Andy Jenkins Left Stompernet, and explained why.

Various “concerned internet citizens” thought there was more to the story and went digging, and then making as many people aware of the documents as they could.

Note: I am not going to accuse anyone of being “trolls” or trying to fan the flames, and I don’t really want to go into whether anyone really has the right to know or discuss these things on open forums.

Ultimately Andy Jenkins made a response he probably didn’t have to make, but certainly lays a lot of ghosts to rest.

Why this post?

I will be exploring the reasons why I have decided to promote the Stomper 999 launch in some detail, but at the same time I knew that just mentioning Stompernet would encourage caring internet denizens to emerge and make people aware of the preceding couple of months of gossip.

This post is intended to be a way to “segment” dirty laundy, assure my readers I am aware of the situation, and the direct contact I have with both Brad & Andy over the last month or so has never suggested that these statements by Andy were in any way disputed.

If at any time I feel that comments are heading out of control, are disrespectful, incoherent, rambling, scaremongering, slanderous or just shouldn’t be here for any reason at my own discretion, I will moderate heavily, ban, block, or even just eradicate the whole post.

Here is what I commented over on Andy Jenkins new blog:-

So glad all the “interested observers” will hopefully stop sending me links to PDFs hoping I would mention something and should it happen in my comments I will have something definitive to point people to read.

The irony is that this is all about a company and team of people that is a huge success because they do so many things right.

To be 100% honest, whilst you could spend hours reading both of the long posts by Andy Jenkins, and all the discussion including comments by Brad and at least half of the Stompernet faculty, you could just take my word for it that this stuff is now water under the bridge, Brad & Andy are still friends, and Andy is partying in San Diego on Brad’s money.

Any discussion in other posts regarding Stompernet & Stomper 999 regarding Stompernet changes will just be deleted without any warning.

I have been considering offering a bonus for Launch Tree, but whatever I could offer currently isn’t at the stage of completion I would be happy with “out in the wild”.

I am however on a lot of mailing lists and have been seeing both the promotion efforts and bonuses roll in.

Whilst there are tons of incredible bonuses on offer, many full of items you will never read or use, I would prefer to highlight the effort Andy Jenkins and Stompernet have gone to in their preselling of Launch Tree.
Apparently the bonus is a process map and videos on how Stompernet itself was launched, which has never been seen.

The StomperNet launch was the biggest launch in the Internet Marketing Education Space, and it has been since 2006. And only a handful of people know exactly every move and pivot, and position statement, and launch object, and stick mechanism that was used to pull it off.

As an example check out their “Tripled Sales Conversions” video created to highlight some of the sales process.

The other thing I want to highlight that coincides with my “Affiliate Product Launches I Refuse to Promote” post is that the bonus Andy is offering is specific to this launch, and nothing to do with products (that I know of) either current or planned.

If at this time I offered a bonus myself for Launch Tree, I would probably in some way reduce the value of my future product offerings.

Here is Andy Jenkins’ naked affiliate link http://www.launchtree.com/a/go?a=571 – make sure you clear cookies before ordering.

If karma is enough of a bonus, I am not going to refuse people using my link

Don’t forget to also check out Stomping The Search Engines 2 while you are over at the Stompernet site, a Real value $497 SEO course for $1

You need to learn about something called “Referential Integrity” – a name for something that has been rattling around in my head for 18 months in various stages of vagueness, and how best to handle it with WordPress.

p.s. this isn’t the first time I have linked to someone else’s review or bonus during a product launch. There is a method to my madness.

• It is not for karma
• It is not just to get a few more eyeballs on STSE2
• I love highlighting great content (like Andy’s video) but that isn’t the whole reason either

One of these days I really hope I can give you more details.

This post is a year overdue – I have held back the material and refrained from pointing the finger for that period of time, but there is something I have noticed:-

If you don’t kick up a big stink, possibly including names, any advice just gets swept under the carpet.

I was on a very good webinar last night – Mike Filsaime and Anik Singal were highlighting all the mistakes that have been made with various “free offer” or “just pay shipping” offers.
This didn’t just cover mistakes that might have led to a poorer conversion, but also what has become known as upsell hell.

11 months ago after a number of prior warning posts I made the following statement.

Over the last few months I have already taken the decision not to promote a number of sites and services launched by Internet Marketers using these dangerous scripts.

I have proven I can rank highly in the SERPs for any product. It is going to help conversions when on the first page of the SERPs for your product name potential customers find…

Product Name – WARNING: SECURITY RISK – Read This First!
or
Product Name by Marketer Name – Warning: Security Risk

The only problem is, this won’t be a typical fake affiliate promotion, but a real warning

Note: I also provided a number of solutions within that post that don’t require a viral tell-a-friend to ask for a username & password.

Viral Hell – Prosecution Exhibit 1

Probably the most prominent viral tell-a-friend script is Viral Inviter, beta tested by Mike Filsaime for the launch of his Butterfly Reports site, and that site was used as “proof” of the effectiveness of the script within the launch of Viral Inviter, and on the sales page.

Here is what it looks like embedded inside Butterfly Reports (screenshot taken just a few hours ago)

How bad or insecure is it?

Here is a direct link to the framed form on the ButterflyReports.com site.

What could be tied to my Gmail account?

That is the key to unlocking:-

• Multiple Email Accounts
• Your Google Adsense Account
• Your Google Adwords Account
• Google Analytics
• Google Website Optimizer
• Your PayPal Account
• Affiliate program passwords
• Access Your Blogger account
• Access any scripts that allow you to resend or reset passwords
• Open any social media profile that used that email address
• Did you use that address for domain records? Wave goodbye to your domains

This isn’t a case of whether the script itself is secure, but the server

There is probably no such thing as an open-source content management or blog software project that hasn’t had at least one security vulnerability discovered within the last year.

It only takes WordPress or another popular script to be hacked, and rather than injecting a few links, any script, including a viral tell-a-friend could be modified to do something unintended.

This sin’t even about that specific script running on Mike’s server, but all the 100s or even 1000s of customers of Viral Inviter who might not have a team of programmers and security geeks working for them.

Also Butterfly Marketing has been customized to work with Viral Inviter out of the box.

Butterfly Marketing may or may not be as secure as WordPress, but just like with blog software, that doesn’t matter if you are not storing or asking people to input into forms highly sensitive data.

If a script/site gets hacked, you hopefully have at a minimum daily backups, and all that might be accessed are a few email addresses plus your content – annoying for customers but ultimately not a business liability for anyone.

If you run Viral Inviter with Butterfly Marketing, and something gets hacked, the most profitable exploit of your high traffic site is to grab Gmail username & passwords, especially if your site is targetted to novice online marketers.

Viral Hell – Prosecution Exhibit 2 – Twitter Scripts

As Twitter has become all the rage among marketers, especially how to create a viral “buzz” effect on product launches, or use it to build up a massive number of followers, marketers have looked for ways to encourage people to tweet about them.

The innocent methods are things like the retweet buttons you will see on my blog, or encoded retweet links.

Aside – have you noticed on recent product launches that the retweet links haven’t included affiliate links, thus are effectively “leaks” in a landing page for which an affiliate gains no benefit, unless they are offering huge bonuses to benefit from the buzz?

The more nefarious solutions are the “free” scripts that you can receive just by tweeting about them, install on your server, and then use to offer small incentives to tweet about your upcoming product launch.

The most popular early solution was Viral Tweets and I have seen tons of otherwise very respectable marketers use this script or a variation of it as an incentive to gain viral exposure.

Just like with Tell-A-Friend scripts that ask for your gmail account, the danger isn’t necessarily with the Tell-A-Friend script, but hosting it on a server which might be insecure in other ways.

A twitter account isn’t anywhere near as valuable as a primary email address with password, and accounts taken over can possibly be recovered with the help of the Twitter engineers and support.

But…

• Why subject potential customers to something that might be a security hazzard?
• If you are a respected marketing guru, isn’t it your responsibility to promote best practice, especially as whatever tactics you do use in your campaigns will be mimiced by others, often with less precautions such as server security and audits.
• Some implementations might be scraping off the cream that your afiliates have earned.

Viral Hell – Prosecution Exhibit 3 – Twitter Pyramid Scripts

If you missed being exposed to TweeterGetter on Twitter you were among the lucky ones.

The true “viral” effect lasted less than a weekend, and from then on, the viral exponent (a term I learned from Mike Filsaime’s Butterfly Report) was less than 1.00.

The headline claim was for users to achieve “19,530 followers”, a target only just achieved by the site creator within the 30 days – from memory he reached that number after 27 days.

Now in this case the “viral hell” isn’t for the users of the site, though there have been a number of individual Twitter applications where it was suggested the account details were being abused. As far as I am aware the script isn’t being sold (though it might be a backend offer), thus there is only one potential vulnerability.

The “viral hell” is for the readers. After the first week the only people tweeting links were:-

• Spam accounts
• Desperate newbies
• Otherwise automated accounts

I am sure some people still abuse their email lists in this way, but it certainly isn’t the pinnacle of marketing excellence.

Viral Hell – Prosecution Exhibit 4 – Twiveaway

About a month ago Brad Callen, a marketer I generally respect and whose products I have purchased (e.g. SEO Elite many moons ago) released a new script/service for Twitter giveaways.
I contacted him directly, and suggested ways to improve it, and that requiring passwords was not only a security vulnerability, but for giveaways it isn’t actually something that is needed.

Requiring a password for a 3rd party service is FRICTION – much more than an email address

It looks like a month later, the scripts out in the wild, such as used by Launch Tree, still require passwords.
It is highly possible that Anik actually has a beta version of the script, and that Brad is generally only providing this as “software as a service” to most users.

I expected much better

Danny Sullivan I think coined the phrase “craphat SEO” for the SEO tactics that exploit vulnerabilities such as link injection in blogs.

Jeff at Coding Horror described this kind of programming as:-

Email is the de-facto master password for a huge swath of your online identity. Tread carefully:

* As a software developer, you should never ask a user for their email credentials. It’s unethical. It’s irresponsible. It is wrong. If someone is asking you to code this, why? For what purpose?
* As a user, you should never provide your email credentials to anyone except your email service. Sites that ask you for this information are to be regarded with extreme suspicion if not outright distrust.

But it in many ways is worse, because this script from Brad doesn’t even provide any real protection, or that is the case from examples I have seen.

e.g. You can get a Twiveaway account here without using their forced retweet form, and I accessed that just looking at the form source code.

Viral Hell – Prosecution Exhibit 5 – Launch Tree

Launch Tree already have retweet links in various places, including on the main landing page. In theory, the majority of traffic to the site is landing there, and giving an email address to get access to free content.

Now as an additional barrier, for what might be one of the hottest videos with Andy Jenkins, they also require you to tweet about it.

These guys run companies making $10M+ a year, yet they are using Brad’s craphat software, and asking people for passwords to their Twitter accounts.

I am not worried about them collecting passwords, not even a huge amount with server security (well at least I hope they have that buttoned down).

The biggest problem is their position in the industry and endorsing this method as acceptable.

There is a reason on the TV they use a phrase

“Don’t try this at home kids”

I don’t endorse Google, Linkedin, Facebook et al scraping email accounts for viral marketing, but lets face it, they can do a better job with server security than the average internet marketer, and even then it is only one security vector being attacked.

A good implementation – maybe take a look at the way Dopplr uses APIs – just a small startup with a little funding, much less than the income from one major product launch.

Launch Tree

I still think Launch Tree is a highly valuable product for any marketer looking to promote a product and optimize their conversions and ultimate launch profitability.

Maybe even more so because of these issues raised, because it provides a central knowledgebse of what works, and what is acceptable. Such as one of Mike’s launches mentioned last might where even if someone only wanted the initial offer, and none of the upsells/downsells, it would take them 37 minutes to actually finish their order… real upsell hell that Mike learned from.

How good is the free material being provided during the Launch Tree launch?

Exceptional

As an example after the Brian Johnson interview (where they only revealed part of the launch details) I decided that I needed some notes, both to aid my long-term learning by writing things down in some way, and as an aid to actually understand what was being said.

So I put together a detailed process map, with all the numbers, and I was going to use it as some kind of squeeze page or purchase incentive.

I have decided to release this right here, for free, with no obligation for anything.

I have linked this one image as an attachment, so click the image, or here to get a full size version.

I created that using Xmind, and if this post reaches 100 retweets I will release the source file so you can edit it for your own personal use.

That is another important factor – I am sick of products that include mindmaps and process maps that don’t include files that can be edited. Procedures change, or get customized. A file that can be edited is worth 5x more, even if just for personal use.

No Passwords Link

So the newest video is Andy Jenkins being interviewed about their Stomping The Search Engines 2 launch, which made millions by giving away a high ticket SEO training course, just for the cost of shipping.

It is a very good course, and has just been rereleased, you can get it for $1, immediate online access. (but be quick, I don’t expect the offer to remain open forever)

STSE2 with this offer is probably the best value SEO training from an authority source currently online, though be warned, there is an attached continuity to the offer – the very upfront “ethical bribe” to try out their “Net Effect”

With Launch Tree, I honestly don’t feel comfortable sending you to a site which is asking you for Twitter passwords – it is that “ethical streak” in me, part genetic, part top grammar school education.

Fortunately as I have mentioned Brad’s script is easy to bypass.

Click Here For Andy Jenkins Launch Tree Interview

Direct Link (no password)

Now whilst some might look on this as me bypassing security, before posting this I did make sure the page was indexed in Google already, without any help from me.

Also it is set up as a landing page, and I am using Anik’s smart affiliate system which supports deep linking.