Online Armor sold to Emsisoft

Mike's final (OA) blog post - a personal note

By the time you read this, the news will be public that Austrian-based Emsisoft, headed up by Christian Mairoll has aquired Online Armor from Tall Emu. There's a been a bit of speculation over the last day or so that "something" was happening. During the past few weeks, we started to prepare to transfer operational control of Online Armor over to Emsisoft and a few things went live 48h or so before they were supposed to. Oops.

The deal is done, there's no going back and no regrets. Indeed, Emsisoft aquiring Online Armor is the best possible thing that could happen to it. Emsisoft has 20 staff focused on security software. Tall Emu had two (OA developers) - and they just went to work for Emsisoft. I can't wait to see what happens over the next 12 months with Online Armor and Emsisoft Anti-malware.

A lot of people probably have a lot of questions, and I've been asked a few times, so I'll try to answer them here.

Why did you do it ?

There's been many things that have been said about Tall Emu over the last few years; There've been assumptions that we're a massive corporate with unlimited funds, people who think that it's "all just that Mike bloke". As usual, the truth is somewhere in between, although I wish it were closer to the first one, particularly the unlimited funds part.

We're a small company, almost a family company in fact. Our main line of business has always been custom software development. That means, generally speaking, that when the guy that runs a winery needs software, he'd come see us and we'd write it for him. We all have consulting backgrounds - going into businesses, figuring out what makes them tick - and then helping them automate their businesses.

This is the main part of what Tall Emu does - and as part of it, and I hope Christian forgives me the plug - we developed a rather flexible CRM system which is just starting to take off.

Managing multiple customer projects, the development of a CRM system - and then, my consulting work (all of which pays the bills) it was clear that I'd taken too much on personally, and something had to give. There are only so many hours in the day, and I was working most of them.

That's when I called (well, skyped) Christian. I told him the situation -and basically made him a simple proposition - if you want it, it's yours.

Aren't you going to miss it? How can you leave?

Absolutely I am. I've met an awesome load of people over the last years, and I'm very sad to be leaving Online Armor behind. Having said that, selling OA lets me focus on fewer things - and to do them better, rather than trying to do too many things and doing them badly.

And that's what it came down to. If you imagine a normal workday, how many different tasks can you really give your attention and focus to in any detail? And that was the dilemma - what to do to ease that situation. For a while, I neglected Online Armor a little - but long terms that would simply have caused the product to slowly die. It wasn't the outcome that was going to work for anyone. Better to preserve it, and regain some semblance of a normal life outside of work than to allow it to die.

Why Emsisoft?

I've worked with Christian over the last year or so I've gotten to know him and there is nobody else that I'd be happy to sell OA to. In fact, we didn't even "shop it around" - we just spoke with Christian. That probably cost us a lot of money, but Christian and I enjoy a special relationship.

There's a lot of trust there, and after spending time with him when he visited Australia earlier this year, I know he'll do the right thing by the product, the customers, the developers who are going to work with him.

What's next ?

The future for OA looks good, and it's going to be an interesting ride - just one, unfortunately that I am a little too tired to go along on. While things might change over time, this forum will stay as it is - there will be no immediate and dramatic changes, but of course change will come.

I'll let Christian speak more to the future, though as I now move to the past, but Christian and I both hope that you'll stay around and be part of the future too.

What I can tell you on Christian's behalf is this:

• Product editions will stay untouched. Freeware edition will not end of course.
• Website remains on www.online-armor.com, but we'll have to move everything away from tallemu.* domains soon.
• Forum remains, but moved to support.online-armor.com

Which kind of benefits does Emsisoft expect from the deal then?

• As part of a much larger development team (8 at Emsisoft so far), OA development can progress faster. Sharing knowledge internally is a very important factor for speed and quality of the produced software.
• With the existing marketing and sales force at Emsisoft, we want to spread the name about OA much more. It's a great product, winning tests, but we need to tell everybody about it to make it grow.
• On the long run, we have plans to create some kind of a suite product. It's gonna be a completely new product most likely. But things are not finally decided yet.

Final thoughts

From me, the final words are simple: Thank you. It's been great. I've appreciated all the help you've ever given, the fun parts and just knowing this bunch of people from around the world. There've been numerous beta testers, admins, volunteers, helpers and just enthusiasts. It would be impossible to name everyone who's helped us, and I'm writing this blog late at night here in Sydney in anticipation of the events to unfold.

However, I'd like to give particular thanks to our admin team, translation team, beta test team, private test team, Catprincess, our forum angel who collectively have helped us, and lots of Online Armor users around the world. I'd also like to offer a word of thanks to the hardworking team at Wilders Security - this is where Online Armor got it's first break, and has been our unofficial "second home" now since then.

Oh, and if you need a CRM system... ;)

Online Armor x64

I'm not in the mood to ramble today. Things have been real busy around TEHQ these past months. Updating Online Armor, working with our awesome Private and beta test team to make sure that OA stays as good as it can possibly be - as well as all of the other business that Tall Emu does.

The good news - I just decided to punch out a Beta version of OA64. You need to be in our Beta team to see it, and it's not functionally complete - but there comes a time when you gotta show people what you got, rather than keep talking about it.


Mike

Paypal Phish and banking mode

Paypal Phishing Email

Last year, we received an email which was allegedly from PayPal. I've been meaning to write this up for a while, and now seems like a good time :)

Knowing that it wasn't completely beyond the realms of possibility that I'd treated myself to a new toy without telling anyone, the mail was forwarded to me by Darryl.

The email itself looks reasonably legitimate - but the fun part starts just a little further down the page - as you can see, the criminals have added a nice little "If you didn't authorise this charge, click here to dispute transaction". Cute. The first thing many folks would think when getting a mail like this is "What the hell? I never bought no mobile phone..." so the convenience of having that dispute link there is going to encourage people to click before they think.



Of course - clicking on the dispute transaction button takes you to a fake site (which is now offline). The site itself was a very close clone of PayPal's official site. It even drew in some images directly from PayPal.com - it really looked the business.




While the site was live, I decided to log in and take a look around. Of course, I didn't use my PayPal credentials - because it wasn't the real PayPal site - but I wanted to take a look around inside there, and see what was what. I would not recommend that you do this.

I also thought that this would make a good test run of Online Armor's banking mode as it's designed for situations precisely like this.

What Happened?

Logging in, we're presented with a realistic looking PayPal fake site, complete with all of the menus - but telling you that "Your account access is limited. Remove this limitation".

Under here was a form to collect info - and boy, did these guys go for gold. Full name, date of birth, Mother's maiden name, country, address, SSN, home phone number... credit card number, issuing bank, expiration date, CVV number, Pin Number (with a helpful looking "Why is card signature/pin required" and an equally helpful "Help finding your Card Verification Number.

Just think for a moment; Assuming that you'd been fooled by this, you have just logged in (in other words, given them your PayPal account details) - and then you've provided them with enough information for them to commit identity theft - or even just wholesale theft, depending on how greedy and cunning they are, they could:

• Empty your account
• Change your address and other details with the bank (and take control of your accounts)
• Disconnect or divert your home phone
• Disconnect your home internet

In other words - if you fall for this scam, you possibly hand the keys to your life to the criminals. Consider - how did you identify yourself the last time you called your bank (or ISP, or phone company)?

How does Online Armor help me?

Online Armor has a safe online banking feature called Banking Mode. It's designed precisely to counter situations where you may somehow be directed to a fake site.

How it works is very simple: It keeps a list of safe banking sites. Before you do any banking, you should always activate banking mode. Online Armor then will only connect to a site that is on your list, meaning that you cannot, even in a moment of weakness, fall for these scams provided you follow the discipline of engaging banking mode before you bank.

Going back to Paypal...

Why we're dumping RegNow and going back to Paypal.

I was originally going to call this article "Paypal may suck, but at least it works" but on reflection this would be grossly unfair to the guys at Paypal.

While we had a number of comments from our users saying "Paypal sucks" that wasn't our experience.

However, we do listen to our customers, and so we made the switch to RegNow after a timely email from one of their sales guys offering to do big things for us with their wonderful affiliate progam.

Since ClixGalore was as useful as <insert your favourite phrase here> this seemed like a great situation.

The customer is not always right

At least when it comes to selecting payment gateways :)

A few things happened that put me off RegNow right away.

When we got things up and running, we found out that a RegNow offer for about $12 or so was inserted as an option in the cart on each of our checkouts. I can't remember if this was the software backup service (irrelevent to OA, as we always want to have our users on the latest version) or the licence key service. In either case, we didn't want this, but we were right out of luck. Fineprint.

Immediately that we went with RegNow, our sales dropped, and they dropped fast.

After a chat with RegNow we managed to get the thing removed (seems people hated it, because sales did increase again) but we had a different offer added instead which sucked almost as much.

To this day, you still get the backup CD option which at least is useful for those that don't want to download the program, but we should be in control of what's in our cart and our customer experience.

Online Armor users know that they can always get their key from us, automatically, and free, sent to the email address they signed up with. A key backup "service" isn't really required for a product like Online Armor and sends a conflicting message.

Still, some of our customers wanted us away from paypal - and so we stayed away.

Straws, Camels backs, etc

One might expect that RegNow, a company that specialises in the provision of Online Sales would be , ahem, how can I say this delicately... good at it. Unfortunately, in our experience we found that our own shopping cart looks better, performs better, is more user-friendly, reliable - and it works!

Some months ago, I tried to apply a $20 discount to our products. The maximum allowable was $10. We've seen times when the Regnow cart was simply offline - not with any error message, just "The document contains no data". The much promoted affiliate program caused at least one of our affiliates to complain over lost sales and inability to track.

Data from sales wasn't going into our system in an automated fashion, making support more complex than it needed to be and making it harder for users to use our members area. We couldn't do half of the things that we wanted to do, in the way we wanted to do it. There were problems with reporting. It was a mess.

The straw that broke the camels back was the problems handling what should be a simple transaction for a company that specialises in e-commerce.

We had an offer for $30 off any Online Armor, and I've had plenty of complaints from people because it was delivering a 30% discount instead. Contacting Regnow support and we're told it will be fixed at some point in the future, and for now, we have to make a promo code for all of our products. Right. We're quite capable of looking like idiots from time to time without help.

So, we decided to divorce ourselves from Regnow. We've implemented paypal express checkout in our own shopping cart. Non-paypal users can check out with paypal and use their credit card.

We've taken back control of the customer experience and I think we've made the right decision, even if not everyone agrees with it.