Nothing like patching just a few days after patching. At this rate we might as well forget testing. :) But seriously, WordPress reports that they’re still working on some of the php vulnerabilities that recently seemed to be attracting attention, and so they’ve announced 2.0.7.

I like how they say “It is recommended that everyone running WordPress 2.0.6 or lower upgrade to this new version.” Wouldn’t that be everyone not running 2.0.7, or in short, everyone?

We know it sucks to have a release only 10 days after our last one, but we think it’s important enough for your blog to be secure to do it, and hopefully only having to change a few files will make the upgrade easier than normal.

It would definitely suck worse if they decided not to release in order to save face, or to save us the hassle, etc. as I’d prefer to be in charge of whether I want to fix a vulnerability or sit back and relax for a few more days, weeks, years while the Russians* attack.

Patch, patch, patch…

* Some folks I know said they managed to monitor and confirm the Russian connection. Unfortunately, I can’t say more, but I wanted to mention that I’m not arbitrarily choosing a country, just reporting the news/logs.

Here is a fascinating case about regulations, reported by the BBC:

Derek Kelly, 46, argued poker is a game of skill so he did not need a licence under the 1968 Gaming Act, as the law requires it only for games of chance.

But the jury at Snaresbrook Crown Court disagreed and took less than two hours to find him guilty of organising games at his Gutshot Club in central London.

[…]

Graham Trembath QC, told the jury that they alone would decide the verdicts.

He said: “Is poker a game of mixed skill and chance? That is for you to decide. The prosecution submit that common sense dictates that it is.

“Why do we say that? We say that because before a game can start someone shuffles the cards.”

Where does the threshold lie for chance and skill? I’m having a hard time thinking of a game that doesn’t involve chance at least to some degree…

Or maybe we should just say that luck was not on the side of the defendant this time around.

Anyone who worked as a Novell NetWare administrator probably has a story like this one to share:

The University of North Carolina has finally found a network server that, although missing for four years, hasn’t missed a packet in all that time. Try as they might, university administrators couldn’t find the server. Working with Novell Inc., IT workers tracked it down by meticulously following cable until they literally ran into a wall. The server had been mistakenly sealed behind drywall by maintenance workers.

Funny. I personally found one completely covered in nurses uniforms, hidden away in a wiring closet that had been converted into a, well, closet. We had remotely migrated its data to a new server and were just trying to find the thing so we could turn it off. It had been running without abend for years. Those were the days, eh?

On the flip side, the DailyWTF reports that some people think that servers should be placed in a location that is frequently visited:

Don had dolled out that task to construction project managers countless times, and they had always complied without issue: the server was installed in a secure and well-ventilated location. After all, where else would one put a $15,000+ computer running $100,000+ software to manage a $50,000,000+ construction project? When Don arrived at one particular location to setup the network, he discovered that the project manager had a slightly different interpretation…

You have to see it to believe it. Honestly, I would be scared to sit on a toilet that appeared to be connected to a Windows server. Note the unmistakable Ctrl-Alt-Del screen and the toilet paper roll on the floor. Please wash your hands before login?