I agree with "Security is a process, not a product." AFAIK security is important for WordPress team. There is a lot of good documentation on a project site and there are some materials from WordCamps (fe. http://codex.wordpress.org/Hardening_WordPress)
Latest WP "hack" via botnets was because of weak logins and passwords which are set by the users. Can you blame WP devs for that?
Speaking about upgrading; making updates easier it`s also one of the goals of the project. Also it isn`t that hard when you develop WP sites using information from WordPress Codex docs.
I hope it will get better with time, and as i wrote people are working to get things better. Sorry to hear that you are not going to recommend WordPress any longer.
Latest WP "hack" via botnets was because of weak logins and passwords which are set by the users. Can you blame WP devs for that?
Speaking about upgrading; making updates easier it`s also one of the goals of the project. Also it isn`t that hard when you develop WP sites using information from WordPress Codex docs.
I hope it will get better with time, and as i wrote people are working to get things better. Sorry to hear that you are not going to recommend WordPress any longer.