Wheedle.co.nz: experiences, comments

Forums › Startups › Wheedle.co.nz: experiences, comments

1 | ... | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36

12556 posts

Uber Geek
+1 received by user: 1403

Reply # 695750 3-Oct-2012 18:41

DonGould:
gzt: The real question is - are Wheedle willing to pay for the level of expertise and service required?

Job ads I've seen so far would suggest not.?

Please correct me if I'm wrong, but my impression of India is that it's getting to the point where people there with the same level of smarts as we have here in New Zealand know their worth on the international stage and are charging accordingly.

One issue I have found with hiring people in India to outsource to, is are they going to be around in the future to support the software. eg will they be around in a year? The job I had done, the small company I used just disappeared and I have no way now to contact them. That applies to outsourcing, but I guess if you have your own presence over in India to assemble a team with, that would be a different story.

DonGould

3854 posts

Uber Geek
+1 received by user: 142

Reply # 695762 3-Oct-2012 19:06

mattwnz: One issue I have found with hiring people in India to outsource to, is are they going to be around in the future to support the software. eg will they be around in a year? The job I had done, the small company I used just disappeared and I have no way now to contact them. That applies to outsourcing, but I guess if you have your own presence over in India to assemble a team with, that would be a different story.

Really the same can be said for any software development.

If you get something developed here locally are the same team members going to be there in 12 months time?

If you have staff in house are the same guys going to still be with you in 12 months?

I think a bigger issue is code quality and understanding of deployment.

I've seen projects where the developer leaves and you just throw the code in the rubbish because no one else can follow it. Or code that uses components that no one else has and doesn't know where to get or discovers are really expensive and the guy had as part of something else he was working on.

If you hire young ones locally then they'll want to fly, if you hire older more stable ones (read with family and kids locally in school) then they're more expensive.

Really the bottom line is that something extensive like TradeMe is not cheap to replicate properly in any language in my view.

D

Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

networkn

13751 posts

Uber Geek
+1 received by user: 3242

Trusted

Subscriber

Reply # 695799 3-Oct-2012 20:06

DonGould:
rubygirl: Thanks Carl.
Still waiting for my job offer tho.

Raises an interesting question though.

Did this project get out sourced to India because local people just wouldn't touch it?

I mean if someone here came to you and said that they wanted you to replicate TM in this way, what would you really have said?

I don't think they would have approached it like that. They would have said, here is a site we want to emulate and they have taken tenders from various parties, likely chosen this on price and a good sales pitch and then the developers and planners have lacked the skills to do this to a reasonable standard. I am guessing because it's likely the people who ordered the system didn't have the required knowledge they have trusted the developer who has lead them down the garden path.

PenultimateHop

637 posts

Ultimate Geek
+1 received by user: 2

Trusted

Reply # 695803 3-Oct-2012 20:21

gzt:
Beccara:
networkn: It clearly states they are employing an agency to do an audit.

They going to get an Indian firm to do that too?

Outsourcing has it's place, that place isn't anywhere near this tho

I'm not sure exactly what you are trying to say there.

The fact is a huge proportion of security work is performed on an outsource basis.

If the right person lives in India or if an outfit there has a genuine track record and reputation for the work required and India is the right place to deliver it from then so be it. I have no doubt there are plenty of rightly respected firms offering these services in India.

The real question is - are Wheedle willing to pay for the level of expertise and service required?

Indeed. An awful lot of posters seem to be confusing outsourcing with offshoring.

Outsourcing is hiring an external company/party to do something for you. E.g. Contracting ${web_developer} to develop your site, or ${security_company} to conduct the audit of your site.

Offshoring is hiring (or shifting) jobs to another locale from the primary place of business, typically done for cost reasons.

In this case, Wheedle appears to be offshoring work rather than outsourcing it, since they imply the employees are employed by a Wheedle entity in India.

Of course, you can outsource to an offshore company and get the best of both worlds.

I wouldn't necessarily pick on the concept of outsourcing or offshoring (or India) - crap outcomes can be achieved just as easily within the domestic market.

dontpanic42

1574 posts

Uber Geek
+1 received by user: 11

Reply # 696158 4-Oct-2012 14:18

This article was just posted on Techday
http://techday.com/netguide/news/wheedle-makes-password-promise-after-privacy-breach/127032/

Wheedle has reassured customers who signed up to its online website, insisting their passwords are safe after privacy fears.

The struggling online auction site, forced to close down indefinitely for repairs on Tuesday, emailed users claiming their private details were not at risk while promising an independent security audit before the site relaunches.

But such reassurances has failed to quash the concerns, as visitors question the way passwords were communicated in plain text in cookies.

[Moderator edit (MF): please do not quote entire articles for copyright reasons]

mattwnz

12556 posts

Uber Geek
+1 received by user: 1403

Reply # 696180 4-Oct-2012 15:16

Just tried the other new site http://www.listselltrade.co.nz/ which was supposed to launch at 3pm. Still not working yet and it is after that time.

ajobbins

Awesome
4745 posts

Uber Geek
+1 received by user: 1034

Trusted

Subscriber

Reply # 696183 4-Oct-2012 15:21

mattwnz: Just tried the other new site http://www.listselltrade.co.nz/ which was supposed to launch at 3pm. Still not working yet and it is after that time.

Maybe it's 3pm India time they mean ;)

Twitter: ajobbins

richms

19638 posts

Uber Geek
+1 received by user: 3474

Trusted

Subscriber

Reply # 696186 4-Oct-2012 15:28

ajobbins:
mattwnz: Just tried the other new site http://www.listselltrade.co.nz/ which was supposed to launch at 3pm. Still not working yet and it is after that time.

Maybe it's 3pm India time they mean ;)

It certainly has slowed somewhat now tho.

Richard rich.ms

mattwnz

12556 posts

Uber Geek
+1 received by user: 1403

Reply # 696188 4-Oct-2012 15:31

I have just revisited, and notice they have remove the '3pm' from the launch date. So it just says thursday. No explanation for the delay. Not a good start for them.

freitasm

BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator

Trusted

Geekzone

Subscriber

Reply # 696189 4-Oct-2012 15:34

Please discuss listselltrade here.

Mauricio Freitas (Geekzone Admin, Devil's Advocate, my blog, technology disclosure)

Tel69

Tel69
234 posts

Master Geek
+1 received by user: 4

Trusted

Subscriber

Reply # 696279 4-Oct-2012 17:17

"but said members could rest assured their passwords had been strongly encrypted in its database."

I wonder just what encryption they are using.
Totally ignoring the cookie thing itself and the obvious avenues for SQL injection, let alone other methods, Just what encryption which obviously uses a key to decrypt would you trust (hence being able to send out the forgotten password in plain text)?
I personally say none. Compare encrypted values to see if they are the same. There should be no reason or ability to decrypt encrypted data.
Where is this key stored?
If it's in a database then they are stuffed.
We are just talked about passwords, what about credit card information. Is that information stored with Weedle?
Given what we have seen I would hazard a guess they are, but are they encrypted?
Is the CCV stored anywhere?
I wasn't willing to put my credit card number anywhere near the site but should have tried an invalid credit card number to see if it even checked if it's valid.

"complete review of the website, engage an independent firm to carry out a full security check"
I hope that security check does indeed involve all facets of the site and not just "are the passwords safe", (Which we know they are not).

PottsyNZ

284 posts

Ultimate Geek
+1 received by user: 14

Reply # 696367 4-Oct-2012 19:53

Well, that Wired writer had every account under the sun stolen from him and all the "hackers" used was a little bit of social engineering and combination of email security flaws frio various big sites. Wheedle need to think about how they're protecting the ecosystem as a whole...

DonGould

3854 posts

Uber Geek
+1 received by user: 142

Reply # 696377 4-Oct-2012 20:10

PottsyNZ: Wheedle need to think about how they're protecting the ecosystem as a whole...

They've highlighted why paying more is good.

TradeMe shareholders must be over the moon that the business case for their fee hike has been made.

Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz

freitasm

BDFL - Memuneh
58090 posts

Uber Geek
+1 received by user: 9633

Administrator

Trusted

Geekzone

Subscriber

Reply # 696378 4-Oct-2012 20:12

DonGould: TradeMe shareholders must be over the moon that the business case for their fee hike has been made.

On this I have to agree.

Mauricio Freitas (Geekzone Admin, Devil's Advocate, my blog, technology disclosure)

spacedog

279 posts

Ultimate Geek
+1 received by user: 5

Reply # 696423 4-Oct-2012 21:01

If one of these jokers can actually build a secure/stable platform to the run the transactions of a large auction site, I think TradeMe could be easily toppled. The level of customer service, the usability of the site, the auction creation process and the crippling limitations (you can't even properly insert an HTML link, use bullet points, or style the text) is arcane and dated at best.

Searchability and usability is poor in general and most people who have had the 'pleasure' of contacting TradeMe customer service realize that the whole experience could be *vastly* improved.

What is truly telling about the TradeMe group is that they are lazy and resting on their laurels and having no competition. When was the last time their site had an interface update? It has been *YEARS* and now they are only finally looking at a revamp. Look at their othersites like findsomeone for dating. It is a miserable looking website with a horrid interface, yet it is the 'premier' online dating site in NZ.

I hope somebody knocks them off the block.....or at least gets them off their behind and actually investing in the site and the user experience.

For those that think it is impossible for TradeMe to get knocked off.....I remember once upon a time many people saying the exact same thing about MySpace when Facebook emerged. There are countless examples in technology where an entrenched player that owns a market space get's shoved into oblivion by a younger, smarter, and more agile competitor.

1 | ... | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36