So, we update ourselves. Yes the blog was hacked and started sending out spam of some kind; even the GreenAnorakist hirself may be pwned occasionally.  (This was all more fun when it was the black hats doing it; now itʼs just a botnet most of the time.)  The good people at Memset caught it fast and did the expected stomping.

Unfortunately all this happened at a bad time, so it has taken a while to get back to it, not helped by a brief exploration of Rails territory.  Interesting though it is, we probably arenʼt going to switch to Publify, because there seems to be no way out of the box of stopping it sending account passwords en clair in email. This would probably be a trivial fix in Rails, but I have no taste for rewriting basic functions and having to redo at every update.  So – back to Drupal.

And hey, it took three minutes after setup to get the first spam account registration.  So, a little comment on accounts:  This site can register accounts, but will not do so by mechanical means until further notice.  If you would like to comment on-site, get in touch via the contacts page, saying why.  You should be able to send a comment via the contacts form if you like; interesting comments will be published unless otherwise requested.  (This involves account creation.) Responses will not usually be immediate though.