LivingSocial’s Monster Day: When A Competitor’s CEO Goes Too Far

My tweet stream was ablaze yesterday with incessant links to the ends-of-days-ish Amazon offer over at LivingSocial. Sure a 50% off coupon for anything at Amazon is a big deal, but I was impressed by LivingSocial’s ability to replicate the Groupon/Gap frenzy of last year – to the tune of more than $20M in top-line sales according to the TechCrunch kids. And this wasn’t just the tech press driving page views – an insanely diverse set of people I follow (and who rarely promo any kind of deal) couldn’t help themselves. But among all this hype and commerce was a single voice that hit a weird note for me: Martin Tobias, who is the CEO of competing daily deal site Tippr.


Early in the day I saw a small media blip about him describing how LivingSocial had a client-side validation bug that would allow a buyer to hack the source code and purchase multiple certificates even though the T&Cs said one per person (his analysis, not mine). My first reaction was it felt like sour grapes. Clearly having Amazon as a strategic partner and primary investor in your daily deal site is a huge coup for LivingSocial, and honestly, I’d expect it to draw some haters. For the best overview of this story, check out Business Insider’s coverage from yesterday.


But the reality is we all compete every minute of every day for users, mindshare, investment, etc. – and I can imagine that competition is 100x in a saturated market like daily deals – but we all have failure points in our software, in our decision making, in our hiring, in virtually every aspect of our startup life. There are a hundred flavors of the old adage ‘if you’re not failing, you’re not really trying’, and every one is spot-on. But hey, Martin’s got a hell of a track record as a Microsoft engineer, investor and startup CEO. That’s where personality comes into running a company. I never would have played it that way, but I’m sure some others would.


But then late last night a blog post of his popped out of @HackerNewsYC, and he went from sour grapes to underhanded in my book. He concludes his first post with the following paragraph, which I can only assume was intended to try and paint his actions with a brush of altruism:


“Don't let anyone tell you software is easy. Don't trust your business to software cobbled together as a hobby that just happened to take off. Don't underestimate the value of good software engineering. At scale, when you are selling real volume and doing serious business, the details matter."

Those are all relevant points, but what he also did in the post was to screen shot source code and show everyone where to modify the value – and exactly how to defraud his competitor. Really? So instead of just taking the opportunity to trash the security credentials of a large competitor, you just tell everyone on Hacker News how to rip them off too? Oh yeah, he posted this blog WHILE the offer was still live at LivingSocial, which is by far the most egregious part of this whole episode. That’s simply unacceptable, and I would have thought someone with a track record like Martin would know better. Again, we’re not talking about a 20 year old who hasn’t been around the block.


And in case anyone thinks this is just me on my high horse, I read some of the comments on HackerNews after writing most of this story. They go like this:


prpon: Honest question to fellow hackers and entrepreneurs: Do we have to take every opportunity to put down your competition? Are there not enough venues to market yourself? Wouldn't a simple post like this be enough? LivingSocial does not guarantee that you get what you ordered like Tippr does.

desigooner: I'd hardly call it "hacked". The post is oddly smug to claim that LivingSocial got gamed easily and their "design" is flawed and that their own solution is better. Meh. I'll pass. Such a blog post about a competitor isn't the best way to brag about your own product.

sandeepshetty: I know the post is by a competitor, but wouldn't telling Living Social about it first and giving them time to fix it before blogging be the "right thing" to do?

So even if you agree with publicly attacking your competitors’ success (which I don’t), shouldn’t there be some form of mea culpa if it turns out you didn’t just see the Big Bad Wolf? (It turns out that LivingSocial has a clearing process that manages final approval of who gets the deal – see this link for the final analysis.) Technical design is equal parts art form and time-to-market. We’ve all made front-end design decisions based on the fact there was a back-end process that enforced the hardcore business rules. I’m sure a team the size and prominence of LivingSocial has thought extensively about fraud and how to protect their systems. Just because you do it differently, doesn’t mean you’re right and they suck.


And just for the record, I’m neither a CEO of a competing daily deal site or a LivingSocial user. I prefer to pay full price at Amazon, and grade my daily success by how often I forget to redeem killer deals before shutting down the laptop around 1a. Yesterday, I was the smartest man in the world :-)

Add comment