• 0 Posts
  • 30 Comments
Joined 2 years ago
cake
Cake day: June 11th, 2023

help-circle

  • IIUC the main problem with security (and how most WP sites get pwned) is the plugin ecosystem. There are thousands of plugins out there, which means that among many secure ones, there are also many (very) insecure ones. If you’re judicious and don’t install low-quality plugins, it shouldn’t be a major problem.

    WordPress itself has automatic updates turned on by default, so if a vulnerability is patched in WP core, that will land on your site automatically without any effort on your part.

    One plugin that’s I use on my WP sites is the free version of the Wordfence firewall. While not really necessary given the above, it does give me a little peace of mind.

    All that said, the main draw for WP is to be able to manage a website without having to touch code. If you’re happy to write your pages by hand, a static site generator is definitely a lot more lightweight than a CMS like WordPress.


  • That’s literally my point. Docker doesn’t pretend to be a non-profit, WordPress does.

    Your ‘points’ were:

    1. [Automattic] intentionally leads people to conflate the free and open-source software WordPress (WordPress.org) and their own proprietary and overpriced version.
    2. [WordPress.org and WordPress.com] are not the same people.

    I’ve already provided rebuttals to both points:

    1. Most companies doing open source lead people to conflate their free and open source software with their own proprietary version.
    2. Both are quite literally led by the same person, and have been since their founding.

    Now you have strayed the discussion to another ‘point’ (while accusing me of arguing in bad faith):

    1. WordPress ‘pretends’ to be a non-profit.

    To humor you I shall also provide a rebuttal to this third point:

    1. WordPress doesn’t pretend to be anything of the sort, because:
    • WP.org claims, on its homepage, to be “the open source platform that powers the web,” “built by an open source community with decades of experience,” and “community at its core.” It does not claim to be a non-profit.
    • WP.com claims, on its homepage, to be “WordPress, Your Way,” “the best way to WordPress,” and “lightning-fast, secure managed WordPress hosting.” It does not claim to be a non-profit.
    • The WordPress Foundation claims, on its homepage, to be “a charitable organization founded by Matt Mullenweg to further the mission of the WordPress open source project”, because it is.

    By the way… WP.org goes out of its way to recommend various hosting providers beside WP.com.


  • No, it’s worse than that.

    There is a separate open source project “Docker Engine” that runs 27% of containerized applications, that the for-profit “Docker Inc.” intentionally conflates with the proprietary, for-profit software “Docker Desktop” to get a major advantage over other for-profit businesses that sell tooling for “Docker Engine”.

    To make matters worse, “Docker Inc.” still controls the “Docker Engine” project and “Docker” trademark. This contrasts with “Automattic”, which spun out the “WordPress” project and trademark into a separate entity “WordPress Foundation”.

    It seems like you’re trying to read what I am saying in a way that fits what you want me to be saying and ignoring what I am saying rather than what I am clearly communicating.

    Sorry, but I think this applies to you more than it does to me.

    I’ll make one final attempt to spell it out. Mullenweg and Little founded “WordPress” and spun it out of Mullenweg’s company “Automattic” as a separate non-profit.

    Founadi, Hykes and Pahl founded “Docker Engine” and did not spin it out of their company “Docker Inc.” as a separate non-profit (which is the case for MOST companies that create open-source software).

    I can’t put any more of a fine point on it, so this will be my last comment on the topic. Have a good day.




  • Is Red Hat a conflict of interest? MongoDB (pre-2018)? Docker? Nginx? These for-profit companies all sell proprietary software alongside their open-source offerings with the same name.

    Is it a conflict of interest that Plausible Analytics profits off a hosted version of their open-source software? How about GitLab? How about Bitwarden?

    If you take issue with companies selling products based on open-source software they created (and using the same name), there are a LOT more companies you should take issue with than just Automattic (who, as discussed, voluntarily spun off their trademarks into a non-profit, unlike the companies named above).


  • The guy who, in the first place, came up with the idea for a fork of b2/cafelog (which would come to be known as WordPress), is Matt Mullenweg. He’s still the lead developer of the open-source WordPress project to this day, 20 years later.

    It is true that Mullenweg’s company Automattic gave the WordPress trademark to the WordPress Foundation in 2010. The founder of said foundation is the very same Matt Mullenweg. It is not the case that Automattic and the Foundation “legally […] have to be separate”, that’s a choice that Automattic/Mullenweg made.

    It is a fact that without Mullenweg, WordPress would not exist, period (neither .org nor .com). Mullenweg/Automattic do not only “[influence] the WP org”, they created (and still lead!) the WP org.

    Of course, I’m sure WP Engine is a fine host, and all the better that they also contribute back to the WP project (that’s the power of open source!).






  • I think Hackernews (sans the occasional edgy political take) and Tildes might be worth learning from. Let’s make it a goal to contribute content that others may learn from and do away with the copy-paste doom-and-gloom comments.

    So HN is quite heavily moderated (just turn on showdead if you want to see the graveyard), and Tildes tries to keep the community cohesive with their invite-only policy (limiting growth).

    Lemmy, on the other hand, allows open sign-ups and does not have a strong (HN-like) moderation culture. If anything, it has more of a Reddit-like moderation style, with a bunch of separate communities ruled by their own mods.

    Therefore, it remains to be seen whether appeals to the userbase will prove effective as Lemmy grows. Note that as Reddits userbase grew, the quality of the discourse went down, Eternal September-style.

    There are, though, still a couple of big differences between Reddit and Lemmy. The latter probably won’t try to attract users by running big campaigns in mainstream media, like Reddit did in later years. On the other hand, there’s the risk that Meta’s Threads or other (future) big tech platforms might end up federating with Lemmy.








  • Interesting blog!

    Clicked on your NAS article (one of the first linked ones) and spotted an error… you write that Synology NAS boxes don’t use standard RAID, but they do. They have official docs up on how to hook them up to a standard Linux system for disaster recovery (it’s just Btrfs or ext4 on mdadm RAID).

    Probably not super relevant for you or most readers, but just thought I’d point it out :)