nonsmokingarea.com

if you’re still running WordPress 2.3.3, now might be a good time to consider an upgrade. a recent exploit seems to turn your blog into a spamlink-farm, which might ultimately lead to a site-wide ban from Google’s index (as happened to Austrian proto-blogger Helge). to check if your blog is affected, look for the existence of the folder “wp-content/1″. more info on the exploit can be found at wordpress.org, as well as an upgrade-guide to 2.5 (highly recommended).

I’ve installed WordPress 2.5 on my blogs last week, and so far everything is running smooth. plus, the new backend-interface is really looking niiice. however, keep in mind that some minor plugins aren’t working on 2.5 yet!

ps: 2.5 finally features automatic update of plugins… however this doesn’t work on both of my installs - everytime I try to update, I’m just prompted for FTP-credentials - any ideas? thx!

pps: is there a tool to import UltimateTagWarrior-taggings into WordPress’ own tagging-system?

don’t forget to upgrade your Wordpress installation to version 2.2.2 (2.0.11 if you’re still on the legacy-branch). there have been some security leaks disclosed last week, so this is mandatory. the update should’nt break anything…if you encounter any problems on this blog (which has just been upgraded), feel free to shout - thx!

in case you haven’t been aware how easy it is to fake the originating number (’from’) of an SMS message, ONLamp features a step-by-step guide on spoofing Twitter (and similar services involving authentication mechanisms solely based on the senders phone number). this basically means that attackers only need to know a users associated cellphone number and an SMS-service like FakeMyText to post messages in his name. there goes your identity…

Google Blogoscoped has a detailed description of the latest Google security-exploit, which apparently now has beend fixed. the exploit was based on the possibility of hosting malicous content on a google.com subdomain, alllowing attackers to capture any visitors Google-cookie.

IBM-developers re-created a virtual representation of the Australian Open tennis-stadium within SecondLife. the build can replay tournament-games by receiving real-time tracking-data from the real world. 3pointD claims that about 1.000 IBM-employees by now are engaged in SecondLife.

for your eyes & inspiration: smashing magazine collected 50 light and 30 dark gorgeous web-designs (more to come, as this is planned to be a 5-part series).

a major security-vulnerability in popular open-source blogging-tool Wordpress has been disclosed. Automattic responded immediatelly by releasing version 2.0.6, which takes care of the issues. might be a good hint for all users to subscribe to their developer-blog (I wonder if the hosted software at wordpress.com uses the same codebase and is/was therefor prone to the same exploits?).

TechCrunch.com added oldschool forum-functionality today. very minimalistic. I wonder how they’ll avoid cannibalization of their very own, charged-for, job-board?

btw., another tech job-board launched this week, can be found at Read/WriteWeb.

video-feed of Lawrence Lessig’s talk at the 23rd Chaos Communication Congress (23C3), December 2006 in Berlin. quoting BoingBoing:

If you want to understand what computers do to culture and why the law is totally out of synch with that, watch this. I especially love that Larry describes why neither hacking nor lobbying will solve the problem — but sets out a strategy that will win, a real path to victory.”

since yesterday, podcast-indexing & speech-recognition service Podzinger allows users to search for keywords within YouTube-videos.

MobVendor is a SecondLife vending-machine, that adjusts product-prizes to the number of people avatars near the point-of-sale - the more avatars, the lower the price. 3pointD has the lowdown on crowdpricing in SecondLife.