I wonder what they mean by security testing? What exactly are they testing and how? BTW given that there's no security patches released for 5.2 anymore (while bugs are still being found and published of course) - their understanding of security is certainly unorthodox.

I retract my security testing statement. The are currently testing if 5.3 is stable on their servers and have no ETA for the upgrade :-(. This was in mid October.

I think this is more about not pissing off random untechnical customers that haven't bothered to update their off the shelf blogging software since 2005. Guess the tipping point is when they are losing more customers not upgrading than they will upgrading.