Dougal Campbell's geek ramblings

WordPress, web development, and world domination.

WordPress 2.0 Release imminent

Dec192005

Just three hours ago, Matt posted this on the wordpress-hackers mailing list:

Subject: [wp-hackers] 2.0 Release

Wednesday or Thursday, depending on the phase of the moon.

Now would be a great time to start making sure your themes and plugins work with the new version, and post to hackers if you need any help updating them.

Yow! On the one hand, I’m really excited about this release. A lot of the changes are under the hood, with tons of new API hooks, a new object cache system, new user “roles and capabilities” security model, fixes and code refactoring. The major immediate change that most users will see is the new WYSIWYG post editor. Personally, though, I’ll turn that off, because I prefer crafting the xhtml for my posts by hand.

The new API hooks are going to enable a whole new class of themes for WordPress which have built-in customization options. An early example is Michael Heilemann’s K2 (which is actually built off of WordPress 1.5, but will take advantage of 2.0 features soon).

On the other hand, as you might infer from the ‘2.0’ version number, this is a major change release. You may very well run into ‘issues’ (as we in the software development community like to politely call them) when upgrading from older versions of WordPress. I strongly suggest that anyone who is upgrading an older version of WordPress to 2.0 should backup everything. Backup your entire existing wordpress directory and your database tables. This is particularly true if you rely on third-party themes or plugins. Most people will probably upgrade without incident. For for those (hopefully) few who run into problems, a backup is going to be essential.

That said, it looks like it could be a very Merry Christmas indeed for us WordPress users 🙂

Poisoning the well

Dec062005

Overall, the volume of spam attempts on my server have been down lately. Oh, I still get a steady stream, I delete over 100 comment spams (caught by my filters) each day. But I’ve seen fewer of the massive, server-squashing spam runs that hammer my web service with too many simultaneous connections, blocking out legitimate users.

On the other hand, I’m seeing a lot more attempts by spammers to poison the well. What I mean by that is that they are submitting bogus comments, full of non-spammy (but more-or-less random) content, and links to legitimate web sites. For example:

Name: Adam Baumann

Hi. Just letting you know that I enjoyed your site. when Soldier Double Game Lose: http://www.newscorp.com/ , to Bet Opponents you should be very Faithful Big Gnome becomes Industrious Plane in final , Superb Opponents becomes Superb Soldier in final Faithful is feature of White Circle

The comment is obviously gibberish, right? And the links are all to perfectly normal — in fact, popular — sites. You might wonder why a spammer would bother posting it. The idea is to poison the well of any sites which use Bayesian techniques to classify content as spam or not. By tricking sites into classifying “good” content as “spam”, they (theoretically) can reduce the effectiveness of the spam filters.

With enough poisoning, your spam filter may start getting false-positives, which are legitimate messages that have incorrectly been tagged as spam. And if you get enough false-positives, you’ll lose faith in your spam filter and disable it. At least, that’s what the spammers are trying to accomplish.

Will their plan work? I guess that depends on your particular spam filters. I’m betting that systems like Akismet, which collect data from a wide variety of sources, will probably be able to defend against Bayes poisoning. How? Well, there’s this thing called an IP address. Even though the spammers submit their garbage via an army of anonymous proxy servers and zombie machines, they still only have access to a finite number of hosts, a limited number of IP addresses. It won’t take long for those IPs to be statistically classified as sources of spam. An IP like 221.3.235.96 will be flagged as a spam indicator far sooner than the words “Industrious” and “Soldier”.

So once again I say, thank you, spammers. We’re learning more about you every day.

The State of FeedLounge

Dec052005

Alex has posted a moderately detailed article explaining The State of FeedLounge. For any newcomers who don’t know what FeedLounge is, it’s a web based feed aggregator, not unlike BlogLines. But FeedLounge is a next-generation web service that looks and acts more like a desktop application than a web site.

I’m one of the lucky alpha testers who have had access for the last six months. I committed to using FeedLounge as my only feed reader, dumping SharpReader and the RSS capabilities of Thunderbird. I’ve watched FeedLounge go through some rough spots, and it always came back better than before. Alex and Scott have done an outstanding job with everything from the great AJAXian user interface to the invisible backend. When the time comes, if the price is right, I’m going to be a paying customer.

But you don’t care about all that, do you? What good is it to read about a service that you don’t have access to? All you care about is knowing that FeedLounge will be open for public beta on January 16, 2006.

Breaking the silence

Nov232005

Between projects at work (rolling out the largest indoor WiFi network in the world at a certain international airport near Atlanta) and projects at home (building more IKEA furniture — bed, dresser, chest, entertainment center, end tables, ottomans; doing what I can to help Suze prepare for Thanksgiving), I haven’t had much time for posting lately. But I’m making a minute to come up for a quick breath and note some of the things that have caught my attention lately:

And of course, there are the big stories that I won’t bother linking to, because you can hardly visit a tech/link site without bumping into them: Google Base, Sony Rootkit DRM, Tivo video on iPod and PSP, etc.

Blog Software Smackdown

Nov152005

Thanks to my friend Mike, who pointed out the Blog Software Smackdown article over on SitePoint. Author Vinnie Garcia compares the “big three” of blogging software: Movable Type, WordPress, and Textpattern. He gives a good overview of each, discusses their strengths and possible pitfalls, and provides links to example sites for each.

In the final analysis, he compares the systems in 9 areas, grading them on a five point scale. If you average the scores, the final tally is:

Movable Type
3.72
Textpattern
3.88
WordPress
4.38

Of course, that’s pretty subjective. What really matters is the feature set that’s important to you, and which tool addresses them in the best way. But it’s good to see that WP shines in this comparison.

Got a dog

Nov102005
A picture of our new dog, Spirit

Our new dog, Spirit

I had hoped to post about this sooner, but several weeks ago, we got a dog. His name is Spirit, and he’s a border collie mix. We’re not sure what the mix part is, but I was wondering if he might have some setter in him. He’s about 16 months old, and weighs around 55 pounds. He’s had some training already, and is pretty good about obeying a ‘sit’ command most of the time. He’s been great with the kids, and he loves it when Mary takes him out to play after school.

WordPress 1.5.x safe from XML-RPC worm

Nov092005

In case you didn’t already see my post over on the WordPress Development Blog, rest assured that WordPress is safe from the recently announced PHPXMLRPC worm. Some of the articles about this worm point to old information indicating that WP 1.5 is vulnerable, but that is incorrect. Versions 1.2.x and earlier are in danger, however. So if you have any older WP installations, you should upgrade them immediately, or delete the xmlrpc class files as indicated in the post I made on the main WP site.

Microsoft Wireless Network: Powered by Linux

Nov042005

Microsoft puts out a lot of FUD claiming that Linux is inferior to Windows. But their new company-wide wireless network will be driven by Linux-based equipment.

Aruba Networks was selected to provide the networking equipment for what is considered to be one of the world’s largest next-generation wireless LANs, serving more than 25,000 simultaneous users a day in some 60 countries. According to an Aruba press statement, Microsoft’s new WLAN will be deployed in 277 buildings covering more than 17 million square feet using Aruba mobility controllers, mobility software and some 5000 wireless access points.

What the press statement didn’t mention is that Aruba mobility controllers run the Linux operating system which Microsoft has aggressively targeted as being inferior to Windows as part of its “Get the Facts” marketing campaign.

It’s good to know that Microsoft is in line with my personal philosophy of “use whatever tool is best for the job”. 😉

Phil Ringnalda switches to WordPress

Oct312005

Phil Ringnalda’s site is now powered by WordPress.

But, I’m never again going to see my weblog software returning Perl’s infuriatingly common response to any problem, ‘Internal Server Error. Check the error log for a message that’s no more help than this.’ And I don’t think you can imagine just how happy that makes me. Freedom 0? I’m down with that. A vibrant, independent and free community? Cool. But I just wanted out from under the bloody Perl. Thanks, Matt, and everyone else who has worked on WordPress, and on b2 before that, for giving me such an easy way out.

I’m sure I speak for all of us who have worked to make WordPress what it is today when I say, “you’re welcome, Phil!”

Happy Halloween

Oct282005
Boo!

Goblin Dougal

Halloween has snuck up on the Campbell household. It’s not like we’re unprepared — we have bags of candy and the kids have costumes. But I just can’t believe that it’s the end of October already. I spent the last couple of weeks under some tight deadlines at work, and lost track of time.

I had hoped to dress my site up as I’ve done a couple of times in the past, but I just never had time to work on a stylesheet for the holiday. Maybe I’ll be able to do something for Christmas…