Okay, let's get one thing straight here: You are flat out falsely accusing me of criminal behaviour. In public.
I'm personally not on Slack, but I am on the end of a phone or email and the first rule of journalism is right to reply. I've no idea who you are, but it seems to me that you have an axe to grind here, some personal reason to get us away from GRC, and that whatever I tell you will not change that.
Am I correct?
At first, we thought Pomegranate was cool for winning the commemorative coin, but following Pomegranate's meteroic growth, @dutch and I noticed various peculiarities.
A lot of us wanted to give you the benefit of the doubt, especially since each individual point this article made could have plausible explanations, but altogether, they don't add up.
The best recourse would be to be open and transparent about how Pomegranate works. I think we'll all rest easy if we can trust Charity Engine and Pomegranate.
If and only if we resolve these questions and confirm that your user base is legitimate, we'll go out of our way to exonerate Charity Engine.
And also, what was the deal with exclusively obsolete hardware as VGTU hosts?
Edit: And out of interest: Why no Primegrid?
You should try to enlighten us more about your operations. What value/service are you providing to your users? Can't they just use their own BOINC clients with their own CUIDs and donate (or do whatever they want) with their GRC. If indeed you are exploiting the lack of information on your users' part, we as the GRC community should aim to educate them.
No, we are stating a series of facts and likely conclusions, then giving you the option to explain why there is so much shady business going on.
If you were not personally on Slack, then who is the Pomegranate account that tried to claim the commemorative coin? You proved your identity through your wallet to try claim that coin to @jringo, so I do not understand how you can claim that was not you.
We have no axe to grind, and have no personal reason to get anyone away from GRC. Quite the opposite. In fact, we would have hoped you can explain why everything looks so shady in a way that alleviated the concerns of the community.
You are not correct. In a perfect world our concern is unfounded and your end users continue to do research. It's fantastic to see the amount of compute your CPID is contributing, but it needs to be above board or it looks really bad for both BOINC and Gridcoin.
Likely conclusions? You mean entirely unfounded and malicious accusations. Botnet? Stealing? Are you serious?
(You keep suggesting we're a one man band, btw. I've never even used Slack. That was a dev. You would know all this if you'd bothered to contact me to get to the truth.)
Since I wrote that comment, I've discovered that you do indeed have an axe to grind, as you're a massive miner yourself. So if we go away, you earn more GRC? Well, colour me amazed.
This also means you understand BOINC, and surely must have also known that our client can only ever be installed with user permission. I am therefore now struggling to see your accusations as honest mistakes.
We have contributed more to BOINC than you know. In fact, without our company's intervention, BOINC might not even exist now. Literally.
Bang out of order, dude.
I never used the word stealing, where are you getting this from?
I am aware you are not a one man band. Why is contacting another member of your band not an attempt to contact CE? They verified their identity through access to your GRC wallet, so they seemed like a reasonable port of call.
Stop accusing me of having an axe to grind. I am a 'big' miner, but I am running literally the least efficient project (Einstein@home). I am not bothered by mag, but as a researcher myself I do want to see GRC succeed.
I am not accusing you of anything. I am asking you to comment on some things that don't seem to add up. This discussion has been going on internally for a long time now.
Are you for real? Your title is "Exposing the pomegranate botnet", for crying out loud! How is that not accusing?
I've also just been sent some chat logs in which you openly call us a scam, you "have all the dirt on us", we are a front for malware (really? !), etc. So yeah, you're accusing us just fine (defaming, to be exact...) - and now you're lying about it too.
I haven't sacrificed ten years of my life creating this thing from scratch, on a shoestring, to have it bad-mouthed by a couple of conspiracy theorists who can't do basic fact checking.
You owe us a massive apology.
By saying that "Exposing the pomegranate botnet" is an accusation to you, you admitted that you, or your company are behind the pomegranate.
Also how they were to contact you, if there was no easy way from 'Pomegranate' to 'Mark McAndrew'?
The only certain contact link we had was that Pomegranate on Slack controlled the Pomegranate miner's wallet. @jringo confirmed this as part of the commemorative coin claim process. When I tried to open a dialogue with Pomegranate on Slack it was ignored.
Yes, CE controls that account. So what? They already knew it was us, it wasn't some massive secret.
If we'd wanted to keep it secret we'd have used multiple CPIDs. Why draw attention if trying to hide?
Only reason we didn't call it CE grid or some such was because we're big enough to 51% the network (EDIT: since been told it changed to PoS) and we didn't want to worry the troops and potentially crash GRC. Indeed, we've been going deliberately easy - which we will now prove.
Meanwhile, I run the company and I'm easy to contact via all the regular channels. That one of our developers had once logged into slack to claim that coin, is of no relevance. They got no reply, so why didn't they call me? Email me? Find me on twitter or LinkedIn?
Because they didn't want answers, that's why. They wanted to smear.
We'll apologize once we can trust you. Here's how.
Not me that needs to earn trust here, it's you. You made the botnet accusation, it's pure bullshit, you're in the wrong, end of story.
Even if everything is above board, your business model appears to be predatary and entirely in bad taste.
You get people to install your client with either promises that they are helping charity and could win some money or by the dubious (even when legal) method of bundling it with other software. You then take all of the money earned and give some back to charity and some back to the users.
What your users don't seem to realise is that both they and the charities would be far better off if they ran Boinc themselves and donated half of their earnings to charity. The only people making money from this is yourselves by preying on people who are not informed or are not very computer literate.
Personally my opinion is that you are morally wrong (boarderline legally wrong) in your blatently over-exagerated claims.
I have no doubt you do give some money to charity and give some back to users, but how your business operates is extremely unethical and distasteful even if you can argue it's just about legal.