At first I thought, dam, another spam email not catched by my mail system. But no:
Dear site owner or webmaster of ufsoft.org, We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com. Below are some example URLs on your site which can cause users to be infected (space inserted to prevent accidental clicking in case your mail client auto-links URLs): ... etc, etc, etc ... Sincerely, Google Search Quality Team
This was legit email…
I then went to my blog, watched the pages that I was getting that warning and saw nothing until I checked the HTML source.
Somehow, someone had changed my blog post by including some <noscript>badware here</noscript> tags.
This was of course yet another security bug found for WordPress. There was already a new WordPress release which handled this bug.
I upgraded my WordPress install and removed all badware from my posts.
My quest now was, getting rid of WordPress and switching to a python blogging application.
Even though it was still not yet production ready, I needed to take it for a spin.
At first I started by running it locally and trying to import(by hand, ie, re-typing it all over again) my blog posts to this new blog engine, it was going to be a hard work...., but mitsuhiko soon told me on #pocoo that he was just finishing a WordPress importer, this would mean way less work.
While I waited for him to finish his work, I started coding some plugin’s for this new blogging engine. Dam, it was extremely easy. So far I’ve coded:
You are reading this post within my TextPress install, which makes me conclude this blog post.
WordPress Is Gonne For Good from my system. Make sure you check it out!