Slashdot Mirror
JBoss Caught in Anonymous Posting Scheme
Reader scubabear writes "For years rumors have run rampant about employees of JBoss Inc. being actively encouraged to post anonymously, drumming up business by flooding the net with fake posts and simultaneously attacking competitors, all from behind a safe veil of anonymity. With the advent of a new feature for tracking users by IP on TheServerSide.com, the floodgates have been opened and those rumors have apparently been confirmed.
The Java blog space now erupted with posts from a variety of bloggers (here, here, and here for a start) exposing a variety of anonymous/pseudonymous accounts used by JBoss employees to put forth their Professional Open Source message and simultaneously slam anyone who gets in their way in online technical communities such as TheServerSide, JavaLobby, and various personal blogs. The evidence shows how a corporation can manipulate popular opinion via anonymous personalities, that open source companies can be just as ruthless as closed source when it comes to marketing their wares, and that you should never forget that your cookies and IP address can and will be tracked online. No official response has been heard yet from the JBoss crew. Disclosure: I'm one of those bloggers erupting on this issue (see my story here)."
You get what you pay for in free online forums. Here on Slashdot, you're welcome to publish what you want, but if you don't want to be tied to an e-mail-confirmed user account then you have to accept that your username will display as "Anonymous Coward", be penalized in the point-based mod system (assuming the user hasn't overriden the setting from the default), and you'll still be IP and cookie tracked for whatever purposes OSDN wants.
Mainstream media outlets at least do their best to make their commentators and reporters declare any conflicts of interests they have so that viewers can know about it when considering information from that source. But, non-mainstream outlets are more direct... you get "closer" information, but you also take the risk of what happens when a source with conflicts is allowed to speak unchallenged. Which seems to be exactly what happened here.
Will Accenture want to keep that big logo on their home page?
I wouldn't, but then again, it's accenture.
You can't really publish anything truely anonymously. You never really could anyway. The closest thing is to find somebody who is willing to know who you are who is willing to accept your writing and publish it without crediting you while disclaiming that somebody else wrote it. Of course, that person has to accept the legal liability that comes with publishing that work as if they wrote it themselves.
Yep, some speech does come with a legal liablity attached. "Free speech" is a great ideal, but it is also subject to the greater ideal of "Your rights end where somebody else's rights begin." That is, you can't use free speech to give instructions that put somebody else into danger or spreads lies about somebody else. That's just not your right to do because it ends up damaging somebody else's rights.
People who oversimplfy the Bill of Rights... such as those who claim that the 1st Amendment protects all expressions of speech from all authorites everywhere, or that the 5th Amendment means you'll never have to tell of your own crimes in court if you don't want to are making sophomoric mistakes. They sound right, but they're not.
The same goes for this suposed "right" to be annonymous. You can try... but there's always somebody who can squeal on you if they want to.
This has been going on for years. What makes a company with it's hand caugh in the cookie jar news?
Ya da da da da da da
Secret Smurf!
Astroturf!
The thing that really makes me laugh is that the last slashdot article featuring SCO getting an award for FUDdism also has some nice comments about JBoss.
Don't be evil, please.
I guess I don't see the problem. Whether the posters were anonymous or not, don't their opinions and refutations of the facts matter?
"When these masked marauders enter a discussion, you are no longer debating facts and opinions; instead, you are fencing with a phantom"
So the people are masked, their motives are unknown, but the discussions are still real, yes? Here at Slashdot, people can post anonymously, or with presumed pseudonyms/identities; I still don't see the problem.
If some engineer tells you that you should implement some feature you either agree or disagree, it shouldn't matter that the engineer is from company X or some guy in a basement.
This whole post seems like a rant from people who have a grudge so deep against JBOSS that they have made a policy of disagreeing with the company as a whole. Is it any wonder that such a flagrant policy has made JBOSS go undercover? How ironic is it that these people can have a normal discussion with "faceless individuals" but as soon as they realize those individuals were from JBOSS they want to scream bloody murder?
Joseph Elwell.
Wow, I think somebody from Jboss is on the same subnet as me. This is what happens when I try to post an anonymous reply:
Neato. I wonder if I know them.
I remember when legal used to mean lawful, now it means some kind of loophole. - Leo Kessler
"The evidence shows how a corporation can manipulate popular opinion via anonymous personalities, that open source companies can be just as ruthless as closed source when it comes to marketing their wares"
This story is a reminder that corporations are corporations and they will do almost anything to get money. In fact, by law they must put the bottom line above any other consideration. The documentary, The Corporation, discusses this fact, and how corporations are legal persons. The whole premise of the film is: Since corporations are recognized legal persons under the law, what kind of person are they?. Watch the movie to see the 'diagnosis' of what kind of person the corporation is.
Even nice corporations to open source like IBM will sell out open source in a heartbeat. To counter these corporations' bad motives and behaviour you have to punish them in the wallet, which means boycotting JBoss, M$, and any other misbehaving company. If you buy from them then you are an enabler of their wrong behaviour and, I argue, bear a part of the moral responsibility for their behaviour.
WTF is Jboss?
Give me Classic Slashdot or give me death!
True words, and it's a shame. There is a source of help that's lost to some groups, such as sexual abuse survivors, when there is no truly anonymous forum (anon.penet.fi, we miss ya...).
The tragedy-of-the-commons aspect is that it takes responsible adults who respect each other to preserve anonymized communication. Fraudsters always get their fingers in the pie, as well as those who promote ever-increasing surveillance ("It's for the children !")
Freedom's just another word for nothing left yto lose...
<grrr>
And do *you* do it?
May we never see th
I know you were being funny, but this is a very clever (albeit very unethical) and common technique. I know that at my last company (who had, well, some additional ethical concerns, but anyway) they would post on targeted message boards hyping up their site and would pretend to be happy customers. It's highly cheap, low effort, and effective.
It sucks because unlike marketing efforts and vendors' sales messages, which everyone has learned to always take with a grain of salt, I'm inclined to believe, often instantly and completely, a slashdot posting endorsing product X, because the poster seems unaffiliated and genuine and doesn't really have anything to gain from endorsing it.
In fact, it's very dangerous, because my trust can be easily manipulated this way; I usually don't have time to bother to verify the source of a given posting (Think of how many hundreds or thousands of posts you read a year). However, if I encounter product Y sometime later having read something about it before, I usually vaguely remember whether the post said the product was any good or not and that will usually determine my first impression. In that way, libelous anonymous postings are very dangerous -- I remember hearing some people post that "Python sucked" (probably because of some BS like the whitespace indentation) and for that reason I stayed away for several years until reading some very positive articles and posts -- and now it's one of my most useful productivity tools and I could have saved ridiculous amounts of development time reinventing the wheel had I known about it before. That's kind of a trivial example, but when $ is involved, it's even worse.
Sadly, it's basically the next form of spam. Most of us used to read (mostly) every word of all our emails -- now spam and outrageous commerical claims make that means of communication virtually useless. It will be a shame to see message boards and blogs, etc, filled with this kind of crap (blogs are already targeted by spammers). However, postings by these kinds of shills are often pretty blatant and easy to spot just because of their outrageous claims and distinctive style, but they will get more and more subtle. They're also virtually impossible to track, since real people are on the other end (and you can only really ban problem users after the damage has already been done). And if a company pays a few random dialup users (a tactic my old company was about to try -- yes, I've left since) to troll the net and make these kinds of postings, good luck trying to prove that the company did it or trying to track down or prosecute them.
Really, the only way to tell is to view a given poster's karma/post history and to look for certain suspicious patterns.
-fren
"Where are we going, and why am I in this handbasket?"
That site is full of so much flaming and mindless shrieking, it makes me wonder how Java gets anywhere. Seriously, there are a few exceptions, but the average quality of comments there make Slashdot seem like a community of polite geniuses by contrast.
i remember a while back when Amazon had some glitch in their book review system that posted reviewer's names and email addresses accidentally for a short period of time. Turned out that alot of authors of the books were "reviewing" their own books, and giving themselves great reviews.
After all, JBoss's second Core Value is "Group trust and personal integrity."
- We operate internally on the basis of mutual trust. Nobody in the company will knowingly deceive another member.
- We are honest.
- We tell the truth among ourselves, to our clients, to our partners, to our investors, to our prospects.
- We are committed to profitability and sound finances. We are thrifty.
- We place the needs of the federation of projects above individual ones.
Note to self: anyone who has to claim that they're honest probably isn't.Note to self: anyone who has to state that they're honest probably isn't.
Usually though if someone did something like that on a public forum, they would be called out if the statements were untrue (if the readership is large enough to have anyone that would care). So it still balances out to some extent, by people posting they had no problems with a product someone else did not like, and perhaps disagreeing with rosy assesments of other software.
In the end I'm not sure how much effect comments like these really have, as there is balance.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
One thing that the slashdot crowd probably don't get is that there isn't a notion of "Anonymous Coward" (they should implement that).
It is one thing to post anonymously... that should be defended.
Is is another thing to NOT be anonymous, and to even claim to be someone who you are not, and then to personally attack people. From the blogs it even looks like they claimed OTHER people were fake, which is humorous.
Anonymous posting is fine. The other stuff isn't IMO. There is a difference.
I would be lying if I said "no".
IMHO there should be more of an air gap between the OS project and the for profit JBoss group. But they did produce a good product, so maybe $$ is a good motivational tool even in the OS arena.
I know it's a joke, but JBoss is not the best choice in all cases. It has no license fees which is awesome, and there are things that make it easy to develop with over other J2EE containers. But if you are expecting a lot of users, it's not the way to go. When doing the performance improvements on a J2EE application, I couldn't get 200 simultaneous users to be able to use the JBoss system. Websphere 5 was handling 1300 (that was it's limit, though that ended the improvement work I did, since that was the target goal).
-no broken link
A few years ago, during the dotBoom, I was looking for a summer job/internship in the marketing area of IT. I went on one interview where they were looking for me to go on BBS', and in chat rooms, and front their product, as if I were a satisfied user. This would be my job, 8 hours a day, just running around the 'Net looking for ways to infiltrate the masses and say how good their product was.
I didn't get the job, b/c I think they could tell I wasn't happy with their idea during the interview.
-bZj
.sig
Oh, sorry, I'm too deep into the community and forgot that what's obvious to me may not be obvious to the world at large.
The CDN folks are some of the leads for the Geronimo project. This is an Apache-licensed J2EE application server.
In other words, it's a new free Java application server which is in direct competition to JBoss. Since it's Apache, anybody can use it (and particularly modify and distribute it) with far fewer restrictions than with JBoss. They are a direct competitor to JBoss - a direct open source competitor.
The JBoss fake posters publically called the technical skills of the CDN/Geronimo folks into question. They did exactly the same to the other major open source Java server, the Jonas people.
The purpose is simple: generate interest and market share for JBoss, get the residual interest that pays their training/services/support bills. Do it by boosting your own stuff, and trying to do verbal hatchet jobs on your competitors and detractors. Make regular people who happen to disagree with you or compete with you look like the bad guys, make you look like poor besieged victims and underdogs.
As for the rest - you'd be surprised what a fake grass roots campaign like this can do. In combination with other legit marketing techniques, it's powerful and persuasive. It gets them just enough attention to get articles written, to get research firms like Gartner and Forrester to take notice - and to get enough attention to get VC funding.
I can understand your puzzlement given the examples and if you're not in the community. But imagine the sample of posts in the referenced blogs - and now imagine 500, 600, 700 of them over years. It has an effect, a very measurable effect. Smearing the names of people who disagree with you just serves to magnify that effect, particularly when it _seems_ to come from uninterested parties.
Just for fun, I wrote a little PHP script to do it.
// replcace this
<?php
header('Content-type: text/plain');
$ipmd = 'fcdc9cbc1f36501550576ab62144ef80';
echo "MD5 is {$ipmd}\n\n";
for ($i = 0; $i <= 255; $i++) {
for ($j = 0; $j <= 255; $j++) {
for ($k = 0; $k <= 255; $k++) {
for ($l = 0; $l <= 255; $l++) {
$ipt = "{$i}.{$j}.{$k}.{$l}";
$iptmd = md5($ipt);
echo "Test IP: {$ipt}\n";
echo "Test MD5: {$iptmd}\n\n";
if ($iptmd == $ipmd) {
echo "Success!\n";
echo "IP address is {$ipt}\n";
exit;
}
}
}
}
}
?>
that's Fleury's whole tactic: whine about how attacking JBoss is bad for the community. Remember when Apache announced their (competing) app server? Fleury pissed about how it was going to weaken the OSS movement, etc. etc. and we should all rally around JBoss. I hope Fleury's investors ask for their money back.
So now we are supposed to think JBoss sucks because nobody who knows better really uses it, and only shills endorse it (does anybody who knows better really use EJBs anyway? The architecture sucks, and that's Sun's fault, not JBoss'). Fine, so what the hell is the alternative? Apache Geronimo isn't off the ground yet and got off to a rocky start with licensing issues with some reused JBoss code (that whole thing left a sour taste in my mouth about the JBoss people actually, who seemed too eager to try to discredit a competing project).
Thankfully I got out of the enterprise software world two years ago, and if I never have to see another heinous piece-of-shit EJB system for the rest of my life, I can assure you it will be too soon. Nonetheless, for my personal edification and to enlighten those I still interact with who are stuck in that world, what the hell Open Source J2EE platform ought they to be using?