salguod Posted June 20, 2008 Share Posted June 20, 2008 MT: A History of Security Yeah, it's by SixApart so of course they are going toot their own horn, but the stats are interesting. WordPress is having a series of security issues lately, hopefully for all those using it those will get ironed out. Meantime, I take comfort in knowing that MT has a strong track record in security. Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted June 20, 2008 Share Posted June 20, 2008 What kind of security issues with WordPress? I've been using WordPress for a couple of years now with Spam Karma. I've never had an issue but I also keep it updated. Quote Link to comment Share on other sites More sharing options...
earthwormjim Posted June 24, 2008 Share Posted June 24, 2008 Not a fan or MT but was a good read. Personally, I expect to see more reports from Wordpress considering the larger user base and it's popularity. Besides, I would rather deal with the occasional updates than use MT. Quote Link to comment Share on other sites More sharing options...
salguod Posted June 24, 2008 Author Share Posted June 24, 2008 What kind of security issues with WordPress? I've been using WordPress for a couple of years now with Spam Karma. I've never had an issue but I also keep it updated. There are a couple of links in that MT article, but there have evidently been a lot of WP sites getting hacked. I guess it's possible that some are hacked and the owners don't even know it. I don't think it's a spam or comment related issue, but I'm not really sure as I don't use WP. Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted June 24, 2008 Share Posted June 24, 2008 Well since you pointed it out, I went back and ran a query on WordPress 2.5 and find that there were only 3 vulnerabilities reported. So be very careful when looking at statistics. The charts in the article report 42 year-to-date and the site they link to says 3. So who are you to believe? Since this is propaganda released by Movable Type I'd take it with a grain of salt. Also, there are new vulnerabilities discovered in every piece of software available. It's how fast the developers patch those holes that matters. And you as a user of any software have the responsibility to keep it updated. Quote Link to comment Share on other sites More sharing options...
salguod Posted June 25, 2008 Author Share Posted June 25, 2008 Using the source they provide, yes, if you limit to WP 2.5 you get 3. If you leave it as any version you get what they reported, 42. For MT the only choice is any and you get zero for 2008. It's an apples to apples comparison by a neutral third party, namely the US government. 42 vulnerabilities in all versions of WP so far this year, zero in all versions of MT. Total WP has 122 since 2004, MT has had 11 since 2003 for all versions of either platform. That said, the statistics are perhaps a bit misleading taken at face value, and there is a good discussion of why that may be true in the comments of that post. In short, the numbers include not just WP but plugins as well (same for MT, but there are a lot more WP plugins I guess), and because WP has been open source from the start and MT is only recently, there may have been better reporting for WP vs. MT. Matt (I assume from Automatic/WP) points out that there have been 3 security issues in MT this year, but the stats quoted don't show any. Anil counters with his own arguments on why looking at the big picture, plugins and all, is valid. So I agree, you need to be careful with the stats and understand what you are looking at. I think even taking those things into account, MT has a better track record of security. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.