Warning: If you get a username / password pop up on CouchSurfing.org, click cancel, do not enter your username and password except on the CouchSurfing login page.
As of right now, I’m seeing this CSS file included on all CouchSurfing.org pages. That file links to this image. That image returns a 401 authorisation denied error. That in turn causes the browser to request a username and password, the realm is given as “CS”. If a user enters their CouchSurfing username and password, that data will be submitted to functionalfreelance.com.
This is a serious security issues as many users are likely to enter their passwords without realising what’s going on.
As far as I can tell from a scan of the whois data and dns records, there is no connection between couchsurfing.org and functionalfreelance.com. It seems likely to me that this is a hack of some sort, either deliberate or accidental. I hope accidental. Either way, this is a significant issue and needs immediate resolution by CS Inc. I have notified Casey Fenton, Jim Stone and Chris Burley directly of this issue.
Today I noticed that a green tick now appears on the images of CouchSurfing members who have paid for verification. I notice these ticks on groups, I assume they’re all over the site. Wherever you see a thumbnail picture of a person, it marks who have paid and who have not.
This continues what Jim Stone started back in New Zealand all those years ago. A campaign to drive verification revenues ever higher. Given that you only need to pay once to become “verified”, CouchSurfing International Inc rely only on a continual stream of new members to make “donations”. If they can increase the percentage of people “donating”, more money for the coffers.
Perhaps we can subvert this new feature by framing our own profile pictures and adding a different symbol to donate that we opt out of the so-called “verification” system. We could even combine that with a real verification system based on the verification of actual identity and physical location. Food for thought… 
I read that CouchSurfing uses SphinxSearch to improve member search. The software is available under the GPL or a commercial license.
I mention this here in the interests of collating technical data on how CS is built.
Check here and here. You’ll see “Blocked Site Error.”
The site used to be available in the wayback machine, so it would seem that somebody at CouchSurfing International Inc has specifically requested that the site be removed from the archive. Is there any legitimate reason why such a request would have been made? Personally, I can’t think of any.
Today I noticed that the CouchSurfing 2008 finances have been updated for the whole year. I whipped up a graph to show where the money goes.
Employee related expenses account for 62.8% of total expenses. In that figure I’ve included salaries, tax, payroll fees, rent, travel, food, and staff development. Admin expenses includes anything not in hosting / verification. Hosting is server costs plus telephone / communication. I suspect most of the telephone / communication expenses belong in Employees, but I left it there to be on the safe side. Finally, verification, the source of 99% of the income, costs only 6% of total expenses. I included printing and mailing in the verification cost.
The numbers are:
Employees: $405′440.59
Admin Expenses: $116′901.33
Hosting costs: $86′723.33
Verification: $36′589.83
It costs more than $400k to staff CS Inc with how many employees? Five? That would be a cost of $80k per person per year.
Hopefully this helps to understand where the money goes.
If you’re interested, you can see some overview visitor statistics for couchsurfing.com on quantcast.
Why CouchSurfing is enabling QuantCast to measure visitors is an interesting question. No doubt this will spark lots of “theories”.
Personally, I think it’s interesting to note that the weekly reach of couchsurfing.com is circa 300k people, nothing like the 1m “members” that CS Inc claims (at best their are 1m profiles).
I saw a discussion about CouchSurifng International Inc attemping to trademark the term “CouchSurfing”. I feel like this is something I would like to take action on, but I’m not quite sure what action to take.
I guess that if we can find uses of the term “couchsurfing” before the incorporation of CS Inc, that would provide a basis to challenge the trademark registration. Does anyone have references to such uses?
Is this an issue worth pursuing? Comments on a postcard…
If I read the 2008 CouchSurfing Inc finances (citation) correctly, CS Inc is on track for income in excess of $600′000 USD this year. Contributed support for 1 Jan – 31 Mar is listed as $155,616.73.
Web/ Internet/ Host Fees – $ 2,960.59
Telephone & telecommunications – $ 2,208.03
Equip rental & maintenance – $ 13,923.46
Salaries of Professional Staff – $ 19,384.68
Payroll Taxes – $ 1,955.63
Office Expenses/ Supplies – $ 3,195.01
Rent, Parking, and other occupancy – $ 4,777.81
Meals/ Groceries – $ 10,895.37
Total cost of running the site around $19′092.08. Total salary bill (payroll plus taxes) $21′339.63. Total expenses related to “staff” around $40′207.82. A total of more than $10′000 spent on meals / groceries!
The total “staff” cost is more than twice the actual hosting cost. Yet since the organisation has added so many “professional staff” I see little difference in the actual site. Few new features, little increase in stability. Certainly no change in transparency or solving any of the “we’re too busy to publish details” problems.
CouchSurfing might well have an income in excess of half a million dollars this year. Looks like it’s becoming a viable business opportunity.
K2 theme upgrade and threaded comments
I’ve just installed K2 RC8. Previously we were using K2 RC6. I’ve also enabled threaded comments with the default options. So threads go up to 5 levels deep. Any of the admins on this site can change that setting if a consensus feels that it was a mistake. You’ll see new “reply” buttons underneath each comment. That allows you to reply specifically in response to a single comment, like some forum software.