Wordpress reminder that software confidence not limited to Second Life

Yesterday Wordpress admitted that some nefarious individual broke into the download site for Wordpress and changed some includes files for Wordpress 2.1.1. This led to compromising anybody who downloaded and installed Wordpress 2.1.1 the last 3-4 days:

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

Ouch.

VTOReality currently uses the Wordpress blog platform and while we were using v2.1.1, it was not the tainted version fortunately. However, we still upgraded to 2.1.2.

While completing the upgrade I started thinking about Second Life and the numerous software and scaling problems facing the platform. It seems like there are SL-related problems every 2-3 days these days and an almost 100% chance of seeing a blue dialog box over the weekend describing some problem effecting inventory, teleporting or (gasp) Linden dollar transactions. Fortunately most are not security-related vulnerabilities like the one at Wordpress, but plenty of other issues that are usually not trivial.

This morning when I logged in I saw internal server errors in the screenshot above and circled in white below.

The strange thing here is SL is broadcasting (yes, somewhat unintentionally) their problems during the login process. Programmer types like myself might think Second Life with all its problems would at least try and trap these type error pages so they aren’t visible and show something more user-friendly (or nothing, perhaps). Sometimes showing generic error messages with no other explanation can lead to even more problems and loss of confidence among people. It can also have people question whether they want to run the software at all. I wonder what percentage of SL residents are scared away by instability and lack of confidence? I don’t believe any statistical data exists for that, but I’m curious.

It’s those blue message windows that popup telling us that the Lindens are “investigating issues” that are good transparency but bad from a confidence perspective. I’m starting to see those all too frequent messages as a form of Second Life blog spam. They’re not spam of course, but they happen frequently enough to make me shake my head and wonder if the platform is running on fumes.

I noticed some people comment that their confidence has now been shaken in Wordpress because of this breach. How many problems with virtual world software do you put up with before you say enough is enough?