May 24, 2024

Lost Comments

Yesterday somebody defaced this site. This trashed the database that backs the site, so we had to restore it from a backup. Everything seems to be back to normal, except that any comments submitted after the backup (about two days ago) were lost. Sorry for the inconvenience.


  1. Reply to ReplyTo AdriftAtSea: I wouldn’t say it’s the final act, but they’re taking some big steps to get us there.

    Comment Vandalism: Is this something that I should be concerned about for my site with WordPress 2.0.3? (Not that I have many comments to lose!) What was the bug and how can we guard against it?

  2. ReplyTo AdriftAtSea says

    AdriftAtSea, you are possibly quite correct; however, in fairness to previous “regimes,” I would say almost every “regime” for the last 74 years (with the possible exceptions of Ronald Reagan, John F. Kennedy, and Dwight D. Eisenhower) would see what the current “regime” is doing as the final act of collecting the power that they all wanted for their own “regimes.”

    By the way, if you couldn’t tell, I don’t like partisan politics, period. As far as I can tell, all of the fighting between Republicans and Democrats is over who gets to implement expanding government power and which parts of the government will expand. It is not over how the government will implement principles of freedom. (Political hacks from both sides claim that their side is the one side which is fighting for principles of freedom–all the while, both sides are equally guilty for killing our freedom.)

  3. Thanks for explaining.

  4. Comment spam would be nothing new. We get about 600 comment spams per day. Fortunately there are outstanding filtering tools.

  5. The working theory is that they exploited a bug in WordPress, and managed to run the WordPress script to reinitialize the blog. This wiped out the database that holds all of the blog content (including comments), replacing it with the nearly empty database that new WordPress blogs get. I had to restore the database from a backup, so about two days of content were lost.

  6. I didn’t catch that incident. Out of interest, did they spam the comments, or did they manage to hack the main content proper? And if so, can you comment whether they exploited a “bonafide” security loophole (e.g. open permissions), or did they “hack” their way in (exploiting technical faults in the comment processing scripts, or the webserver’s protocol handling)?

  7. Sorry to hear of the vandalism. I guess that’s probably why TTLB had your blog with the default Hello World, but over a hundred links to it.

  8. Of course, the current regime in power would also be pretty much against much of what this site stands for.

  9. Yeah; his name rhymes with Frill Bates…

  10. Any guesses who could try to ‘trash’ a site named ‘freedom to tinker’?