So, here's a sketch:

WordPress 2.3.3 is out.

Since it fixes a security issue there's no better time than now to upgrade…

WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

Also, there is a vulnerability in the WP-Forum plugin that is being actively exploited right now. If you are using this plugin, please remove it until an update is available from its author.

Since we are talking security, remember to use strong passwords and change them regularly. While you’re updating WP and your plugins, consider refreshing your passwords.

Speaking of WordPress, does anyone know why Akismet suddenly sucks? The past few days it's consistently been beaten by trackback spam touting the night vision exploits of a certain hotel heiress. It's the EXACT same URL, with the EXACT same text and formatting, but it keeps getting through. I've had a handful of false negatives over the years I've used it (a few a month) and all of a sudden I've seen dozens of identical examples in just the past week.

Is someone gaming the system?

I've had thousands of email correspondents over the years so on occasion a zombified machine or two used to send spam finds my domain in the compromised machine's address book and creates fake email addresses pointing back here. In those situations, I can get hundreds of "Undelivered mail return to sender" type messages whereever the spammer fails to find a proper address. Over the past couple of days I've been slammed with them (a hundred here, a hundred there) and in the past ten minutes I've gotten over 2000 and counting. They're filtered into the trash on my machine, but it's still crazy to see that big of a spam assault happen in something like real time.

FTC seeks broad powers to fight spam
I propose invading Nigeria. I'd vollunteer for that shit. Lemme get that Prince Mboto Ngalla III! I don't give a fuck what happened to his father the General or his 30 million dollars!

Fuck Spammers
"Antispam sentiment on Capitol Hill is growing, with a new proposal in the House of Representatives promising to slap the worst bulk e-mailers with prison terms and millions of dollars in fines."

The only problem is this- what about Spam that originates in Europe, Asia or the motherfucking annoying spam capital of the world AFRICA (which is home to Nigeria?) What the fuck does Joseph Hawthorne Mboto III, son of retired General Joseph Hawthorne Mboto II care about US Anti-spam measures? Maybe we'll use it as an excuse to invade? Sweet.