Wordpress Release Raises Privacy and Security Concerns

The latest release of Wordpress was made public earlier today. Since I've stopped using Wordpress I wasn't aware of it until I caught up with my RSS feeds a short time ago.

Whether the new release brings enhancements or new features won't really matter to anyone, as the new release brings with it a new "phone home feature":

Our new update notification lets you know when there is a new release of WordPress or when any of the plugins you use has an update available. It works by sending your blog URL, plugins, and version information to our new api.wordpress.org service which then compares it to the plugin database and tells you what the latest and greatest is you can use.

How?
Well it seems that it sends a lot more data back to Wordpress than is actually necessary and the lead developer, Matt Mullenweg, doesn't seem to have a reasonable explanation for this.

There's a couple of posts about the issues this raises and a very long discussion of it on the a mailing list (worth reading!)
The key point being raised time and again is that people aren't given an option to opt-out of sending the data. It might also be seen as breaching EU privacy legislation according to one contributor.

UPDATE: You can disable the call home function via a 3rd party plugin. If you read the mailing list thread there's one or two options mentioned.