The "State of the Word" address from the WordPress CMS project will be both live and in person, as well as streamed for viewing from home.
Posts tagged as “wordpress”
While Linux runs the Internet, it’s the free and open source content management platform WordPress that runs most of the websites we visit to stay informed and entertained.
The Screening Room
Open source activism takes many forms, including the creation of documentaries that celebrate and explain open source solutions. Two bold women in France, Deborah Donnier and Emilie Lebrun are working on a 50-minute documentary in French that celebrates and explains WordPress.
You can view the beautifully done trailer of their project here — with English subtitles.
For the past 10 years, Phil has been working at a public library in the Washington D.C.-area, helping youth and adults use the 28 public Linux stations the library offers seven days a week. He also writes for MAKE magazine, Opensource.com and TechSoup Libraries. Suggest videos by contacting Phil on Twitter or at pshapiro@his.com.
Also included: Fedora community says goodbye to Matthew Williams, Solus gets a new package build system, end-of-life for Fedora 23 and IoT security.
FOSS Week in Review
Something arctic this way comes. That”s what Lannie Pope, the weatherwoman on the local NBC affiliate, tells us, Trouble is, I’m still stuck in a house without proper heat, a situation that’s been dragging on since near the end of September. It’s a long story, but…brrr. I’m glad I don’t live in a part of the country where it gets really cold.
Now on to this week’s FOSS news, which is always warm…
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
Also included: FBI hacks 8,000 with single warrant, new Cinnamon desktop release, “government-backed attackers” after journalists, and FOSS Force adds beef to newsfeed.
FOSS Week in Review
Okay, Thanksgiving is over. Let the sales begin. Which reminds me, I have to buy a new cheap Wi-Fi router — cheap being the operative word. Any suggestions?
Otherwise, it’s back to FOSS news…
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
FOSS Force has just learned from Wordfence, a security company that focuses on the open source WordPress content management platform, that a popular plugin used…
Publishers of WordPress sites using the ‘Poll, Quiz & List by OpinionStage’ plugin, might want to check for unexpected advertisements.
FOSS Force has learned that the popular WordPress plugin “Poll, Quiz & List by OpinionStage” has been placing advertisements within photographs included in online quizzes that have been created using the plugin. The plugin is used by over 10,000 WordPress sites to create quizzes, polls and list articles.
Publishers using the plugin are not being made aware that ads are being placed on their sites unless, perhaps, they visit the plugin developers’ website and go to the “Pricing” page, where the developers say information about the policy is available. I say “perhaps” because we have been unable to find any such notice on this page. We discovered the issue on Sunday when considering whether to manually migrate the single FOSS Force Quiz created using the plugin to another quiz app we’ve since adopted as our default.


Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
Or desparately seeking Schrödinger’s cat’s data
Right about now is the time we told you we’d be giving you the results of the poll we started last week detailing the methods our readers use to receive and send emails. Well, it ain’t going to happen. Nor are we going to tell you next Wednesday about the results of the poll we put up late Sunday night on how you feel about Microsoft as an open source company. Why? The best we can come up with is “the dog ate our homework.” Actually, none of us has a dog, so that’s out. We’ll just say the poll data ran away from home.
FOSS Week in Review
Larry’s away today, hiding beneath his tinfoil hat and hoping to escape the ravishes of Friday the thirteenth, so I was volunteered to write this week’s review. Sorry. Larry will return next week.
G’bye Debian Live: By now you’ve probably heard the news that evidently the Debian Live project is no more. This according to the project’s leader, Daniel Baumann, who posted An Abrupt End to Debian Live on the Debian website on Monday. According to him, the project was “hijacked by the Debian-cd and the Debian-installer teams.”
Reading the post, you might be excused for thinking it’s not all wine and roses over in Debian-land. “Debian can be great,” Baumann wrote. “But depending on who you are, where you come from, and who your friends are, Debian can also be hateful and full of deceit.”
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
In the same week that we learned from W3Techs that the popular open source content management system (CMS) WordPress now powers a full 25 percent of all sites on the web, we learn that six popular WordPress plugins contain serious security vulnerabilities. The later news comes to us by way of security firm Wordfence, which specializes in WordPress security and develops the Wordfence security plugin for the platform.
This news isn’t surprising, nor is it cause for alarm. Because WordPress is by far the most popular content management platform on the web, it’s an obvious target for hackers, and third party plugins are the most obvious way inside. However, the folks at Automattic, which develops the platform, have proven themselves to be diligent at finding vulnerabilities and keeping them patched.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
Website publishers using the popular free and open source WordPress content management system (CMS) woke up this morning to find that their sites had been upgraded to version 4.2.2. Users who’s sites somehow missed being automatically upgraded are urged to update immediately, as this update addresses several important security issues. According to Wordfence, maintainers of a popular WordPress security plugin, this release fixes one recently discovered vulnerability and further hardens a security issue that was addressed in version 4.2.1.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
Anyone who runs sites using the WordPress platform and the plugin Simple Ads Manager will want to read this and learn from our mistake. Even those not using this particular plugin, but who have deactivated plugins not being used but still residing on their servers might find this useful. Luckily, in our case no harm was done, but that’s only because the incident occurred on a test site, so we were able to just take the site down. Lucky for us, it wasn’t FOSS Force or one of our other active sites.
Early Saturday evening we began receiving numerous email notices with two worrisome subject lines from our server. One subject was “LOCALRELAY Alert for sitename,” being sent to us at the rate of about every five minutes, with each showing info on the “first ten of 101 emails” that had been sent by the server since the last email notification. The other subject, “Script Alert for /path/to/script” was coming with the same frequency. To make a long story short, someone had hacked into a site we use to evaluate and test WordPress plugins before possibly deploying them on active sites, and was using it to send spam. Our test site had been turned into a spambot in other words.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux