Andrew Nacin on Challenging WordPress Assumptions

WordPress lead developer Andrew Nacin spoke at the php[world] 2014 conference on “Challenging Your WordPress Assumptions from 2009.” The video was recently published on YouTube and provides an excellent overview of the major ways WordPress has changed over the past six years.

Nacin explores common assumptions, such as “WordPress is insecure,” “WordPress doesn’t scale,” and “WordPress is not OOP,” among others. Some of these assumptions are false, some are true, some used to be true and others are partially true. If you’re a PHP developer who is new to WordPress or curious about how it’s changed over the years, this presentation will give you a quick 30 minute overview.

Check out the video embedded below to learn more about WordPress’ philosophy for building user-centered software, its commitment to maintaining backwards compatibility, and how major publishers and companies are using it in innovative ways.


2 responses to “Andrew Nacin on Challenging WordPress Assumptions”

  1. The ability for it to scale or not scale isn’t very relevant if the product continues to have repeated security holes – especially those in default files and “wordpress owned” plugins and themes.

    WordPress also continues to face the problems of inefficient or poorly indexed queries, and a myriad of issues related to plugins, their coding, their efficiency, and of course the security that comes with it.

    It’s a pretty good product, but much like Google’s Chrome, it is getting loaded down with more and more “neat features” and getting to be less and less what it is.

  2. Thanks for the video Sarah, that was very good.

    I’d love to have saw the day prior and following that he mentioned.

    I must say its rather refreshing to see him excited about what WP is doing and also not operating in a fan boy type mode. He clearly realizes that as a product there is alot to do and they are doing it.

    What developers (including myself at this point I must admit) are (or at least I was) unaware of is their model for expanding on the codebase. Transforming the codebase on a needs basis .vs. what tends to happen in development of a product with broadband usage of stick with modern paradigms.

    In as far as PHP, well… he said it. Its been the entry level for countless developers into web applications engineering. Yes, it powers a huge portion of the web. And yes, many are moving on.
    That doesnt mean it disappears anytime soon but it is now loosing ground and will continue to do so.

    As he noted as well, OOP was “bolted in” to PHP, not native. That comes at a significant performance / resource cost as it’s mapping objects into what are already considered a complex object (arrays). Where-as CPU architectures have made significant moves in addressing modes and how complex data is dealt with at a machine language level in support of complex objects. Its one of the reasons C# is now faster single threaded and much faster multi-threaded.

    It is really refreshing to see Mr Nacin be honest and on the money with what he said. He and I would differ in a few opinions but it is rather rare to see a lead developer hitting lots of the right nails on the head .vs. what people prefer to hear.

    Thus, thanks again Sarah, very enlightening video.



    Security issues happen. Happen on this, happen on Windows, happen everyplace. Just a scant weeks back Microsoft pushed a BUNCH of updates out related to security and I can assure you they were not near ANYWHERE as prompt in doing so as WP has been.

    Are CMS systems inherently more insecure than anything else? In some respects yes if they have an open development community. But thats not to say they are any less secure than Chrome or Firefox which have lots of plugins that can lead to problems.

    In as far as update mechanisms go, this isnt Windows. A complex update mechanism is a TON of code and really it requires considerable thought right from word go. Windows leaves files behind and deprecated functions as does OS/X, as does iOS as does Android.

    Microsoft has tried over and over different ways of mitigating what developers do, now, even building complete manifest in Windows internally. But know what, I could still write an installer that to avoid alot of it by making sure I am not using/running managed code.

    How do you think some Windows malware slips past Virus scanners and firewalls etc?

    Andrew Nacin is also absolutely correct when he says, “We are a target”. Thats important words. Just as once upon a time MSIE was the big target. You dont see people trying to create hacks to breach say Corel Paint Shop Pro’s updater. But WP, oh yes. BIG target on its head.

    Microsoft has a complete paradigm shift in .NET. Most PHP developers dont have any clue of .NET. Its an ENORMOUS and I do mean ENORMOUS framework. I am not speaking of simply ASP.NET, thats just one part of .NET

    Pretty much everything “windows” is built atop it. That gives developers an enormous toolbox but more so than that its results in avoiding what WAS happening. Developers all doing things their own ways resulting in your PC being a ready lock to be picked and much much more.

    In PHP, no such thing exists. There are lots of frameworks, Symfony, Codeignighter, this one, that one, seemed for a time everyone was making frameworks. But not a one of them was standardized into PHP and atop that, they are all coded in PHP which means instant performance impact. That is to say, there is no “native framework” coded in C++ (which is what PHP is written in), Apache is written in, mySQL is written in. That framework would be the “engine” not only providing the security to applications but much much more. As I said, its just mind-boggling how much in the way of function is in .NET

    C# / Mono is Microsofts “Shot across the bow” now that they have the platform to do it to the 70 some odd percentile of the web powered by PHP.

    I prefer C# to PHP myself, but, I dont prefer Microsoft in at least as far as web capitalization goes. Its a corporation. They gobble, they swallow and its a relentless pursuit, thats what defines corporation usually as history has shown.

    What WordPress has accomplished is simply astonishing. Truly.

    I am sure people cant figure me out. One minute I am “Go WordPress!” and the next, “.NET”.

    I dont see “color”. I am not a fan or naysayer of any projects. I simply see what I see and if I am shown I am wrong (as Andrew did with several statements he made in the video) I will be the first to stand up and go, “I was wrong”.

    And in many respects, “Clearly I was wrong”.

    As I said, thanks Sarah… Its great to see someone “in the know” speaking out to the community so people are not left guessing or trying to make sense of things.


Subscribe Via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.