About 45 minutes ago I tried logging into Mahalo to stake a few claims for myself in the site’s revamped directory, which pays users for creating and maintaining their entries. This has proven far more difficult than it should be. In fact, it seems like Mahalo’s account system is totally broken.
First, I attempted to create a new user name for myself. I decided to go with MrCody, which is the name of my dog. Things seemed normal at first, until I noticed that my username at the top of the screen was now ‘mahendranunna’. A refresh later and Mahalo said “Welcome cddesai”. Being the inquisitive reporter that I am, I attempted to navigate through the user’s control panel. I could view the pages that they were currently managing. I tried to ask a question on Mahalo Answers under one of these accounts, and it seemed to work (the site is currently down so I can’t check to see if it actually posted). Over the course of the next twenty minutes, I was logged in as at least 8 different users. I’m not entirely sure what I was doing to jump between identities — sometimes a refresh would do it, other times I’d have the same username for a few minutes. It was bizarre.
We got in touch with CEO Jason Calacanis, who says that the problem is a “caching issue”, and that “the users aren’t actually logged in as another users (just appears that way).” Fine. But the site is still going down sporadically, and I still haven’t gotten the damn Email to activate the account I signed up for in the first place.
Disclosure: Jason Calacanis is our partner in putting on the TechCrunch50 conference.
Caching issue or not, Anything that causes one user to show up under another users ID is cause for concern, or I think so at least.
This is what happens when you don’t pay your developers what they deserve and run a sweatshop like development team.
Like another user said, Jason needs to read Seth Godin’s book on the art of knowing when to quit.
Deadpool in 2 months.
I thought it already was deadpooled, ok? The gods has spoken, and they say that nobody wants this kind of service, ok? At some point you just have to admit it ain’t “sticking”. Such is the word of Sanjay.
should be ….
‘ The Gods *have * spoken ‘
genius…
Looks like its doing pretty well to me!
————-
http://www.busi...-profits-2009-6
5.6 million unique visitors last month.)
I kinda get the feeling Jason’s moved on…
Oh the beauty of page caching. I think thats their issue. Someone needs to show them how to do fragment caching.
/done being cheeky. Sorry.
If cache is the culprit here, they should re-check what is going on in the users’ variables in the server. Usually, this is not a big deal. What is a big deal is if you can go into other people’s accounts…then the system is totally busted.
Same thing happened to me,
thing is you can see one’s email, when you are logged into their account, try to answer, it will say oh you haven’t confirmed your email, and ask if you want to resend with the person’s email in the box.
This seems to only work for people who have NOT activated their emails, so they dont have any money on their account, many point losses and such occured as well
Sorry for the double post, but it appears that their activation emails lead to a non working page as well. This is a failed launch…
LOL – saw this as well. In fact I’m one of the users that you are not!
you can’t trust in robots
Will Smith said
Mahalo is useless waste of bandwidth: when I entered “london hotels with free wifi” then they return search results from other engines and they have pages with links only to some keywords on which they put google banners.
In other words: Mahalo has no intelligence whatsoever and TechCrunch should stop brownnosing it just because founder of Mahalo is co-organizing conference with TechChrunch. It reflects badly on TechCrunch.
Well said. No one really uses Mahalo yet they are trying to stuff it down our throats.
I typed that into bing and got surprisingly useful results.
An identity mix up would be crazy, so it might be indeed a caching issue. Totally weird system they have there for caching, who would cache a user’s control panel?
I said this before: the plumeria flower has got to go.
maholo needs to redesign their whole site and the user account platform.
would u agree?
Mahalo is a joke, and only exists because Jason has some money to back it up. If it was something that a 14 year cooked up in their garage, it wouldnt have made it this far.
it’s like using one of those search comparing sites
mahalo? too bad there isnt a startup community in hawaii. Who wants to start the next silicon valley there?
It appears this is definitely not a caching user, as you can be psuedo logged into and post as from-twitter users who have never logged into the site. This points to a database issue, much like Mahalo has been having for months.
Same here. This sucks – I was actually considering *using* this website, but now looks like it’s fallen to the same problem as many startups have when they’re featured on TechCrunch.
A slight privacy problem – you can view the control panel for whichever user you appear signed in as. This means you can find the user’s email address – which isn’t huge, but still a breach of privacy.
Oh well, here’s hoping they resolve the caching issue soon. And send me my activation email.
good grief
http://www.maha...search?q=MrCody
lol
hey…. tats my username:mahendranunna…. i just registered at mahalo hoping make some money by making some entries…. this is so bad a bug…. i might pay people for someone else`s work….. absolutely crazy
I really like the folks at Mahalo and am confident they will work it all out soon. No doubt, they’ll make things right as quickly as possible. Now, whether this whole business model will work, that’s a whole ‘nuther thing…I’m skeptical that anyone wants to read search listing managed by the general public. No, I’d vote no way.
Hmm..your identity was changing from mahendranunna to cddesai to [something else oddly reminiscent of a fictitious ancient culture]? Now you know how Lt. Commander Data felt during the TNG episode “Masks.”
Think back…how did Commander Data stop shifting identities. Figure that out and you’ll be fine.
This is still going on. I can’t believe they haven’t brought the site down.
Ha ha. Good times if you try and use the Facebook Connect login as well:
http://screenca...om/t/oho5AYv4hE
Agreed. This is pretty bad. I tried logging in and “staking a claim”. Sadly, the claim got staked in the name of another user after I refreshed the page and noticed I was now logged in as that user.
That’s pretty messed up…
Mahalo, overall has many issues. Serious relook required on product and strategy front is my 2c.
at least the search works lol
I noticed the same thing this evening. Probably best to consider Mahola “Not Ready For Primetime”.
21million dollars of FAIL
Mahalo’s a giant FAIL. $16Million for a site that’s still figuring out what it’s suppose to be. Now, Calacanis is trying to copy Knol and Squidoo. hah!
BTW, I bet Mahalo will now be even a bigger “stolen content galore” than it already is. If you want to see how Calacanis rips off other people’s content, see this post: blog.fluther.com/blog/2009/06/01/an-open-letter-to-jason-calacanis/
Was the same here. I messaged the tech support immediately because I was able to access mail address other other users accounts. (I did do screen shots)… no reply of course.
Just got the following email from their CTO:
First of all, I’d like to thank you personally (and on behalf of our CEO, Jason Calacanis) for checking out Mahalo 2.0. We’ve put a LOT of hard work into it and we’re very proud of what we’ve accomplished. The coming days and weeks ought to be even more exciting, and it is an honor to have you take time out of your day to have a peek at what we’re up to — my heartfelt thanks.
However, as with all such ambitious launches, ours was not without its snags. For that, I apologize. Among these was a bug — since rectified — which invalidated user accounts for those who signed up directly following out launch.
Unfortunately, this means you will have to sign up again (if you registered directly following the launch of Mahalo 2.0). I am so sorry to ask you to do this again, we’re working hard to make certain things are smooth from here on in. We believe we have rectified the situation and things should be good from here. I wish launches like this were bug-free, but when they are not, the best we can do is react quickly and with humility and communicate transparently what is going on. I thank you for your understanding.
Yeah got this mailing too. But I sure won’t sign up again after this little “mistake”…. I’m only glad I found it out by myself…
This is a case of poor quality assurance testing, and lack of technical design skills and resources. Mahalo has taken plenty of hits. I’m sure it’ll come back from this embarrassing blow.
I seriously do not think that this company is going to survive. You cannot change your model every 6 months and expect to get lucky. calacanis needs to face the facts; this isn’t going well.
Ouch – shared caches can be a huge advantage but when used incorrectly this is exactly what will happen!
The key is to partition your cache into shared and “non-shared”.
Anyways – I do feel sorry for them as this will be perceived by the average user as a massive security flaw and it could kill them.
Why would you cache pages/info that are PERSONAL i.e. not shared? I don’t get it. I understand caching general areas of the site (public areas), but member control panels? What’s the advantage?
But my Learn PHP in 21 Days book said it was good to use page caching. $)&@% :<o
Fragmented caching problems like this are minor. Yes, it does look bad but if the user’s name is all that is appearing (and not allowing you access to their account) then I can think of a lot worse…
Not the PR you should be giving to your sponsor. Give them some twitter love.
Mahalo is one big glorified SEO play that didn’t even do a good job at it. If you check their compete traffic, they basically have 3 million unique US visitors per month. All that money invested, all that work, all that coverage in the blogosphere, and that’s all the traffic they get!
The thing is they far from got it right. 99% of all searches return search results most obviously scraped from Google, and feeds from flickr, youtube, etc. And ultimately have little relevance, and take you away from their site! They don’t even figure out how to keep you on their site. All their search results take you off the site. That’s the point of being the search engine they’re disguising themselves as, but what they really are is a portal and they should be sending people to pages on their site. But they haven’t figured out how to make more than 100k articles in 2 years. They’re just stupid.
I’m not even sure how they get the google results the way they do without scraping it from google with a million proxies rotating. It doesn’t seem like it’s sanctioned by google even, and last I checked they discontinued their API to get results from them.
I thought this was going to be an article about Mahalo’s IDENTITY CRSIS. Are they:
A) A Search Engine
B) A Wiki
C) A Yahoo Answers style Q&A site
D) Squidoo style SEO play
E) IZEA (i.e. they now do onsite Pay Per Post type stuff)
F) All of the above
Yea, all of the above, with no innovation, and they receive an F as their grade for their Web 2.0 startup project. Mahalo you suck, and it disappoints me that such iconic 2.0 names as Jason Calacanis does this garbage. Well not really, because it means there’s tons of room for everyone else to innovate.
Its a dessert topping AND a floor wax.
I suspect it’s not a caching issue, it’s a failure during the process of creating bullshit users to take ownership of the content they’re scraping from from places like fluther.com .
Calacanis’s response to the open letter (in which fluther make the suggestion to highlight the obviousness of the theft) and subsequent C&D they sent tells you all you need to know.
Hmmm consider me unsubscribed from Jasonnation thanks for the heads up.
Don’t know what stack Mahalo runs on, but this is exactly what happens if you blindly turn on output caching with the Zend Engine and are using PHP.
The actual result probably depends on the details of their user login system. In a system that sets a cookie only when a login form is POSTed, then the logins are probably not compromised. Some systems (such as PHPBB2) would “refresh” their authentication cookies on every page view, and in that case, enabling caching like this would log in users as other users.
Anyhow, it is very consistent with overzealous caching. The mahalo team should probably look into selenium for regression testing to spot emergent behavior with config changes.
Yeah, I think so, especially if they architect virtual initiatives that cultivate enterprise e-services for the extended wireless channels used to scale transparent initiatives. Only then can they expect to optimize strategic convergence of their best-of-breed channels to build synergistic communities of empowerment. Such is the word of Sanjay.
Funny you
Mahalo will be heading to the deadpool. Employees are flocking out of the company. Mr. CEO needs to be @ his office instead of jumping around country to country every week. He needs to be a true CEO.
VC’S need to replace Jason, or get him focused.
Oh yeah, your site caching issue is “Powered by Edgecast” (see footer: http://www.mahalo.com/contact). Someone please clue these guys in on how to do site acceleration without caching dynamic content. This type of mistake is so 1999…
Mr. Mahalo CEO, here is Akamai’s number:1.877.4AKAMAI.
how many participants will mention caching during tc50? ^.^
anyone have an idea of mahalo’s current revenue?
This happened to me last night (actually about 24 hours ago). Didn’t seem as though when it logged me in as other people I had any controls though. Just seemed the whole process was broken.
Don’t say a prayer for Mahalo now. Save it for the morning after:
http://www.yout...h?v=VCD4rtcOgHE