The Blog of Harald

I’m astonished that this has not been fixed yet, given the huge problems lately with Movable Type and comment spam.

Joe Grossberg: MT Post Status Vulnerability

This explains why I’ve been getting comment notifications for old posts, even though I’m running an automatic “close comments after 2 weeks” script.

Proving once again that open source developers are not any better at security than everyone else :-)