Was Gravatar hacked or not? It depends on what you have read or what your definition of “hacked” is I suppose. The password breach monitoring service HaveIBeenPwned alerted users to a large-scale data leak by Gravatar, an add-on service for user profiles owned by Automattic.
In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing “globally unique avatars," HaveIBeenPwned warned. This technique allowed the details of just under 114 million users to get into hackers' hands.
Sarah Gooding over at WPTavern wrote that Automattic said they were not hacked. The Gravatar service gives you control over what you want to share online through their API. So this information can be made public and somebody can scrape that data and use it nefariously.
Jeff Chandler pointed out that this has been an issue since 2009 and shared the information from developer.it. Security researchers and privacy advocates have warned about privacy attacks on Gravatar for years.
Gravatar did not send out notices about the breach and left it to the user to accept the risk or use something other than Gravatar.
There is a new directory for FSE block themes. Over on make.WordPress.org during the run-up to the release of 5.9 developers should note that the directory names for templates and template parts are being changed. With the release of 5.9 these will instead be:
It's pretty straightforward.
Ellen Bauer will be sharing a twitter space with Justin Mahinyala discussing #Freelance opportunities for developers, designers, writers, and marketers in the #WordPress ecosystem. They will share advice and tips on how to get started. DM any questions you want them to talk about.
Leading off this week is Joost de Valk’s semi-annual CMS market share analysis. WordPress maintains a 43% share, the equivalent of AT&T’s wireless market share, within the CMS space. Shopify, WordPress’ closest competitor on the chart chimes in at 4.2% Shopify also shocked the industry by laying off 1,000 employees via email, penned by the companies CEO, Tobias Lütke. Juxtaposed to the the layoffs, a report from McKinsey & company, shows that 41% of workers surveyed quit their jobs due to lack of career development and advancement. Squarespace, which is holding on to the 4th spot at 2% market share, has launched their new website building experience: Fluid Engine. WordPress.com is going back in time…to their former pricing. Sarah Gooding from WP Tavern reports the .com team have ended their pricing experiment. The WordPress mobile app is shedding it’s Jetpack features, in an effort to simplify the experience: “The hope is that this change will simplify much of the UX and design of the WordPress apps for users who don’t want or need Jetpack services and tools. The WordPress apps will continue to be maintained and updated, ensuring that users can publish content from anywhere just as they can today. “ Meanwhile, the Jetpack team plans on improving the Jetpack app as they transition these features out of the core app. Have any predictions on how the Jetpack app will change over time? Tweet at us @thewpminute OR Join our members-only Slack group for $79/year. Help Josepha find a better name for Full Site Editing (FSE): Giving FSE a More User Friendly Name – Make WordPress Core. The terms “full site editing” and “full site editor” ...
Paul Lacey | Friday, 12 Nov 2021 | Reading time: 34 mins | Read online Listen to the episode This is content was sponsored by Connekt. They create handcrafted digital products, like WordPress plugins and themes. This was part of the WP Minute content bounty program where today’s author earned $200 to write and record this post. Thanks to Connekt for helping us create content like this. Today’s episode is bittersweet. It’s one man’s take on how Gutenberg has impacted the WordPress community deeply — down to the core. How the weight of control shifting in our space has shuttered him. The constant tug-of-war feeling that splits our community. And with all that, making this his final act for WordPress…for now. This man is former WP Minute Managing Editor, Paul Lacey. I’ve known Paul for a while, he’s a great person and genuinely cares about the people around him. He and I both hoped that the WP Minute project was different enough to re-energize his love for the space, but it only masked it temporarily. Ironically, it was through today’s essay/podcast, that reassured that stepping away from WordPress is the best thing for him. I wish him all the ...
This week we bring you a guest post by Winstina Hughes. Read on as she shares about a very important movement. The WordPress community has expressed tremendous support for the call to action to sponsor underrepresented/minority WordCamp speakers by removing the financial burden of their travel and lodging expenses. But who made the call, and what inspired it? Listen in to learn who made the call to action, what inspired her, the goal of the initiative, and where to seek support or offer sponsorship. Links Four Freedoms Community Team Inclusion Initiatives Support Inclusion In Tech ...