Blogging Platforms Vulnerabilities » Computer internet security  
Computer and internet security news
computer and networking security portal
 
|
|
|
News
|
Advertise
|
|
Products
|
Contact

Blogging Platforms Vulnerabilities



Friday, May 18, 2007, 7:20
This news item was posted in Computer security Systems category and has 0 Comments so far.

Starting from Wordpres latest Akismet vulnerability, I was thinking of the impact that blogs have allready made in the way we use the internet nowadays. In terms of social networking and web interactions, the Web 1.0 brought the forums . Web2.0 brought the extensive use of blogs and this fact isn’t going to change.
On May 16 Wordpress released it’s 2.2 version and a few days later, the download counter already shows 42.000 downloads. The install base it’s huge and this is one of the reasons that blogs have become attractive targets for the spammers / crackers . Spam comments are just one example of blog abuse .
I reviewed the number of security vulnerabilities published for the major blogging platforms in the past year (May 2006 - May 2007) . The numbers are high, especially for the open source products (Wordpress, Drupal).
The number of publicly disclosed vulnerabilities in blogs during May 2006 and May 2007 according to securityfocus vulberability database:

Wordpress : 25
MovableType : 5
TypePad : 0
Drupal : 37

However, it’s hard to say which blogging platform is most secure and it’s almost impossible to say which blogging platform is best for your blog. You can use a very convenient blog publishing system such as MovableType or TypePad but you will face the black box approach when it comes to application security. Rolling your own install might seem difficult (although it’s not) but using an open source product will bring you the advantage of quickly “looking under the bonnet” and applying a bugfix in seconds.
There is also the option of using a hosted blogging service such as blogger.com or wordpress.com which saves you from keeping up with vulnerabilities and patches. I’m not going to get into the details of why you should / [...]

Read more at Dragos Lungu Dot Com | Security Notes And Tools

Related posts:

  1. Responsible blogging
  2. Weekly SANS @RISK Web Vulnerabilities List & Mitigation Steps
  3. Wordpress is vulnerable to threats
  4. Corporate blogging policies, can you regulate stupidity?
  5. WordPress 2.1.3 Akismet Vulnerability
  6. Weekly SANS @RISK Web Vulnerabilities List & Mitigation Steps

Related posts brought to you by Yet Another Related Posts Plugin.





Tagged with:

You can leave a response, or trackback from your own site.

Leave a Reply

Alcatel-Lucent reports employee data lost or stolen
Symantec: Chinese hackers grow in number, skills




:::: Recent entries


 
Join My Community at MyBloglog!



My BlogCatalog BlogRank

Computers Blogs - Blog Top Sites