Wordpress Sux, Blogger Rulz!

Well, not really - but I made you look ;)

Seriously, there is someone with, uh, "issues" who decided that it would be cool to get attention by cracking a bunch of blogs run by some of the most well-known names in the SEO community.

The common theme was that all of the ones cracked so far were made using an older version of Wordpress, which has a security hole that has since been patched in the newest release, but many people have apparently not upgraded to yet.

I'm carefully using the term "crack" rather than "hack" or "hacked" because so far this is nothing but script-kiddy stuff, rather than a more skilled hacker attack. The code for the crack (and news of the vulnerability) has been available for a week now.

Part of the weirdness about this is that he listed all the sites he was planning on going after and announced he was going to do it, which of course got him banned by Wordpress. He's now on a Blogger account, but I doubt that will last long, either.

I find it interesting that Wordpress is so popular among SEO bloggers. I've never used it myself (I don't consider myself a blogger - I just happen to have a blog. Yes, I think there is a distinction.) but so far whenever I've looked around Wordpress seems to be pretty high on most SEO's software lists.

Me, I'm using good ol' Blogger, the get's-no-respect "geo-cities" of the blogging world. Thing is, I like it, for the most part. It's easy to use, especially the newest version, it's on a completely different IP range/server from my main site, and it gets spidered and indexed by Google very, very quickly.

It's not perfect, of course. Forget trying to access it in China. Some scripts and widgets just don't seem to like my template (I gave up trying to install a flash based Flickr widget) and it doesn't seem to remember who I am no matter how many times I log in and check "Remember Me'. The rest of Googles sites remember me, but not Blogger. For shame.

I'd feel an urge to go "neener, neener" to those who got cracked, in the same way that someone driving a Ford Pinto by a broken down BMW might, except 1) I've had sites cracked before and I know how it feels, 2) just because this guy started with Wordpress doesn't mean that Blogger doesn't have security issues, and 3) I'm probably going to use Wordpress at some point in the future for something, and I'd like to avoid jinxing it ;)

For now, I'll just lend my sympathy to those who it happened to, and to hope the guy who did this gets the professional psychiatric help he apparently needs.

More:

http://www.jason-roe.com/blog/stuntdubl-marketing-consulting-hacked-seos-a-target/
http://searchengineland.com/070115-182610.php
http://www.threadwatch.org/node/11333

So far, the only information that has become available is that he is probably from Canada (Hamilton, Ontario) and using Bell as a connection - which isn't a lot to go on , especially as anyone with any brains would do this stuff from a public internet connection, rather than a home IP address.

He also claims to be an SEO, though the claims and the manner he's making them make me think that's a red herring. Oh well.

Bottom-line, someone actually thinks it's cool to be a lamer, so we are dealing with an immature kid who needs a spanking and to be grounded from playing with daddy's computer.

Ian