WordPress 2.3.3 Security Release

WordPress.org Logo

The WordPress.org team has released an official update to WordPress dubbed 2.3.3. This update fixes a serious security flaw that was discovered within the XML-RPC implementation. By using this flaw, a specially crafted request would allow any valid user to edit posts of any other user on that blog.

The team also managed to place three bug fixes into the patch which can be viewed here. These types of releases for WordPress.org are serious. No, the world will not end if you do not upgrade. However, you are putting your site at an increased risk of being exploited. As was reported by me on WeblogToolsCollection.com, malicious users are in fact taking advantage of the flaws found within the WP-Forum plugin. If you are using WP-Forum, you are encouraged to disable the plugin until a security patch has been released.

Visit WordPress.org to see the complete details regarding this release.

Free C2C AM StreamLink Week

CoastToCoastAM

For those of you who do not have access to the Coast To Coast AM Streamlink service already, or for those who can not catch the program when it airs  live, your in luck. Coast To Coast AM is doing a free streamlink week. Usually these promotions only last a weekend, but this time its seven days. For those of you who don’t know, Coast To Coast AM is a live talk show radio program that airs every night between the hours of 1 A.M. EST to 5 A.M. EST that is broadcast across the world. Topics that the show covers include: aliens, ufos, abductions, dreams, alternative medicine, bigfoot, cryptozoology, lochness, astronomy, time travel, physics, ect. If it’s interesting and requires intelligence, these guys talk about it. You won’t find anything mainstream here. Sure, the guests and their theories can be nutty at times, even down right hilarious. But the information that is presented on this show is generally not covered or discussed anywhere else within the magnitude of Coast To Coast.

To Mike, Mark, and anyone else interested in this sort of thing, I highly encourage you to take full advantage of the free streamlink service this week. I would be very interested in knowing what you guys think!

We’re happy to announce an upcoming Free Streamlink ‘Week’ running from Wed. Feb. 6th through Sun. Feb. 10th. Participants will have a chance to test drive our subscriber package, including podcasting current shows, and downloading recent favorites. Join us here at 7pm PT on Wed. to start experiencing the excitement and convenience that Streamlink offers!

Another Mile Stone Reached

As it turns out,

Akismet has caught 10,023 spam for you since you first installed it.

It wasn’t too long ago when Akismet blocked the first 1,000 spam messages. In just a short time after that, it’s now 10,000. Next Stop, 100,000. And if the past is anything to go by, 100,000 will be reached in no time at all! Thanks Akismet for saving me a ton of time and hassle.

Going To WordCamp Dallas – Are You?

The other day, I happen to purchase a ticket to WordCamp Dallas. The ticket cost me $20 and the event will mark the first conference I have ever been able to attend. The event is being organized by Charles Stricklin, host of the WordPress Podcast. If you want to know more about what WordCamp is, check out the post I wrote for WeblogToolsCollection.com called What Is WordCamp?

The event will be featured by some interesting speakers/speeches such as:

  • Matt Mullenweg on WordPress 2.5 and Beyond
  • 45 Ways To Power Up Your Blog by John Pozadzides
  • How to prevent, detect and stop content theft by Jonathan Bailey
  • Cali Lewis and Neal Campbell
  • C’mon, Let’s Talk! Building influence and interaction with blogging by Liz Strauss
  • WordPress Power Tips by Lorelle Van Fossen
  • SEO For Bloggers by Chris Smith
  • Aaron Brazell
  • A panel of people to discuss the business of blogging: Mark Ghosh, Liz Strauss, and Aaron Brazell
  • Testing With WordPress by Jacob Santos

I’m pretty stoked about going to an event where people want to meet me and vice versa. I’ll be able to meet Ronald Huereca in person as well as, Charles Stricklin, Mark Ghosh, Lorelle Van Fossen, Matt Mullenweg and others. I plan on taking quite a few photos along with some video clips of the event. If I can manage to get a voice recorder, I also plan on getting a couple of interviews completed and then turning that into a WordPress Weekly episode.

If you are attending the event, let me know.

Drowning In Icons

NerdBusinessLogo

NerdBusiness has created quite the link bait post which I have fallen for which contains 5,798 high quality icons for use on the web, within applications or RSS. This is by far, one of the biggest, most organized icon posts I have seen to date. All of the icons within this post are free. However, all of the icons listed within this article are the largest size within the pack and are of .jpg format. That means that if you use the jpg image on a white background, it will probably look ok. But if you want to use these icons on a different colored background, make sure you visit the authors home page and download the respective .PNG icons.

Move Over Gratavar Its Ravatars Turn

Ever wanted to add some flare to the commenting section of your WordPress blog? Grok-Code has coded up a nifty little plugin called Ravatars. Ravatars displays a random avatar for each visitor that is generated at random. The icons are based on email so if a user uses the same email address for each comment, the same Ravatar image will display. You can choose to customize the plugin to display Ravatars that are related to your theme or visitors can opt to configure their own avatar via Gravatar.

Ravatar comes with a default set of images, or you can remove those and upload your own. It works by creating a hash of the email address, and then using the hash to choose an image and the place where the image should be cropped. Uploading your own images gives you the power to customize avatars for your site. A backpacking site might use use nature scenes. Or you might pick images that match your blog’s color scheme.

ravatarexample

In order to customize the plugin, you should upload photos to the plugins/ravatars/parts directory. As of this writing, the only two image formats supported are .jpg and .png. Grok-Code recommends keeping the amount of avatar images within the directory to around 40 although if your blog contains a lot of unique comments, you will most likely need to increase the amount of images if you want each commenter to have  their own image.

You can download the Ravatar plugin from their release page by clicking here. The release page also contains installation instructions as well. If you happen to download and install this plugin, let us know what you think of it. I think it will be a nice way of spicing up the commenting section so it doesn’t appear so bland.

Secret Life Of A Blog Post

LifeOfABlogPost

The folks over at Wired.com sure know how to come up with interesting InfoGraphics which turn complicated datasets into beautiful visual aids. This is no exception. Wired.com has put together a nifty InfoGraphic of how a blog post travels the interweb. The graphic starts off with a post being written and then published on a blog. The blogging service then pings servers letting the search engines know you have provided new content to crawl. Next, your post is crawled by search engines, data miners and the obligatory text scrapers. Then, the post content makes it’s way towards ad servers that serve ads based on the keywords that are found within the post.

Aggregators then take your blog post and send it out to human reader. Once your post is out on the web, social bookmarking takes over. At this point, people who find your blog post may comment or write their own post about the first post and the entire process starts over again.

The blogosphere explained in an elegant fashion. Does anyone know if Wired sells posters of their infographics?

WordPress Dev Cycle To Possibly Change

According to Ryan Boren, one of the lead developers behind WordPress has announced that the Automattic Dev team is considering a change to the WordPress.org development cycle.

We are considering building this extra time over the holidays into our roadmap. This would mean one less release per year. We’d release in Spring, Summer, and Fall, and then again in Spring of the following year. With six months of development time, the Spring release would contain the bigger features that don’t fit into the shorter Summer and Fall release windows.

I’m actually hoping that they go through with this decision. I’m thinking that the extra development time will help to decrease the amount of bugs in the Trac. You know, those pesky things that are more of a nuisance than an actual bug. This dev period would also give individuals more time to CATCH UP. You shouldn’t be far behind as far as versions go anyways, but the extra time could be beneficial.

FireFox Saved Me!

PhishingBlocker

Early in 2007, I finally managed to file for my first credit report since they passed the law allowing for one free credit report per year. Out of the number of institutions available for filing my credit report, I chose to go with Equifax. I was pretty impressed with how fast it took for them to process my information. Once they were finished, I was able to see my credit report online. And, in case you were wondering, my credit score is around seven or eight hundred which I hear is pretty good.

This year, I have yet to file for my credit report but I received a piece of email the other day from Equifax telling me that I was required to fill out a particular form they had sent me.

equifaxemail

Well, I wasn’t in a hurry to open up any emails from them but when I finally did, here is what I saw.

Equifax Scamjob

Looks convincing doesn’t it? Well, after thinking about it for awhile, I decided to click the link to see what it was all about. The result? The first image you see in this post. This is the first time I’ve ever seen this notification which took me by surprise. After receiving the update, I did a Google search on the scam and yep, this was an Equifax phishing email.

So not only did I want to warn others, but I wanted to give a big thank you to the built in Phishing filter in FireFox. You saved me bro!

Forum2pt0 Is Back

Forum2pt0

I’ve been giving the forum idea some second thoughts and have decided to bring them back online, right were we left off. With my new interest in WordPress, I have created an entire section in the forums dedicated to various aspects of the open source project hoping that this will help build an awesome community of WordPress users. I’ve since replaced the link to the forum to the top navigation bar of the blog. If you don’t feel like moving your mouse that much, you can check out the forums here.

I’ve also created a child forum for WordPress weekly so be sure to check out the forums again and lets see if we can’t make this forum rock the house.