Dr Dave of Spam Karma fame warns of a potential security risk:

If you are running WordPress as your blogging platform and if you have been trusting enough to leave User registration enabled for guests, DISABLE IT IMMEDIATELY (in wp-admin >> options: make sure “Anyone can register” is not checked).

Additionally, delete or disable ANY guest account already created by people you are not sure about.

Leaving it open and letting people sign-up for guest accounts on your WordPress blog could lead to incredibly nasty stuff happening if anybody so desired. And trust me I am not exaggerating this. So don’t wait a second to disable this option and please relay the message.

He has taken some flak for this (as it’s not, AFAIK, backed up by the official WordPress folk) and I’m not making a recommendation one way or the other (I already had that option off), but any readers who do allow users to register on their WordPress blog should have a read and make up their own minds.

Update: A new version of WordPress has been released which apparently resolves this security issue.

Alex Foster’s photo of queuing LibDems prompts me to comment on the bizarre security checks being carried out at party conference in Harrogate.

I was fortunate not to be caught up in any long delays, but I have a conspiratorial mind: I’m the sort of person who, while waiting to pass through the metal detector at the airport, can’t help wondering about the best way to get a bomb onto the plane. I therefore found myself pondering the logic of the system to which we were subjected when entering the conference centre.

I was asked to remove my coat, which was then examined by a security officer. I was asked if I had a mobile phone and to have it turned on. This was then also checked by security. And that was it. If my phone had actually been a detonator, I could have got round this stringentest of scans by claiming not to have one. If I wanted to get a pistol into the conference centre, I would merely have to have made sure to carry it in my trouser pocket and not my coat. A Richard Reid style shoe bomb would have gone undetected. No self-respecting terrorist would have been caught or deterred.

It’s possible the security checks were so good that this was all misdirection, and I was so enthralled and puzzled that I didn’t notice the hi-tech X-ray CCTV cameras giving me the twice over, but I think not. If we’re going to take security seriously, for our own safety, I can accept being slightly delayed so that it can be done thoroughly. Being checked so seriously, but so ineptly, though, is most off-putting.

I don’t know who came up with these procedures. I’d like to think that the Harrogate International Centre was concerned to protect itself and foisted them upon the party, because then the concern is why the HIC’s systems are so attrocious. The alternative is that the party needs to show the media that it takes itself seriously as the “real opposition”, and therefore has to act as if it considers itself a prime target for terrorism. Knowing, however, that it isn’t much of a target at all, it doesn’t matter if the security procedures are lax. I hope it’s the first explanation.