It is amazing that I knew your comment was sarcastic. But, a computer parsing this sentence would never be able to tell. This is a reason that humans are special :)
A computer programmed to deal with sarcasm would contrast this statement with (local) popular opinion and deduce from the large contrast between the certitude of the statement and the popular opinion that this statement is either sarcasm or obliviousness. I think exactly as humans do. It's not that sarcasm is hard to detect for computers, it's just that it's hard for computers to collect enough contextual information to judge the validity of any statement.
WordPress (and PHP) are not bad things. They are things that have been designed for very specific purposes, and they actually excel at those things. Both are extremely easy to get up and running. They can run practically anywhere etc.
There are entire languages written with the design goal being security. It's not a matter of whether or not something is a capable tool (ie: runs 23% of the internet), it's whether or not it's the right tool for the job. PHP clearly isn't.
I don't think an application written in PHP makes it inherently insecure. Maybe if you're talking about some 2004-style PHP with magicquotes and register globals enabled, but not in 2014 with a modern stack/framework. You could write a shitty ruby app just as easily as you can write a shitty php app.
Writing your code in PHP, no matter how good of a programmer you are, makes it more likely that your natural level of mistakes will insert security issues into the code, especially when compared to a language with even basic features like static typing. I'm not saying this as some idiot who thinks PHP is bullshit and for noobs, I've worked on pretty large sites using PHP and I have a pretty deep understanding of it.
Everyone likes to say security is mission critical, but for the vast majority of people it really isn't. And for those people the development speed advantage, massive developer market, libraries etc. you get working in Ruby or PHP are well worth it.
Everything is tradeoffs, and it seems to me that in writing voting software deployability, development speed etc., are not nearly as mission critical as security.
> Writing your code in PHP, no matter how good of a programmer you are, makes it more likely that your natural level of mistakes will insert security issues into the code
While I'm inclined to agree, this is a self-defeating premise. If you're "so good" of a programmer that you do not make security affecting mistakes (i.e. one of only a handful of PHP programmers I've met), then the probability of inserting "security issues" into your code is still zero, regardless of language.
> I'm not saying this as some idiot who thinks PHP is bullshit and for noobs, I've worked on pretty large sites using PHP and I have a pretty deep understanding of it.
According to media PHP is used server-side (the system was written using CakePHP). This is decompiled client app that is used by electoral commissions (the one that is hardly working at the moment).
