Floods of WordPress attacks traced to easily hackable, ISP-supplied routers

Wordfence, a security research company, discovered that the reason Algeria is the country most often seen in attacks on WordPress blogs is that the country's largest ISP distributes home routers that are locked in an insecure state, with an open port that lets attackers seize control of them and use them to stage attacks on higher-value targets. Read the rest

How a fishing guide's WordPress site became home to half a million fraudulent pages

Ned Desmond shares the scary story of how a small site he managed that advertised fishing expeditions ended up with 565,192 scam pages. He also suggests five ways to avoid the same fate. Read the rest

WordPress joins its users in court to fight bogus, censoring copyright claims

WordPress has gone to bat for its users in court, joining in two lawsuits over fraudulent DMCA claims that used copyright claims as a means of censoring critics. Back in August, a British anti-gay group called Straight Pride UK used a copyright claim to censor the publication of an on-the-record interview with one of the group's spokesmen. And in February, disgraced cancer researcher Anil Potti used copyright claims to censor Retraction Watch, a science watchdog that had reported on the journals that retracted Potti's papers.

Wordpress was the host for both of these sites, and at the time, it cooperated with the takedowns (the law does not require WordPress to honor takedowns that it deems to be bogus, but if it does not honor a takedown, it can be named as a party to any eventual lawsuit over the alleged infringement). But when the users went to court to fight for their right to publish, WordPress got their backs -- bravo! Read the rest

BB gets WordPress, Disqus, new machines

Good news, everybody! We've just upgraded our site software, installed new hardware, and moved our antiquated comment system to Disqus, replete with modern features. The site itself is otherwise unchanged; the grueling task of making everything look and work the same on a completely new platform fell to our lead developer Dean Putney and sysadmin Ken Snider. Both have worked tirelessly for weeks, and deserve many thanks. Thanks, guys! Your current comment login will work on the new system, but you'll need to reset your password. Fire any bug reports to bugs@boingboing.net and we will stamp on them ASAP. Also, the Submitterator will be in drydock for its own upgrades for a short while; in the meantime, submit via the private form. Read the rest