If Google is going to be at the center of our digital and online lives, they need to get a lot better about their support organization and how they handle account issues. Check out this story by Mark Ghosh for an example of what happens when things go wrong. What if you woke up tomorrow and your Gmail, Orkut, Docs, Reader, Google Checkout account was gone?
Episode 40 of WordPress Weekly discussed a wide range of topics from the release of WordPress MU 2.7 to the All In One SEO Plugin reaching one million downloads. Also sad to say that this was Keith Murray’s last episode as co-host. I wish him the best of luck in his future endeavors.
Kym Huynh co-host of the WordPress centric podcast, WordCast was in a terrible car accident. Kym was in the middle of a three week vacation celebrating his recent graduation from law school when he ended up in a bad car accident. Unfortunately, Kym suffered quite a few broken bones and now has a metal arm. Dave Moyer of DaveMoyer.org, producer of show published an email he received from Kym earlier today that can be read on the DaveMoyer.org website. I personally wish Kym a fast and speedy recovery. Please visit DaveMoyer.org to find out how to send your get well wishes to Kym.
WordPress MU 2.7 Released
BuddyPress 1.0 Beta 2 Released
All In One SEO Plugin Hits One Million Downloads
WordPress.TV Launches
Thank A Plugin Developer Day
CForms 2 Removed From The Plugin Repository
WordCamp Denver, Feb 28th
WordPress Documentation Project
Does The Post Revisions Feature Need To Be Revised?
Each week from now on, I’ll be featuring a new listener poll question on WPTavern.com The poll is located in the sidebar on the right hand side of the site.
This weeks poll question was: Has the visual post editor ever made you angry?
Out of a total of 22 votes, 20 of you said yes while only 2 of you voted no.
Next Weeks Poll Question Is: Do you think configuration options need to be added to WordPress to configure Post Revisions?
Plugin Picks Of The Week:
Jeff - Revision Control - Revision control gives users control over post/page revisions. With it, you can choose a blog-global setting which is found in SETTINGS - REVISIONS in the WordPress administration panel for pages/posts to enable/disable or limit the number of revisions which are saved per post/page. This setting can even be controlled on an individual level since the revision control shows up as a meta box in the WordPress Write Panel.
Keith - TweetSuite - TweetSuite is one of the most complete plugins available for Twitter-minded individuals. The tool allows for all the usual twitter features that we’ve come to expect (tweet my post, widget my tweets) but goes further: widget for favorite tweets, and most importantly TWEETBACKS. Becoming as important as trackbacks from other blogs are tweetbacks. When someone tweets your post with one of the major URL shortening services (tinyurl, is.gd etc) TweetSuite will find that tweet and add a tweetback to your post. Super cool. If you’re into twitter and have a blog, TweetSuite is a must-have.
Announcements: The next episode of WordPress Weekly will have a new co-host. Who will it be? Tune in to find out.
Next Episode: Friday February 6th, 2009 8P.M. EST
Subscribe To WPWeekly Via Itunes: Click here to subscribe
Length Of Episode: 56 Minutes
Download The Show: WordPressWeeklyEpisode40.mp3
Listen To Episode #40:
The plugin displays for all your bookmarks with a separately saved feed-url, when the most recent update has occured at the bookmarked site.
This is a store locator / location finder plugin that provides mapping tools for web designers & developers who create sites in WordPress & web site owners who need to show store locations or any set of locations on their website(s). Uses Google Maps.
This plugin collects the comments you posted on other people’s websites and lets you display them on your own blog. The process is entirely automated and works across all websites.
This plugin allows you to embed Instapaper ‘Read Later’ links adjacent to each post on your blog. Either use the template tag to display the links wherever you wish or let the plugin automatically display the links for you.
A simple plugin that displays full comments on the Recent Comments dashboard box.
A nice plugin which creates a widget which shows your scheduled posts or drafts with excerpt and more infos.
Import friends from Hyves, a social networking website.
WP-Validate collects all the pages on your site and runs them through the W3C’s HTML Validator.
No Sub-Category Posts in Loops
Once activated, only posts from the current category are displayed in your loop (no posts from sub cats).
A user can twitter your blog post over the web.
This plugin makes it easy to create a simple, modifiable popup window.
Simple PayPal Donate is a WordPress plugin that provides a basic ability to display PayPal donation buttons on your blog.
Display a list of contextually related posts for the current post. You can select the number of posts to display and if you want to automatically display the related posts in your content / feed.
Stray Random Quotes helps you collects and display random quotes everywhere on your blog. The plugin is widget compatible, and the appearance of the quotes can be highly customized. It comes with a easy to use, advanced management tool and a option page.
Automatically resize (i.e. scale down) images after uploading.
Display FLV and YouTube Video in you blog in a Custom Player. Usage: [zdvideo]url[/zdvideo].
Dodo is a Wordpress plugin that personalizes your blog homepage to any of your registered users.
Simple widget that displays the recent posts with a short content preview.
Grabs your visitor IP addresses and generates a map for those visits. You can define most parameters from it’s options page.
An elegant and easy way to present your archives.
I trust Google. I use GMail as my primary email address and store stuff in my mailbox that is of crucial importance to my existence as a citizen of this modern world. Over the past couple of months, Google’s Orkut has dealt a deadly blow to that trust that is making me rethink my allegiance towards anything Google.
I am the owner of a midly popular community on Orkut with about 25k users. Since I was given the privilege of being a beta tester on Orkut, I had created a community called Calcutta many years ago and that community has since, taken on a life of its own. It is run by moderators who report to me and I log in every so often to perform maintenance and help the moderators out. My existence is not only a mystery to the members of the community, it is also the source of much speculation and conspiracy theories, which was fine and dandy.
The Orkut application itself is full of holes and though Google seems to respond to major public reports of vulnerabilities, they keep coming back. Support for Orkut from Google is almost non-existent with what appears to be zero accountability. If one plows through the Google help sections to try and solicit help, they are either faced with a page not found or convoluted help screens that barely ever actually lead to a form to request support. Pleas for help and more often answered by the “Orkut hackers” than by actual Google employees. The Orkut application is so dangerous that people do not click on any links that are not Orkut generated and even then accounts and communities are compromised all the time. Hacking scripts and techniques are easily found via a simple Google search.
Now I am just as selfish of an individual as everyone else. I barely cared about any of these issues until something bad happened to me that I needed help for. I was the target of a phishing attack on Orkut and I fell for it hook line and sinker. My Google login is associated with my Orkut login. As soon as I realized that I had just sent my username and password to a phisher (within a few seconds of me hitting enter), I changed my Google account password. But alas, the damage had already been done.
This is where things get really weird. Apparently, a group of “hackers” had taken over my Orkut profile and were making drastic changes to the Calcutta community. Emails, IMs and phone calls started to roll in and I was in full panic. I was immediately concerned that my Google account was still compromised and all my personal stuff in my email would be in jeopardy. I went into damage control mode. I changed all my authentication credentials for everything Google.My Gmail account seemed to be untouched but my Orkut account, which uses the same login credentials (I know that was my own fault), seemed to still be under rogue control.
In spite of changing my passwords multiple times, changing login names, changing email addresses and trying all authentication tricks to fix Orkut, the miscreants still regained control of my profile. Instead of falling for the FUD about viruses and worms on my computer (many well wishers who reported the problem to me suggested that I format my computer because i had a key logger that was sending my password to the hackers, completely untrue), I decided to do some research on the problem. The more I learned, the less confidence I had in Orkut and Google’s intention and/or ability to fix the problems.
Now the only reason I disclose this issue is because I have not only reported it to Orkut (and received no answer), it appears to be the same an age old vulerability and one of many similar issues that were purportedly fixed. You can recreate this at home if you please.
The Orkut application stores cookies in such a way that if your cookie is ever recreated by someone else or transmitted to someone else, they can use that cookie to log in to Orkut as you. forever. No matter how you change your credentials, you have no recourse of regaining control. So if you ever get caught in a phishing scam that sends your password to someone else and they recreate your orkut_state cookie, they can login as you forever. I will not go into the technical details but the link above discusses it. If you log into your Orkut account using Firefox, using a cookie editing plugin, look for a cookie called orkut_state and copy the contents. Then log out of Orkut. After logging out, re-add the orkut_state cookie to Firefox with the cookie editing plugin and then visit www.orkut.com You will find yourself logged back in. Now I have tried changing my password, using a different browser, using a different machine from another location and other tricks with the same cookie and I have been granted access in all cases. From my research, it appears that Orkut expires the state cookie after 1 day (other reports talk about a 14 day expiration) but that problem is easily circumvented.
So essentially, I am completely at the mercy of the people that have re-created my orkut_state cookie using my old password that I disclosed on the phishing site. I have tried to contact Orkut help, posted messages in the help groups, emailed and complained to Google, emailed and complained via the Orkut complaint forms and even tried sending messages to places that are not meant to be Orkut related. It has been over two weeks and I have yet to receive a single acknowledgment. Nothing, nada, zip.
I don’t mind telling you that it is despicable for a company like Google to run an extremely popular application with a complete lack of care for its netizens. While I acknowledge that Orkut is not the most important product that Google offers, I think Google should still stand by their product. I also acknowledge that the fact that I am in this mess is my own fault, but shouldn’t there be some recourse? Would Facebook or MySpace do the same thing? Are we all under the false hope that someone in these big companies actually cares about the people that use their products? Is the online world doomed to failure in circumstances or are we willing to make a stand only when it affects us?
Who can I contact at Google that can even pretend to help? I am NOT “negotiating” with the hackers who have control over my profile, which has also been suggested and immidiately turned down by me. Or is my community a complete loss because I made a mistake and fell for a phishing attack?
I am not sure how I feel about trusting my life’s contents to Google if this is how Google treats compromises in security.
According to news filtering out of South America and Australia, Kym Huynh of the popular, WordCast, weekly WordPress podcast, has been in a terrible car accident and managed to escape with a new metal arm.
Dave Moyer of WordCast has the latest news. Kym spent five days in the hospital undergoing massive surgery to replace his arm with titanium parts and pieces to hold it together.
Dave has set up Get Well Soon, Kym on Drop.io for WordCast and the WordPress Community to share their good will messages.
Site Search Tags: kym huynh, wordcast, kym, wordpress community, wordpress news, wordpress community news
Subscribe 
Via Feedburner 
Subscribe by Email 
Visit
Copyright Lorelle VanFossen, the author of Blogging Tips, What Bloggers Won’t Tell You About Blogging.
Posted in WordPress News 
As mentioned in WordPress News: Logogate, WordPress.tv, WordPressMU, BuddyPress, and More, WordPress Logogate continues.
As announced, Matt Mullenweg has added a script to WordPress.com that forces all the variations of WordPress to the proper spelling with a capital P in the “Press” part of the name. It is the trademark way it should be spelled, and it’s annoying to many in the WordPress community to see it uncapitalized.
There are a variety of WordPress Plugins you can add to your blog to do the same thing, making it easy to not miss your p’s:
If you like to do things manually, you can add the code manually, as WPEngineer shows in “Spelling WordPress Always Correctly”.
Many are asking what the font is used in the Official WordPress logo. According to mentions in the WordPress Mailing Lists and on the WordPress Support Forums, it is Dante-mt, probably one of the antique versions of the commercial font.
Site Search Tags: wordpress, spell wordpress, spell wordpress plugins, how to spell wordpress, write wordpress, wordpress logo, wordpress news
Subscribe Via Feedburner Subscribe by Email Visit
Copyright Lorelle VanFossen, the author of Blogging Tips, What Bloggers Won’t Tell You About Blogging.
Posted in WordPress News, WordPress Tips 
Last week, we gave you two plugins to play with. And this week we’re back with yet another plugin.
Way back in 2005, Mark released the Top 10 posts plugin that allowed you to track page views and display them on your blog post. You could also display a list of popular posts.
With WordPress 2.7, a update was necessary and here it is.
The Top 10 plugin for WordPress will track page views on single and post pages and store them safely in a table in the WordPress database. You can then display the count in your post automatically, or either manually.
The best part about Top 10 is that it is compatibile with WP Super Cache. It will count page views even with WP Super Cache enabled and a unique feature with this plugin is that it will display the latest count from the database even on cached posts.
This plugin, though fully functional, is still in its nascent phase. There are several features that can be added and I already have a few planned. I’m looking forward to suggestions and feature requests to make Top 10 a truly useful plugin for all of you!
We have it running on this blog and I also have it running on Techtites. Check out the bottom of the posts for a demo.
So, pen down your comments on the plugin page or in the comments section below.
Asleep at the Wheel of Creative Destruction. Umair Haque’s thoughts on venture capital and the current crisis.
Dear MobileMe / Me.com, I really think you’re swell. I’ve been dreaming dreams of sync since my first Handspring, and you are the best I’ve used. Two things would put you over the top. First, the notes application on the iPhone is handy, but please sync this to a quickie app on Me.com so I can put stuff in and out of notes easily. Second, and this is a stretch, I know you don’t like to-do applications, but I also have an inkling you could do something that would make me stop using paper and pen for to-dos. And synchronize it. With love, Matt.
Screencasting Resources (Part One).: Michael Pick of WordPress.tv fame has started to put together a list of resources for screencasting. The goal is of course to add this user generated content to WordPress.tv for everyone to avail of. You could also add your videos and screencasts to WeblogToolsVideos.com