Navid Azimi posted the fol­low­ing in a com­ment on the ini­tial Dash­lite announce­ment post:

This seems like a good imple­men­ta­tion and def­i­nitely has it’s uses but for most admin­is­tra­tors this could actu­ally be more detri­men­tal in the long run than ini­tially expected. The pri­mary idea behind the Dash­board was to allow all Word­Press Admin­is­tra­tors to stay informed regard­ing devel­op­ments in the community.

Many WP users (or any com­mu­nity for that mat­ter) install and sit. Often times being obliv­i­ous to new ver­sions and (most impor­tantly) secu­rity updates. This sort of unpatched soft­ware can be detri­men­tal not only to your web­host, and your web­site, but also to the entire web com­mu­nity itself.

For exam­ple, when phpBB was exploited with a major secu­rity flaw — there was a major defi­ciency in con­tact­ing all admin­is­tra­tors regard­ing the secu­rity hole. The prob­lem is twofold. The more you pro­mote the secu­rity hole, the eas­ier it becomes for mali­cious users to exploit unpatched instal­la­tions. You see where I am going here.

Of course — right now — in the prime heat of your blog you feel that you are check­ing wordpress.org every­day and you’re prob­a­bly skim­ming the forums daily too. There is no way you’ll miss any updates. But as time goes on and you have tweaked, retweaked and redesigned your web­site five times you’ll real­ize that its time for your blog to push bet­ter con­tent and not just look pret­tier. And its then when you sim­ply stop keep­ing up with every nightly or read­ing the forums daily.

Then again, I could be com­pletely wrong.

I kind of felt that this required a response more pub­licly than the con­tin­u­a­tion of the com­ment thread would per­mit, hence this posting.

I believe Dash­lite solves a real prob­lem which exists in the Word­Press 1.5 sys­tem — that users are dis­il­lu­sioned with the Dash­board sys­tem (hence the tremen­dous response given the rel­a­tively “back­wa­ter” stand­ing of this web­site), and that the Dash­board sys­tem is cum­ber­some in its exe­cu­tion of its role as an “alert sys­tem” for mak­ing users aware of soft­ware updates that are available.

I also believe that, espe­cially in light of the pro­lif­er­a­tion of multi-user blog­ging, and the func­tion­al­ity which Word­Press offers to facil­i­tate this, the Dash­board sys­tem is overly inva­sive in its pre­sen­ta­tion within the Word­Press admin­is­tra­tion interface.

Word­Press 1.5 essen­tially per­mits the estab­lish­ment of an author-moderator-editor sys­tem, allow­ing col­lab­o­ra­tive blog­ging in a multi-user envi­ron­ment, some­thing which allows com­mu­nal con­trol, but also (and more impor­tantly, if Word­Press is to gain wide­spread adop­tion through uphold­ing high usabil­ity stan­dards) some­thing which per­mits less technically-minded users to utilise the sys­tem pain­lessly and easily.

It was with this in mind that Dash­Lite was cre­ated — notably, I did not recently imple­ment it on this blog until upgrad­ing to Word­Press 1.5 a mat­ter of days ago: this is because it was ini­tially devel­oped in response to another task, in which a client was required to update con­tent them­selves. The point is exac­er­bated through the recent Word­Press search engine scan­dal, in which the news dis­played on the Dash­board echoed sen­ti­ments of blog­gers around the world who were either qui­etly sup­port­ive, or vocally against, the actions and cir­cum­stance which lead to that event — for most users, that is a mat­ter of mere pol­i­tics, and remains utterly irrel­e­vant, although may serve to pro­vide con­fu­sion if the Dash­board is con­sid­ered an offi­cial and autho­r­a­tive source of Word­Press news.

This is an ancil­lary issue, of course. The core prob­lem is non-technical users aren’t con­cerned, and, in the case of many multi-user blog­ging setups, don’t need to be con­cerned, with the tech­ni­cal state of affairs regard­ing the sys­tem they’re pub­lish­ing con­tent on. Admit­tedly, the Dash­Lite sys­tem makes dis­cov­er­ing the lat­est news regard­ing Word­Press one step fur­ther away, but, for a num­ber of rea­sons, this is of no great concern.

Firstly, being a “hack”, this is some­thing users will need to actively seek and imple­ment. It doesn’t come as part of the default dis­tri­b­u­tion, and hence will never be overly promi­nent — I address this as way of nul­li­fy­ing the point regard­ing the pub­li­ca­tion of secu­rity flaws in a two-fold sense (as with phpBB in the exam­ple cited in the com­ment): there’s never going to be a large audi­ence out of reach, as with phpBB, and, those who are out of reach are capa­ble of using “hacks” (that is, they haven’t just installed it from cPanel), and are prob­a­bly slightly more tech­ni­cally com­pe­tent — this means they’re more likely to have back­ups, to notice if their web­site has been com­pro­mised, and, although this is coun­tered in the com­ment, more likely to check the Word­Press web­site for updates, patches, and releases.

Of course, there are other ways to stay “in the loop” (excuse the pun — not the_loop) regard­ing Word­Press devel­op­ments, such as the Word­Press announce mail­ing list, or keep­ing the Word­Press devel­op­ment blog syn­di­cated in your feed reader of choice. And, for the most part, those bothering/capable of imple­ment­ing “hacks” are more likely to be those doing these things — as stated pre­vi­ously. Okay, let’s assume the implementor’s weblog reaches a kind of sta­sis, at least in terms of devel­op­ment, if not con­tent. I don’t believe this is a prob­lem for me per­son­ally, given my insa­tiable “need” to con­stantly tweak and alter things which are oth­er­wise work­ing quite fine, if only for the sake of nov­elty and orig­i­nal­ity, but that avoids the point that not all Dash­Lite users would be like this, and that my stand­ing on such mat­ters may change at some future point as yet unforseen.

There is, then, a need for the Dash­board to syn­di­cate con­tent for these pur­poses… but only for the admin user. I haven’t got time to address this imme­di­ately, so as an interim mea­sure the syn­di­cated con­tent (the Word­Press Devel­op­ment blog “Releases’ cat­e­gory RSS feed) is vis­i­ble to all users — I hope to address this in the near future, soft­ware com­plex­ity permitting.

I’ve ram­bled enough about this enough here, and I’m afraid peo­ple aren’t overly likely to read it all, so the actual announce­ment is posted sep­a­rately, but I’ll include down­load links here, too.

PHP source file, rich for­mat­ting (HTML)
Plain text ver­sion of the same, save this as-is

To install the update, sim­ply over­write the wp-admin/index.php file in your Word­Press instal­la­tion — it is advis­able you backup your old index.php file first, in case prob­lems arise (none noted in the changes made, but it’s pos­si­ble you’ll dis­cover some­thing, as always).

Tags: HTML, major deficiency, Navid Azimi, PHP, Search engine, search engine scandal, software complexity permitting, software updates, unpatched software, web community, WordPress administration, WordPress installation