I get that the angle of BNC here generates views (and outrage and haha blockchain bad).
But the real story is "WordPress websites still hacked in masses".
WordPress, somehow, cannot manage to turn themselves into a secure and tough system. It remains a prime target, it's installations get hacked by the thousands and it's causing real harm at that.
(Yeah, yeah, I know the users, admins, plugins, themes and hosted are to blame. And I know it's possible to truly harden a WP- I've built a WP hosting company that did exactly this. But it's saddening how poor the wider community handles it's security)
To be fair, WordPress core has gotten better. The bigger problem is that there are many WordPress plugins, and many of the plugins can't even pretend to be related to being secure.
Until developers are widely taught how to develop secure software, the problem will just keep moving around. We can't make software development environments where it's impossible to create a vulnerability, and we will never convince users to stop wanting new capabilities. Making things secure in the first place needs to be part of the solution.
Very over the top, but bear with me. For example: if your community of plugin developers cannot produce secure(ish) plugins, then it's probably time to get rid of the plugin system altogether. "Plugins endanger our users, we no longer allow them."
Being a player that powers a vast part of all websites, gives a responsibility. Taking up that responsibility includes making unpopular decisions. While "getting rid of the entire plugin system" is probably a bridge too far (it would kill WP instantly) the system needs overhaul (same for hosting, same for themes), badly. There is an intermediate solution, I am sure¹.
But the starting point must be "our community cannot handle the power we give it, so let's find a solution for that".
¹ I refrain from concrete examples here, bc HN tends to spiral into discussions on why random potential solution X will never work. I want to keep this on a higher level.
That, and/or a sandbox model where plugins cannot escape a sandbox.
And/Or a setup where a plugin's runtime is isolated from main WP and other plugins and it can only communicate with WP over a tiny and very much hardened API.
so many possibilities. This problem has been solved mostly. Just not for PHP (that I know) and certainly not for WP.
Being one of the biggest publishing softwares naturally attracts all of that: more publicity/cases, uninformed users, incentive and a probing/persistence ecosystem for hackers,.
I have to host a few dozen WordPress sites for customers and the ones that got hacked were all backtracked to: enumerating usernames, and some had their password equal that.
You could blame WordPress for not being more strict rejecting those per default.
Being one of the biggest publishing softwares gives a giant responsibility to prevent this.
I am convinced this responsibility isn't taken up by the community or by organisations behind it, seriously enough. Simply because the current status continues to be abysmal. I have many practical ideas how many issues could be solved, most are put forward and put down almost monthly in the community.
The current status is resignment: "well, we are big and this is how things are". No! Things could be better, more secure etc. But for that, things do have to change.
But the real story is "WordPress websites still hacked in masses".
WordPress, somehow, cannot manage to turn themselves into a secure and tough system. It remains a prime target, it's installations get hacked by the thousands and it's causing real harm at that.
(Yeah, yeah, I know the users, admins, plugins, themes and hosted are to blame. And I know it's possible to truly harden a WP- I've built a WP hosting company that did exactly this. But it's saddening how poor the wider community handles it's security)