Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

Think Like a Hacker Podcast Episode 1: An Interview with Josepha Haden

This entry was posted in Podcasts on March 7, 2019 by Mark Maunder   29 Replies

Josepha Haden is the Executive Director of the WordPress project at Automattic. She oversees and directs all contributor teams in their work to build and maintain WordPress. Josepha can be found at https://josepha.blog. In our news segment, we talk about recent vulnerabilities in the Freemius library affecting WordPress plugins, the CoinHive shutdown, and why potential changes in WordPress core development will benefit end users’ security and more.

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Note that we are in the process of syndicating video and audio versions of this podcast to your favorite player, and we needed to publish our first episode to enable syndication. So check back in a few days and you should find us just about everywhere. Thanks for your patience.

This week in the news we cover:

  • WordPress as of version 5.1 now alerts site owners on the dashboard if they’re using an out of date version of PHP.
  • The 2018 hacked site report from GoDaddy Security/Sucuri indicates increased prevalence of WordPress sites in their site cleaning business. In better news, they’re seeing more WordPress sites updated than in years past, and the WordPress sites are being updated much more frequently than eCommerce platforms.
  • Freemius, a library used by a number of plugins with large installation bases, recently experienced a vulnerability disclosure and a challenging experience with a security researcher. Their blog post is a heartening read about how we all can handle security vulnerability disclosures that serve customers and the community as a whole.
  • The widely used Chrome browser requires an update to patch a very serious vulnerability.
  • WordPress core team is hoping to tighten major release cycles that hopes to streamline development for contributors as well as encourage more site owners to enable autoupdating.
  • A distributed cryptocurrency mining platform called CoinHive is ceasing operations. CoinHive was popular amongst hackers as a new way to mine cryptocurrency on hacked websites, but the crash in cryptocurrency value made it less profitable.

You can find me on Twitter as @mmaunder and Kathy as @kathyzant. Please don’t hesitate to post your feedback in the comments below.

Did you enjoy this post? Share it!

29 Comments on "Think Like a Hacker Podcast Episode 1: An Interview with Josepha Haden"

RichardC1976 March 7, 2019 at 1:54 pm • Reply

Any plans to add the podcast to Apple Podcasts?

Mark Maunder March 7, 2019 at 2:29 pm • Reply

Yes sir. There's kind of a weird workflow when doing podcast syndication. You need to publish your first episode, then go and set up a variety of channels now that you actually have the episode in a syndicated RSS feed, then publish a few more episodes which allow you to qualify for additional distribution on certain platforms that require a podcast to be around for several months or have X episodes published.

So we had to get the first episode out, now we're scrambling and I believe the team has already set up Apple/iTunes distribution and they're working on a range of others. Before anyone reading this makes the suggestion: Yes we're using the best syndication service out there. :-) And yes we've automated about as much as we can. But certain aspects of this you just gotta either wait, or do the manual work.

Thanks for the feedback.

~Mark.

Chook March 7, 2019 at 2:01 pm • Reply

Great Podcast! Looking forward to the next.

Mark Maunder March 7, 2019 at 2:25 pm • Reply

Thanks!

Helge March 7, 2019 at 2:31 pm • Reply

Proper first episode! :-)
I can't seem to find the Feed-URL to add you to my Podcast app. Nor does it show up in my Podcast app when searching for "Wordfence". Am using Pocketcast.

Mark Maunder March 7, 2019 at 2:43 pm • Reply

Thanks! We needed to get the first episode out before we could set up iTunes, Spotify, Google etc syndication. So you should have that for the next episode. It should be available on all major podcast apps. Honestly, my goal in life right now is to say "Alexa, play Think Like a Hacker podcast" and she'll do it.

FRANCISCO TORRES GARCIA March 7, 2019 at 2:46 pm • Reply

mmm this is not really a podcast (to me) it is not MP3 audio but video, and I can´t readily download it. Neither is it on Soundcloud.com, so... maybe later

Mark Maunder March 7, 2019 at 2:59 pm • Reply

Hi Francisco. There is an audio player in the blog post. We have added an MP3 download link. I've also added a clarifying note explaining that it will take a few days for us to appear on various platforms. Will include soundcloud and many others.

Lucas March 7, 2019 at 2:49 pm • Reply

Awesome! Thanks for creating this... have shared it with a lot of friends and colleagues.

Mark Maunder March 7, 2019 at 2:58 pm • Reply

Thanks Lucas!!

Martin March 7, 2019 at 2:55 pm • Reply

Hi Mark and Kathy,

Great first show - thank you!

The split between pure security-related items and the wider WordPress world, with the interview with Josepha, gave it a nice balance. I particularly liked the way both you and Kathy communicated security issues in a way that a non-infosec person (like me!) could easily understand.

Josepha has a big job ahead of her - the WP community was badly fractured by Gutenberg and all that surrounded it (I'm talking here more about the user community than the developer community), but I wish her the best of luck.

Looking forward to the next episode!

Cheers,

Martin.

Mark Maunder March 7, 2019 at 2:59 pm • Reply

Thanks Martin!! Glad to have you as a listener.

Ravi Jayagopal March 7, 2019 at 2:59 pm • Reply

This is great news, folks! I actually came here to see if you had a link to your podcast feed (I already searched in my podcast app for both "WordFence" and your podcast title, but couldn't find it). I was then going to ask/recommend that you do that. Looks like a couple of crazy podcast junkies already beat me to it :-)

Even if you have a raw RSS feed url available now, you should publish it above, so that folks like me can directly (manually) add the feed to our podcast apps, without having to wait for it to show up in a directory (like iTunes or in the podcast app's own directory) before being able to listen to it.

Let me know if you need any help with any of this. My team and I can help. This would also be a great topic to create an Alexa Flash Briefing (we can help with that too, without you having to do any additional work, with your existing show).

Cheers!

- Ravi Jayagopal
Podcast host, https://SubscribeMe.fm

Mark Maunder March 7, 2019 at 3:04 pm • Reply

Thanks Ravi. Here's the direct link to the RSS feed on our syndication service:

https://wordfence.libsyn.com/rss

Ravi Jayagopal March 8, 2019 at 12:32 am • Reply

Thanks! You should definitely add the RSS feed link below the video, so that you're not missing out on potential podcast subscribers.

Cheers!

sylvie laflamme March 7, 2019 at 3:24 pm • Reply

Thank you for this podcast.

Because we are many "not really fluent" in English, if you can add a text of your content, we will be able to
translate it or to read it at our "speed". Listen English speaking with many accents is always a challenge for me.
So, if you can write the content, it will be very welcome.

Thank you

Sylvie

Mark Maunder March 7, 2019 at 3:25 pm • Reply

Thank you Sylvia. I'll share this with the team and we'll see what we can do. I'll look into transcription services.

fearby March 7, 2019 at 4:39 pm • Reply

Awesome first episode. http://fearby.com/

Mark Maunder March 7, 2019 at 5:16 pm • Reply

Thanks Simon!

Osman March 7, 2019 at 5:28 pm • Reply

This is great news, folks!

Nils Östergren March 8, 2019 at 12:26 am • Reply

Many thanks for producing this. Interesting and entertaining. But you didn't address the name of the podcast at all.

Kathy Zant March 8, 2019 at 9:18 am • Reply

Hi Nils! We're excited to do so in an upcoming episode. Thanks for watching, and stay tuned!

Lawrence March 8, 2019 at 12:39 am • Reply

Thanks for all the useful information.
One point, I can't find the diagnostics page under Tools that Kathy Zant mentioned.

Kathy Zant March 8, 2019 at 9:17 am • Reply

Hi Lawrence! On your wp-admin, look for "Tools" under the Wordfence plugin. It shows up on the left sidebar when you're in Wordfence dashboard. Once you're under tools, there are tabs across the top showing the Wordfence tools available to you. The diagnostics tab is the furthest on the right.

Thor Carlson March 8, 2019 at 8:18 am • Reply

Enjoyed the first episode. Particularly noticed how you structured the Josepha interview to only include the answers. Nice. So are you sitting in an RV or something?

Kathy Zant March 11, 2019 at 12:05 pm • Reply

Thanks, Thor! Yes, Mark has an airstream and is fairly mobile. It's always fun to see where Mark is working/podcasting from.

madhousegraphics March 8, 2019 at 8:35 am • Reply

For those wanting to add the podcast to the Podcast player manually, this URL for the podcast feed works for me:
https://wordfence.libsyn.com/rss

madhousegraphics March 8, 2019 at 8:43 am • Reply

If you use the Player.fm app like me, I added the feed https://player.fm/series/think-like-a-hacker-with-wordfence

Glenn March 10, 2019 at 10:53 am • Reply

Excellent podcast, Mark and Kathy.

During it, I went out and updated my Wordpress site plugins and sent an email to my website host asking them when they will upgrade to PHP 7.3 (7.2 presently available).

So, you see, your podcast had an immediate positive effect on me!


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates

Leave a Reply

All comments are moderated before being published. Inappropriate or off-topic comments may not be approved.