Slashdot Mirror

← Back to Stories (view on slashdot.org)

Popular Wordpress Plug-in Caught Spamming Is Put On Probation

Posted by Soulskill on from the stop-or-i'll-say-stop-again dept.

chicksdaddy writes "Social Media Widget, a free plug-in for the WordPress blogging platform with more than a million downloads, was restored to WordPress's official plugin directory on Thursday, days after it was found injecting WordPress websites with spam links to web sites offering Pay Day Loans. In a post on a support forum for Social Media Widget (SMW), Samuel Wood, a WordPress administrator, said that WordPress was willing to give SMW and its owner a second chance after he claimed to have been the victim of a contract developer gone rogue. 'Naturally we do take a very hard line on spam, and obviously an author putting malicious code into a plugin is enough grounds for us to bring down the ban hammer,' Wood wrote on Friday. 'But there are natural circumstances where an author may not be at fault.' SMW appears to be such a case. It is one of the 20 most popular WordPress add-ons and allows WordPress web site operators to include links to their other social media accounts. Brendan Sheehan, the owner of SMW, said, 'We trusted the wrong people with our plugin code and take full responsibility. We are a marketing company at heart and are not actually developers, so in order to provide major updates and improvements, we had to seek outside help. Some of these people deceived us and abused our trust and naivety...We will not make this mistake again.' Wood said the folks at Wordpress decided to accept that story — but that they're watching SMW closely. 'Basically, the current maintainer is not a professional programmer, and put his trust in the wrong freelancers to do the coding work for him...We'll be watching the plugin for changes,' he said. 'The plugin is back up for now, and as long as it stays clean, it's fine.'"

76 comments

  1. That's fucking stup-- by VortexCortex · · Score: -1, Flamebait

    That's fucking par for the course for PHP devs: "I don't know what this code does, but I pasted it into my website so I have a twitter feed now! You should too! Let's make a big list of shit that no one has reviewed in the least. Oh, but you could do it yourself, because PHP is so damn easy!"

    You're a shit coder, and the copy paste job you did fucked you. "GTFO the internet, until you're not a noob." should be the response, not "We'll put your code on probation." The dumb leading the blind.

    1. Re:That's fucking stup-- by LordLucless · · Score: 4, Insightful

      I know! We'll write everything in-house instead! Once I've got my custom language compiling, I'll start work on the relational database engine. We should have the site finished some time in 2030.

      Sooner or later, you're going to have to trust someone else's code. I guarantee you, whatever projects you work on, you're using someone else's code for something, and probably sight-unseen.

      --
      Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
    2. Re:That's fucking stup-- by Anonymous Coward · · Score: 2, Interesting

      Firstly I want to make it clear I don't think it's a matter of being a "PHP dev" that makes people stupid, since I'm a freelancer myself and am sometimes forced to use PHP. I wouldn't say I'm stupid or incompetent. I will however say that you're missing the point grandparent was trying to make, mislead as it was. You're acting like the matter of wheel reinventing and copy and pasting is so black and white. It's not, it isn't unreasonable to expect people to take a quick look and test over a new plugin before putting it into production usage. Nor is it unreasonable to spend a few extra dollars to higher someone for a short while to review the other guy's code. You can not trust every single piece of code you see while at the same time reusing other people's code, it's naive to make the leap of logic you did.

      I will however say that I end up being hired to fix shitty PHP code more often than not. Kind of worrying... It's why I'm on my way out of this sorry excuse for a career. I don't recommend it.

    3. Re:That's fucking stup-- by Anonymous Coward · · Score: -1, Troll

      That's fucking par for the course for PHP devs: "I don't know what this code does, but I pasted it into my website so I have a twitter feed now! You should too! Let's make a big list of shit that no one has reviewed in the least. Oh, but you could do it yourself, because PHP is so damn easy!"

      You're a shit coder, and the copy paste job you did fucked you. "GTFO the internet, until you're not a noob." should be the response, not "We'll put your code on probation." The dumb leading the blind.

      Pretty much. People will always make excuses for PHP coders, just like they used to make excuses for VB devs and all the fucking morons who came before them.

      But these people are goddamned oxygen thieves. There is no good PHP, it's just horribly hacked together shit, and no one with an ounce of pride uses that language.

    4. Re:That's fucking stup-- by LordLucless · · Score: 3, Insightful

      You can not trust every single piece of code you see while at the same time reusing other people's code, it's naive to make the leap of logic you did.

      And I never said you did; the leap of "logic" was on the part of the GP, not me. He said, and I paraphrase, if you install code you haven't reviewed, you deserve whatever you get. I said that, sooner or later, you must trust some code, not that every random piece of code is worthy of trust.

      And in this case, it's quite possible that people did perform a review of this plugin; after all, it hasn't been spamming the whole time it's been available. They performed an update on their plugin without vetting the update. Sure, that's not best practice, but I do the same thing on my personal computer at home all the time, even if I don't do it on my production systems. If I hosted a podunk little blog on Wordpress? I probably wouldn't vet every "security patch" for every plugin I used either.

      GP is a great big case of "blame the victim" mentality. Someone was malicious. They deliberately inserted malicious code into a trusted repository.

      --
      Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
    5. Re:That's fucking stup-- by Intrepid+imaginaut · · Score: 3, Interesting

      It's a tool like any other, and it definetely has its place. What doesn't have a place is people who reject tools for pseudo philosophical reasons rather than utility.

    6. Re:That's fucking stup-- by Mr.+Slippery · · Score: 3, Insightful

      There is no good PHP, it's just horribly hacked together shit, and no one with an ounce of pride uses that language.

      foreach (array('PHP', 'Perl', 'Java', 'C', 'C++', 'Javascript') as $language) {

      There is no good $language, it's just horribly hacked together shit, and no one with an ounce of pride uses that language.

      }

      "There does not now, nor will there ever exist, a programming language in which it is the least bit hard to write bad programs." -- Lawrence Flon

      --
      Tom Swiss | the infamous tms | my blog
      You cannot wash away blood with blood
    7. Re:That's fucking stup-- by manu0601 · · Score: 0, Troll

      That's fucking par for the course for PHP devs: "I don't know what this code does, but I pasted it into my website so I have a twitter feed now! You should too!

      You could say the same thing with Java, except that the result is slower

    8. Re:That's fucking stup-- by Anonymous Coward · · Score: 0

      You could say the same copy and paste stuff about Javascript and Jquery.

      It's like saying only compiled languages qualify as programming.

    9. Re:That's fucking stup-- by Anonymous Coward · · Score: 0

      Nah, it's not slower anymore. It just takes up more RAM.

    10. Re:That's fucking stup-- by betterprimate · · Score: 2

      I know! We'll write everything in-house instead! Once I've got my custom language compiling, I'll start work on the relational database engine. We should have the site finished some time in 2030.

      You do realize we are talking about a Wordpress widget?

    11. Re:That's fucking stup-- by Anonymous Coward · · Score: 0, Insightful

      Per my experience with PHP, your one-liner will eventually break in some strange way. It really is the worst.

    12. Re:That's fucking stup-- by LordLucless · · Score: 1

      GP made no such qualification. He was speaking in general about how stupid it was to reuse code you hadn't written yourself.

      --
      Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
    13. Re:That's fucking stup-- by Anonymous Coward · · Score: 1

      I recently broke my WordPress cherry, and I have to say the experience was extremely frustrating because 90% of the resources are not aimed at "developers" or even "PHP developers". Trying to find any real information about the API was incredibly frustrating.

      The entire WordPress ecosystem seems to oriented towards semi-technical users who just want to click this thing and copy some files around. Basically people with blogs and brochure-ware sites who want a twitter icon without opening a text editor.

    14. Re:That's fucking stup-- by betterprimate · · Score: 2

      Cool. Sorry I missed that. I shouldn't've presumed his comment was in direct response to TFS.

    15. Re:That's fucking stup-- by mysidia · · Score: 3, Insightful

      Sooner or later, you're going to have to trust someone else's code. I guarantee you, whatever projects you work on, you're using someone else's code for something, and probably sight-unseen.

      It's not everyone's code you can't trust.

      It's only (1) the code you will actually distribute with your software, and (2) uncommon dependencies that are not part of widely used software packages.

      And even then, you have to be able to trust the code of people working for you; e.g. the coders you hire. If you can't do that, then you can't get anything done.

      So you should check into their background, and make sure the people you hire to make your code are either under a good contract or surety bond that protects your interest, and effects some risk transfer by providing you the right to sue for damages, especially, in case of obvious or provable malice.

      That way you align your worker's interest with yours, by ensuring that if they conduct an intentional abuse they are at risk.

    16. Re:That's fucking stup-- by mysidia · · Score: 1

      I will however say that I end up being hired to fix shitty PHP code more often than not. Kind of worrying... It's why I'm on my way out of this sorry excuse for a career. I don't recommend it.

      It sounds challenging... then again rewrite may be better than fixing, as long as the pay is good....

  2. Well, I guess I won't be using WordPress soon. by Anonymous Coward · · Score: 5, Insightful

    That's a nice attitude to have. "The author of this plugin was caught injecting malicious code into every website using it, but we'll keep it on the downloads page so long as he agrees to follow the honour system?"

    How fucking stupid do you have to be?

    1. Re:Well, I guess I won't be using WordPress soon. by Anonymous Coward · · Score: 0

      I don't know why you got modded down because you are absolutely correct.

      This "social pariah plugin" still has 4 out of 5 stars at WP and displays only one review mentioning that it works like a trojan.

    2. Re:Well, I guess I won't be using WordPress soon. by Anonymous Coward · · Score: 0

      I'm guessing because a lot of the WordPress devs read this site. They don't want something like this to become major news because...well, if people were to suddenly realize that any odd plugin they pull in for their WordPress site could contain malicious code...that would kind of defeat the purpose of using the plugins in the first place, and WordPress if you're even remotely security conscious.

      Either that or the editors were paid off to meta-mod for the same reason, this is Slashdot after all.

  3. Wordpress blows by rudy_wayne · · Score: 0, Flamebait

    Wordpress is a cancer on the Internet. It really needs to die.

  4. FUNNY THAT IS EXCUSE #6 IN A FAMOUS ANDROID APP !! by Anonymous Coward · · Score: 0

    And apparently that app works !!

  5. Troll by Frosty+Piss · · Score: 4, Insightful

    That's fucking par for the course for PHP devs...

    And there's the troll.

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:Troll by Anonymous Coward · · Score: 5, Insightful

      Is it still trolling if it's true?

    2. Re:Troll by Frosty+Piss · · Score: 1

      In some cases, yes. But in this case it wasn't true. So there is an extra troll factor added.

      --
      If you want news from today, you have to come back tomorrow.
    3. Re:Troll by Anonymous Coward · · Score: -1

      Whatever, buddy... go back to your PHP.

    4. Re:Troll by Anonymous Coward · · Score: -1

      Actually yeah, it was. Just because you're a php whore doesn't make it any less true.

      Anyone who doesn't see the obvious take a look at this cunt's posting history. If php were a dick this loser would have sucked it dry by now.

    5. Re:Troll by Frosty+Piss · · Score: 0

      Whatever buddy, go back to masturbating in you mom's basement.

      --
      If you want news from today, you have to come back tomorrow.
    6. Re:Troll by Frosty+Piss · · Score: 0

      Just because you're a php whore doesn't make it any less true.

      I'm a PHP Whore? Really?

      Why don't you post with your account instead of "Anonymous Coward", and we'll talk about it?

      At least I have the BALLS to post with my logged-in user name. Unlike you.

      --
      If you want news from today, you have to come back tomorrow.
    7. Re:Troll by phantomfive · · Score: 1

      It can be, like in this case where the truth is not related to the article.

      Another way to troll by telling the truth is saying something like, "You have never denied that you killed a girl in 1990." It can be a hilarious troll, but it's still a troll.

      --
      "First they came for the slanderers and i said nothing."
    8. Re:Troll by Anonymous Coward · · Score: 0

      Why does it matter who says it? People who can't weigh the argument by its merits will probably ignore this as some sort of spam and those who know the facts will simply agree. That leaves us with people who get personally offended.

    9. Re:Troll by betterprimate · · Score: 2

      Yes, because it's a false generalization. It's not like we are all C&Ping from hotscripts.com. People who do so aren't developers.

      PHP is a flexible and powerful language. Not to mention it's by far the most popular scripting language. It's also easy to learn, hence it can easily be abused and/or misused. Something I also see a lot of in JavaScript.

      So, yes, GP is a troll.

    10. Re:Troll by Anonymous Coward · · Score: 0

      Just because you're a php whore doesn't make it any less true.

      I'm a PHP Whore? Really?

      Why don't you post with your account instead of "Anonymous Coward", and we'll talk about it?

      At least I have the BALLS to post with my logged-in user name. Unlike you.

      Sure, Mr. Piss, whatever you say.

  6. So, their defense is incompetence? by jcr · · Score: 5, Funny

    Truly confidence-inspiring.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
    1. Re:So, their defense is incompetence? by Anonymous Coward · · Score: 0

      Truly confidence-inspiring.

      -jcr

      I would have said, "I was drugged, kidnapped and forced to use this code by Microsofties!"

      If anything, it might have given me some sympathy on Slashdot.

    2. Re:So, their defense is incompetence? by Anonymous Coward · · Score: 0

      Truly confidence-inspiring.

      -jcr

      I would have said, "I was drugged, kidnapped and forced to use this code after a brutal Tacosnotting!"

      If anything, it might have given me some sympathy on Slashdot.

      FTFY.

    3. Re:So, their defense is incompetence? by Anonymous Coward · · Score: 0

      They don't even make an attempt at defending themselves. They've essentially jusy said, "a plugin for Wordpress has been found to contain malicious code but don't worry, we're keeping a close eye on him. After the fact.'

      I wonder if the people behind the brute force attacks would have bothered, if they knew that all they had to do to compromise a Wordpress site is release a plugin and let the Wordpress devs do the work for them?

    4. Re:So, their defense is incompetence? by Anonymous Coward · · Score: 2

      Agreed

      Full responsibility = ban

      Examples have to be made.

    5. Re:So, their defense is incompetence? by Anonymous Coward · · Score: 0

      Hang on, I still need to practice copying my username into the body of my post, as if it is somehow relevant. I am a fucking narcissist, after all.

      -jcr

    6. Re: So, their defense is incompetence? by Anonymous Coward · · Score: 0

      Or pay WordPress to do their spamming for them.. WP have no qualms about working with spammers (http://tech.slashdot.org/story/05/03/31/196220/wordpress-banned-by-google-for-spamming)

    7. Re:So, their defense is incompetence? by jcr · · Score: 1

      Kid, I've been signing my posts since before you were even a gleam in the proverbial milkman's eye. I'm not going to stop just because you digg.com newbs get bent out of shape about it.

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
    8. Re:So, their defense is incompetence? by Anonymous Coward · · Score: 0

      Son, get off my lawn.

      -jcr

  7. Should have used... by Anonymous Coward · · Score: 0

    ...Dice!!! Bwahahaha.

  8. marketing by Mr.+Slippery · · Score: 5, Insightful

    "We are a marketing company at heart..."

    IOW, "we are scum whose very purpose in life is to force unwanted messages into your eyes and ears, but trust us that this incident of unwanted messages was accidental."

    --
    Tom Swiss | the infamous tms | my blog
    You cannot wash away blood with blood
    1. Re:marketing by game+kid · · Score: 1

      ...and "social media" is, like, the pinnacle of modern spam. Indie game developer? "Like us on Facebook for a chance to win Horse Armor!" Big news network? "Don't forget to follow our forecasts on twitter!" Celebrity? "Had #lunch with @CalvinKlein, you should #buyTheirStuff! I did! #shamelessplug #andthelunchtastedgood #LOLhashtags"

      In short, SMW was banned for its very purpose--just not permanently enough.

      --
      You can hold down the "B" button for continuous firing.
    2. Re:marketing by houghi · · Score: 1

      I think what you want to say is that they are "A bunch of mindless jerks who'll be the first against the wall when the revolution comes."

      Curiously enough, an edition of the Wikipedia which conveniently fell through a rift in the time-space continuum from 1000 years in the future describes them as: "A bunch of mindless jerks who were the first against the wall when the revolution came."

      --
      Don't fight for your country, if your country does not fight for you.
  9. It is causing me to loose confidence... by Anonymous Coward · · Score: -1

    Allowing there product back into the database is foolish and short sited. I like wordpress because it is simple, robust and easy to secure. If they let this company back in on some lame excuse it means the chain of trust has been broken, it sends out the wrong signal and leaves me to wonder if other plugin providers could be allowed second chances at screwing up my site. I had a plugin that I foolishly got outside there database that required a complete reinstall. I don't want that to happen again and it makes me consider taking my business eleswhere. http://rawcell.com.

    1. Re:It is causing me to loose confidence... by Anonymous Coward · · Score: 0

      As opposed to cause you to tighten confidence?

    2. Re:It is causing me to loose confidence... by Anonymous Coward · · Score: 0

      I like wordpress because it is simple, robust and easy to secure

      LOLOOLOLOL

  10. hosted by Akamai, Qwest by Anonymous Coward · · Score: 0

    looking at the malicious URL (i.aaur.net) it seems Akamai ,Qwest are hosting malware now, site registered with hidden whois, take out the malicious domain and their scumbag rackspace DNS and their shit falls apart

  11. Teach them to read diffs! by Anonymous Coward · · Score: 3, Insightful

    For f*cks sake, there's no reason a supervisor shouldn't at least run a diff of the code and recompile (if applicable) before pushing a release. Unless there are huge changes, it shouldn't take more than 10 minutes. If anything looks really weird or out of place, start asking questions, preferably to someone else.

    1. Re:Teach them to read diffs! by crutchy · · Score: 1

      it would take torvalds about 3 seconds

      "oh, it's php... bin it"

  12. Marketnig by Anonymous Coward · · Score: 0

    the next lower life form after attornies

  13. 'Nuff said by Anonymous Coward · · Score: 0

    We are a marketing company at heart and are not actually developers

  14. This is what they deserve. by betterprimate · · Score: 5, Informative

    "We trusted the wrong people with our plugin code and take full responsibility. We are a marketing company at heart and are not actually developers, so in order to provide major updates and improvements, we had to seek outside help."

    The first headline on their website states, "Blink Web Effects creates innovative web applications and tools - totally free and open source." If they're not developers, why are they a company to begin with? It is really tiresome to see fucking marketing hacks thinking they are enlightened and entitled while they pay some 3rd world country developer to build their company.

    This is what they deserve. Good riddance.

    1. Re:This is what they deserve. by contactus9483 · · Score: 1

      The sad thing is, the marketing companies that do their homework, spend many hours, testing, securing, and protecting their clients from crap like this will suffer from those that don't. That being said, this is an age old story that has and will continue to repeat, over, and over, and over...

  15. Pull the other one, it's got bells on by russotto · · Score: 4, Funny

    A contract programmer pulled a fast one on a marketing company to get their product to spam people. Yes, absolutely, I can believe that. So can my friend the Easter Bunny.

  16. For the individual programmer.. no laws.. by Anonymous Coward · · Score: 0

    So, we're still ok with a business structure in the software development world where programmers have absolutely zero legal liability for their code (outside of military contracts and medical devices).

    Seriously, programmers need to be put on notice and on the same legal liability standards as every other person working in the economy.

    1. Re:For the individual programmer.. no laws.. by lightknight · · Score: 2

      Sure, you start paying us like doctors, lawyers, and so on, and we'll talk about liability. But the reality is, the software industry would implode with the requirement for liability insurance, as the stuff we work on is far too complicated for even the brightest of programmers, and the pay is often times way too low. You want to sue a PHP programmer making $40K / year because some el cheapo company hired him / her to bang out a site with no lead time and zero patience? Good luck with that.

      Although I'd love to see it happen some days, as it would throw 99% of the programmers out of the industry, and drive the wages up to something unthinkable, with triple iron-clad indemnity agreements and waiting lists for a programmer's time that, let's be honest, would be beautiful payback for some of the bullsh*t that has been pumped through the tech sector this last decade. It would also destroy what's left of the tech industry, but then, I can see vultures in the air overhead, and wonder if it's not already too late.

      In short, fix the wages / salaries of programmers, and quit dicking around / playing games. If you think outsourcing companies are going to jump on the idea of legal liability for the code they produce, think again: they know what will happen, and will fold. You can pay us to work, and we will work; or you can pretend to pay us, and we will pretend to work. *shrugs*

      --
      I am John Hurt.
    2. Re:For the individual programmer.. no laws.. by greg1104 · · Score: 1

      Liability insurance for developers does not cost very much. My consulting company has an insurance policy for the work we do, and the premium is based on how much money the company makes. I'm making enough to fund two full time people and my liability policy is around $1000 per year.

      The biggest thing that keeps developers safe is the minimum legal costs of taking someone to court for long enough to sort out blame on a software project. If I botch $10K worth of development, it's impossible hire a legal team and beat it out of me with any real profit. I'd have to make a $100K mistake before I'd be worried someone might actually sue me for being incompetent.

    3. Re:For the individual programmer.. no laws.. by mysidia · · Score: 1

      Sure, you start paying us like doctors, lawyers, and so on, and we'll talk about liability. But the reality is, the software industry would implode with the requirement for liability insurance, as the stuff we work on is far too complicated for even the brightest of programmers, and the pay is often times way too low

      Programming errors and provably intended malice are different things.

      Errors are understandable... the company developing the software has a duty to ffix errors, but the individual programmer has limited ability to 'own' the operaitonal characteristics of the result.

      Now, if it can be proven the developer inserted malicious code specifically designed to commit a crime or abuse, then that developer has potential criminal and civil liability.

    4. Re:For the individual programmer.. no laws.. by Anonymous Coward · · Score: 1

      There are plenty of trade jobs in the same income brackets as programming which are required to follow basic liability standards for the work they do when it pertains to legal compliance and safety.

      Jobs where crappy work that puts others at danger or loss will cost them their livelihood, or worse: most construction sub-contractors, locksmiths, welders, linemen, auto mechanics, accountants, farmers. At least half that list makes more like 2/3 what the average programmer makes.

      Part of the issue right now is the programming industry is too broad and has lots of undefined tiers with all these hacks calling themselves "software engineer" or "developer." Most programmers are code toads, little more than moderately skilled production workers. A few who understand computing systems top to bottom are software engineers (less than 1%). A smaller fraction of those elite might rise to the standard of software architects (people smart enough and with enough experience to design *new* things).

      Most of the people who can step back and look at the big picture end up doing infrastructure / IT. It requires a broader skill set, the ability to bring skills back to bear that haven't been touched in many months, and the ability to learn entirely new skill on the fly. As a result, it generally pays much better, because people good at it are much more rare than code monkeys who can write Java.

    5. Re:For the individual programmer.. no laws.. by Anonymous Coward · · Score: 0

      Programmers shouldn't worry though. Roughly 80% of their job market will disappear within 20-25 years. Programming with words and statements in text will last only slightly longer than with punch cards.

      Many tools to convert flow charts and similar multidimensional intent representations directly to software already exist. I suspect current AI systems like Watson can churn out amazing code all day long, once the computational requirements can be embodied somewhere in the double digits of cubic feet of space and a few kWh, it will make more sense to build server racks of programmers than even to waste time outsourcing them to India of China.

    6. Re:For the individual programmer.. no laws.. by Anonymous Coward · · Score: 0

      I have £1m liability insurance and it cost me about £200 - its commonplace for professional contractors to have such insurance, normally at the upper end of the market though

    7. Re:For the individual programmer.. no laws.. by betterprimate · · Score: 1

      here, here!

    8. Re:For the individual programmer.. no laws.. by Captain+Hook · · Score: 1

      Liability insurance for developers does not cost very much.

      But is that because the programmers/companies which do take out insurance are exactly the group who care about their reputation and business and so would be less likely to need to use the insurance anyway?

      If you start mandating that all companies need insurance, then I think you'll see premiums increase because the ratio of bad to good developers will increase.

      --
      These comments are my personal opinions and do not necessarily reflect the opinions of the other voices in my head.
    9. Re:For the individual programmer.. no laws.. by dodobh · · Score: 1

      Programming is the job of writing precise specifications.

      A picture might be worth a thousand words, but there's a good reason we have books of only words, and not merely picture books.

      --
      I can throw myself at the ground, and miss.
  17. Word Press? Not so much... by contactus9483 · · Score: 1

    Shit like this, is exactly why I do not recommend using Word Press. I mean seriously, WP devs you are in action condoning black hat hackers. Awww... let's give them a second chance to abuse the millions of users that trust us... they said they were sorry... :O *blnk *blink *blink Really!?!

  18. shit happens by Anonymous Coward · · Score: 0

    when you contract your project out to some random unknown asian or russian (or african) through online "freelance" services

  19. Hard line on spam by Anonymous Coward · · Score: 1

    Naturally we do take a very hard line on spam...

    Yes, of course, it's not like WordPress got caught spamming themselves.

  20. China by zaax · · Score: 1

    This is the problem of subcontracting to China, who knows what else they have put in that hasn't shown up yet but is slowly attacking the USA's defences.

    1. Re: China by Anonymous Coward · · Score: 1

      As the PR officer of The Association of Scapegoated Jews, Blacks and Arabs, I'd like to thank you for helping shift focus towards the inscrutable Chinese. They are a truly dishonest race that is nothing like the financially generous Jew, the unincarcerated black and the non-wife beating Arab.

  21. I saw it by Anonymous Coward · · Score: -1

    Aye I did spy this on one of my test websites, was highly disappointed, but then again, if you could make money out of it, would you?

    http://www.jamessimpson.co.uk

  22. Whatev, that plugin sucks anyway by Anonymous Coward · · Score: 0

    I've been doing wordpress development for about ten years, and FWIW, I've found Shareaholic's "Sexy Bookmarks" looks better, works better, and gets a better response.

    Despite the stupid name(s). Here's a tip: If people find your name is too "sexy," re-branding it as somethign to do with drug/alcohol abuse is NOT your best alternative.

  23. true and false by phorm · · Score: 1

    It's not really any less true for a good many other languages...

  24. Here's a better troll by Anonymous Coward · · Score: 0

    "I'm not a real programmer. I throw together things until it works then I move on. The real programmers will say "Yeah it works but you're leaking memory everywhere. Perhaps we should fix that." I’ll just restart Apache every 10 requests." -- PHP creator Rasmus Lerdorf

    "I was really, really bad at writing parsers. I still am really bad at writing parsers." -- PHP creator Rasmus Lerdorf

    "For all the folks getting excited about my quotes. Here is another - Yes, I am a terrible coder, but I am probably still better than you :)" -- PHP creator Rasmus Lerdorf

    Any programmer reading the stuff this guys says should become properly terrified of PHP. If they aren't, I don't want to use any software they work on.