More on the WordPress Hackings

A couple of interesting posts have cropped up since I posted about the WordPress problems over the weekend.

Kevin Anderson has followed up, looking at the security risks (or lack of them) around WordPress:

Security analyst David Kierznowski at BlogSecurity has a list of more than two dozen known vulnerabilities in all versions of WordPress. A 2007 survey of 50 WordPress by Kierznowski found that only one of the sites was running the latest version of the software, leading him to warn that the WordPress community was vulnerable to attacks. So maybe the question isn't whether WordPress is more likely to be hacked but whether WordPress users are less likely to upgrade.

Meanwhile John August makes a good argument that, at this stage, most people shouldn't be hosting their own blogs at all. It's just not necessary, when there are so many good alternatives out there, both free and paid.

Here's how one Typepad user puts it:

Here's the deal:  I'm running a business - a speaking and consulting business that is focused on the use of social media by entrepreneurs, and this blog is the cornerstone of my content. I need to be sure there is is a team of experts looking out for me - testing technology before throwing it out there to the community, and most importantly, keeping me protected against issues like this one that is wreaking havoc for some Wordpress users.

Blogging is well and truly mainstream now. We're well beyond the tech-centric early adopter core, and for everyone else, using a hosted blogging platform is probably the way forward. Just look at the predominance of Blogger amongst the main UK political blogs. Even Guido is on the hosted WordPress.com VIP platform.