The title was NOT sensationalist, and the change here is a loss of information. They aren't "transitioning" to a .org, their domain was stolen. the .com shouldn't be trusted at this point, as it has apparently been taken over by some rogue former-team-member.<p>edit: thanks to the mod that fixed it :)
Why is everyone complaining about the title? Yes its a bit sensationalist but all of this is detracting from the actual story here.<p>While it's true that cyanogenmod.com going down may not serve a functional problem to most people but it is a pretty sad story. I have used Cyanogen on a couple phones and all my Android devices use the Clockwork recovery, which is an incredible tool. I don't know the specifics but I don't think anybody on the Cyanogen team was receiving money for their work. Granted, there are premium versions in the Play Store, but certainly nobody is getting rich of Cyanogen or clockwork.<p>The fact that somebody is screwing them over just to make a couple bucks seems pretty terrible to me. These guys do this for fun and for the good of the community (not to mention for the good of Google), so my heart really goes out to them. I hope you get everything sorted out and get everything back up.<p>There is a PayPal donation form at the bottom of their site. I have donated in the past when they have asked and I'm sure I will this time if they make an appeal to pay for legal fees.<p>Again, so sad to see this happen to such a great group of devs.
Wow, this thread is pretty interesting, in which you can see the owner of the .com domain convincing someone to donate $500 a month to what they thought was the cyanogenmod team: <a href="https://store.n2acards.com/helpdesk/viewticket/moderator/code/2852d314c34d502cd2ae76493253c4e58961948/?p=1" rel="nofollow">https://store.n2acards.com/helpdesk/viewticket/moderator/cod...</a><p>And in the thread, he mentions that Swappa is doing the same thing, $500 a month plus $10 per device sold, though there's no way to verify if that's true. Swappa claims to donate $5 per device sold to Cyanogenmod, though who knows if that's been going to the actual project or this joker. <a href="http://swappa.com/cyanogenmod" rel="nofollow">http://swappa.com/cyanogenmod</a><p>That's some pretty serious fraud there, if this is true.
This is pretty scary now that CM has started to do OTA updates again. What server is that mechanism checking and trusting? Is there any cryptographic verification for update packages? Whose keys are used (the keys of the bad dude?)?
Cyanogenmod devs need to get PGP keys and start using cryptographic signatures like now. The guy never would have been able to impersonate in the first place if they were doing this, and now it's even more important that the @cyanogenmod.com domain is directing to a different mail server.
Does anybody know how this "rogue" webmaster took undue advantage of the CyanogenMod brand? The Facebook post states something about referral deals with community sites. Any idea what that would mean in practical terms?<p>Just curious.
It seems a nice idea, buying the CM.com domain and donating it to the project. Wonder if this sleazeball had a change of heart, or was he planning on embezzling referral traffic the whole time?
Phew, my first instinct when reading the start of that post was that some rogue code had been committed.<p>Note: it's a shame most of the comments here are about the title of this post.
Why are large parts of the android custom ROM community unprofessional and immature?<p>I always shiver a little if I have to dive into xda-forums, but this takes it to the next level. Puts all the actual hard working developers in a bad light.
Seems the guy who stole the domain is trying to undo his damage and possibly hand the domain back (likely due to the negative attention this is bringing him). He posted this to his Twitter account a few minutes ago:<p>"we've already had this conversation. The DNS was changed in preparation to hand the domain back to Steve. You all jumped the gun."
<a href="https://twitter.com/MrADeveci/status/268837555129167873" rel="nofollow">https://twitter.com/MrADeveci/status/268837555129167873</a><p>"DNS propagation can take 72 hours. The domain was transferred about an hour ago. It was transferred to another UK registrar."
- <a href="https://twitter.com/MrADeveci/status/268881716876300288" rel="nofollow">https://twitter.com/MrADeveci/status/268881716876300288</a><p>UPDATE: Seems he really has handed the domain back now?:
<a href="http://www.cyanogenmod.org/blog/domain-situation-has-been-resolved" rel="nofollow">http://www.cyanogenmod.org/blog/domain-situation-has-been-re...</a>
I don't know what this is, but as the guy asked for money for the domains, which he didn't own, I'd think about asking the police to look into this being extortion.
I had this happen to me when I started a music blog in 2008. Some trust fund brat decided he would hijack the site and I was forced to basically start over. It was painful but 3 years later I'm glad I did. I was able to rebuild and now have a better site with a better team in place. It'll take time but these guys will recover too. Integrity always wins!
Seems similar to the MacPorts vs DarwinPorts domain name issue:
<a href="http://trac.macports.org/wiki/DarwinPortsFraud" rel="nofollow">http://trac.macports.org/wiki/DarwinPortsFraud</a><p>But in that case, no domain was transferred, it was just confusing from the start.
I'm mixed on whether this is a good way to handle reporting something like this to the public. On the one hand, they didn't release the guy's name, which is completely and entirely appropriate, and I commend them for doing so. On the other hand, giving so many details—many of which are not relevant to the public, and probably were not intended for the public—gives this PSA somewhat of a "well, screw you too" vibe.<p>I think a simpler "we've been betrayed by an insider with access to everything, here's how we're fixing it, and yes, we're pursuing legal methods for dealing with this" would have been better. Leave out the gory details about who's hurt and whatnot. This is business. Still, this is better than half of the other "we've been betrayed" posts I've seen.
Ideas will be stolen. I know this is a hotly debated topic, and I agree with the raw idea != actionable idea, yadda^3.<p>I cannot emphasize enough to developers and to startups: all war is about money, all business is about money. When you get to the point that you are making money, you are in business... and all business is war (imo). If you go in thinking like that (not freaked paranoia, but strategic defensive development), you will avoid a lot of this trauma.<p>I feel for you guys, I've been there.
Title is sensationalist. Should be something like "Transition to Cyanogenmod.org"; Cyanogenmod is not offline, just cyanogenmod.com<p>Google already give you cyanogenmod.org when you search for cyanogenmod. Was this always their preferred domain, or is Google just that quick to update?<p>Post on cyanogenmod.org for those who prefer not to use Facebook: <a href="http://www.cyanogenmod.org/blog/psa-transition-to-cyanogenmod-org" rel="nofollow">http://www.cyanogenmod.org/blog/psa-transition-to-cyanogenmo...</a><p>For the sake of posterity, the original title was "Cyanogenmod taken offline by developer", and the link was to the same story, but posted on Facebook.