-
Gravatar Advisory: How to Protect Your Email Address and Identity
Update: We’ve added comments at the end of the post pointing out that the National Institute of Standards and Technology (NIST) considers an email address to be personally identifiable information or PII. Gravatar is a service that provides users with a profile image that can appear on many sites across the Net. It is integrated with…
-
Avoid Malware Scanners That Use Insecure Hashing
In this post I’m going to discuss a major problem that exists with several WordPress malware scanners: The use of weak hashing algorithms for good and bad file identification. Some malware and antivirus scanners outside of WordPress suffer from this same issue. For brevity, I’m going to refer to this as the “weak hash scanner” issue. This…
