CNN IBN Web Team: Boo Boo to you

So, the CNN IBN web team claimed that the open source applications available on the web are not secure enough for use on their own website. So far so good.

Check this out:
http://tech.moneycontrol.com/

How come, their partners MoneyControl.com finds the open source web application WordPress secure enough for a tech Blog on their own site? They even have the CNN IBN logo in the header image.

Maybe they have smarter people working there. In fact, I happen to know one of them. Jayesh Mansukhani has been an online chat buddy since a long time. And I guess I contacted him through my India Broadband Forum.

This entry was posted on Friday, March 31st, 2006 at 10:23 am and is filed under Huh?, Musings, Ouchie, Rants. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed. Tags: India, India Broadband Forum, Sushubh, Web

Viewing 9 Comments

Abhishek 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Lol. Well, these guys all run in trouble..!

By the way, they blocked my comments on Sardesai's blog. Nothing inflammatory, nothing personal; but even though he writes in crap, there is a tacit admission that he's got money and TV exposure to carry his voice. And perhaps raise issues which matter to no one.

I have no personal grouse against CNN; but the fact that the comments being moderated is a BAD idea.

They are aware of the trashing they get; we' d expose their dirty tricks....

reply edit flag record video comment

http://broadbandblog.in

Varun 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

CNN-IBN's reason for not using WordPress is not so much about security as it is about the need itself. They don't need more than 70% of wordpress's features, and to top it all, they already have a decent enuff CMS, and integrating Wordpress into that for a very basic blog won't be worth the effort. And let's not even get into optimizing wordpress's theme to fit in with the rest of the site.

So it's much more about usage & usefulness than about "Security"...

And as for Open Source, IBNLive.com uses enough of that. They're on Apache, PHP and Postgres...ain't that enough to qualify as Open Source Lovers??

My decision to use WordPress for tech.moneycontrol.com has got nothing to do with IBN-LIVE, or the rest of Moneycontrol. It was a question of sheer whiptitude. Getting it up and running, looking good with a custom theme etc. in less than a day.

If I had to integrate it into the rest of the moneycontrol systems, I'd use custom code too.

reply edit flag record video comment

http://tech.moneycontrol.com

sushubh 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Incidentally, the reason given to Abhishek by a dude from CNN IBN for not using WordPress was the security issues which comes with WordPress. It was not about excessive features or problems with integrating it in the CNN IBN template.

Maybe, Abhishek can confirm this thing. Coz I remember hearing this exact logic behind them rejecting WordPress coz it was an open source offering.

reply edit flag record video comment

2 /people/sushubh/ /people/sushubh/following/

Varun 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Well...techies always like to make things up to explain away the real reason for not doing something...so don't think too much about that...

And then, trust me, obfuscation is the first step to security...Wordpress is public code, publically documented, with publically available exploits...if nobody knows what you're using, it's more difficult to hack it than if it's out in the open...

reply edit flag record video comment

http://tech.moneycontrol.com

sushubh 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

so they were trying to fool us by using an illogical explanation? not good. especially when they are dealing with people who are online 24x7 blogging about technology.

and well using public code. you are using apache, php and postgres... it is public code which is as prone to publicly available exploit. why not move to .net and use something which is so locked that it is practically unusable without any help from microsoft certified professionals.

anyways, my problem was the pathetic reasoning they gave for not using wordpress. a better would have been...

'we already have many bloggers blogging since quite sometime on our customised CMS. to install wordpress for one blogger won't make any sense.'

and i guess you already know that if a kid from California has his eyes set on breaking your customised CMS, it would hardly take him a couple of hours to find a loophole...

reply edit flag record video comment

2 /people/sushubh/ /people/sushubh/following/

Abhishek 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Very true Sushubh.

Though I wouldn't doubt that ever. If someone wants to find loopholes, he can easily do it. I was invited for a blog, which hasnt been set up as yet! I never saw the backend so, I can't comment on their CMS. Further, they need a SPELL CHECKER integrated. Have you seen the grammatical errors creeping in? Though, I dont care now.

Word Press? Publicly available exploits? Can't fix it up? I got an email which said so. It further said that Word Press isn't secure, thrid party application. They haven't seen the code, cant vet it and rah!

No arguments on that. I am not concerned with whatever system you run. We guys are WORDPRESS ADDICTS! It rocks for us. I have used Movable Type and it's sucks to the core.

Open Source rules. Incidentally, the fixes are faster for the Open Source programmes than for anything else.

Well, there seems to be an inherent problem with the IBN website. I did bring it to their notice several times, but it seems that they are not interested to fix it up. So long!

reply edit flag record video comment

http://broadbandblog.in

Idea 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

I don't think it is very easy to exploit anything in such a big company's custom content management system. If done properly, none of it should be exposed to the public Internet. Private network will be the only one updating the content of the site, and some other action publishes the content to their web servers, which also in most cases should be a single system also not accessible from the Internet that syncs the data for the public server that can could be several dozens in a "load balancing" mode.

reply edit flag record video comment

KARAN 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Hi,
Even I have got some tricks to disclose which have often been used by IBN. I have also written to Rajdeep....well Who cares.

reply edit flag record video comment

http://yahoo.com

retro 9 months ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

It's a shame what happened to Bangladesh. I hope the world steps up and helps them.

reply edit flag record video comment

http://www.retro.net