Comments
How far will you go to promote your site?
Written By dable on Nov. 23, 2007.
10 Comments
Report Note
+ Clip This
Seems there is a buzz on the web that the malcor fanboy hacks of glennwolsey.com and macapper.com may have been PR stunt or marketing ploy. The lack of discussion on the media temple and WP support forums suggests that neither consider this to be a significant vulnerability. Of course, there is also speculation is that it was a lame attempt to increase traffic to these sites or is a preclude to macheist 2008. I know Glenn was previously involved in promoting MyDremApp/MacHeist but I do not see his connection to macApper at this point. Nevertheless, if it does prove to be a PR stunt, I cannot think that it will do anything to help their respective sites in the long-term but, then again, I am not 14 years old and tend to have a longer view of things.
So, how far will you go to drive traffic to your site?
Oli
Written Nov. 23, 2007 / Report /
You have to remember that "truth" in mac-fan-land is totally interchangeable with "rumour". It makes sense on some levels, it seems silly on others, but like you, I'm not 14.
I don't think there's any way you can actively do this and not eventually be caught by a [correct] rumour. There are too many conspiracy theorists scheming to work out what pile of fruit-branded plastic is going to be sold next, they're not going think a second before turning on one of their own.
Before the revelation that this might just be a big fat hoax, though, there were a lot of people saying "OH I completely forgot about these sites, thanks for reminding us you filthy-hacker, etc", so things may be temporarily on the up.
But in short, I've got to agree that this really hurts the longer term prospects. People are going to feel cheated for supporting them, and ultimately this should backfire... But can anybody prove it either way?
Oli
Written Nov. 23, 2007 / Report /
I hadn't seen the White Magic Labs post until just now. That looks like (I haven't checked the data for myself) it's getting closer to evidence, but it's not server and ISP logs from mediatemple and Glenn's ISP =)
dable
Written Nov. 23, 2007 / Report /
Seems there is a connection between Glenn & MacApper and that he may have setup their site. Two possibilities:
1) Glenn does not know much about setting up WP and left a gaping security hole
2) he is in on the stunt
In either case, the likelihood of this being a real XSS exploit in WP 2.3.1 looks small.
friday
Written Nov. 23, 2007 / Report /
That's a lot more work than coming up with something else with far more viral appeal IMO. Good lord - it's a LOT more work. It can't have helped that much.
dhollister
Written Nov. 23, 2007 / Report /
I've spoken to people at Media Temple in depth about this issue, for fear that our own sites might be at risk as well. (We have may accounts with them, through their whole server line.) They determined, though, that Glenn's blog was not hacked in any sense of the word, but rather Glenn had been using a default username/password on his WordPress installation.
This means that either...
1) Glenn simply does not know how to use WordPress, and that the hacker "malcor" just knew to try this out.
or...
2) Glenn created a "dummy" account in WordPress so that it would look like someone hacked in without being really traceable.
Media Temple claims that Glenn did indeed call in complaining that he was hacked, which would be very risky from a legal point of view if the whole thing was a ploy and they were ever caught. But again, that could be covering his own tracks, as it would've been dead simple to determine the whole thing was a ruse if he never called in a complaint to his host.
Anyways, none of this points to anything precise, and I will not speculate as to whether or not he actually was hacked or not. There is plenty of evidence both ways, and neither is enough to truly prove anything.
I will say, though, that if it turns out this is a ploy... they're doing a damn good job of keeping it together.
Ozone42
Written Nov. 23, 2007 / Report /
I'd say whatever it was worked, as far as getting attention. This thread is proof.
Michael
Written Nov. 24, 2007 / Report /
I think you guys are overthinking this. Glen has a popular site so it's possible that someone wanted to cause him some trouble by creating this controversy. I don't see Glen as being a malicious person.
David
Written Nov. 27, 2007 / Report /
Apparently, applematters / iphonematters thought it would be a good idea to be 'hacked' as well. The implication was that expression engine and/or EllisLab hosting was hacked by malcor leaving the good folks over at ExpressionEngine / EllisLab less than amused.
Sites that were 'hacked' include:
- glennwolsey.com
- macapper.com
- applematters.com
Article19
Written Nov. 28, 2007 / Report /
Pretending your site was hacked into is just as lame as those pishy emails going around warning you about some uber virus that will, if left unchecked, wipe your computer and kill your dog!
It causes a lot of FUD in people that don't know any better. If Mr Wollsey did do this on purpose then he's an arse and his mum and dad should ground him for a month and take away his computer!!
Nils
Written Nov. 28, 2007 / Report /
What on earth is this traffic you talk about? There's a couple people who seem to appreciate some of the stuff I write.. That it?
Who's Glenn Wolsey? That the guy who has a leaf ten miles down his site and who I never saw anywhere?
Translation: I'm really not sure I care.
Answer: I wouldn't go far at all. Obviously.
Sorry, this is my honestest answer. Would have been the same back when I was 14 too.