I have been using Amazon’s S3 product for a while now to manage gigabytes of my company’s information. Naturally, in this time I have been looking for a tool which will assist me to accomplish this task with minimum fuss. A few months ago, I came across a new tool called CloudBerry Explorer. Upon first looks, I was very impressed with the feature set and the user interface. Plus, the Beta version was free and it does more than another competing product that I paid for.
CloudBerry Explorer has been an excellent product – relatively bug free for something in early Beta, and I cannot recommend it highly enough. I actually enjoy using it to manage my S3 assets. Like anything free though, I always wonder as to how this company intends to monetise their product in the future. Earlier this week, I found out.
As with most software you download these days – part of the registration and download process includes giving them some key information, such as your email address. In the months since I first downloaded CloudBerry Explorer, I did not hear a peep out of them at all. Then, a few days ago, I received this email:
Subject: Amazon S3 Warning Dear Devan Sabaratnam, Recently, a security expert brought to our attention a HUGE SECURITY HOLE with Amazon S3 configurations! Luckily, this can be easily fixed and as a valued CloudBerry Explorer customer we wanted to make you aware of this information. The problem is that every single tutorial on how to use S3 teaches you a process that leaves your content completely exposed to theft and can cause your monthly charges to go through the roof! If you want to make sure you data stored on S3 is secure, make sure you see this: [--Link to CloudBerry site removed--] Andy & the Cloudberry Explorer Team
My first reaction to this was Wow!, these guys have found a serious security hole in Amazon’s service. Aren’t they a nice bunch of people to let us know about it. Their link obviously takes us to an update of their software and perhaps some information on how to work around or solve this security hole.
Well – sort of. You see, clicking on the link redirects you to a ‘hard sell’ affiliate site where some third party guy is trying to sell you a PDF and a webinar for $17 which is basically a tutorial on Amazon S3! All that panic for nothing.
Ok, I think I see the picture here. CloudBerry have obviously got some affiliate marketing agreement with this guy, and I assume that they are getting some commission kick back for sending their users to his landing page. I have no problem with them trying to make money, but boy did CloudBerry Labs get their methodology wrong big time! In hindsight, if they had not worn their ‘prophet of doom’ badge and instead simply sent a short email saying “Hi, if you would like a tutorial on setting up Amazon S3, then this $17 webinar might be handy…”, then at least they might have kept the trust of their users.
Their user base obviously gave them some curry over their tactics, because 24 hours later, I received this follow up email from CloudBerry Labs:
Subject: An Apology
Dear Devan Sabaratnam Yesterday you got an email titled "Amazon S3 Warning". It turns out that the message was highly misleading. Under no account did we mean to imply that there is a security hole in Amazon S3. Amazon S3 is robust, reliable, and secure. We are always recommending S3 as a secure online storage whenever we have chance. We would like to apologize to our customers and to the Amazon S3 team for the tactics used in that email. We understand that you may consider not using our products because of that. We take full responsibility for any damage and we realize that sending such an email is a poor business practice. Our intent was only to inform you about a potentially useful resource. We've now purchased a license for the webinar and aremaking it available for free for all CloudBerry Lab customers. We are also considering conducting a free live webinar on exactly the same subject where you will have an opportunity to ask questions. We will post a link to the registration form on our website soon. We hope you will accept our sincere apologies for the way that email message was written. We value having you as a user of the Cloudberry Explorer product and hope that you will continue to count on us for providing you great technology to simplify the management of your Amazon S3 storage. Thanks CloudBerry Lab team p.s. if you unsubscribed already as a result of the previous message you will not receive anything again. We just wanted to make sure you get our apologies.
Let me give CloudBerry Labs a golf clap here. They obviously took on board the feedback that this campaign was in bad taste. They responded within a day with a sincere apology and took full responsiblity for their actions, AND they have offered the abovementioned webinar to their users at no cost.
That is a good result in my book, but I hope that other vendors take heed of this experience and realise that in our industry, scaremongering as a sales tactic probably died back in the Y2K days.
Note: I noticed today that CloudBerry Labs are now offering a paid for ‘pro’ version of their software. I think this is a far safer path to monetisation for this great product.
(Guest post by Devan Sabaratnam)