tosunkaya · October 7, 2024 16:12 · Oct 5, 2024 · Oct 5, 2024 · Oct 5, 2024 · Oct 5, 2024
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -80,8 +80,7 @@
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
   * A few hours prior to Automattic's irresponsible disclosure, Mullenweg asked on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserted that "millions of sites" will be switching to other options in the coming weeks. 
   * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation by WordPress community members (on Reddit, Twitter, and probably elsewhere) that it was announced this way merely to harm WP Engine's business.
-  * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/)
-  * John Blackbourn, a member of the WordPress Core Security Team, also says ["I am going to work my damned hardest to ensure that the fix gets shipped to dotorg"](https://x.com/johnbillion/status/1842627564453454049)
+  * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/); John Blackbourn, a member of the WordPress Core Security Team, also says ["I am going to work my damned hardest to ensure that the fix gets shipped to dotorg"](https://x.com/johnbillion/status/1842627564453454049)
   * A few hours later, Automattic removed their Twitter post
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
 * Mullenweg reportedly [joins a Slack for ex-Automattic employees](https://x.com/kellie/status/1842625951508701214) and immediately attempts to assert control in the guise of "helping".
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -79,7 +79,7 @@
 * Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://web.archive.org/web/20241005190955/https://x.com/automattic/status/1842612123488473341) (link is to an archived version) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
   * A few hours prior to Automattic's irresponsible disclosure, Mullenweg asked on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserted that "millions of sites" will be switching to other options in the coming weeks. 
-  * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
+  * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation by WordPress community members (on Reddit, Twitter, and probably elsewhere) that it was announced this way merely to harm WP Engine's business.
   * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/)
   * John Blackbourn, a member of the WordPress Core Security Team, also says ["I am going to work my damned hardest to ensure that the fix gets shipped to dotorg"](https://x.com/johnbillion/status/1842627564453454049)
   * A few hours later, Automattic removed their Twitter post

diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -76,11 +76,12 @@
 
 ## 5 October 2024
 
-* Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
+* Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://web.archive.org/web/20241005190955/https://x.com/automattic/status/1842612123488473341) (link is to an archived version) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
   * A few hours prior to Automattic's irresponsible disclosure, Mullenweg asked on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserted that "millions of sites" will be switching to other options in the coming weeks. 
   * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
   * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/)
   * John Blackbourn, a member of the WordPress Core Security Team, also says ["I am going to work my damned hardest to ensure that the fix gets shipped to dotorg"](https://x.com/johnbillion/status/1842627564453454049)
+  * A few hours later, Automattic removed their Twitter post
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
 * Mullenweg reportedly [joins a Slack for ex-Automattic employees](https://x.com/kellie/status/1842625951508701214) and immediately attempts to assert control in the guise of "helping".
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -82,4 +82,5 @@
   * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
   * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/)
   * John Blackbourn, a member of the WordPress Core Security Team, also says ["I am going to work my damned hardest to ensure that the fix gets shipped to dotorg"](https://x.com/johnbillion/status/1842627564453454049)
-* The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
+* The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
+* Mullenweg reportedly [joins a Slack for ex-Automattic employees](https://x.com/kellie/status/1842625951508701214) and immediately attempts to assert control in the guise of "helping".
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -81,4 +81,5 @@
   * A few hours prior to Automattic's irresponsible disclosure, Mullenweg asked on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserted that "millions of sites" will be switching to other options in the coming weeks. 
   * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
   * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/)
+  * John Blackbourn, a member of the WordPress Core Security Team, also says ["I am going to work my damned hardest to ensure that the fix gets shipped to dotorg"](https://x.com/johnbillion/status/1842627564453454049)
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -78,7 +78,7 @@
 
 * Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
-  * Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
+  * A few hours prior to Automattic's irresponsible disclosure, Mullenweg asked on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserted that "millions of sites" will be switching to other options in the coming weeks. 
   * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
   * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/)
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -60,6 +60,7 @@
 * WP Engine [formally files suit against Automattic, Inc. and Matt Mullenweg](https://wpengine.com/wp-content/uploads/2024/10/Complaint-WP-Engine-v-Automattic-et-al-with-Exhibit.pdf)
 * Mullenweg continues his devotion to Posting Through It on the [Hacker News item about the lawsuit](https://news.ycombinator.com/item?id=41726197), to the point where actual lawyers in the thread are begging him to shut up
 * Automattic puts up a [blog post about the trademark situation](https://automattic.com/2024/10/02/wordpress-trademarks-a-legal-perspective/)
+* The Register has an article about the conflict, in which [Bruce Perens (one of the big names in defining Open Source) is quoted](https://www.theregister.com/2024/10/02/automattic_wp_engine_wordpress_license/)
 
 ## 3 October 2024
 

diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -4,10 +4,6 @@
 * [Automattic](https://automattic.com) is the for-profit arm of WordPress, which maintains the wordpress.**com** web host as well as offering a number of other free and paid addons to WordPress. Matt Mullenweg is the CEO and a member of the Board of Directors, and controls a majority of voting shares in the organization.
 * [WP Engine](https://wpengine.com) is a company which offers managed hosting for WordPress sites. They are a major player in the WP hosting space. It is important to note that the phrase "managed hosting" specifically implies a high level of control by the hosting company over the software and infrastructure; managed hosting services are geared toward less-technical clients and clients who want to offload server administration stuff. People who are purchasing managed hosting, as opposed to unmanaged hosting, are *specifically buying* the higher level of control by the hosting provider, because it means fewer hassles for them.
 
-# Other Resources
-
-* Michael Tsai is maintaining [a roundup that focuses on quotes and reactions from involved players and community members](https://mjtsai.com/blog/2024/09/24/automattic-vs-wp-engine/)
-
 # The Story So Far
 
  * [TechCrunch has solid reporting](https://techcrunch.com/2024/09/22/matt-mullenweg-calls-wp-engine-a-cancer-to-wordpress-and-urges-community-to-switch-providers/) on the [initial events](https://techcrunch.com/2024/09/23/wp-engine-sends-cease-and-desist-letter-to-automattic-over-mullenwegs-comments/): Mullenweg's initial blog post, his WordCamp keynote, his second blog post, and [WP Engine's C&D letter](https://wpengine.com/wp-content/uploads/2024/09/Cease-and-Desist-Letter-to-Automattic-and-Request-to-Preserve-Documents-Sent.pdf). The blog posts are posted to the wordpress.**org** blog, not to Automattic's blog.
@@ -25,6 +21,7 @@
 # Resources
 
 * Link to [full docket](https://www.courtlistener.com/docket/69221176/wpengine-inc-v-automattic-inc/) for anyone who wants to follow developments on the lawsuit
+* Michael Tsai is maintaining [a roundup that focuses on quotes and reactions from involved players and community members](https://mjtsai.com/blog/2024/09/24/automattic-vs-wp-engine/)
 
 # Updates
 

diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -82,4 +82,5 @@
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
   * Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
   * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
+  * One of Mullenweg's employees states on Reddit that a security patch will be pushed to the .org repository ["even if I have to apply the patch myself"](https://old.reddit.com/r/Wordpress/comments/1fwvs5z/alert_security_risk_acf_related_details_inside/lqibd65/)
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -80,6 +80,6 @@
 
 * Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
-* Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
-* PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
+  * Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
+  * PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -81,5 +81,5 @@
 * Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
 * Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
-* PatchStack, one of the big players in the WordPress infosec space, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
+* PatchStack, a WordPress infosec agency, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -79,6 +79,7 @@
 ## 5 October 2024
 
 * Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
-**Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is for 30 days") *except* to create a climate of uncertainty about safety.
+**Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is") *except* to create a climate of uncertainty about safety.
 * Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
+* PatchStack, one of the big players in the WordPress infosec space, reports on Twitter that [they are aware of the vulnerability and it is low-severity](https://x.com/patchstackapp/status/1842643906401329536), which fuels further speculation that it was announced this way merely to harm WP Engine's business.
 * The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -81,4 +81,4 @@
 * Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is for 30 days") *except* to create a climate of uncertainty about safety.
 * Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
-* The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective but contains a decent overview of events so far
+* The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective (one of their primary sources has undisclosed connections to Mullenweg's businesses), but contains a decent overview of events so far.
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -80,4 +80,5 @@
 
 * Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
 **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is for 30 days") *except* to create a climate of uncertainty about safety.
-* Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
+* Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
+* The story hits the mainstream press as [CNBC publishes an article about it](https://www.cnbc.com/2024/10/05/wordpress-ceo-matt-mullenweg-goes-nuclear-on-silver-lake-wp-engine-.html). The article is pretty lopsided towards Mullenweg's perspective but contains a decent overview of events so far
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -78,5 +78,6 @@
 
 ## 5 October 2024
 
-* Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue. **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is for 30 days") *except* to create a climate of uncertainty about safety.
+* Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue.      
+**Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is for 30 days") *except* to create a climate of uncertainty about safety.
 * Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -78,4 +78,5 @@
 
 ## 5 October 2024
 
-* After unilaterally blocking WP Engine from all of wordpress.org, including their staff's ability to update the plugins they maintain, Mullenweg asks on Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
+* Automattic's Twitter account [discloses that there is an unpatched vulnerability](https://x.com/automattic/status/1842612123488473341) in the version of ACF on the wordpress.org repository (which, again, WP Engine staff cannot currently update because Mullenweg has *unilaterally blocked WP Engine staff from accessing .org*). Automattic asserts that they have informed WP Engine about the issue. **Note:** This sort of announcement is *not* standard practice in infosec; there is *no reason* for this class of disclosure ("there is an issue but we are not saying what it is for 30 days") *except* to create a climate of uncertainty about safety.
+* Mullenweg asks on his personal Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -78,4 +78,4 @@
 
 ## 5 October 2024
 
-* After unilaterally blocking WP Engine from all of wordpress.org, including their staff's ability to update the plugins they maintain, Mullenweg asks on Twitter, ["What are the best alternatives to Advanced Custom Fields"](https://x.com/photomatt/status/1842500184825090060). He asserts that "millions of sites" will be switching to other options in the coming weeks. 
+* After unilaterally blocking WP Engine from all of wordpress.org, including their staff's ability to update the plugins they maintain, Mullenweg asks on Twitter, ["What are the best alternatives to Advanced Custom Fields…?"](https://x.com/photomatt/status/1842500184825090060) He asserts that "millions of sites" will be switching to other options in the coming weeks. 
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -74,4 +74,8 @@
 * In an interview with The Verge, [Mullenweg makes clear that he is in control of WordPress, and has no plans for that to change](https://www.theverge.com/2024/10/4/24262232/matt-mullenweg-wordpress-org-wp-engine)
 * Mullenweg comments on Reddit (on a now-deleted post, but the comment is still visible) that he believes WP Engine has hired a ["dark PR firm"](https://old.reddit.com/r/Wordpress/comments/1fw28at/wp_engine_appears_to_be_astroturfing_this_sub/lqc2gd8/)
 * Lawyer [Mike Dunford](https://bsky.app/profile/questauthority.bsky.social) has a weekly Twitch stream called the Litigation Disaster Tour Hour; his last two shows have focused on this conflict. The VODs are now [archivally available on YouTube](https://www.youtube.com/playlist?list=PLh377NiBtpyaufSDGqJKiuMTkM6LGLCoT).
-* Jeffrey Zeldman, one of the grandfathers of the Web as we know it today, wrote [a post about staying at Automattic](https://zeldman.com/2024/10/04/i-stayed/) 
+* Jeffrey Zeldman, one of the grandfathers of the Web as we know it today, wrote [a post about staying at Automattic](https://zeldman.com/2024/10/04/i-stayed/) 
+
+## 5 October 2024
+
+* After unilaterally blocking WP Engine from all of wordpress.org, including their staff's ability to update the plugins they maintain, Mullenweg asks on Twitter, ["What are the best alternatives to Advanced Custom Fields"](https://x.com/photomatt/status/1842500184825090060). He asserts that "millions of sites" will be switching to other options in the coming weeks. 
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -74,3 +74,4 @@
 * In an interview with The Verge, [Mullenweg makes clear that he is in control of WordPress, and has no plans for that to change](https://www.theverge.com/2024/10/4/24262232/matt-mullenweg-wordpress-org-wp-engine)
 * Mullenweg comments on Reddit (on a now-deleted post, but the comment is still visible) that he believes WP Engine has hired a ["dark PR firm"](https://old.reddit.com/r/Wordpress/comments/1fw28at/wp_engine_appears_to_be_astroturfing_this_sub/lqc2gd8/)
 * Lawyer [Mike Dunford](https://bsky.app/profile/questauthority.bsky.social) has a weekly Twitch stream called the Litigation Disaster Tour Hour; his last two shows have focused on this conflict. The VODs are now [archivally available on YouTube](https://www.youtube.com/playlist?list=PLh377NiBtpyaufSDGqJKiuMTkM6LGLCoT).
+* Jeffrey Zeldman, one of the grandfathers of the Web as we know it today, wrote [a post about staying at Automattic](https://zeldman.com/2024/10/04/i-stayed/) 
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -6,7 +6,7 @@
 
 # Other Resources
 
-* Michael Tsai is maintaining [a roundup that focuses on reactions from community members](https://mjtsai.com/blog/2024/09/24/automattic-vs-wp-engine/)
+* Michael Tsai is maintaining [a roundup that focuses on quotes and reactions from involved players and community members](https://mjtsai.com/blog/2024/09/24/automattic-vs-wp-engine/)
 
 # The Story So Far
 

diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -4,7 +4,11 @@
 * [Automattic](https://automattic.com) is the for-profit arm of WordPress, which maintains the wordpress.**com** web host as well as offering a number of other free and paid addons to WordPress. Matt Mullenweg is the CEO and a member of the Board of Directors, and controls a majority of voting shares in the organization.
 * [WP Engine](https://wpengine.com) is a company which offers managed hosting for WordPress sites. They are a major player in the WP hosting space. It is important to note that the phrase "managed hosting" specifically implies a high level of control by the hosting company over the software and infrastructure; managed hosting services are geared toward less-technical clients and clients who want to offload server administration stuff. People who are purchasing managed hosting, as opposed to unmanaged hosting, are *specifically buying* the higher level of control by the hosting provider, because it means fewer hassles for them.
 
- # The Story So Far
+# Other Resources
+
+* Michael Tsai is maintaining [a roundup that focuses on reactions from community members](https://mjtsai.com/blog/2024/09/24/automattic-vs-wp-engine/)
+
+# The Story So Far
 
  * [TechCrunch has solid reporting](https://techcrunch.com/2024/09/22/matt-mullenweg-calls-wp-engine-a-cancer-to-wordpress-and-urges-community-to-switch-providers/) on the [initial events](https://techcrunch.com/2024/09/23/wp-engine-sends-cease-and-desist-letter-to-automattic-over-mullenwegs-comments/): Mullenweg's initial blog post, his WordCamp keynote, his second blog post, and [WP Engine's C&D letter](https://wpengine.com/wp-content/uploads/2024/09/Cease-and-Desist-Letter-to-Automattic-and-Request-to-Preserve-Documents-Sent.pdf). The blog posts are posted to the wordpress.**org** blog, not to Automattic's blog.
  * WP Engine's letter alleges, among other things, that Mullenweg demanded money from WP Engine ostensibly as a licensing fee for the WordPress trademark, but in actuality to refrain from disparaging and defaming them on stage and in blog posts.

diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -69,3 +69,4 @@
 
 * In an interview with The Verge, [Mullenweg makes clear that he is in control of WordPress, and has no plans for that to change](https://www.theverge.com/2024/10/4/24262232/matt-mullenweg-wordpress-org-wp-engine)
 * Mullenweg comments on Reddit (on a now-deleted post, but the comment is still visible) that he believes WP Engine has hired a ["dark PR firm"](https://old.reddit.com/r/Wordpress/comments/1fw28at/wp_engine_appears_to_be_astroturfing_this_sub/lqc2gd8/)
+* Lawyer [Mike Dunford](https://bsky.app/profile/questauthority.bsky.social) has a weekly Twitch stream called the Litigation Disaster Tour Hour; his last two shows have focused on this conflict. The VODs are now [archivally available on YouTube](https://www.youtube.com/playlist?list=PLh377NiBtpyaufSDGqJKiuMTkM6LGLCoT).
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -68,3 +68,4 @@
 ## 4 October 2024
 
 * In an interview with The Verge, [Mullenweg makes clear that he is in control of WordPress, and has no plans for that to change](https://www.theverge.com/2024/10/4/24262232/matt-mullenweg-wordpress-org-wp-engine)
+* Mullenweg comments on Reddit (on a now-deleted post, but the comment is still visible) that he believes WP Engine has hired a ["dark PR firm"](https://old.reddit.com/r/Wordpress/comments/1fw28at/wp_engine_appears_to_be_astroturfing_this_sub/lqc2gd8/)
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -64,3 +64,7 @@
 
 * Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/) and announces that they have hired famous scumbag [Neal Katyal](https://en.wikipedia.org/wiki/Neal_Katyal)
 * Mullenweg confirms, on his own blog, that [159 Automattic employees took his buyout offer](https://ma.tt/2024/10/alignment/)
+
+## 4 October 2024
+
+* In an interview with The Verge, [Mullenweg makes clear that he is in control of WordPress, and has no plans for that to change](https://www.theverge.com/2024/10/4/24262232/matt-mullenweg-wordpress-org-wp-engine)
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -63,4 +63,4 @@
 ## 3 October 2024
 
 * Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/) and announces that they have hired famous scumbag [Neal Katyal](https://en.wikipedia.org/wiki/Neal_Katyal)
-* Mullenweg confirms, on his own blog, that [159 people took his buyout offer](https://ma.tt/2024/10/alignment/)
+* Mullenweg confirms, on his own blog, that [159 Automattic employees took his buyout offer](https://ma.tt/2024/10/alignment/)
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -63,3 +63,4 @@
 ## 3 October 2024
 
 * Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/) and announces that they have hired famous scumbag [Neal Katyal](https://en.wikipedia.org/wiki/Neal_Katyal)
+* Mullenweg confirms, on his own blog, that [159 people took his buyout offer](https://ma.tt/2024/10/alignment/)
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -62,4 +62,4 @@
 
 ## 3 October 2024
 
-* Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/) and announces that they have hired [Neal Katyal](https://en.wikipedia.org/wiki/Neal_Katyal)
+* Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/) and announces that they have hired famous scumbag [Neal Katyal](https://en.wikipedia.org/wiki/Neal_Katyal)
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -62,4 +62,4 @@
 
 ## 3 October 2024
 
-* Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/)
+* Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/) and announces that they have hired [Neal Katyal](https://en.wikipedia.org/wiki/Neal_Katyal)
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -59,3 +59,7 @@
 * WP Engine [formally files suit against Automattic, Inc. and Matt Mullenweg](https://wpengine.com/wp-content/uploads/2024/10/Complaint-WP-Engine-v-Automattic-et-al-with-Exhibit.pdf)
 * Mullenweg continues his devotion to Posting Through It on the [Hacker News item about the lawsuit](https://news.ycombinator.com/item?id=41726197), to the point where actual lawyers in the thread are begging him to shut up
 * Automattic puts up a [blog post about the trademark situation](https://automattic.com/2024/10/02/wordpress-trademarks-a-legal-perspective/)
+
+## 3 October 2024
+
+* Automattic releases [a blog post in response to the lawsuit](https://automattic.com/2024/10/03/meritless/)
diff --git a/mullenweg-wpe.md b/mullenweg-wpe.md
@@ -41,6 +41,7 @@
 
 * WP Engine updates several of their pages to modify their use of 'WordPress' and 'WooCommerce'. The changes are in most cases fairly minor and clearly intended to reinforce their claim that their use is nominative and fair. ( [before](https://web.archive.org/web/20240929165726/https://wpengine.com/) | [after](https://web.archive.org/web/20240929223818/https://wpengine.com/fi/) )
 * Mullenweg [confirms on Twitter](https://x.com/photomatt/status/1840980359673995362) that he, not the WordPress Foundation, is the sole owner of the wordpress.**org** domain and in sole control of all of the repositories and critical infrastructure which rely on it. 
+* LWN has [another nice recap](https://lwn.net/SubscriberLink/991906/d7340f3b866d855b/)
 
 ## 1 October 2024
No results found