Hacker News new | past | comments | ask | show | jobs | submit login
Buying VMWare Fusion: A lesson in how to drive customers away (bitquabit.com)
296 points by tghw on Feb 23, 2011 | hide | past | web | favorite | 98 comments

I recently bought Parallels, and it wasn't much better. From the email I sent them (after I finally found an email address):

- When I arrived on the checkout page (from the link in the nice email you sent), you had tacked on a $8 digital backup fee. That is a complete bullshit charge, and you added it by default with no explanation as to what it was, or why I would want it. It was also not particularly obvious whether or not I could remove said add-on. It is a shameless, low class, money grab.

- I switched my pricing from USD to CAD, and you added $10 despite the two currencies trading at parity (I quickly swapped back, and just paid in USD). Another shameless, senseless money grab.

- You require my name, home address, email address, and phone number in order for me to purchase downloadable software via Paypal. You do not need any of that information. You want it so that some tool in marketing can have pretty powerpoints. It should be optional. (Making it required simply requires me to make up information; a waste of both our time.)

- The “send me email spam” checkbox was checked by default. The only reason for this is to get permission to spam people too lazy to pay attention to the checkout. It’s another tasteless scam formulated by a greedy, customer hostile executive tool.

- After purchasing, I entered my serial number, and was informed that I would have to register to receive updates to the software I just purchased. I cannot explain to you how incredibly asinine I find that policy. 

- The registration process once again required information I didn’t want to give you (requiring me to give you fake information)

- After registering, and confirming my registration via email, and entering my email/password combo into the application I was told that I had given invalid credentials, and to try again. (I hadn’t. I’m pretty good with copy/paste.) So I guess NO UPDATES FOR ME?

You require my name, home address, email address, and phone number in order for me to purchase downloadable software via Paypal. You do not need any of that information. You want it so that some tool in marketing can have pretty powerpoints. It should be optional

This is actually less for marketing purposes and more for running anti-fraud analysis, which is a key consideration when you sell software at their scales. When I write my (totally legitimate) Japanese address and phone number combined with my American credit cards, it often ends up in an order getting held for purgatory for 48 ~ 72 hours until I can point them to the resolutions for the last four orders I did through them and the fact that none were chargebacks for being stolen credit cards.

Steam also does something similar. You can thank your local pirate.

The digital backup fee is scamtastic, and (shockingly) isn't the worst thing they have pulled over the last few years (that would be automatically adding rebill fraud 'coupon booklet' subscriptions to the orders). They split the fee $7 to DR and $1 to the software publisher, which means that for sales of $50 software they make substantially more from that addon than for the software itself at almost all of their (myriad) pricing schemes for the core DR payment processing experience.

I think "via PayPal" is the key distinction that makes the fraud excuse less valid.

How so? It's as trivial as creating a new email account to create a new Paypal account, and even if they require credit card only Paypal accounts that can be easily fraudulent too. Fraud via paypal is just as rife as fraud without.

The only point at which an address can be used to prevent fraud, is between the credit card charging process and your bank. If it's paypal charging your credit card, they're the only ones who need your address.

That isn't true -- you can run a variety of heuristics to catch N% of fraud (and X% of legitimate payments) prior to submitting them to the bank, getting them accepted, and then having your merchant account ganked for high chargeback rates.

For example, an annoying system which will decrease chargebacks is "If your IP address goes to a country other than your billing address, shoot first and ask questions later." It bites me all the time, but there are sensible business reasons for it.

I tried to purchase Parallels a while back and gave up because:

* Even though you _can_ opt out of it (click the grey cross on the right of the product list), the "backup" fee is almost an extorsion scheme. When you buy Parallels, you buy the right to download it once. After that, it's up to you to properly manage your backups. If your hard disk crash and you didn't, you must buy a new version (unless you bougth the "extended download service").

* I'm in Europe, and they silently switched the price from $80 to 80€. This is almost $110. You can't switch back to USD, only to GBP (£65 which is as expensive)[1].

That's enough. I didn't wan't to know what other dark patterns they'd pull out further down the road.

[1] Actually, I've checked while writing this post, and it is possible to get the US shop in Europe too, but I couldn't find the way to do it a few months ago when I contemplated purchasing their program.

Let's also not forget Parallels repeatedly spams the crap out of you to buy Kaspersky and other miscellanea after purchase. Extremely irritating.

I went through the same process in 2006 for version 2, and bought the upgrade to version 3 when that came out. Turns out I always had to install the old version, activate it, install the new version, activate that. Did I buy version 4 when it came out? Of course not; I switched to VirtualBox.

Who's in charge for these dark patterns on their site?

wait ... so why did you buy it then?

I genuinely like the software, and they emailed me a $10 off promo the day before my trial expired. The entire process leading up to the purchase was top notch.

Oh, and I didn't know there was a free, quality alternative until shortly after. A painfully bad checkout is the price I pay for being too lazy to do any research. ;)

so you think if you buy you can't have complaints? interesting world you must live in.

He could have gotten Virtualbox.

With the uncertain future that comes from being managed by Oracle now.

Not totally uncertain, there's the GPL'd version which contains almost all the functionality non-commercial desktop users would require (except USB 2.0 device speeds). Oracle can derail VirtualBox the trademark, but they can't prevent a fork.

To be fair, so far virtual box has moved ahead pretty well under oracle.

I would not support a business of which I had these sentiments:

It is a shameless, low class, money grab. (twice)

It’s another tasteless scam formulated by a greedy, customer hostile executive tool.

Surely there are competitors in the marketplace?

We vote with our dollars.

The competitor is VMWare, which it seems is just as bad.

He guesses VMWare stores credit cards based on them using the last 4 digits to help identify orders. Actually, it is probably Digital River, not VMWare. VMWare uses Digital River to handle actually process orders. (That's why the site he went to for order lookup was findmyorder.com, not vmware.com. Findmyorder.com is a Digital River site).

You can't really infer credit card storage from them keeping the last 4. Merchants need to keep the first 6 and last 4 in order to process chargebacks and refunds. When a customer charges back all the bank tells the merchant is first 6, last 4, and amount of charge back (oh, and the date of the charge back). Furthermore, the amount does not always match an amount the merchant charged. So, the merchant needs to be able to look up orders by first 6/last 4, approximate amount, and date-that-it-must-have-been-before.

PCI allows first 6 and last 4 to be stored unencrypted and kept as part of general customer information. The strict security requirements (encryption, kept off of networks not involved with actually using the card, and so on) only apply to the rest of the digits.

I know the first 6/last 4 rule, but Digital River requested the last five. I actually thought that was pretty explicitly in violation of PCI. Am I wrong, or maybe misunderstanding the rules?

You can comply with PCI DSS by storing NO MORE THAN the first 6 and last 4 digits.

You can also by-pass the requirements by storing a (somewhat non-reversible) hash of the entire card (or last x digits, in this case 5)... As long as the hashing and the storing is done on two separate systems.


Yes, it definitely sounds like a typical Digital River experience. They're really a mess. Microsoft uses them to fulfill online Microsoft Office orders, and it takes so many steps you want to scream.

If there are no other reasons, this is why I want a solid App Store on Windows that has every app I'd want to buy. Seriously; it's just too much trouble to give companies money sometimes!

The solution isn't necessarily an App Store on Windows, it's to build better purchasing experiences. You're reasoning is sort of like: "I have serious issues with all GM cars due to shoddy quality, therefore all cars must be manufactured by Toyota because I like them."

I think his reasoning is more like "I see a fundamental design flaw in all other cars which Toyota has recognized and addressed in a way that I like, and wish other manufacturers would adopt that solution or one similar to it."

You don't have to agree, but don't poo-poo his desire for a unified, simple application purchasing experience in his OS of choice. That's a customer talking about what they want out of a product.

My point was more along the lines of "unified purchasing experience" != "good purchasing experience." You could have all apps unify on a horrible purchasing experience, no?

Big, huge upvote to your Digital River comments. Dealing with their shopping cart sites is maddening at best. They're ripe to get picked off by a capable startup.

Or Apple.

If you are not in need of customer support the answer to this problem is to use Virutalbox


Its just about as fast, has all the same features (including 3d support) and best of all its free and opensource

Virtualbox (I tried with the latest as of late January) would not run Skype for me.

VMware worked immediately.

Why would you want to run Skype in virtualbox? Skype runs on Mac, Windows and Linux.

Because you don't trust skype not to dick up your real computer?

Sounds valid.

I've actually set up Skype on Virtualbox with no problems. I needed to test a Skype plugin once and had 4 Skype instances running on the same machine (3 virtual, one native). Later Skype versions break with Virtualbox, but older versions work fine.

I guess this http://www.virtualbox.org/wiki/VBox_vs_Others makes it clear

This is an inaccurate comparison to VMWare Fusion. There are many features, e.g. Bootcamp partition virtualization, that virtualbox either forgot to mention or purposely excluded.

VirtualBox can actually do physical-partition virtualization, but you have to produce a VMDK file that points to the partition you want, and use that as the virtual disk. (Oh, and run VBox as root.) Conveniently, I've written some code to produce such a file: https://github.com/vasi/vmdk-raw-parts . Enjoy!

Aha, cloned! Thanks for this. I had to make my VMWare vmdk for my GPT partition by hand :-). I've been dreading the day when my disk changes and I have to recreate it. Now I will not.

Neat, I assume this preserves FS changes upon native boot?

Yup, it's using the physical partition, so all changes are preserved. Whether you want that or not.

I suppose you could use a snapshot VMDK to put the FS changes into a file, which you could then keep or discard. No idea if VBox or even VMWare actually supports this behaviour. Nor can I think of any particularly good use for it!

You can set up VirtualBox to use a physical (ie. Bootcamp) partition or disk. It's not as easy as in Parallels, but it isn't difficult and is explained well in the manual.

What you can do and what the product supports are two different things.

In the case of a free product like VirtualBox where you're not paying for tech support, there isn't a difference.

Unless you mean that there is a difference between what merely happens to work and what the developers strive to ensure works. In this case, VirtualBox definitely "supports" using physical disks and partitions (though they describe it as an "advanced" feature).

I wonder why they don't have parallel port support.

Because most things you would want to do with parallel port that actually work through all the layers of virtualization and emulation (ie. connecting a printer) can be done equally well with emulated serial port.

Yes, and it has some of its own user experience issues. I upgraded to 4.0.4 last week on Windows 64, and every time you upgrade it resets all of your network adapters (yes, probably a windows issue). Nevertheless, couldn't upgrade from 4.0.0 to 4.0.4 directly, the installer hung and left me hanging without network access of any sort till I rebooted. Ended up having to install 4.0.2 first, which was never mentioned in the "Check for updates", so I didn't have

When it works it's awesome, but the installer almost always hangs on me also -- I think it's during some network card driver bit. It's an old problem that doesn't seem to be getting fixed.

From trying to use it recently, it's worth pointing out that the 3D support in VirtualBox is not up to the standard of VMWare's, if you want DirectX. Obviously that's not important to everybody, but hopefully it will save some people a few hours of experimentation.

I'm sure they'll improve it in time though, and VirtualBox is otherwise a fine piece of software.

I actually ended up using a pirated serial after I'd purchased VMWare because it was easier to get than the legitimate one.

I use VMWare Fusion all the time. I spent 30 minutes trying to buy it and 30 seconds getting a pirated serial. I think the software is well worth the price and I'd happily give them the money if they could provide a reasonable way for me to do so.

This has been my experience as well ...

I've pinged a friend at VMWare about this. It's not her department, but she should be able to pass it along towards the people whose problem it should be.

EDIT: Word's been passed along. Don't know if anything will actually come of it, but (at least some of) the people whose problem it should be are aware.

The real test will be whether they've got the sense to spend 20 minutes signing in here and engaging us in dialogue.

I don't know that anyone engaged us here, but someone from VMware did engage me over at the blog: http://blog.bitquabit.com/2011/02/22/buying-vmware-fusion/#c...

I have no way of knowing if that person is the one my friend contacted (not least because I can't view the comments; do I need a Disqus account to see them, or something? That's a bit of a fail, too, IMO.), but I'm thrilled to see they're talking with you.

The Humble Indie Bundle games pack did this so well:

- Very simple purchasing - a single page

- Perpetual download codes

- No DRM

Yeah... I've been buying VMWare for my team. After buying it twice online, I started buying it from amazon boxed because it's cheaper than the digital version from VMWare and you can still get the stupid rebate they are currently offering. (I hate rebates).

This is what's selling me on OS-vendor-provided App Stores. Of course there are many reasons a self-respecting hacker would turn up their nose at such a thing. But product activation and billing really should not be novel experiences in 2011.

To be fair, you can do a lot better than Digital River, whose code is largely stuck in 1998. I mean, BCC can phone home to the server to get a registration key without the user ever needing to read their onscreen instructions (quite helpful because they frequently don't). It takes less than a day of engineer time to take 90% of the pain out of this. (Though I don't think that is an option if management has decided to go with Digital River -- then you're pretty much at the mercy of their operation.)

findmyorder.com really looks like your typical phishing site. I don't think I'd be giving them any of my information.

So, I watched this whole thing. Then I noticed the URL on the end... Here it is:


Go ahead. Click it.

You can get newer releases from their page directly, in case anyone wanted to try navicat. It's a pretty good utility, though I personally still like to use the respective SQL server command line utility shells. It's a 30-day trial.


I used Navicat for along time, and its not bad software. These days though I've been using the free "Sequel Pro" for OS X. Does all the same things I need to do, as long as I'm on a mac. http://www.sequelpro.com/

The URL loads a lot of quite clearly non-plain text data served as text/plain. Am I missing something?

Really? It downloads a .dmg for me...

Content-Type is text/plain, Content-Disposition is not set. Your browser overrides content type based on file name "extension", at least for commonly misused types.


Regardless, it's their software. After all that, it's not even an expiring URL, or obfuscated, or anything.

Well… I got Parallels as boxed software sent to me (was working from home). Alas, I got an older version, and upgrading required some mind boggling stupidity (some proof of purchase I did not have, some personal details, etc.) So I decided it was not worth the hassle and bought VMWare Fusion (with my own money) online instead.

I got my VMWare Fusion key in the email. Two seconds, confirmed. I guess YMMV. I've been a closed beta tester for VMWare Fusion for ~2 years as well.

I have been using VirtualBox on Mac and Linux for a couple years now with fantastic results. Easy upgrades and free as in beer and (most of it) as in speech too.

Recently started using Vagrant http://vagrantup.com/ to configure virtual machines with VirtualBox and Chef. Awesome. I recommend this combo to all devs.

You think that's bad, you should hear my experience trying to buy a license to the virtual center for the free version of vmware server in 2009. At one point I had a 3 way call going with VMWare's local vendor and VMWare corporate where they were both denying such a thing as a "free" version of vmware server ever existing.

The last few years of dealing with vmware have shown me quite clearly that vmware doesn't care about little guys. They obviously make all of their money from large business customers.

I notice that no one has mentioned Hyper-V yet. While it isn't perfect it is free. Mind you, you do need to be running Windows Server, but if you are already running windows you should consider it.

I am curious how it stands up to all the others. Virtual Box didn't have it in their grid.

I've used Hyper-V before and its pretty much garbage compared to VirtualBox and VMWare. 1. There is no usb device support that I could find, and you can't add any devices besides hard disks that I've seen 2. No shared folders at all, you need to use smb to have any file sharing capability, short of setting up ftp 3. They pretty much only support virtualized windows 2008, they have SOME Linux support but thats limited to Red Hat and OpenSuse mostly 4. You can only install it on Windows Server 2008(well thats a given but its still a drawback) 5. Its interface isn't the best, I find it really hard to find stuff and everything is in non-obvious locations

Hyper-V doesn't run on Mac OS X, so I don't think it would be particularly useful in this case.

I recently downloaded VirtualBox. It runs Windows perfectly and it's Free software.

Thanks for posting this. I use and love VMware products (Fusion now, other products since Workstation 1.0) and I'd forgotten how hair-pullingly painful it was buying Fusion for the first time. This re-jogged those memories.

And this is why I use Free Software only. Thanks for the reminder.

I'm relieved I will never go through this process. This does not sound like a normal checkout process to me.

When I bought November last year, I did get the keys in the confirmation email.

I had roughly this same experience with buying VMWare Fusion two years ago. Nice to see they're paying attention to customers.

After two years and a rant that happened to get posted to a major tech news site. Doesn't really sound like "paying attention to customers" to me. How many times has this happened in the past two years and why haven't things gotten any better?

So, to recap:

- I bought a product that needed a license key;

- in order to use it, I was sent to a 3rd party site I had never dealt with before that provides the keys;

- the site requires me to enter part of my credit card as my proof of purchase to use it;

- it then takes me to a totally broken page, which, thankfully, has a license key;

- that license key is rejected for some indeterminate amount of time by vmware.com due to a known slowness problem with their key distribution system;

- once it’s finally not rejected, vmware.com still merrily asks me to give it an email that it knows damn well it didn’t give me but still accepts just the correct key from the key distro site anyways

There, I fixed it so it's not such blog spam, buy software much?

I'm sorry, but how is this news worthy?

As far as I can tell, some guy bought a copy of VMWare Fusion with a moderately poor customer experience, can't activate it within the first half hour, writes a blog post to complain and gets his buddies at Fog Creek to upvote.

Why on earth did you think other people would be interested in this?

Seriously? This is a major company with some very big problems regarding how they handle (or outsource) legitimate digital purchases.

It's this kind of crap that drives people to piracy (with justification).

You know you're doing something wrong when your customers would rather trust binaries downloaded via bittorrent than trust your online store with their credit card number.

What justification? If someone can't cope with a buying process then they shouldn't buy, it is no excuse for stealing. This is as asinine as seeing a long queue at a supermarket and declaring this is "justification" for walking out with the goods without paying.

I mean that people who engage in piracy can claim they do so because it's difficult for them to easily and legally purchase the same item.

When VMWare moves to a simpler (perhaps iTunes-like) system, then pirates have no rational justification.

It's a justification. You don't have to agree with it, but not doing so doesn't make it any less of a justification.

"The line was long" is also a justification for shoplifting. "He looked at me funny" is also a justification for murder. All you're saying is "the offender can tell him/herself that they have a reason." Which is always true for anything anybody does.

I get that you should make it easy for people to buy your software legitimately. But I don't buy the argument that if you don't, they are "justified" in stealing it. Everybody rationalizes whatever they do. That doesn't make it right.

He didn't ask me to post it and I didn't ask anyone to upvote it. The only thing I did was let him know I posted it, so he'd know some extra traffic might be coming his way.

> Why on earth did you think other people would be interested in this?

Well, right now it's top on HN. Seems pretty self-explanatory.

This story is a case study in how not to sell software. This is exactly what I would expect to see at HN.

Also important: it is the kind of software that HN readers are likely to buy. Knowing about the crappy post-purchase experience is valuable information to anybody considering the purchase.

It also shows why Apple gets things right by concentrating on customer experience. Buying VMware from the Apple App Store would have been an entirely different experience.

It's also an area where businesses have to work constantly to resist legitimate forces: the desire to know more about customers, the desire to reduce piracy, and the desire to outsource tricky business processes. VMWare might be an extreme example, but most checkout processes trend in this direction without conscious effort.

Oh FFS, really? Really??

There are an infinite number of ways to communicate how not to do things. Enumerating them only serves to decrease the entropy rate.

What I suspect is most people enjoyed this article because VMware made a fool of themselves, but not, as you suggest, because it provides an enlightening anecdote that will inspire the reader to avoid a common pitfall and yield an effective checkout process.

I suspect you're getting downvoted for your tone, because your point is legitimate:"reversed stupidity is not intelligence" -EY

While it is true that "reversed stupidity is not intelligence", that does not mean negative examples are without merits.

Someone once said to me "A smart person learns from their mistakes, a brilliant person learns from other people's mistakes."

Positive examples show you what you should do and how you should do it, but they often leave out why. A negative example makes it very clear why you should do things a certain way and avoid doing them other ways.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact