28 November 2007 @ 17:20A Sick Feeling in My Gut

Over the past week some Mac sites (four that I know of) were defaced by someone calling himself “malcor”. This, in turn, brought about some panic in the security and WordPress communities. A couple security firms blogged about the incident (Avert Labs, Blogvis.com) which only served to increase the awareness/panic.

Idiotic stunt

The so-called hacker named “malcor” was actually a fictional character created by MacHeist to promote their upcoming MacHeist II shareware distribution. John Gruber wrote an interesting article last year documenting what some might consider “shady” business practices. Last week’s events only serve confirm the foolishness and selfishness of the MacHeist team.

Apologies can be found here:

Stunts like this do nothing but tarnish the Mac community, and scare off potential Mac adopters. This I’m sure has also resulted in bad PR for some hosting companies and CMS providers such as WordPress.

My recommendation to all is to avoid supporting organizations like MacHeist. Do independent developers a favor and support them by making donations directly to the developers and/or paying them for licenses.

Update: It seems that others share some of my sentiments:

Be Sociable, Share!

by | 6 comments | Posted in exploits, security, stupid | Link to this

Comments:

  1. Steve | 04 Dec 2007 @ 11:44 #

    Greetings.

    I’m coming into this whole “failure” kind of late, however what I’m reading around the net gives me a sour taste of narcissism in my mouth.

    I do not understand why so many commentors feel betrayed by this PR move. Quite honestly, I see this as blatant narcissism, that some people are too good to be tricked. And if one does feel fooled, then wouldn’t their time be better spent at growing a thicker skin then simply complaining about it?

    I see your comments above and I also find it confusing that you believe this [stunt] tarnishes the Mac community. I don’t think some sort of publicity stunt like this does anything of the sort. In fact, I think it describes the love of the Mac from some die hard fans. And who the hell is judging MacHeist, who is free to make their own decisions to promote something that they own?

    I understand that everyone is free to say and respond to such an event, however I don’t agree with any of the negative standings. I don’t really care so much about what MacHeist attempted to pull off, but rather that so many people are acting like babies about it.

    Are you really losing sleep over this stunt or are you just hopping on board this anti-heist train to gain some traffic on your site?

    You ask your readers to support independent developers and I think that’s great. However, anyone who sees MacHeist as failing to do such a thing is naive.

    MacHeist is going to be successful again despite the whiners in the crowd. People need to learn to question what is going on around them and if they should take it seriously.

    As for the comments made by MacApper that the hack was related to a WordPress flaw, I am surprised by peoples reaction. I take that comment by MacApper about as serious as I take someone telling me that their computer was hacked because of a Windows flaw. Software’s flawed? Really? I should be surprised about that? No system’s perfect and I’m at risk? C’mon, give these guys a break!

    I found it to be equally frustrating that some “system admin” complained that MacHeist wasted his time with this hoax, because he went and checked his WP installs for such a flaw and came up with nothing. Whenever their is a legitimate WP flaw, they release a patch; this sys admin should have known better. And if flaws within such software are such an issue, he should know better than to use it. Either roll your own or roll with the flaws and make sure your backups are bullet-proof.

    Finally, I don’t think there should have been any apology issued, short of just admitting that it was a big prank and next time, don’t fall for it. This kind of pandering that MacHeist and the others have let themselves fall to will do nothing but reinforce a very small crowd making a mediocre noise. I find it sickening that those who decide to follow through with something, such as this prank, end up having linguine for a spine in the end.

    It was a brilliant idea. It may have failed, but it doesn’t change it’s brilliance. For the first time, there was collaboration between many big blogs to promote something they all believe in; independent, GOOD software that works! MacHeist introduced its promoted applications to new users; this is not only good for MacHeist, but it’s good for their companies.

    In the end, I’m here for the developers, not the crowd that can never be pleased. I see MacHeist as good for the developers, thus they will always be in my favor.

  2. Jon | 04 Dec 2007 @ 13:18 #

    Steve,

    You say that you’re confused by my feelings that MacHeist’s actions tarnish the reputation of the Mac community. Let me try to explain.

    Even though MacHeist represents a very small portion of the Mac community, their actions which were intended to bring them a large amount of publicity instead resulted in negative publicity to the community as a whole.

    First. The concocted hacker “malcor” spewed forth insults at the entire Mac community, and basically claimed that any Mac fan risked having their site compromised simply for being a Mac fan. That is obviously not a positive selling point for anyone who is considering buying a Mac.

    Second. While a hacked website does not equal a security problem for desktop users, in many people’s minds, it is all the same. A couple of security firms even blogged about the attacks as if it was a proven vulnerability to both users of WordPress and/or users of Macs. I know for myself, that this is not true, but it can take a while to convince others less familiar computer security that this is not the case.

    It doesn’t matter to me one way or the other, whether MacHeist is successful. I know that I don’t need every piece of software that they bundle, and I would much rather the developer of the software I use to receive a larger amount of my money, instead of the organizers of MacHeist. Cut out the middleman and deal with the developer.

    First and foremost, MacHeist exists to make money.

  3. Steve | 04 Dec 2007 @ 14:49 #

    Jon,

    I go back to my original point of how blatantly narcissistic the tone of your post was. Regardless of the argument at hand, the marketing move by MacHeist did not change enough minds of potential Mac customers to use another competing platform. Moreover, their actions did not warrant legal action by WordPress, Apple or the noted CMS/Hosting businesses.

    “…Even though MacHeist represents a very small portion of the Mac community…”

    “…The concocted hacker “malcor” spewed forth insults at the entire Mac community, and basically claimed that any Mac fan risked having their site compromised simply for being a Mac fan…”

    First and foremost, the Mac community is very small. About 5% of the desktop are on the Mac platform. Sure, 10% have been in recent sales, however what is the actual usage. I’m willing to say that less than half a percent of that number could be considered apple fan boys. This PR stunt did not tarnish the Mac name and platform.

    Also, you mention these security firms that blogged about the attacks. This is irresponsible behavior on the part of those firms. These firms are in business, because of their credibility. I see a knee jerk reaction here to blame the blogs of the firm on MacHeist, however if the security firms cannot tell the difference between real and hoax, their credibility with me is shot.

    Second, I’m confused still by your other arguments:

    “My recommendation to all is to avoid supporting organizations like MacHeist…”

    “It doesn’t matter to me one way or the other, whether MacHeist is successful…”

    You stated a general boycott of MacHeist and businesses in the same genre as MacHeist, yet state that you don’t care ultimately what happens to MacHeist. By claiming to boycott and promoting such action, you are advocating the take down of a business. Surly you do care whether or not MacHeist is a success and sir, you wish to see it a failure. Let me state that I feel, that for developers, MacHeist is a useful marketing tool.

    Also:

    “First and foremost, MacHeist exists to make money.”

    I would sure hope that they are not in business for any other reason. I often see that people despise businesses for simply doing what business are supposed to do; make money. MacHeist exists to make revenue off of an existing market, software, by offering lower prices in high volume. This is a tactic used by almost every retailer. MacHeist, as a business principal, also donates a portion of its revenue to charity, which will help grow their business with customers who feel that this makes MacHeist a “good company”.

    I’d like to go back to my original comment; there is no reason for making what MacHeist did into something big. I still feel that MacHeist and their collaborating blogs should not have apologized for their actions and that they should have stood by their actions.

    Their failure to do so has only lead to their continued pandering to a crowd that only grows larger when they see, what seems to be a “weak target”.

    Lastly, I’d like to address this:
    “Cut out the middleman and deal with the developer.”

    And most people do. I purchased Transmit and TextMate direct from the developer, because I didn’t know about MacHeist at the time. I’m willing to bet that a lot of the people that purchased these products didn’t know much about MacHeist and will never know about the “hoax” they played on a bunch of fans. Either way, how you get your products is up to you; either direct or resale.

  4. Jon | 04 Dec 2007 @ 15:25 #

    My opinion of MacHeist is just that — an opinion. Does what happens with MacHeist’s upcoming promotion affect my life? Of course not. I’m simply putting my thoughts out there, so others can see my viewpoint (which, must I remind you, you are doing as well). There is nothing narcissistic about having an opinion.

    “Moreover, their actions did not warrant legal action by WordPress, Apple or the noted CMS/Hosting businesses.”

    I’m unaware of what legal action you are referring to, and I’m not even suggesting for that to happen.

    “I see a knee jerk reaction here to blame the blogs of the firm on MacHeist, however if the security firms cannot tell the difference between real and hoax, their credibility with me is shot.”

    As I mentioned before, the reports of the security firms did not sway my understanding of the situation. I applaud you for being able to tell the difference between what they wrote, and what actually happened, but as I’m sure you are aware, not everyone had the same insight as you.

    “You stated a general boycott of MacHeist and businesses in the same genre as MacHeist, yet state that you don’t care ultimately what happens to MacHeist. By claiming to boycott and promoting such action, you are advocating the take down of a business. Surly you do care whether or not MacHeist is a success and sir, you wish to see it a failure.”

    I’m not “advocating the take down of a business” as you have put it. I am advocating supporting those who deserve the support — the Developers. I have donated to developers whose software I don’t even use, simply because I recognize their ability to create quality software.

    “there is no reason for making what MacHeist did into something big”

    Sir, it is MacHeist who made things bigger than they should have.

  5. Steve | 04 Dec 2007 @ 16:02 #

    I like your response, but you’re making assumptions about me that I didn’t make in my points.

    I didn’t state that there is any legal recourse being taken by those companies. That point was made to illustrate that MacHeist’s PR move wasn’t compelling enough to warrant such a reaction, thus the negative reaction that is being outlined here by the community is a bit over the top. Words such as “betrayal” are being thrown around those that share your sentiments, as if they don’t mean anything.

    Here’s an example:

    “Pathetic. You won’t be getting my time again.

    And to Phill – leave the Apple scene. Your sleazy used car salesman tactics are better suited for another industry. Like pimping. Give that a go as I can bet MacHeist 2 is going to be shunned by anyone with a brain.”

    This was from a commenter on MacApper. “Sleazy”, “pimping”? Really, was this whole thing sleazy? I suppose the word pimping does hold some water, but only to the point that Target pimps PS3′s and Walmart pimps $4.00 generic medication.

    Of course, you didn’t say this, however this guy agrees with you! Do you agree with what he has to say?

    You also applaud my ability to spot differences in pranks and genuine hacks, however I cannot accept your praise; I’m not a security firm that claims to be the end-all-be-all creditor to telling vast amounts of people what is going on.

    I see that you are advocating the support of developers and that’s great, but that’s not what you said in your post. You said, “My recommendation to all is to avoid supporting organizations like MacHeist.”

    And, you may think this odd, however I agree with you on your last point. It seems you and I agree that MacHeist screwed up by turning this into something big. Now, you may not agree with this, but they did so by apologizing and being spineless when all this came out to the public.

  6. Jon | 04 Dec 2007 @ 16:24 #

    I like your response, but you’re making assumptions about me that I didn’t make in my points.

    As are you. If you take issue with what I have to say, that is your right, and I am willing to respectfully argue my opinion. However, if you have issues with what others have said, you might address them instead of me.

    You also applaud my ability to spot differences in pranks and genuine hacks, however I cannot accept your praise; I’m not a security firm that claims to be the end-all-be-all creditor to telling vast amounts of people what is going on.

    My point was that you and I may not place much importance on claims by an irresponsible security firm, but others will. Without this silly prank, the silly security allegations would not have come up. It all starts somewhere, and in this case it started with a poorly thought out marketing scheme by MacHeist.

    I see that you are advocating the support of developers and that’s great, but that’s not what you said in your post. You said, “My recommendation to all is to avoid supporting organizations like MacHeist.”

    If you read the next sentence it says “Do independent developers a favor and support them by making donations directly to the developers and/or paying them for licenses.” Don’t leave out the rest of what I said.

    And, you may think this odd, however I agree with you on your last point. It seems you and I agree that MacHeist screwed up by turning this into something big. Now, you may not agree with this, but they did so by apologizing and being spineless when all this came out to the public.

    By your logic, they only need apologize because they were “caught”. That’s not a principle that I adhere to (in any scenario).

Add a Comment

Show who you are with a Gravatar.

 

Sign up for PayPal and start accepting credit card payments instantly.

Staples Logo

Get fed!

rss icon subscribe to Geek stuff

rss icon Geek stuff in your inbox

Add the "Geek stuff" Google Gadget to your homepage

Add the "Daily Deals" Google Gadget to your homepage

Apparel

Search Amazon

Search Amazon.com
Search Amazon.co.uk

Recent Forum Topics

    Advert

    Web hosting by ICDSoft