Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


What's wrong with WordPress? - Page 3
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

What's wrong with WordPress?

13

Comments

  • joepie91joepie91 Member, Patron Provider

    YokedEgg said: Yes, because it cannot be done.

    No, because you're asking somebody to do free work for you with considerable legal risk, while setting a completely unreasonable standard for what constitutes "insecure" that doesn't actually match real-world security requirements, and that shows that you have no understanding of those requirements.

    If you don't understand why somebody's refusing to take you up on that, then oh boy, you're going to have a lot of trouble interacting with professionals throughout the rest of your life.

  • @joepie91 said:

    YokedEgg said: Yes, because it cannot be done.

    No, because you're asking somebody to do free work for you with considerable legal risk, while setting a completely unreasonable standard for what constitutes "insecure" that doesn't actually match real-world security requirements, and that shows that you have no understanding of those requirements.

    If you don't understand why somebody's refusing to take you up on that, then oh boy, you're going to have a lot of trouble interacting with professionals throughout the rest of your life.

    200 iq right here.

  • joepie91 said: (Of course, I will gladly try to find vulnerabilities for you in WordPress at my usual hourly rate, under contract.)

    To be fair, if you actually coded up a superior alternative to WP, I'm sure the benefits of that would far exceed your hourly rate.

  • If you manage to hack it, all you have proven is that it's unsafe.

    If you fail to hack it, you have NOT proven it to be safe. All you have proven is that you cannot hack it today.

    You have not proven that someone else won't be able to hack it tomorrow.

  • You cannot say something is exploitable without being able to factually prove that.

    Any argument you could present can easily be refuted.

    • It's illegal

    So exploit it in your own environment.

    • Not paid

    If you exploited WordPress then published it you will 100 percent be paid on the backend by increasing authority in the market.

    I don't understand how this is such a hard concept to grasp. Don't make claims you can't or are unwilling to prove with facts.

  • joepie91joepie91 Member, Patron Provider

    YokedEgg said: You cannot say something is exploitable without being able to factually prove that.

    I have not at any point called WordPress "exploitable". Those are your words, not mine. I don't know why you're expecting me to prove something I've never claimed.

    YokedEgg said: So exploit it in your own environment.

    Aside from security research being more legally complex than that, these kind of challenges also invariably end in "here, now prove that you can hack into my modified setup, otherwise your proof won't be good enough".

    YokedEgg said: If you exploited WordPress then published it you will 100 percent be paid on the backend by increasing authority in the market.

    image

    YokedEgg said: I don't understand how this is such a hard concept to grasp. Don't make claims you can't or are unwilling to prove with facts.

    I've already given you facts. It's not my problem that you choose to ignore or dismiss them.

  • @joepie91 said:

    YokedEgg said: You cannot say something is exploitable without being able to factually prove that.

    I have not at any point called WordPress "exploitable". Those are your words, not mine. I don't know why you're expecting me to prove something I've never claimed.

    YokedEgg said: So exploit it in your own environment.

    Aside from security research being more legally complex than that, these kind of challenges also invariably end in "here, now prove that you can hack into my modified setup, otherwise your proof won't be good enough".

    YokedEgg said: If you exploited WordPress then published it you will 100 percent be paid on the backend by increasing authority in the market.

    image

    YokedEgg said: I don't understand how this is such a hard concept to grasp. Don't make claims you can't or are unwilling to prove with facts.

    I've already given you facts. It's not my problem that you choose to ignore or dismiss them.

    "And well, to put it simply: it will get you hacked. Sooner or later. By somebody with a lot more malicious intent than the guy you were taunting to 'hack it to prove it'."

    So stop talking, don't post implying it will happen, or do it.

    Literally, every single post you try to argue with someone about something totally pointless.

    That, or you restate something that could be condensed to two sentences and use up about 50 in an attempt to seek external validation.

    r/iamverysmart.

  • joepie91joepie91 Member, Patron Provider

    YokedEgg said: "And well, to put it simply: it will get you hacked. Sooner or later. By somebody with a lot more malicious intent than the guy you were taunting to 'hack it to prove it'."

    So stop talking, don't post implying it will happen, or do it.

    I don't think you understand what I'm trying to say there.

    If your attitude is to refuse to believe an early warning that something is insecure,until that person is willing to prove it to you by doing free work for you that's legally dubious... then you're going to be missing a lot of early warnings, with the obvious consequence that at some point your infrastructure is going to get hacked because you ignored a warning.

    That has nothing to do with me intending to hack it. It's just pointing out that your carelessness will get you in trouble at some point. I even explicitly pointed out that it would be by somebody else.

  • YokedEggYokedEgg Member
    edited April 2018

    @joepie91 said:

    YokedEgg said: "And well, to put it simply: it will get you hacked. Sooner or later. By somebody with a lot more malicious intent than the guy you were taunting to 'hack it to prove it'."

    So stop talking, don't post implying it will happen, or do it.

    I don't think you understand what I'm trying to say there.

    If your attitude is to refuse to believe an early warning that something is insecure,until that person is willing to prove it to you by doing free work for you that's legally dubious... then you're going to be missing a lot of early warnings, with the obvious consequence that at some point your infrastructure is going to get hacked because you ignored a warning.

    That has nothing to do with me intending to hack it. It's just pointing out that your carelessness will get you in trouble at some point. I even explicitly pointed out that it would be by somebody else.

    200 IQ, restating what was already said on the thread and believing it in any way contributed.

    Again, until WordPress is proven exploitable then there's no "early warning". The early warning is the exploit being published. I'm not going to move my entire platform on the basis of "it can be hacked" anything can be hacked, entirely stupid argument. Don't attempt to claim otherwise until you can prove it.

    Your just looking to argument about some dumb baseless shit. I ain't got time for all of that until you can present facts.

  • joepie91joepie91 Member, Patron Provider

    YokedEgg said: until WordPress is proven exploitable then there's no "early warning"

    I... don't think you understand what "early warning" means.

    Anyhow, I'm done with this thread. You opened a thread to ask a question, I took the time to give you an answer including security advice for free, and all I get in return is you second-guessing every single thing I say, and demanding that I do more free work for you.

    I'm not going to put any more effort into that. If you want me to do work for you, then pay my hourly rate. Otherwise, stop complaining about the shit you get for free.

    Thanked by 1Wolveix
  • YokedEggYokedEgg Member
    edited April 2018

    @joepie91 said:

    YokedEgg said: until WordPress is proven exploitable then there's no "early warning"

    I... don't think you understand what "early warning" means.

    Anyhow, I'm done with this thread. You opened a thread to ask a question, I took the time to give you an answer including security advice for free, and all I get in return is you second-guessing every single thing I say, and demanding that I do more free work for you.

    I'm not going to put any more effort into that. If you want me to do work for you, then pay my hourly rate. Otherwise, stop complaining about the shit you get for free.

    Okay, so again, what was the point of commenting at all professor 200 IQ?

    Your going to comment and imply it's exploitable, then follow that up with "oh, but wait, pay me and I'll attempt it".

    Stupid. Should have never commented when you clearly can't back up your claims and kept your ideology in your head.

    There's so many huge companies that use WordPress, for example Facebook:

    https://newsroom.fb.com/

    If you honestly are trying to convince yourself that you're smarter than Facebook's team of brilliant engineers, you need a serious reality check, 200 IQ.

  • LeeLee Veteran

    YokedEgg said: There's so many huge companies that use WordPress, for example Facebook:

    Must be good then...

  • YokedEggYokedEgg Member
    edited April 2018

    @Lee said:

    YokedEgg said: There's so many huge companies that use WordPress, for example Facebook:

    Must be good then...

    Yep, Facebook's team of engineers are clearly smarter than both you and professor 200 IQ. We're talking PhD's here.

    But here's some more examples of huge sites, and if an exploit existed would clearly be utilized in pursuit of profit or publicity.

    http://www.wpbeginner.com/showcase/40-most-notable-big-name-brands-that-are-using-wordpress/

  • LeeLee Veteran

    YokedEgg said: But here's some more examples

    No need, you had me at FB, it's thread /end, nobody should ever question how amazing WP is now.

  • YokedEggYokedEgg Member
    edited April 2018

    @Lee said:

    YokedEgg said: But here's some more examples

    No need, you had me at FB, it's thread /end, nobody should ever question how amazing WP is now.

    Edgy.

    Not interested in a political debate about Facebook's practices, both you and I know the team consists of brilliant engineers. Don't let your bias cloud objective judgement.

  • lionlion Member

    I smell Crandolph

    Thanked by 3Lee vimalware Wolveix
  • YokedEggYokedEgg Member
    edited April 2018

    @lion said:
    I smell Crandolph

    Who? Completely irrelevant.

    Stop derailing the thread.

    It's about WordPress.

    Anyways:

    Completely open to alternative viewpoints on the software here but throwing out baseless exploit claims is unfair to the WordPress team without being able to prove it, also coming in here and being a condescending dick about it is even worse.

    In the same way you cannot post a thread calling a host a scam without having valid proof, I think the same fundamental principal should be applied here. It's not a hard concept.

  • LeeLee Veteran

    lion said: I smell Crandolph

    I thought that a week ago, defo a previously banned member.

    Thanked by 2YokedEgg Wolveix
  • lionlion Member
    edited April 2018

    @Lee said:

    lion said: I smell Crandolph

    I thought that a week ago, defo a previously banned member.

    Yep, new members that instantly post a lot are usually previous banned members.

    And his attitude just adds up.

    Thanked by 2YokedEgg Wolveix
  • @lion said:

    @Lee said:

    lion said: I smell Crandolph

    I thought that a week ago, defo a previously banned member.

    Yep, new members that instantly post a lot are usually previous banned members.

    And his attitude just adds up.

    Attitude of what?

    Not allowing someone to slander a brand?

    Alternative view points = okay

    Baseless claims you cannot prove = not okay

    Totally derailed and off topic.

  • joepie91joepie91 Member, Patron Provider

    YokedEgg said: Completely open to alternative viewpoints

    Evidently.

  • YokedEggYokedEgg Member
    edited April 2018

    @joepie91 said:

    YokedEgg said: Completely open to alternative viewpoints

    Evidently.

    If you say: I don't like the fact WordPress isn't static, valid.

    Saying WordPress is exploitable without providing proof of the claim, not valid.

  • lionlion Member

    Did i just won a price?

    Thanked by 3joepie91 Lee Wolveix
  • deankdeank Member, Troll

    He started to smell like a rotten egg.

  • Thanked by 1machine123
  • edited April 2018

    @lion said:
    Did i just won a price?

    Yep, correct.

    I'm crandolph, totallynotabot, and yokedegg.

    Mods already knew who I was and reached out to me s/o to MasonR. You don't win a medal, and it wasn't hard to tell if you paid attention.

    Originally tried to be nice, but to be honest, there's just too much toxicity here, there needs to be more guys like @Ympker here.

    To get banned for refusing to let somebody slander a software with no basis behind the claim, I'm cool with that.

    Actually won't be back this time. Srs.

  • lionlion Member

    @TotallyNotCrandolph said:
    Originally tried to be nice, but to be honest, there's just too much toxicity here, there needs to be more guys like @Ympker here.

    Without questioning this statement, if you don't like it, leave.

  • emgemg Veteran

    @YokedEgg said:

    @emg said:
    WordPress suffers from frequent security issues. Keeping up with patches adds to the workload. Automated exploits for script kiddies appear quickly, so you don't get a lot of time to patch, and let's not ignore the occasional zero day exploits.

    How often do we see headlines where "thousands of WordPress sites" were infected or taken over by bots? That says it all to me.

    Being a bit dramatic, also use WP-CLI for automatic updates.

    Not really. The number and frequency of past vulnerabilities, exploits, zero days, and other security issues in WordPress are excessive by any realistic definition. Nobody has to hack WordPress to make inferences about WordPress security from their past history.

    The best predictor of future behavior is past behavior. Has WordPress suddenly become super secure as @YokedEgg asserts, or are we likely to see many more vulnerabilities, exploits, and patches in the future? Which do you think?

    Clearly YokedEgg is the WordPress fanboy here. Anything he/she says about WordPress security should be viewed with skepticism.

    If it isn't obvious, YokedEgg cannot stand for anyone to criticize WordPress without responding ... with full quotes. Let's see what YokedEgg has to say in response to this message. Enjoy the entertainment. It's on me. :-)

    P.S. Allow me to point out that YokedEgg is most likely misspelled. I bet that YokedEgg doesn't know the difference between yoke and yolk. Most of the people here probably noticed but didn't bother to say anything.

  • angstromangstrom Moderator

    Wow, that escalated quickly in the end.

  • PandyPandy Member

    "im leaving because the community is toxic"

    "your argument is invalid because it doesn't align with my view, so im just gonna start calling you names"

    alright then

    Thanked by 1Wolveix
Sign In or Register to comment.