The past two days I’ve been at WordCamp San Francisco and the presentations have been amazing. For the first time ever for San Francisco we’ve had a really fantastic live video stream going from both rooms. It’s a pretty economical way to get all of the content of the conference without the cost of coming to San Francisco. We even had someone streaming from Pakistan! My talk on the State of the Word, will be tomorrow at 11 AM PST so get a ticket on the WordCamp SF site.
Category Archives: WordPress
WordPress Japan has decided their official character nameThe TimThumb Saga
Last week there was a serious flaw found in the code behind TimThumb, an image re-sizing library commonly used in premium themes.* Because the code is commonly embedded in themes it’s not easy to discretely update like it would be if the code were a plugin, and even when a theme is updated people are hesitant to update because they often customize theme code rather than making child themes, so if they were to overwrite their theme with a new version they’d lose their modifications. That, combined with the severity of the flaw, means that this is one of the more serious issues in the WordPress ecosystem in a while, even more than normal because it wasn’t in core.
It could have gone a lot of ways, but the incident brought out the best in the community. The core team sprang into action searching through the theme directory to inoculate any themes that contained the dangerous code. Community blogs quickly got the word out about the problem so people were aware of it. Mark Maunder, who originally discovered and broke down the problem, created a fork of the code called WordThumb that rewrote TimThumb from the ground up. Forking is not usually ideal because it fragments the market for users but Mark soon connected with Ben Gillbanks, long-time WordPress community member, and they’ve teamed forces to release TimThumb 2.0, a collaboration that exemplifies Open Source at its finest. An updated plugin should be in the directory shortly.
It also illustrated the original vision I had behind VaultPress. In addition to reporting early and emailing customers with vulnerable code, the following morning they had devised a way to go in and surgically correct vulnerable code on over seven hundred affected websites. This fixing-problems-while-you-sleep delighted users and is exactly the kind of problem I hoped VaultPress would solve for people and it underscores the core value of the service. If you’re not using VaultPress for your most important websites yet, you should.
* I originally had a long rant here, but here’s the 13-word version: I’ve seen no correlation between how much something costs and its code quality. This is getting better as more people become familiar with the coding standards of core, and PHP in general, but there is still a long way to go. If you want to avoid this in your own code, check out Theme Check and Log Deprecated Notices to start. If you’re looking for code to base your own theme on, it’s best to start with something like 2010 or 2011.
On WordPress 3.2 with WebProNews
Abby Johnson from WebProNews posted an interview about the philosophy and thinking behind the WordPress 3.2 release, and we also recorded the video below:
The FCC just released their first plugin for WordPress (a faceted search widget) and writes about why. Does your organization have a cool plugin you’ve written but not released yet? I know we do. Hopefully they will get the plugin in the repo soon.
Fifty Million
As noted on TNW and Adweek, yesterday we passed over 50,000,000 websites, blogs, portfolios, stores, pet projects, and of course cat websites powered by WordPress. I had the good fortune to celebrate this milestone with a few hundred WordPressers at WordCamp Montreal yesterday. (During my Town Hall I wasn’t aware we had passed the number until someone shouted from the audience.) It’s always fun to pass a big round number and over the weekend many libations were consumed with friends old and new, but ultimately the press has always been more concerned with those top-line numbers than we have in the WordPress community. More sites being created is a good benchmark for our adoption, but ultimately WordPress matters not for the blogs it creates but for the lives it affects. We have some huge opportunities this year, particularly around making our software more accessible to the next 50 or 500 million people who want to have a voice online, something I hope to talk more about at WordCamp San Francisco next month.
Memeburn has a new interview up: The future of WordPress: Q&A with founder Matt Mullenweg.
As you may have seen, the WordPress community released version 3.2 “Gershwin” yesterday. Here’s the announcement video with some of the new features:
When you get a chance also check out MT’s post about the Design of 3.2.
Joseph Scott has written pressfs, a WordPress filesystem. Cool!
Here’s an update on WordPress woes in Kazakhstan and Kyrgyzstan. As far as I know we’ve had no contact with KazakhTelecom. Typically this happens when they don’t like something a blog is saying, so they block or degrade service for everybody. The footer of the site links to Global Voices Anonymous Blogging with WordPress and Tor guide, which is still excellent all these years later.
{EAV_BLOG_VER:c967aa2d93c7cb18} Mark Maunder writes Can WordPress Developers survive without InnoDB? MyISAM vs InnoDB benchmarks.
Alec Baldwin, my favorite character on 30 Rock, has a great-looking WordPress-powered site. It was also built by Alley Interactive who did the Observer site I blogged about the other day.
Four Cool WP .gov Sites
I was in Washington DC last week at the OpenGovDC conference where I participated on a panel about design. The organizers and many of the speakers were pretty Drupal-focused, but I did get to meet some folks and learn about the ever-growing use of WordPress inside the Beltway. Here are four:
- CFPB, Consumer Financial Protection Bureau. This is the best-looking of the four, and 100% WordPress.
- MO.gov, Missouri State. Is there a LESS.gov? 😉 The show-me state has a solid WP-as-CMS going here.
- Office of Compliance. As exciting as it sounds.
- NCCS.gov, National Center for Computational Sciences. Website is okay, but center is super-cool: they provide super-computing (tens of thousands of processors) for open scientific research.
Any other favorites? Particularly well-designed ones like consumerfinance.gov.
How To Run A News Site And Newspaper Using WordPress And Google Docs. This is why I love saying “scripting is the new literacy.” A bit of scripting glue can tie together Big Projects like WP and Google Docs to create something completely novel.
Six years ago on this blog we scheduled a WordPress meetup in Seattle which ended up including a number of folks who are still changing the web today, including Bre Pettis, Robert Scoble, Chris Pirillo, Matt May, Filipe Fortes, Andy Skelton, Scott Berkun, and Lee Lefever. We’re going to do an informal 2.0 tonight at 6 PM, Friday June 3 at Pike Pub & Brewery on 1st Avenue in downtown Seattle. Come by and share a beer, reminiscence about trackbacks, and talk about the future of the open web. It’s short notice, so please spread the word to your Seattle-area friends.
Joel Falconer has written a pretty definitive article on WordPress: The Free Software With a Big Economy & How You Can Get Involved.
Batters Up: Major League Baseball Now on WordPress.com. MLB’s blogging system used to be powered by Movable Type, and about 15,000 blogs switched over to WordPress.com as part of this. It’s an honor and delight to have so many great bloggers joining the family. They’re also in good company with VIP blogs for the NFL, NBA, NBC Sports…
Douglas Van Bossuyt says What VaultPress means to me.
Remember my resolution to “Launch secret new thing, code abbreviation JP”? There was even a WP Candy thread guessing what it was. Well it’s live, and you can click here to read all about Jetpack. Check it out, every WordPress deserves a Jetpack. 🙂