New update: Looks like someone got invite access to the repo or something and invited a ton of people (including me) to Shipfast. This definitely crosses a line and whoever is doing it should obviously stop x.com/sistillianthony/status/1849159482070167636?s=46&t=j3OlMQGAOQfr3uUmXnU0Pg
Omg, it's like third or fourth time after he fixed the bug that allowed to do this. He said he hired someone who will take over the security part, but ... again? Okay, it might be a bad behaviour from someone, but on the other hand, if it happens after fixing it... Again, it says about the quality of his code. I thought yesterday that issue was closed, but AGAIN?
Only if the boilerplate is bad. In my mind, it's like saying "devs who use a framework like Django are bad" If it saves you a ton of time on what you need to do anyway, AND it's be well-vetted (it wasn't in this case) I'd say it actually makes you a better overall dev if you're being smart about your building
The worst part about this is the mentality "I just need to get this boilerplate and then I can begin to sell and earn money"... Bitch the code for you website is the easy part, the hard part is having an actual product someone is willing to buy... Selling hope seems to be the new goldrush in this world...
When big accounts in the scene tells you "you are doing it wrong", then your are probably doing it wrong. A lot of big accounts in his replies and he completely ignored it. A few of these issues are still there and can be exploited. He said publicly that he hired someone to fix it, but that basically tells: "Guys, I don't know what I'm doing, just buy my boilerplate and print money, someone will fix my issues for me, but trust me, you gonna ship fast".
I've said it before, but I think Marc Lou is somewhat inspiring and at the same time somewhat a pyramid scheme. It's a shame his only product that actually sells is just a template product that is meant for you to sell. I think all the drama is unfortunate because I think most of us if we found our self in his position, we would probably get defensive like he did. Having said that this was a situation where the pressure got the better of him and he failed as a leader. As someone that is older and doesn't have a business I have to give this Marc guy some slack on how he handled the situation. But if he doesn't learn from this experience, that tune can change.
Some of his other products do still make a decent amount of money. His other products combined make like 5000-7000/mo, but seems so insignificant compared to ShipFast.
how can you find yourself in such situation if you are not a griefer? this isn't "unfortunate" for the griefer, it is unfortunate for the ones griefed. what do you expect to achieve by giving space to these bad actors?
The fact he hasn't made another 5 figure SaaS with his own starter kit tells you everything you need to know about his actual ability to make products.
There has been a lot of noise around the fact that we could bypass the paywall but the biggest issue was that anyone was able to get all his customer emails (private data) by poking around on his website for 15 minutes.
I saw one video of Marc’s where he explicitly states that he didn’t do any testing. I immediately decided I would never buy any of his stuff. Why? Well… If you’re a solopreneur developer, then you don’t have a team to do PRs or pair programming for error correction. Now you admit you don’t test? So you have no safety net at all, is what you’re saying. We’re all human, we all make mistakes. But he literally marketed and sold his untested, unchecked code to thousands of people, who in turn used it to sell software to unknown thousands or tens of thousands more people. There are good reasons - such as error correction - that disciplines like pair programming, PRs, CI/CD, SRE, TDD, BDD, and DevOps exist… why they have been adopted and adapted by organisations of all types and sizes over the decades… and he completely ignored those reasons to “ship fast.” I hope he learns from this experience.
Mac should be thanking the community, most of his products remain illegal in the eu though, for some reason he doesn't care about the regulations despite having customers from europe
I really think this marks the end of his boilerplate. While attention can be beneficial, even when facing criticism, this situation is different-it’s damaging his reputation. People are starting to realize that boilerplate code isn’t a magical solution; you still have to implement things yourself. But that’s a separate issue. I also feel that many who rely heavily on boilerplates don’t truly know how to code in the first place.
Literally none of his sass were actually that successful. He made ALL his money by selling a template to other devs and is not a sass at all. He's totally a guru. But if Marc hadn't been dissing tests and security all this time, this probably wouldn't have happened. But he doesn't care, he has open issues and PR's on the actual repo that have been there since May. Marc has never commented on a single one. He doesn't care.
Well he proved a point tho. You dont need skills to make money. Appearance is everything right now..and so on... and so on... he still made like $500k on garbage code he got my respect😂
The security vulnerability was so easy to find and abuse, it literally took me 5 mins and Simon 10 to find (keeping in mind I had never visited shipfast prior to that). The lack of concern is insane and I can't trust my data on any of his services. Insanity. Thanks for making a video, the bug is fixed so you could make a video on how the exploit occurred.
I thought people buying this boilerplate instead of writing their own code are crazy, but them discovering that it may have security breaches and still justifying him is even more terrifying. All theirs and Marc's responses sound like they own a cult of making money, and now they imagine fighting with enemies that try to stop them instead of shipping too, pathetic
You need to talk more about the other big creators that are Marc's friends that blocked and publically denounced people from talking about about the issues, who clearly don't care about Marcs customers building on sand, and just care bout their friend.
Fun fact, I think indie hacker was falling into the crypto bros category, instead should be about solving problems... but well, maybe this situation was necessary for a "change"
He already made an apology video.. All it took was proplr bypassing the paywall.. Inviting themselves to the repo.. And then giving access to all the haters to his repo 😂
I feel like this guy is hating. Yeah Marc didn't handle the situation great(a better approach would be to actually fix the code) but like I said I'm pretty sure the guy is hating as he said he should make shipfast opensource, I personally wouldn't buy it but since when did we start hating on successful people? Just a shame Marc makes a majority of his money selling shovels to his audience who are looking for gold
He is a good marketer and has been really successful at selling the dream of being a solopreneur, but I'm starting to think that Marc isn't even a programmer
Seems like the type of person that will make it until he's defending himself in court for serious PII getting leaked, or malware being spread through his stuff. Also seems like the kind of scheme where he makes money off of others trying to make money like him who need other people to pay for their stuff... I feel like no one downstream from him is making a service anyone but other easily convinced people will buy.
I was wondering about his website’s security honestly pushing out multiple websites like this does not seem safe..but hell what do I know I’m just a beginner 😢
people should stop bashing marc, cuz he is individual dev, its not like hes in big corporation, you paid 200 yes, but you also have the ability to fix it, if you call yourself a programmer, then fixed it. security maintenance is not part of the deal. you should know the risk before buying. we should fight big corp not programmer
while people having access to other people data is an unacceptable flaw, a lot of claims you shown are actually superficial(whats so bad about setting very long usernames?!?) Its a lot of hatred against the person, not his sites.
My comment is nothing related to the video : I dont know why but i find x to be very irritating to use. Its not that easy to navigate and there is so much spam where a user keeps on posting every 4 minutes and there are some extremely basic features-ex:(Edit) which arent available for free which makes it irritating.The Ui isnt fun to use.
lol making money is the only thing that matters, why the fuck is everyone so high and mighty about making money? who the fuck works for free with no expectation of income?
@@YusufEbr comment would be too long and won't be as visible as the video but I'll give you an example. It didn't start the way he said it started, it started by a discussion on writing tests and when Marc he has written 0 test cases which some people didn't like. You'll find Marc referencing this thing (saying something about developers wanting everyone to write tests in a recent post). 2. When Marc gave 300$ publicly like that, it was after someone called Matt mentioned some issues about his site before, he did it publicly so it wouldn't make sense that he'd be rewarded for it. This guy, ever since the testing discussion mentioned above became obsessed with Marc, his whole profile for a month is all posts and replies on things related to Marc, and he knows that it got him millions of views he never got before and managed to grow his following. 3. Also saying that none of the ones posting about this publicly first (before emailing Marc about the issues) didn't do it for clout is either naive or dishonest... Accounts with less 100 followers, managed to get 3+ M views on their posts and hundreds of new followers and you think they didn't notice? Come on. Like I said, some relevant points
@@YusufEbr Okay I'll mention some things...first of all it didn't start the way he says he did. It started with a discussion on writing tests to which marc said he doesn't write case tests and a discussion stemed from that...Some people agreed other disagreed then there was a guy called Matt who made it a mission to change his account to only talk about Marc (it got him way more engagment so the incentive is there) eventually talking about data leaks in one of his app. What supports my argument about this being the origin, is marc mentioning "devs liking tests" or something like that in one of his recent posts. Later on Marc made that 300$ bug bounty post with a shoutout to the guy who emailed him, as a way to say about the good way to report vulnerability (as opposed to the Matt guy mentioned before who still got millions of views with an acount under 100 followers before that) There are other details but this isjust a coment that won't be viewed much anyway