hcg


Textpattern Security Audit

Back in March, I sent Neal Poole an email telling him that if he ever wanted to make the switch from WordPress to Textpattern, that I would convert his current template for free.

Hackers

Neal and I became acquainted while working on the PunBB forum project, and pushing for Textpattern is nothing new between us. Paul Sullivan, the former CSS guru on PunBB, eventually tried it and liked it, so my efforts do bear some fruit.

Neal works as a security consultant these days, but I had no idea that my email would cause a security audit of the Textpattern code. My intentions have always been to turn people on to software that I feel is better, just like I install Firefox on every computer I may use.

The code review of Textpattern by Neal turned up some security issues, TXP 4.4.0 was released because of his findings. Inadvertently, I caused more work for the TXP devs, my apologies, but in the end our preferred CMS has just become more secure.

My thanks go out to Neal for his effort, and the TXP devs for responding so quickly to the issues found. And Neal, the offer still stands, come get your free template ;)

I’m gonna get myself connected
I ain’t gonna go blind
For the light which is reflected