 |
|
| FriendFeed is the easiest way to share online. Learn more » |
Ben Hwang › Comments
Re: Satellite Doesn’t Seem Cheaper Than Cable - http://life.firelace.com/2009...
"Perhaps, and while I have my complaints... you know my economic situation. And if it was any other time, I'd probably agree with you, but when times are tougher, budgets take a lot more precedence and priority. Like I said before, even if it was mere cents? I wouldn't have any issues switching. But when I'm paying more? It better be a tremendous value-add, which I don't see. Dish is better, but not quite there yet. Oh, and if you have DVR, that's great but I don't and never have used it. Might later on, but haven't had a tremendous need for one yet. One other thing... While the fees might be similar, your operational costs are different since they're different infrastructure businesses. Thus, to say that they operate on the same level would be incorrect. That's like comparing the cellular business with landline because they're both catering to the consumer's phone needs. I doubt that they can't sell it for cheaper, especially as a subscription based model. I'd rather have no promo and..."
- Ben Hwang
Re: Newsflash: Some Asian Men Cheat on their Partners - http://www.8asians.com/2009...
"Not that it matters, but the author of that post is a black girl. And if you go read her site, she likes to just moan about the fact that asian men that date black women are few but around.... but then goes on about how they cheat and such. Strange since she's the one dating them. Anyhow, I agree with Effie. It's too bad that she's the one that has to meet the "slew of douchebags.""
- Ben Hwang
Re: Time Warner Cable’s Navigator Slow as Molasses - http://life.firelace.com/2009...
"Totally agree. What was funny was that we just went over to a friend's place for a Halloween party this weekend over in Oak Ridge, and his televisions are still using the old firmware! What the hell. Seriously, this is so annoying. We tried to flip through Sunday night football tonight and it was absolutely disastrous. It was actually faster to go to a computer and find out what channels they were on, than to use the guide. If you ask me? There's something seriously wrong with that picture."
- Ben Hwang
Re: Being Asian Can Prevent Promotions? - http://www.8asians.com/2009...
"“In order to be an immaculate member of a flock of sheep, one must above all be a sheep oneself.” - Albert Einstein"
- Ben Hwang
Re: Being Asian Can Prevent Promotions? - http://www.8asians.com/2009...
""The good of man must be the end of the science of politics." - Aristotle"
- Ben Hwang
Re: Being Asian Can Prevent Promotions? - http://www.8asians.com/2009...
"Personally, I think that your comment is well on the spot. Mainly because, if you cry discrimination, where does it stop? Every single group from a social standpoint can cry discrimination at pretty much anything. Which is why I think the entire thing is bunk and doesn't help the AA community."
- Ben Hwang
Re: Being Asian Can Prevent Promotions? - http://www.8asians.com/2009...
"This is very true. In the South, it's called the "good ol' boy network". And believe me, it exists on every single level and in every geography. Who you know, and what backs you've scratched plays a lot more into promotions in pretty much every aspect of corporate life. Don't get me wrong, not saying that hard work doesn't pay off. But the larger the corporation, the more the chance to play corporate politics."
- Ben Hwang
Re: Being Asian Can Prevent Promotions? - http://www.8asians.com/2009...
"Management and senior management are two different scenarios. At the executive level, most people only care about the bottom line. Thus, the majority of your players at the top level have money dealing type degrees. And yes, business school is a money dealing type degree. In the end, the entire thing is amusing since everyone is calling the race card when it really doesn't have to do with it. You want senior management type of plays? I can re-tell stories that have been told to me for longer than I can remember. There isn't any need to play the race card. They have so many different things to throw at you without using race since it's just nasty corporate politics. The way I look at it? The world isn't fair kiddies. And you're jumping into a pool of sharks as fresh meat and praying that they think that you'll be treated equally. Last I looked? Fresh meat gets eaten. And if you never take that particular type of attitude in, then you wouldn't last two seconds in a senior mgt. position."
- Ben Hwang
Re: Being Asian Can Prevent Promotions? - http://www.8asians.com/2009...
"But see... that proves my point. If you're going to play that card, then I can also say the same of... you're in the wrong field. Most Asians don't go into finance. If you look at most of your top executives in pretty much any sort of field on a general level, senior management has finance experience. So based on that "statistic", we're going to assume that engineering or computer science degrees are also being discriminated against? Which is why I've said it before: "Lies, damned lies, and statistics." Big deal about the Silicon Valley companies. And you can say the same vice versa on the other side of the world. It plays that way because it does. If we're all going to just sit around and discuss whether or not we're being discriminated against instead of asserting yourself in the workplace and moving up the chain, then my question would be.... how exactly did the "speaker" of this series even make it to a Director position? I mean let's be frank. If it's not working out, then what's..."
- Ben Hwang
Re: Being Asian Can Prevent Promotions? - http://www.8asians.com/2009...
"It's not a limited personal experience. It's everyone else's. If there are actual issues with promotions, then none of my family, extended family, or anyone else I know growing up would be in the positions they are today. Many minorities pull the... "we don't get promoted" card, but having the AA community do it is just pretty low imho. And you hit on a great point. It is "my opinion". But with that, bamboo ceilings haven't existed where any of my family works for years. Like I said, call me crazy... but there's enough differences that you can hold people back on based on achievements alone without playing the race card. As for statistics, there's only one thing for me to say there: "Lies, damned lies, and statistics.""
- Ben Hwang
Re: Three Apples: Celebrating Hello Kitty’s 35th Anniversary - http://www.8asians.com/2009...
"OMG. Where can I find that costume for my kitties! :p"
- Ben Hwang
Re: Discover Bank Needs Work Still - http://life.firelace.com/2009...
"Catie, Would be glad to do so. As a current member, if you could let me know when it will happen, I'll be happy to take a look. Like I said before, I've been happy with Discover's service, but the new product is a little under what I'm accustomed to from the past."
- Ben Hwang
Re: “Want to see up a Japanese woman’s skirt and see her underwear? Yeah, there’s an app for that.” - http://www.8asians.com/...
"But here's the thing. Now you'll know who bought this app, when you start seeing people blow at their iPhone. And you can go... HEY! I know what app you're using right now! I can see it now... Puff 2! - The Rise of Speedos."
- Ben Hwang
Re: Ethical “White Hat” SEO Spam - http://life.firelace.com/2009...
"Yeah... I know. ;) But I figured it was worthwhile to note it. People hurt themselves if they label themselves as "white hat" and then point to this link since they could basically be linking directly to their own failure. I can't say that company is or isn't.... but they are taking that risk. :)"
- Ben Hwang
Re: YouTube: Chinese Southern Belles Explain Haw Flakes and Pineapple Cake - http://www.8asians.com/2009...
"That's cuz.... there's not really great Asian food in the South. Unless you really have a hankering for hibachi. Atlanta now has a pretty large Asian community, but it's still tough to find the really good stuff anywhere else in the South. Personally, I don't think even the RTP area is that great. Not that there's anything bad about the Chinese-American to-go cuisine, but yeah..."
- Ben Hwang
Re: McDonald’s Loses Trademark Fight Against Malaysia’s “McCurry” Restaurant - http://www.8asians.com/2009...
"As far as trademarks go, you have to enforce registered trademarks or else you lose them. As far as McStinkyTofu goes, I never cared for Stinky Tofu anyways.... but I personally would rather go with a brand name of "S.T. FU" since you could totally do crazy things with it and it could catch on pretty easily. What can I say, it's the marketing brain at work."
- Ben Hwang
I don’t feel safe with Wordpress, hackers broke in and took things - http://scobleizer.com/2009...
carl morris, Tyson Key, Susan Beebe and 87 other people liked this
Well, if you have fixed the hole by upgrading; you should feel a lot safer now. I guess strong user adoption does bring the wrong kind of attention.
- Anindya Chatterjee
Anindya: we're watching. Looks like they haven't gotten back in since the upgrade and some of the other changes we made. Knock on wood.
- Robert Scoble
I'm very tempted to switch to a SixApart install. As a Perl programmer I'd be much more familiar with the backend.
- Jesse Stay
Robert, btw, I'm sure between all your users you can find a backup. I have a bunch via Google Reader I could get to Rackspace to import for you. I'm sure others have even older entries than I have. Let us know if you want help restoring the old scobleizer.com!
- Jesse Stay
robert - i can tell you this - you need to watch it like a hawk - when i thought i was safe - i wasn't - InsideTransit continues to get hit - and I still believe there is some patches and stuff that RS can do as well - the bigger issue is what's on the server - because that's where they put the shells and then they can do whatever they want.
- Allen Stern
Not cool, hopefully things will work out.
- Kim Landwehr
Jesse: luckily it was July and August, when I wasn't doing much blogging. No biggie. Thanks. Allen: yes, Rackspace Cloud has a security team now and they are actively looking at ways to make Wordpress safer for our customers. It really sucks getting hacked. Let me know if you find any other ways to protect the systems.
- Robert Scoble
Robert: Yea getting hacked sucks. My early days with my blog aboutonlinematters.com I got hacked and luckily my ISP had a backup. Since then I have treated my Wordpress blog like any dev site - with a subversion repository and complete backup. But there are days... like today... when I think strongly about a platform like typepad.
- Arthur Coleman
what i have found is locking down the files helps - but you need to ftp into your site and make sure that nothing has been edited or added - in my case, on all my sites, the hackers put files all over that were base64 files - and what they do is include them into WP or they just run them direct - nearly a full shell. i've asked RS to create a way so that i can be notified of any changes to files - they say it's too heavy to run.
- Allen Stern
Robert, I just miss the traffic from your "You are SO Unfollowed!" article. (one of the casualties) ;-)
- Jesse Stay
There's a lot of great info they deleted - I'm a little ticked they would be completely insensitive like that to prove a security flaw. It affected much more than just you.
- Jesse Stay
Jesse: yeah, that's probably the one blog that I miss. It's also the one that got me to notice they deleted a couple of months.
- Robert Scoble
Jesse: that still is cached over on Google at http://74.125.155.132/search...
- Robert Scoble
No way "You are SO unfollowed" is out? I loved that one! :-( thanks for the cache Robert
- Sofia @ SoMaFusion
If you have no time to take care of yuors blog, maybe it's better if you choose the pro offer from wordpress.com ( I think scobleizer.com can have the minimum requirement to stay there).
- wolly
here it the VIP hosting http://en.wordpress.com/vip-hos...
- wolly
wolly: it's not just about time, attacks come from all directions so you've gotta have a holistic approach to security. How many of you regularly change passwords and make sure they are really good ones? (Twitter got broken into not because of hacks, but because they didn't practice good password security).
- Robert Scoble
It saddens me: it is morally reprehensible your hosting company convinced you to switch with the seduction of plugins and customization without emphasizing or handling the increased responsibility of upgrades. Your blog was not unique and not a special target, the worms sweep across millions of blogs indiscriminately and hit whatever is vulnerable. If your host is lax in upgrading, the...
more...
- Matt Mullenweg
that's true :-) I use password very strange and very verylong that I cannot remember and I use a service like clipperz.com to login.
- wolly
wolly, Robert was hosted on WordPress.com for about 4 years -- he was actually the very first VIP. Although there were dozens of security updates to WordPress in that time, his blog never had a problem because it was always up-to-date. He only switched away a few months ago.
- Matt Mullenweg
Ciao Matt :-) I didn't know that, so scoble come back to the light side :)
- wolly
Matt: yup, that's true. I've learned my lesson. Running your own servers are a lot harder than just having them hosted on Wordpress.com.
- Robert Scoble
To be frank, it completely breaks whatever trust I had in Rackspace.
- Matt Mullenweg
But Matt, I've been talking with many blog owners, including at TechCrunch, and they say that Wordpress' updates break their custom plugins. That's why they don't upgrade immediately. So, sounds like Wordpress has a mess on its hands that the hosted version of Wordpress didn't have (I couldn't run a lot of plugins and video embeds and other fun things on the hosted version of Wordpress). So, to blame it on my hoster/employer (Rackspace) exclusively isn't really a good attitude either.
- Robert Scoble
Robert, It happens. We were hacked too. My observations lead me to believe that this summer was the worst in a long time. Its a war and its going to be a war until the attitude towards hackers changes. Let's stop being fascinated in the least bit by how they do it (this goes towards Kevin Mitnick and his supporters- I don't ever want to pay good money to read about your scams on the...
more...
- Melanie Reed
Matt's got a point that with greater power (self-hosting) comes greater responsibility (more need to keep an eye on security), but I think to say that Scoble's blog was not a special target is a bit disingenuous. High-profile sites are always a higher-value target.
- Rachel Luxemburg
Matt: I think you need to really look at all the damage that's being done to a wide range of sites, many of which are NOT hosted at Rackspace, before throwing more barbs. That's bull. Sorry. But I added a link to this conversation to my blog so people could see your point of view.
- Robert Scoble
If a plugin is preventing you from upgrading (did it?) then let's figure out how to fix that plugin. All I can do in WordPress is build in the notices (your blog was asking you to upgrade for months) and the one-click updates for both core and plugins. I agree it's not your (Robert Scoble's) fault because I don't think you made the conscious decision to take on the increased responsibility.
- Matt Mullenweg
Matt: the reputation around the Net is that upgrades on Wordpress break things. This wasn't a Rackspace recommendation. It's also a problem with all upgrades. I've gotten hosed by upgrades elsewhere. Look at all the people upgrading to Snow Leopard who are having things break.
- Robert Scoble
Matt: TechCrunch hasn't upgraded its blog either and it wasn't hosted on Rackspace (at least not until a couple of days ago).
- Robert Scoble
I'm not saying there isn't lots of misinformation around the net, I'm saying "how can I help your blog, please." If it's a plugin preventing you from upgrading, let me know the plugin and we'll fix it even if we didn't write it. That's the beauty of open source.
- Matt Mullenweg
Robert -- Avoiding upgrades because they're annoying to deal with isn't a viable longterm strategy.
- Rachel Luxemburg
they need to take care of Scoble's blog, well for he is a VIP and the smashing they would have would do a lot of damage to your customer base and otherwise, would they reply to an ordinary guy say like me? i think not,well wordpress/automattic is having their tough moments, hope things get well and they get their repute back
- testbeta
Matt - you blaming Rackspace for security vulnerabilities in YOUR software platform is kinda like blaming Dell when a Windows box gets hacked. I think you are being irrational.
- Rob La Gesse
Matt: in my case it was the REPUTATION of Wordpress's upgrades that was keeping me from upgrading. I was waiting to see what other people reported broke. I didn't realize the severity of the security problems. But, I am now upgrading automatically. So I'm fixed. But you still have a reputation problem. Lots of people are reporting things break when they upgrade.
- Robert Scoble
Rob, I'm not blaming them. I'm saying it's the responsibility of any host, of any software, to stay up to date. If there was a SSH vulnerability on Robert's box I would say the same thing. Software updates are inevitable, there is no such thing as bug-free code, so staying up to date is a must.
- Matt Mullenweg
Isn't all this open source code? If it's broken, why not fix it? Doesn't everyone have the responsibility to do that? It's not any one source's fault in that case.
- Jesse Stay
Matt - I agree with you. So make Wordpress upgrades SAFE, automatic AND do some internal validation of plugin code to let users know they may be running something that is potentially insecure.
- Rob La Gesse
Matt, agreed. Not when its turned out as fast as people are yelling for it. People can't have it both ways.
- Melanie Reed
Matt: all Rackspace was providing to me was a Linux host. I was responsible for getting my upgades done on anything I ran on that system. But now we have a team making sure we're following best practices. That is NOT Rackspace's problem, though. That's like blaming Microsoft for a bug in Adobe software.
- Robert Scoble
I never listen to the reputation, I always upgrade as a security upgrade is out, and if a plugin doesn't work or I deactivate it or I fix it. Security is much more important than a plugin and Matt knows how many plugins has my blog (when he looked my backend he was very sad ad he said that it was the first time for him to see so many plugin in a blog :-) ) To have a self host blog it's difficult and time expensive.
- wolly
There are several very useful plugins specifically addressing security issues; and monitoring WP for suspicious activities (both on file and database level). Here are some articles with tips to harden your blog http://bit.ly/sZgh6 (delicious bookmarks). I only install plugins from authors from whom I know that they implement top level php; no breaking of upgrades on my 3 WP blogs has taken place (2.7-2.8-2.8.4)
- Jeroen De Miranda
Yeah, plugin issues are the responsibility of the plugin developer, not Wordpress's. I don't see how this is Wordpress's or Rackspace's fault.
- Jesse Stay
By the way, Matt, Sheamus, over on my comments on my blog, says he has the latest upgrades in place and he's still being broken into. You might help him figure out how the hackers are breaking in still.
- Robert Scoble
Sorry, I was under the impression Rackspace had recommended you move away from WordPress.com and taken responsibility for the system. I was worried about your blog -- I emailed you about this in August but never heard back. It breaks my heart when someone's WordPress gets compromised.
- Matt Mullenweg
I understand the feeling though - if people are still being broken into after being told a fix was made, especially if you're not a developer, that can be a little scary. I'd look to other solutions in that case if it were me, and it's no one's fault. It's just perception and fear, very valid fear.
- Jesse Stay
I do believe there is a false sense of securty that WORDPRESS fosters by hosting plugins. I think many assume that because they download the pluging VIA Wordpress, and FROM Wordpress, it is somehow vetted.
- Rob La Gesse
Matt: no. I wanted to move to my own install of Wordpress so that I could run many more plugins and start doing stuff other professional bloggers were doing. I am learning very quickly just how much work goes on behind the scenes to make sure my words were protected.
- Robert Scoble
Once you've been hacked once if you don't clean up every trace (preferably a systems person does this) it's very likely something is left that allows the spammers to easily break back in, regardless of what version you're on. That's why the trouble with upgrading is worth it, it's much, much less than the trouble of fixing a hacked blog.
- Matt Mullenweg
Jesse: yeah, at Microsoft when a box got broken into they wouldn't let you use it anymore. They forced you to reinstall it with all patches loaded. They assumed that it was compromised and that someone stuck a back door in somewhere. That's a lot of work too.
- Robert Scoble
install either wp-backup or wp-dbmanager and configure database backup: every day; download to your local pc (or to a system other than your hosting provider); run a check once a month to see whether you can reconstruct the blog in case of calamity, That is my procedure; works fine.
- Jeroen De Miranda
if a commoner gets hacked, then he should move to wordpress.com services or what?
- testbeta
they should just make it not have any security holes!
- Mark
Robert, if you like I'd be happy to host your blog for you (and I'm on Rackspace servers). I can keep it secure as well. I'd only ask some mention of SocialToo somewhere (or payment of some form in order to cover the cost of bandwidth).
- Jesse Stay
I would also be able to keep it backed up for you.
- Jesse Stay
So the take away messages are: 1) hosting services like Rackspace support the hardware and OS layer and you're are on your own for everything else, 2) maintaining your own website is difficult work, even for experienced IT professionals, 3) social media experts may not really know how to use the social media tools they are recommending, and 4) while hosted applications like Wordpress.com provide less flexibility, they take less effort and can be more reliable for the average small business.
- Steve Wilhelm
I'll also install any plugins you're interested in trying
- Jesse Stay
Jesse: in my case, I now have a team of the top security guys at Rackspace working on it and making sure my system is up to date and backed up. They also are learning a lot about this and other people who have had problems and are building a list of best practices.
- Robert Scoble
This is eventually why I didn't go with Mosso. The service looks good, but you still have to manage your app yourself which opens you up to problems like you've experienced. It would be cool if they offered another layer of management on top so apps could be completely hands free.
- Todd Hoff
the alternative (i.e. strong vetting of all plugins) would turn the whole WordPress ecosphere into something such as Ning.... only some 300 addons (as far as I know); little flexibility very intransparent how to get your addin accepted .... Not an attractive model for me....
- Jeroen De Miranda
Robert, excellent - just wanted to make sure the offer was out there. Maybe that could be a tiered service for Rackspace, although I'm not sure it's something Rackspace wants to get into. Bluehost barely makes any money off of that type of service.
- Jesse Stay
Steve: I think that's a reasonable set of assumptions. The grass is always greener on the other side of the fence. When I was on Wordpress.com I was always jealous of blogs that were able to run the latest plugins and use the latest embed codes from various sites.
- Robert Scoble
Robert, it's even more fun when you can customize the plugins and themes as a developer. :-)
- Jesse Stay
@testbeta wrdpress.com is a very good choice if you don't have time or you don't know how to manage security on yors self hosted blog
- wolly
wolly: that takes out the open source fun part ;) well i have nothing much to do on my blogs so i keep mine updated ;)
- testbeta
I agree with you :-) but many people love blogging non update theirs blogs :-)
- wolly
when my sites were hacked - a wordpress employee reached out to me- i dont remember her name but we sent a few emails - i could write for days about what happened to my 5 sites - my take is simple - i think the issues are a combo of rackspace (my host) and wordpress (my software) - i can tell you this - in 3+ yrs on drupal, i was NEVER hacked. and Matt is right - the real issue is that...
more...
- Allen Stern
Allen - what version of WP are you running today?
- Rob La Gesse
2.8.4 on all of them
- Allen Stern
Allen - good :)
- Rob La Gesse
If there's a shell script on the same server as you, even if it's not your account, everything on that server is at risk regardless of the software or its version.
- Matt Mullenweg
Matt - that is NOT true
- Rob La Gesse
I would switch to a new server if I were infected at this point.
- Jesse Stay
Properly configured, user space can be isolated and these scripts cannot cross-pollinate.
- Rob La Gesse
It can be -- but publish a shell login on your server and we'll see. ;) The right answer is to scrub that sort of access.
- Matt Mullenweg
Matt - that comment on the "shell script" is silly. What are you actually trying to say?
- Robert J Taylor
Some sort of backdoor that allows a remote user to execute code -- it's super common.
- Matt Mullenweg
rob/matt - that wsa one of the biggest issues with my RS account - i had all the sites together in one "client" so when they hacked one - they were able to move around with their shell script into all my other sites - now each site is in a sep. "client" so the damage can only hurt me on one site - and believe me it does hurt :( i believe insidetransit and centernetworks are hit in google
- Allen Stern
@Scobleizer I'm sticking with @wordpress it doesn't worry me that much, plus I always update and have backups of db and site emailed to me
- Justin Yost
Allen - that was within one user space though. So what I stated above still stands true.
- Rob La Gesse
Allen and Robert are big enough that if they had a problem they could contact us and we'd help them, though as far as I know neither did, but I worry a lot more about smaller folks who get hit in the same way. The knowledge for how to properly clean up after a hack is more systems than software and not widespread.
- Matt Mullenweg
As Allen mentioned above, he did have a conversation with Wordpress.
- Rob La Gesse
matt - thanks for putting me in the same category as robert! *blush* - i did reach out to you - and your security guy was helping me big time - it seemed to turn out that the WP Contact Form 7 was the thing that caused it to start - i didn't document it all online because the security guy wanted time to get the plugin developer to fix the upload hole. - btw his name was mark jaquith and he was great
- Allen Stern
So why not some scheme where Wordpress vets a plugin and "blesses it" - perhaps a small charge for this service? As long as Wordpress is advertising plugins on the dashboard I think there ample reason to hold Wordpress to some level of accountability for those plugins
- Rob La Gesse
rob - that's what i told mark - they should offer that service for a tiny fee - stamp a "certified" stamp on it.
- Allen Stern
Just updated all my sites, doesnt look I was hit.
- sean percival
sean - no one would hit you - they know you would lala all over them
- Allen Stern
sean - happy for you!
- Rob La Gesse
I've read almost all of the comments here, not hearing these mentioned once: Robert did not backup, kept the default 'admin' username and failed to update. These are three of the most basic security measures out there. Not blaming it on Robert, because we all fail on this sometimes, but these basics really are important!
- Abounding Media
http://twitter.com/markjaq... warning of Mark in April - kept me away from WP contact form 7
- Jeroen De Miranda
Abounding: yup. And the lesson here is don't host your own version of Wordpress unless you have a security team making sure you're doing it right and backing up (something I never did on Wordpress.com, by the way). Oh, and Twitter taught us that even if you do all of that you've gotta make sure you pick great passwords and think through ways that social hacks could be done to get into your accounts.
- Robert Scoble
I've written a much longer post on this: http://wordpress.org/develop...
- Matt Mullenweg
http://markjaquith.wordpress.com/2008... some great tips of Mark Jaquith on writing secure plugins - I use these and other tips when scanning the PHP code of new plugins that I intend to use (before deploying them)
- Jeroen De Miranda
Jeroen, thanks for posting that. I've had phishers getting into one of my WP installs recently, but couldn't tell which plugin it was. I deactivated two plugins, including CF7, the other day, and haven't had any more problems. And a shoutout to Ryan Boren on the WP dev team for helping me to de-infect.
- John Craft
Robert: Welcome to the world of web development for impatient users and disgruntled hackers
- Melanie Reed
http://wordpress.org/develop... great post of Matt Mullenweg about WordPress security!
- Jeroen De Miranda
john - the CF7 is what killed me a few months ago - it's because the form allows uploads even if you don't actually have them on - i believe they patched it but i have not gone back there.
- Allen Stern
anybody know if a little smily face appearing in the lower right hand corner of ones footer is a sign of a compromise on a self hosted wp blog?
- Richard Reeve
John, your are welcome! SQL injects attacks specifically exploit data entry fields used by the plugin; one should at least scan the PHP code of these plugins, and look at what kind of escape functions are used around handling of the data entry.
- Jeroen De Miranda
"it's because the form allows uploads even if you don't actually have them on" - wow. That's bad.
- John Craft
Richard is wp-stats smily :-)
- wolly
"anybody know if a little smily face appearing in the lower right hand corner of ones footer is a sign of a compromise on a self hosted wp blog?" - if you didn't put it there, it probably is. In your admin go to appearance, theme editor, and read the footer.php file.
- John Craft
Richard - are you using the WordPress.com Stats plugin?
- Andre Natta
some plugins worth considering to install are: wp-exploit-scanner, wordpress file monitor, WP security scan, anti virus
- Jeroen De Miranda
I don't understand why people are worried about a plugin breaking when it comes to upgrading WordPress. If a plugin does break, disable it for the time being. I rather have a secure installation of WordPress running and would worry about fixing the plugin afterwards.
- Jason Hansen
Hmmmm . . . I run WP Stats, but see no smiley face.
- John Craft
ah...thanks folks...stats it is. phew...so I'm not paranoid...
- Richard Reeve
There appears to be some a-holes who can break into wordpress blogs very easily. I'm not sure at this point that the new Wordpress Thesis blog that I'm interested in getting is safe either. There is some security issues with Wordpress and their incompetence to fix the problem is growing every year. They keep coming out with new versions to replace the old versions yet they still have a problem. This is serious guys.
- Jeunelle Foster
The problem with WordPress is that it forces you to upgrade. Imagine if Microsoft forced everybody to upgrade to Vista/Windows 7 in order to get their security holes plugged. WordPress should release security patches for the current and at least for the previous version.
- Nikolay Kolev
They dont force you to upgrade. If you dont want to patch, you can leave it at the current version ( but with a risk )
- Kashif Khan
Where's the patch for the 2.7 version then?
- Nikolay Kolev
Their versioning strategy bumps up numbers even for patches . And how many versions behind should they support ?
- Kashif Khan
Many of the WordPress security issues are not coming from the WordPress itself, but from the poorly written WordPress plugins. I think it would be nice if Automattic starts an "Automattic Certified" program giving blog owners the peace of mind they need. Every hacker can upload a plugin at WordPress.org, advertise it as something great, bloggers install it, see that it's nothing as advertised, uninstall it, but the WordPress instances are already hacked.
- Nikolay Kolev
Plugins are open source and free and nobody (well, with some exceptions) would pay to get their free plugin certified. The only way to do this is by having a community review process, based on some credibility score and voter authority system where 1,000 fake hacker accounts won't, for example, outweigh Matt's or Mark's votes.
- Nikolay Kolev
part of the problem is the cry wolf syndrome - if i updated every day wordpress had a security problem i'd want to be salaried on the payroll :D Wordpress needs some sort of alert notification - twitter or something that indicates if there's an update AND the severity and if its severe enough sends it to my phone.
- mal
let me play the other side of the coin - i've been using vbulletin for my forums for probably more than 5 years - and it's never once been hacked - why is this - is it because it's paid? is it just more secure? would love to get some input on why wordpress seems to be the attacker's gold.
- Allen Stern
@allenstern because it pays back better to have wp hacked
- A.T.
Another devil - I have clients using Expression Engine for years (with plugins) and haven't had a problem either. Checking security sites, EE has had very few vs the many with WP and some with Drupal. Matts suggestion that one hosts with him to avoid problems and keep updated just isn't in the cards for business sites. Just too many vulnerabilities with WP over the years for me to recommend it.
- PXLated
i can tell you that within 2 days of moving from drupal to wp, my sites were hacked - all of them - and it made me seriously question the move - the reasons i moved were because wp is a bit easier to edit/code than drupal and because the admin panel in wordpress is awesome compared to the crap panel in drupal - i wrote up a whole post about why i moved - i'd like to see matt write a post about their qa and security procedures for their releases
- Allen Stern
Alen, once Drupal 7 get released, you may actually go back. :)
- Nikolay Kolev
Robert - If I were you I'd move away from Wordpress and fast. Its security record is dire and has been for ages. Other solutions are a lot more stable, whereas Wordpress seems to have security bugs every second week. Why anyone puts up with it is really beyond me. I moved to MovableType and haven't had to worry about caching issues or security problems
- Michele Neylon
#somethingpersonal WP calls you "technical evengelist", Robert. When you say «Yes, I didn’t have a backup. I should learn to do backups» I call you a mediawhore. Nothing TECH-NI-CAL, just bulled ego. Learn Security, Performance, Reliability, you ignorant piece.
- Капитан Сильвер Буллет
Robert - "the reputation around the Net is that upgrades on Wordpress break things" I'm sorry but that's just not true, I use many many plugins across about 20 sites and I've only ever ONCE had a plugin break during a WP upgrade.
- John O'Nolan
Definitely check if Google Reader has your lost posts - as of a few months ago, it didn't handle deletes very well :)
- Michael Herf
This recent wave of WordPress incidents shows the negative side of using open source software. Matt says that there are many people looking into WordPress' source code, but the problem is that probably half of those people have malicious reasons for doing so.
- Nikolay Kolev
@Matt - why not have a module that adds *automatic* upgrades? The one-click update feature is very nice, but zero clicks is better. With a decent snapshot/rollback system you could update most people securely right away--email them and let them rollback if something breaks.
- Michael Herf
@robert: we might be able to help you recover the lost blog posts if you want. Google Reader has an archive of them and we helped another blogger in the past recover her losses. Let me know if we can help.
- Edwin Khodabakchian
@matt when do you start to care about poor people unlike robert... who can't afford *VIP* i am willing to pay $25+ per month of course with my adsense ads :}
- Imran Jafri
@robert by the way you made one of the worst choice to move away from wordpress.com i think it wasn't price issue rather you wanted to be brand *ambassador* for rackspace which was only possible if you host your blog on their damn servers... if i get enough visitors i would switch to wordpress.com vip without taking 2nd breathe........
- Imran Jafri
I run just a few plugins, and research and vet them first. And upgrade to new WP versions within a week. Look, attacks happen, running self-hosted can get complicated. But this is true with any software or OS
- Bob Morris (polizeros)
from iPhone
Nikolay, it's always better to have more people looking at the code, because a bug that's been found is better than a bug that hasn't. WordPress used to get almost no security problems and people thought it was because it was coded differently, when in fact it was coded far worse than it is today it just didn't have enough users to make it worthwhile to target. Also where many...
more...
- Matt Mullenweg
Nikolay: I would also push back against your assumption that using Open Source software equals less security. Microsoft Windows and OS X are both closed source and both have security holes - there is a competition each year to help MS and Apple find them and fix them. Both Apple and Microsoft came away with security holes to fix this year. So just because it's open source doesn't...
more...
- Tim
that's what you get for the fun of installing and hosting your own installation, instead of using "the cloud".
- Ihar Mahaniok
Robert - I recommend WP S3 Backups for backing up your database to off-site storage. Amazon S3 is a great place to host backups of your Wordpress database and is relatively inexpensive. You *always* want backups *off* the server so in case the server is compromised, the backups are still clean. This plugin works like a charm, is automatic and could have saved you. Cheers!
- Scott Jarkoff
anybody know of a test that can be done to see if a wp blog has been compromised? Has a few strange user subscriptions about a week ago...but not noticing any thing else...I did upgrade weeks ago, but soon enough?
- Richard Reeve
bug exploits keep security IT folks in their day job, sad but true.
- Jim Posner
In IT it keeps me busy but the reality is if you update your software on a regular basis you can minimize these from affecting you.
- Rob Cairns
Robert, any chance archive.org has some of your old blog posts? Google Cache?
- drew olanoff
Matt, another thing to note is that Wordpress.com is often blocked in China (even if you have your own custom URL like scobleizer.com). There are advantages to NOT being hosted by Wordpress.com although your point about increased responsibilty for keeping up with security patches is still valid.
- Elliott Ng
Drew: yeah, but what do I do? Just republish them?
- Robert Scoble
from iPhone
Sure why not. Scoble's best of. Reason why I hate stuff on the net sometimes is good stuff gets lost.
- drew olanoff
Give a try to the "WordPress Database Backup" plugin for WordPress and you'll receive regular backups on your email
- Francois Lamotte
Robert, You can get all of your lost blog post html out of Google Reader. I'm not exactly sure how to link Disqus back, maybe it's as simple as re-adding the old posts with the same title/date i.e. Url (I don't use it). Yet another reason to use FULL RSS feeds (instead of summary). See RSS isn't dead.. it's now a backup tool too! (http://ff.im/7JrlC)
- Chris Myles
Wordpress is a great blogging tool. It is however the largest target now - much like how Windows gets a crap-top more virii because it's the most used system. Someone used Drupal as am example of security... well I'm sure if Drupal was anywhere near the scale of usage Wordpress is you'd see hacks for that too.
- Gregory Wild-Smith
Robert: Just repost them with the dates set to the original dates they were posted. Simple, and no-one will ever know ;)
- Gregory Wild-Smith
I have always had a bad feeling about Wordpress. YMMV.
- Gordon Joly
from twhirl
Robert It could be a Rackspace problem and Not a Wordpress Problem. They might to increase there security on the Rackspace!!! You should checck into that!!
- Paul
One of the reasons I waited 2 years to switch from MovableType to WordPress was due to the security issues. I felt that the track record improved over the past year and moved 11 sites over. I can say this I employ a very extensive back up scheme but still worry about it. The ability to upgrade with a single click of a button has made it much easier to upgrade, but I always worry which plugins are going to break as I use a lot of plugins.
- Todd Cochrane
It's interesting to me to see the number of people who are "afraid" to implement a security update because it might break a plugin. I wonder if these are the same people who don't run system updates on Mac or Windows because it might break SIMBL or some other haxie. Your core = your core... without it you're smoked. Case in point: Scoble. If your plugins aren't working after an update, let the author know and request an update, but BY ALL MEANS don't ignore security upgrades.
- Kevin Donahue
hmm... I think that a lot of this conversation is missing something. Most software security updates are usually tested in hosts and thus delayed in their own releases by at the minimum of a week's time usually. This is due to hosting internal testing of patches before rolling it out to all servers. Now, whether or not RS actually performs these types of procedures, I don't know... but I...
more...
- Ben Hwang
First: I keep my blog up to date. Always. Fuck plugins, I decided that when I made the decision to use WP for my blog that updates would be a priority, only because of all the security issues that I remember from the early early days. Having said that, I have to agree with Robert that the perception with WordPress, despite all the work with auto-updates and in-blog notification is STILL...
more...
- Christina Warren
from iPod
I am spending the day finally making a back-up of my web space, then the upgrade.
- Sebastian Keil
you are right to not feel safe: when you are on the dominant platform, holes get taken advantage of really fast. At least it being open source you know it will also get plugged fast
- Joelle Nebbe (iphigenie)
"what do I do? Just republish them?" - Robert, you can set the published date to the original July or August date in the "new post" form. Where it says "publish immediately," click "edit".
- John Craft
I couldn't disagree more that the reputation is that an upgrade will break a plugin. How many plugins reach into the Wordpress core and screw around with it? Less than 5%? Any examples of plugins that broke w/ 2.8.4?
- beersage
Somebody hacked into my WordPress blog earlier this year as well. It was a bummer because I was working on a draft copy of a blog post that was very rough and had not been edited and they published it. I was on vacation shooting in Chicago and didn't figure it out until several hours after they'd already published it. Fortunately they didn't seem to do anything malicious other than...
more...
- Thomas Hawk
@Robert: "[Rackspace] are learning a lot about this and other people who have had problems and are building a list of best practices." Is it possible this list is something RS might share?
- John House
@Matt Mullenweg: I do like WordPress (even though we had a public argument with you and another Automattic employee on TechCrunch a while ago) and I am a passionate supporter of open source software - don't get me wrong. But sometimes open source code makes it a bit easier for hackers! For example, one hacker hears about an exploit and without communicating with others, finds the hole independently by just looking into the source code and starts exploiting it on his own.
- Nikolay Kolev
Gregory Wild-Smith Bingo!
- Melanie Reed
Social Media Club blogs got hit as well as several of our personal blogs (still sorting it all out). We try to keep up on most upgrades, but every time we do, simple plugins (like the Event calendar) break. Seems silly, but we have hours of work after each upgrade to try and keep everything intact, and sometimes, we end up downgrading until the 'essential' plugins catch up, which...
more...
- Kristie Wells
I have 2 wordpress blogs. One on my own domain and one at wordpress central. Still can't get my head around their upgrade gymnastics - may just stick with eBlogger after all.
- Houseofmax
i don't know what will happen in times to come but from the existing platforms, i love wordpress and i am not going anywhere, but that doesn't matter for wordpress right? ;)
- testbeta
Robert, at the end of it is just only your bloody laziness in upgrading that led you here :) Jokes aside, please at least be honest and say you didn't upgradede twice... :p.
- Matteo Flora
Nope. I upgraded to 2.8.4 as soon as it was out but the hackers had already broken in.
- Robert Scoble
from iPhone
The fact that WordPress is currently being exploited doesn't mean that other platforms are immune. For example, the recently discovered XSS issue with Ruby on Rails makes not only blogs, but every unpatched site a target. So, the only issue I'm having is forcing us to upgrade to a new major version without much time to do proper testing (I'm not talking about personal blogs here). I...
more...
- Nikolay Kolev
So Techdirt was hacked a bit ago. See their reaction: http://www.techdirt.com/article... it is the reality of owning a web site guys - ANY software is hackable if someone really wants in.
- Adam Singer
@Robert: as I see it Wordpress is as vulnerable as any other web app. Upgrading does good, but preemptive security does more and better. I know Matt and he knows I'm in awe with him and Automattic but simply spoken I DON'T TRUST WORDPRESS as I don't trust any other software. A little WebApp Security Firewall (or at least a little .htaccess rules for admin and preemptive locking of...
more...
- Matteo Flora
i find it interesting, and depressing that people are blaming Rackspace, they're blaming Wordpress, they're blaming Robert, but no one, *no one* seems to be willing to blame the only, ONLY people who deserve blame: the evolutionary failures that attacked Robert's blog.
- John C. Welch
Thanks to your post, I found backdoor Admin in my own blog (created yesterday apparently). Promptly deleted it, upgraded blog and took other measures, which I blogged about
- Adi Rabinovich
@Matt Mullenweg: "so staying up to date is a must. - Matt Mullenweg" You gave the birth to one of the coolest piece of free software on the net, also your community is strong an love-full, you can do some PRs listening to Scoble that is crying, but you couldn't do anything better than you did. Take it easy man, all your competitors still suck. (PS. also a cleaning utility to understand better if everything is ok on our hosts would be cool ;-)
- righini riprova
Matt: What does a user need to provide, in order to be considered for a VIP wordpress.com account?
- Jim Connolly
caveat operator
- Mike Chelen
Take technology out of the picture. Something bad happened by some bad person. Happens every day... it's called crime. If a bad person got into my house because I had a weak lock or left my door unlocked, what do people usually say? "That bad person shouldn't have done that!"? Well, sure, but bad people do bad things... nothing we can do to stop them other than make it harder or...
more...
- Chris Hearn
I would simply like to reiterate the point that if you're going to put free open source software on a rented web server, you need to either know how to administer it or hire someone to do it for you. Neither Rackspace or Wordpress are to blame here. We discuss this with our clients all the time who view web development as a one off expense, then get upset when their site is hacked because it wasn't maintained.
- JP Maxwell
One more point, I think there are way too many false lines drawn over aras of responsibility - "I'm systems, not a PHP programmer. I'm a PHP programmer, not a Javascript person. I'm a designer, not a programmer or a systems person." If you are a WEB developer or responsible for maintaining hosted WEB applications, you need to know a bit about it all. It simply isn't sufficient to demarcate your knowledge sphere and point your finger at the other guy.
- JP Maxwell
Wow !
- ★ Soner Gönül
Re: Marie Claire article declares: Asian Women are The New Trophy Wives - http://www.8asians.com/2009...
"I was just thinking about this.... am I just exotic arm candy for my wife? I'll have to ask her later if I'm an asian trophy husband. haha. :p"
- Ben Hwang
Re: Kevin Wong: Professional Volleyball Player - http://www.8asians.com/2009...
"I don't stand at 6'7" but I do play volleyball, both indoor and sand. Didn't watch the AVP game that you're talking about, but overall, Rosenthall is a digging fool when it comes to vb. Never seen a guy move like that guy does. Scott Wong (brother to Kevin) also plays on AVP. Stands at 6'5"."
- Ben Hwang
Re: Where Did the State Deficits Come From? - http://life.firelace.com/2009...
"I agree to an extent. Private sector actually does take from the pot without realizing how much is actually going in many times. It's better managed, but taking on debt to pay your employees while trying to finish a project that will payout later is often done in many types of industries. Construction is one of them. What I don't understand out of it, is that most of these politicians have no sense of business budgeting. It's like trying to budget and spending what you don't have based on the fact that you "ARE" going to win the lottery this year. How the hell do you know that? Do you have some reasoning for it? That's the problem that I have since their budgeting makes absolutely zero sense in both business finance or personal finance."
- Ben Hwang
Re: Ninja Warrior - http://www.8asians.com/2009...
"Viking Obstacle Challenge, that was done by ESPN also came out of Sasuke. And the first time it was won, it was a lot easier than the second time around. Nagano rocks socks in this family. haha. Also, one thing to note is that all the winners were actually shorter men. If you watch the entire 4 stages, there is so much upper body strength involvement that the more you weigh, the worse it is for you. That's why a couple Marines have conquered the first stage easily but couldn't last through. I think the third was the closest any American military ever got. It's not that they can't handle it, but at 6+, even if you're cut, you have a lot of body weight to support by the end. Love the show. Too bad they don't do it in the States. Outside of the legal waivers, it would be really sweet."
- Ben Hwang
Cell Phone Execs Will Face Questions On Text Messaging Price Hikes | NEWS JUNKIE - http://mynewsjunkie.com/2009...
Michael Hansel, Scott Hubble, LPH™ and his dog P™ and 43 other people liked this
Those cell phone companies will have a lot of explaining to do Tuesday when they testify at a U.S. Senate committee hearing on rising text messaging costs. Representatives from Verizon, AT&T, and Cricket will be faced with questions on why those short 160 character SMS messages are costing the consumer too much.
- Leo Laporte
Leo, I believe it was you who reported that based on AT&T's text messaging fee SMS messages cost consumers somewhere around $1500 per MB of data?
- jcunwired
The painful pricing structure of these companies is why I don't really use my cell phone for anything more than the occasional call. I'm not prepared to risk the assorted extra charges that come with SMS, or web use.
- Eoghann Irving
any guesses on what they say will be the reason for these prices ?
- Kashif Khan
http://mobilejones.com/2007... My article on SMS charging hit the front page of digg in 2007. The high cost of SMS has been a known in the mobile industry for a long time. I remember being shocked that many of my web friends hadn't thought of the costs per MB,
- Debi Jones
Not only do they charge absurd prices, but most don't even include texting in the unlimited data plans. I pay 30 dollars a month for iPhone data and pay 15 more on top of that for 1500 texts. THat is outrageous.
- Grant
Interesting that they are questioning Cricket at the same time as the larger carriers. We have Cricket here and they offer unlimited calling including unlimited text messaging for only $40/month. Maybe they want to know why Cricket can offer reasonable pricing while the larger, national carriers continue to gouge their customers.
- Joshua Blevins
They should also be grilled about the cost of data plans.
- Kashif Khan
I don't use text messaging, so I don't have it on my iPhone. That saves me $20 every month. A small victory!
- Paul Ring
I don't have texting either, but got stuck paying 60 cents for two porn spam messages!
- Sandy Curry
I could be wrong, but I thought the reason SMS was so expensive was because they want to discourage people from using it, since texts can saturate the network. You can't really compare it to email, because SMS works like a phone call and doesn't use the data connection.
- Daniel Sims
SMS does use the control channel, but that's it. It doesn't really saturate the network since it doesn't create a connection like an actual phone call. It's a 1-way message and it's not a guaranteed receipt either. Oh, and those that actually look at the cost per MB are incorrect since it's that channel itself isn't used in the same fashion as data connections. SMS uses control channel...
more...
- Ben Hwang
You have to pay to receive SMS? Which Dodo brain though of that one? There would be a revolt in Europe if they tried that!
- David Wright
from twhirl
New Zealand has two networks, one gives 500/1000 texts 'free' for $10. the other gives free weekends if you spend a certain amount during the week.
- Robbie Steele
actually there are that kind of things in Europe. Some service providers (ringtones for example) may charge your phone bill by sending SMS. You can for exmple have a monthly subscription for ringtones and they are charging you by sending two SMSes. This is ofcourse problematic, as the consumer can not easily deny from paying and in a case of dispute the operator stands in between.
- Jani Kenttälä
from IM
True, but those are subscription services, not "normal" SMS messages.
- David Wright
from twhirl
@Ben: If the SMS uses the control channel, which is in use and always active anyway, why should there even be a charge for SMS? The network infrastructure is already there, so really the extra data does not make an impact.
- Nils Sandin
On an additional point, as mentioned above, regular incoming SMS are not charged in Europe (unless roaming abroad), and outbound SMS can cost as little as 0.09€ (13 cents) on a pre-paid plan (w/o commitment for 500 or 1000 messages you might never use).
- Nils Sandin
It's called Capitalism. No government intervention necessary. If the consumer doesn't like it, they should stop paying for it. In other words, move to a company that doesn't charge so much or stop using the service. The market will then be forced to change.
- Chad McCoskey
Chad, because of that system we also have the most primitive cell phone networks and system in the 1st world. Unfettered capitalism isn't always what's best.
- Internet's Tad
from fftogo
I think that's part of the problem -- they've all raised their prices at once, so there's no alternative provider. I used to have a sensible option in the US which didn't charge me for incoming messages, but that's been long gone.
- John Flinchbaugh
from IM
I mentioned the Pre but I think I got away with it!
- Kevin J Hatton
Chad, since the government sells the spectrum licences, they can put some restrictions. Do you remember that http://googleblog.blogspot.com/2007...?
- Jérôme Flipo
Tad, so what? We forget that cell service and a whole host of other things we take for granted now are luxuries not necessities. I love my iPhone but if I felt the prices weren't acceptable or if another option was better either a phone or pricing plan, I'd go there. My point is that it's all well and good to complain, but protest with what companies value most: your money.
- Chad McCoskey
Chad, can you list necessities, beyond air, water, food and security? The issues at stake are the four characteristics of the market http://en.wikipedia.org/wiki... and the government role in preventing tacit collusion. Also, take a look at http://en.wikipedia.org/wiki....
- Jérôme Flipo
Jerome, you're right about the necessities which is exactly my point. We don't all "deserve" high quality cell service for free and in the case of a non necessity, if all companies offering that product charge the same amount then maybe the populace should decide if they should really spend their money on it. If you don't like the cost of text messages then don't use the service and if the majority of people does that companies will either stop the service or lower prices.
- Chad McCoskey
I have an iPhone with no text plan because they are obscenely priced. I'm not happy about $25/mo for unlimited data but I'm doing my best to get my money's worth. I'll just call or send an email rather than pay $.50 for a text
- Daniel J. Pritchett
from IM
Daniel, thank you for proving my point. More people should follow suit if they don't like the cost. By the way, I have text on my phone and make sure I don't go over my limit.
- Chad McCoskey
Oriental Cafe (4/5) - http://www.yelp.com/biz...
"Another diamond in the rough. You'd never think that in the strip mall over there by Chuck E. Cheese, that there would be a fantastic asian food restaurant. But there it is. I actually first…"
- Ben Hwang
Re: Time Warner and Embarq Try to Ban NC Community Broadband - http://life.firelace.com/2009...
"Well, in my opinion, first things first. Have to get the people that are sponsoring the bill to drop it or get more State legislation involved to overturn this. Apparently Earl Jones who sponsors one of the bills is actually from Greensboro from what I've read. If there's any sort of action we can take in writing State legislation, that's probably the best way. Maybe Pricey Harrison is a good starting point."
- Ben Hwang
Re: Insight Into Time Warner Metering - http://life.firelace.com/2009...
"You're missing the bit to byte conversion. 8 bits to a byte. Transmission is always in "bits per second" while storage is in "bytes". So, it's actually 40960Mb / 5.6 Mbps / 8 (byte conversion) = (58 514.2857 seconds / 60 sec/min ) / 60 min/hr = 16.2539682 hours. Obviously, this is making the assumption that you hit top speed for the full time period which is a hypothetical."
- Ben Hwang
Other ways to read this feed:
