2. If I could count the number of blatant direct copies of my ideas and sites people have undertaken, I’d need a calculator.

I run a couple dozen sites and use many various scripts as a result. For example, I believe I have 9 active vBulletin licenses, and updating those takes me a good few hours, just to update!

I do try to read if any major security flaws are in WP, and if so, then I’ll update, but if they are just minor security bugs, I’ll wait.

I know this isn’t the best response, but even if I do get defaced, now that I have DiscSync set up, it will only be a minor hassle… and spending the time to keep updating everything is a cost/benefit calculation…

Having to worry about what plug-ins will be compatible, etc. and then taking my site down to upgrade it constantly, is truly a pain. I mean, there were 25 updates in just about a year’s span! that’s 1 every two weeks… just for Wordpress…

However hearing about not updating a popular widly-used system in 1-2 years is pain to my ears!
Wordpress is used by many thus security issues will get a lot of attension and get in the hands of script-kiddies and other malicious “hackers” who will do mass exploit attacks on the net just waiting to find one sorry dude who didn’t patch or upgrade.

Now the security issues may not have been any serious ones, but imagine in 3 months one does pop up?
Also why bother risking to get defaced etc? Just pain and waste of time.