mambo and OSCommerce everything had an easy option to install the admin backend on SSL webspace. If not integrated in the core package, why is there no 'SSL download package' for WP with easy installation process. Sure this might not be interesting for the WP consultant, but doesn't WP do it's best to offer a package for the lowest common denominator?

WordPress does have SSL admin support built into the core. However, setting up SSL on a hosting service is not usually "easy", so this is not enabled by default. But if you have SSL working, all you have to do is define('FORCE_SSL_ADMIN', true); in your wp-config.

[Otto]

Making these sorts of comments does you no favors, Otto.

I'm totally uninterested in what other people think about me.

Not every installation/use of WordPress conforms to your ideas, intents, or ideals. You cannot possibly (nor can I or anyone else in the world) fathom all of the potential use-cases for WordPress, and to think otherwise is both foolish and arrogant.

I'm also uninterested in covering every potential use case. I'm more interested in covering the most common use cases, and leaving plugins to handle the fringes.

Simple solution here: clear, concise information from api.wordpress regarding a) what information is sent, and b) what data are retained (and for how long).

One of the things I'm asking for is simply this very sort of disclosure. Why is that request a) paranoid, or b) lacking in substance?

Requesting more information is not.

Wanting an option to "anonymize" the data is. Which is what most people are talking about.

I'm merely suggesting that WordPress conform to industry standard for well-behaved applications.

Shockingly, I'm also totally uninterested in "industry standards"

There are legitimate reasons for sending data to api.wordpress, and I support them (hey, I LOVE inline core and plugin updates!). I would be perfectly happy with mere disclosure of this information, within WordPress.

Then I'm not talking to you in particular, am I?

The data collection is built into core; therefore, the opt-out functionality should be, also.

Oh, now I *am* talking to you again. Never mind.

I also don't think that api.wordpress has any malicious intent.

But, is api.wordpress somehow immune to being hacked? Is it absolutely impossible (or inconceivable) that data retained on api.wordpress could get into the wrong hands?

I happen to think it is somewhat paranoid to believe that the plugin list data is retained at all. Because of reasons I've already stated.

Those questions do not represent paranoia; rather, they represent perfectly sane risk assessment with respect to server-stored user data.

I disagree.

You are aware of the concepts of politeness and respect. Are you incapable of practicing those concepts?

I say what I think and mean what I say. If you don't like what I say, then you are disagreeing with what I see to be true.

For example, when I call somebody an idiot, then I mean that I think they are an idiot. It's really quite simple. I don't have a filter, nor do I care to employ one. If my thinking you to be an idiot bothers you, then you have two options: 1. Ignore it and get on with your life, or 2. try to understand why I think you're an idiot and either convince me otherwise or change your opinion to make you not an idiot.

And if you're just going to be offended, then I really don't give a damn.

Simple disclosure regarding api.wordpress data retention would answer every single one of these questions - no snark, condescension, or dismissiveness required!

Well, which is it? Disclosure or opt-out? I don't care about whether they disclose or not (that's up to them). I'm arguing against an opt-out option in core (I have no problem with an opt-out in a plugin). That's the only thing I hold a real opinion on.

[Otto]

Oh, and by the way: The opt-out plugin already exists.
http://wordpress.org/extend/plugins/...lugin-updates/

Been there for over two years. Hasn't really gotten a whole lot of downloads...

[andreasnrb]

Otto
You say treat it like a black box but in this case its just a box with a bunch of people preventing others from looking in it. The same people also grab stuff they don't need and put it into the box then they say "We wont let you look in the box, Just trust us!".
And give it a rest with the stupid plugin. People don't know WordPress sends data so why should they download it? They shouldnt even have to download it.
You have no real arguments why do you even continue?


All the data sent is not needed then why send it in the first place. Its as simple as that. Its a really simple fix in the code. They can make it in the next upgrade.
The real problem is people who are totally against changing it for no real reason. It doesnt change any behaviour in wordpress.

And I would like to see the data they have collected so far. Jeffs link to the local downloads showed they have a lot of data collected they dont want people to see.

[ifranky]

Yeah, you need to explain, because I read that three times and still can't figure out what you're talking about.

*sigh*
If a hacker has a list of urls with installed plugins, it becomes very simple to see in what folders on what url, db-backups can be found.... and downloaded.

WordPress does have SSL admin support built into the core. However, setting up SSL on a hosting service is not usually "easy", so this is not enabled by default. But if you have SSL working, all you have to do is define('FORCE_SSL_ADMIN', true); in your wp-config.

Agreed, it seems that use of SSL on standard hosting plans has become more difficult than years ago (often even inexistent). If I remember correctly all you had to do in OSCommerce was supple the path to the SSL folder and done.
If it's only a stealth option within WP, the web, online security, privacy, and hosting options, will not improve.

[Otto]

You say treat it like a black box but in this case its just a box with a bunch of people preventing others from looking in it. The same people also grab stuff they don't need and put it into the box then they say "We wont let you look in the box, Just trust us!".

What "stuff they don't need" are you talking about? I've already explained all the data sent and why it is sent. All of it is "needed".

All the data sent is not needed then why send it in the first place. Its as simple as that.

If you're not going to read what I've already posted, then I see no point in arguing with you.

[Otto]

If a hacker has a list of urls with installed plugins, it becomes very simple to see in what folders on what url, db-backups can be found.... and downloaded.

Okay, I grant you this, but it's not sending internal lists of folders and such. The plugin data doesn't have that info.

Agreed, it seems that use of SSL on standard hosting plans has become more difficult than years ago (often even inexistent). If I remember correctly all you had to do in OSCommerce was supple the path to the SSL folder and done.
If it's only a stealth option within WP, the web, online security, privacy, and hosting options, will not improve.

It's not a "stealth option". It was one of the major new features in WordPress 2.6.

http://codex.wordpress.org/Administration_Over_SSL

[ifranky]

It's not a "stealth option". It was one of the major new features in WordPress 2.6.

Make it a checkbox during install. One page install is brilliant. One (by default unchecked) checkbox which expands upon check is all what is needed. Most people do not RTFM. Especially with WP being popular as it is now the lowest common denominator has to become the decisive standard.

The hobbyist who creates cards and wants to sell them on her blog, might never have heard of WP2.6 features, but still want that 'secured space'. Major sites and platforms do their utmost best to make sure that people check for 'that yellow bar'. Awareness must be improved. (*)

Same with privacy. No one (the average user) gives a damn until problems are discovered. 2 Years ago no one cared about Facebook privacy. Now many have lost their job due to stupid behaviour on FB or poor privacy settings, suddenly FB privacy is a huge thing.

If the installer offers the option to block search engines and not ping pingomatic, why should wp.org collect the URL and many more things (without disclosing)?


(*) One email to the hosting company is often sufficient for them to discover that SSL folder. Do you think additionally they want to Google how to activate it in WP?

[Otto]

Make it a checkbox during install. One page install is brilliant. One (by default unchecked) checkbox which expands upon check is all what is needed.

And then of course people will check the box. And if they haven't set up SSL on their host, their site won't work at all.

SSL Admin is not a simple checkbox for the precise reason that in order to make it work, you have to have some amount of knowledge. Mainly, you have to know how to make SSL work on your domain, since it's not something that happens by default.

(*) One email to the hosting company is often sufficient for them to discover that SSL folder. Do you think additionally they want to Google how to activate it in WP?

SSL isn't free. You have to pay extra for it most of the time. There's no "folder" as such that you need to mess with, but you generally do need to buy an signed SSL certificate and set it up on your domain and such.