WordPress officially launched the WordPress bug bounty program on HackerOne May 15 of this year, almost six months ago. The goal was to leverage the tools HackerOne provides to improve the quality and consistency of our communication with reporters, and to reduce the time spent on responding to commonly reported issues in order to free […]
The internet is no longer a toy. It is no longer used only for fun or even simply for research. It is now an integral part of people’s lives, of businesses, and even entire economies. Comedian and science advocate, Bill Nye, was recently speaking about his new show Bill Nye Saves the World. Asked why he […]
I can discover usernames in WordPress, which means I’m halfway to compromising an account. It’s a common security report. The details vary – sometimes they find usernames through CSS classes, sometimes they’re using enumeration, sometimes it’s from a REST API endpoint – but the real problem is that the underlying logic is flawed. WordPress has […]
Website security is important. We all know it. For many though, it’s a topic they prefer not to talk or think too much about. They don’t really consider it in very many areas as they build or manage their site. Why? Security is Scary You know you want to be secure, so you start to […]
I started writing computer code about 26 years ago in 1991. At that time it wasn’t easy to teach yourself how to code. The Internet existed but not in the way we know it now. It was much smaller, contained far less data, ran at much slower speeds, and the first graphical browser didn’t even […]
Security is ever a game of balance. Ease of use against safety is the one I find myself thinking about most often; locks on your door inconvenience you with having to get out your keys, long and unique passwords necessitate working with a password manager, two factor requires additional equipment and steps. Most often adding […]
The Open Web and a History Lesson For this to make sense, you first need to understand how I view the web right now. The internet has become a foundation that a huge percentage of humankind rely on. I think that our future is as dependent on technology, the internet being a key piece of […]
Today is my last day at iThemes. It’s been a great two years, and I’ve learned a lot. I’m very appreciative of my time here and I will absolutely miss all the people. If you haven’t checked out iThemes or had the chance to meet Cory, Matt, or any of their amazing team, you definitely […]
Recently The Rocket Science Group, the company behind both Mandrill and MailChimp, decided to change things up. They decided to roll Mandrill, their transactional E-Mail service, into MailChimp as a paid addon available to paid MailChimp accounts only. A lot of people freaked out or got really upset, most of them focusing on the fact […]
This has been an interesting week for me. I’ve worked every day from a hospital room. To try to keep a very long story somewhat short, my grandma was in the ER Sunday, the experience was bad and they dismissed her rather than taking the time to actually figure out the problem. This resulted in […]