shackleford
Banned
and had customer information obtained by a freelance hacker who you ripped off
MESO-Rx
Anabolic Steroids
Brewly - Worldwide Marketplace
- Thread starter Brewly
- Start date
shackleford
Banned
and this thread is getting to be as gay as your website.
Larping extortionist*
Remember when he supposedly emailed tons of customers and yet no one came forward?
Don't let an extortionist play you guys just because it fits your narrative that "brewly bad". It undermines the integrity of unmoderated spaces like Meso. At the very least, don't take the word of noobie accounts as gospel especially when they're trying to extort people.
Anyone can fake a data leak by using inspect element. Even larpers:
Code:
https://zapier.com/blog/inspect-element-tutorial/
By all means, hate on our website. That's fine. Spreading misinformation and empowering extortionists is not great for anyone, though.
shackleford
Banned
say larp one more time motherfucker
@Brewly I like the idea and ambition.
From a technical perspective: Laravel is a web framework, it doesn't have anything to do with how secure your website is, also fuck PHP for god sake why it still exists. Use Node.js with Express and such... If you insist on a defined framework then use Django.
But that has nothing to do with e-commerce of steroids, it's just technical advice.
From a business perspective: The issue is you can't amazonify steroids, it's illegal, if your site gets attention you'll be prosecuted including all vendors, vendors are not regulated/controlled facilities, vendors range from great to "made in dirty basement bathroom" qualities, we're talking about human life at stake, also, vendors are unreliable, one month they're good another they're trash then they're gone(e.g Symbiotic my man R.I.P), then the stock of inventory fluctuates depends on supplies.
In other words, each vendor is custom, so if you do want it to work, you'll need to have a site with quick feedback from users and updates from vendor(comments), for each vendor(thread), then for safety separate purchase/shipping from the site(email), what you get? Meso, bingo.
Now you might get it to work with your site, but you need to put thought into it since again, it is not really like Amazon-type business due to vendors' volatility and risk.
From a technical perspective: Laravel is a web framework, it doesn't have anything to do with how secure your website is, also fuck PHP for god sake why it still exists. Use Node.js with Express and such... If you insist on a defined framework then use Django.
But that has nothing to do with e-commerce of steroids, it's just technical advice.
From a business perspective: The issue is you can't amazonify steroids, it's illegal, if your site gets attention you'll be prosecuted including all vendors, vendors are not regulated/controlled facilities, vendors range from great to "made in dirty basement bathroom" qualities, we're talking about human life at stake, also, vendors are unreliable, one month they're good another they're trash then they're gone(e.g Symbiotic my man R.I.P), then the stock of inventory fluctuates depends on supplies.
In other words, each vendor is custom, so if you do want it to work, you'll need to have a site with quick feedback from users and updates from vendor(comments), for each vendor(thread), then for safety separate purchase/shipping from the site(email), what you get? Meso, bingo.
Now you might get it to work with your site, but you need to put thought into it since again, it is not really like Amazon-type business due to vendors' volatility and risk.
Framework/security
Thanks for the advice. One of the reasons we use an opinionated framework like Laravel (or Django) is because they follow security best practices by default. For example, if we look at authentication, there's nothing stopping you from storing passwords in plain text on Express. You yourself have to do the work to follow best practices, and if you make a mistake, oopsie. Meanwhile to do the same on Laravel you'd have to go out of your way to purposefully make your own custom, insecure authentication system. That's why I brought up Laravel in the past as a response to questions about cookies, sessions, authentication, etc.
Emails & Forums vs Marketplace
With regard to my, at this point over-simplified Amazon analogy. We have marketplaces for drugs already. Darknet marketplaces. Fortunately, AAS is treated differently. Sources are free to openly sell steroids on forums, insecure wordpress sites, and email, and it's all done on the clearnet. Sure ordering by email and leaving comments on forums may seem super private, but you're still involving third parties. Did you know Protonmail complies with government requests? 336 complied requests in 2018 alone.
ProtonMail Goverment compliance
"From time to time, ProtonMail may receive requests for assistance from law enforcement authorities. As a strict general rule, ProtonMail only complies with legally binding orders that have been approved by Swiss authorities. Moreover, under article 271 of the Swiss Criminal Code, it is an offence to comply with foreign requests that have not been approved by the Swiss authorities."
Quick search will show PM complying with many foreign requests from EU, US, etc. Not to mention steroids are not legal in Switzerland.
How is Brewly better/different?
Meanwhile: We're hosted offshore in countries where AAS is legal. We auto-delete shipping info when order has shipped. We have the ability to recover funds and ban sources when things go wrong. Our ranking systems allows the cream to rise to the top (unlike a forum where visibility is determined by thread bumping and/or ad spots).
Sorry if I didn't get to all your points. You mention vendor volatility/feedback. Early in the thread there's a bunch of posts about our ranking system, application process, reviews, planned order dispute stuff. I'm happy to go over it again, just let me know.
Thanks again for the questions and advice.
Last edited:
I forget, but how long has the Brewly site been up and working?
You keep saying that vendors will have “reviews” but so far not a single one. So the promise of “reviews” is empty thus far.
You said each vendor had to meet your screening requirements (I forget how you said it exactly) but you never showed us what those requirements were. If they exist, MESO would like to see them. It would certainly make everyone feel better about your vendors. We have no idea what we’re ordering from the sources we don’t know.
Where’s the lab testing? Are there any plans for that? Any quality control? Any accountability? Are you going to require each vendor to test periodically. Do customers get store credit for bloodwork or lab testing of products?
You have a forum. Wow. It’s got nothing in it. No active discussions. Nothing. Are you satisfied with that forum?
So far, it all looks like promises and enthusiasm but not much substance. All you really have is a promise that it’s an ultra-secure unhackable unbreakable bulletproof website. Now you say it’s better than ProtonMail. And there’s vendors selling “stuff”. How do we know what we’re ordering? What’s the dispute process? Who makes the verdict for a refund?
Theres a lot you haven’t explained. Just like anything in this, it only comes down to blind trust.
You keep saying that vendors will have “reviews” but so far not a single one. So the promise of “reviews” is empty thus far.
You said each vendor had to meet your screening requirements (I forget how you said it exactly) but you never showed us what those requirements were. If they exist, MESO would like to see them. It would certainly make everyone feel better about your vendors. We have no idea what we’re ordering from the sources we don’t know.
Where’s the lab testing? Are there any plans for that? Any quality control? Any accountability? Are you going to require each vendor to test periodically. Do customers get store credit for bloodwork or lab testing of products?
You have a forum. Wow. It’s got nothing in it. No active discussions. Nothing. Are you satisfied with that forum?
So far, it all looks like promises and enthusiasm but not much substance. All you really have is a promise that it’s an ultra-secure unhackable unbreakable bulletproof website. Now you say it’s better than ProtonMail. And there’s vendors selling “stuff”. How do we know what we’re ordering? What’s the dispute process? Who makes the verdict for a refund?
Theres a lot you haven’t explained. Just like anything in this, it only comes down to blind trust.
These things, they take time to grow.
By default, customers don't tend to leave reviews, unless they had a negative experience.
Our screening requirements are, and without too much detail, plain and simple;
Previous sourcing sites, experience, years of brewing, pictures of stock, explanation of how they use their equipment, equipment pics, and highly preferred, testing done by accredited sources. I'm sure I'm missing something here. Pic of your girls tits are optional.
Lab testing yes, as mentioned previously here, we are developing a tab for vendors to have on their storefront that shows every posted lab testing. For now, customers can attach bloodwork/labwork in reviews. Brewly is still in active development
Dispute process and buyer protection features are still under priority active development - so we can't really expand on that for now as anything I may say, may change. But for now, what we have is that we with hold funds.
Am I happy where Brewly is, and its forums? Of course. The project has immense potential. Just because it has nothing on it right now, doesn't mean its a failure. These things, they take time.
Order disputes, vendor screening, reviews/ranking
I have actually explained vendor applications, ranking, and the planned order dispute system at length in this thread. It's all within the first 10-20 pages. I recall you calling those responses "cut and paste" and "nerd gibberish", so I'm assuming you didn't actually read them? Not trying to be passive aggressive when I say that; I am just actually wondering if you read it. If you'd like me to reiterate and go over some of those things again, I can no problem. Let me know.
PGP: Taking the trust out of Brewly, completely
As far as this claim of needing to put trust in us, don't! We added support for PGP for a reason. If a vendor supports it as well, you can use it to encrypt your information peer-to-peer between the two of you. If you do this, literally only the vendor could ever possibly decrypt your data. PGP is pretty cool, it's a requirement in darknet markets but unfortunately no one really seems to use it in our world. Perhaps it's something we could push harder in the future as suggested by one member many hundreds of posts ago.
Can one trust a new platform?
I totally agree with this and I think it's your strongest point to date. Only the test of time can truly reveal the legitimacy and strength of any project. By all means, wait. We'll continue working and building to earn your trust.
Correct me if I am wrong here, but as far as I can tell, you need to trust us with one thing: that we won't steal your bitcoin from a single order and instead play the long game of building up the platform to make real money. Considering we invested 10s of thousands into this project (really), I believe it's in our best interest to really build this platform into something special.
Less money now or more money later?
Since you're of the opinion that we're just greedy business men interested in collecting bitcoins, good. Use that to extrapolate our thought process. Less money now, or more money later?
Let's say you were me: A new order comes in for $200. Do you take the $200 and run? Of course not, it would be illogical from the standpoint of trying to maximize your bitcoin wallet.
Clarifying previous post
The point of my previous post was not to discredit emails and forums but rather to cast a light on the fact that no one is "dealing direct" at the moment. Everyone is selling on the clearnet and relying on big third parties, mainly the email services. And these big third parties tend to comply with government requests because they couldn't exist otherwise. On the other hand, we're relatively small, niche, and purpose-built for AAS. Even if Brewly becomes the biggest AAS site ever, it will still be dwarfed by ProtonMail's userbase. For that reason, they face more regulatory/government pressure cause they're trying to steer a much bigger ship.
We operate a small, slick operation that is totally geared, no pun intended, towards AAS. As stated by another member very early in this thread: It's like the silk road but without narcotics, murder for hire, and it's on the clearnet.
Whopperflopper
Well-known Member
@Brewly , you have a forum now? I didn't get the invite. I learned the knock, and handshake...
Yes. I know you went over everything almost a month ago. What I meant is I don’t SEE it. No reviews. No ranking.
Things take time, I realize that. In a couple months maybe it’ll be reaching its potential. I’d like to see lab testing and credits for customers to submit bloodwork and testing. Otherwise we are all still working off of trust.
The withholding funds is fine but if I order now, I might not use the product until spring, run it for a couple weeks before the feelzzz and bonerzzz tell me something is off, send sample overseas. Get results 6 weeks that show it’s underdosed or bunk. So that’s a little bit of time. How does something like that get handled?
Ah, I see. Let me address that then:
Product reviews vs Vendor reviews
With regards to reviews, that's our bad. We implemented product reviews thinking that'd be enough when we should've also had vendor reviews: Essentially a place for reviews that are centered around service, communication, speed, etc. You get the idea.
I'm sure you see the problem: how are you gonna leave a review on the product if you haven't actually verified the product yet with actual testing? Sure maybe the service was good but that's a review of the vendor, not the product.
This is something we'll add in, among with other things, in the next few months. We'll also be revamping and refining our ranking system along the way. Right now it's tied heavily to reviews, and as you have astutely noticed, there's a problem! We have no reviews. In fact, we had one, on a WFO product but when he deleted his account (has since returned), it wiped all data related to him including that review.
So because there are no reviews, what happens to the way things are sorted/ranked? Well they default to creation date, hence the current less than ideal circumstance.
In the meanwhile, we decided to take the advice of one of the members here. Someone had previously mentioned giving higher visibility to "Meso approved" sources. So we went ahead and added a "Top vendors" section to the homepage that features our biggest names from Meso & SST. We feel this is a good stop-gap solution that will direct people towards the best sources in the meanwhile.
Thank you for seeing this. Let's not forget these forums have been around for literal decades. Things take time. But yes, certainly you'll be looking at quite a different site 3 months from now, 6 months from now, a year from now.
Certainly, I don't think any source at this moment objects to giving credit for testing. It's not something I've explicitly gone around enforcing because I was under the impression everyone already does this? If this isn't the case, or you find a source unwilling to give you credit for testing, please let me know and I will strongly urge them to reconsider.
Or are you referring to us giving site-wide credit that we cover? Yes, that's a possibility, but only possible when we've implemented buyer balances (to store that credit). Buyer balances will come along with our formal order dispute system.
Fund protection
Alright let's talk about how we handle that now, compare it to the current paradigm, and also go into how we'll improve things even further.
How it's handled now on Brewly vs Forums
If enough people come forward with the problem you described and the vendor is not willing to handle their business in a professional manner and make things right with their customers. We can greatly... motivate them. How? Holding their future withdrawals and potentially suspending/banning them.
Which do you reckon would be a more motivating stimulus for a source gone bad? Having their thread bumped by a handful of angry customers that he can brush off as trolls OR no longer being able to collect his Bitcoin until they make things right, as they should?
With those funds now held, we can now refund those open orders if the Vendor decides to dip in an attempt to avoid making things right with his customers. Something a forum could never do. Though I find this unlikely. Reimburse a few customers you wronged OR kill your whole business? Regardless, we have it covered.
How we will further improve this
So I've talked about our formal order dispute system before. Just gonna go over the previous points and also remind you that the implementation details are not finalized.
We're thinking of having a system very similar to Paypal where you can dispute orders and, in turn, the vendor has their balance temporarily debited by the amount you dispute. You would then hash things out with the vendors or have it escalated to arbitration. Just know that we will be extremely fair to both vendors and buyers, so be sure to come prepared with evidence if you're going to be disputing or defending a dispute.
With such a system, you could dispute an order 6 weeks after the fact, no problem.
You got the coupon for Chipotle? only way we allow access homie
I'd like to touch upon this as I have experience with customers claiming bunk after the fact of delivery say, 6 months.
If the customer for example, you, submits labwork that shows so and so's product is low in purity, we'd accept that and we can go off that, and cover you. Fuck, even I, will cover your costs and send you on the house.
It'd have to be labwork/bloodwork though, we can't simply go off peoples words. Sometimes, bloodwork doesn't show the full story, some people respond weirdly, etc. I know for myself, I'm in the low 300 of test if i take 150mg.
That seems to cover that fairly reasonably.
Now what about a total vendor destroying event. SymBiotics was a source here that was generally accepted until ONE guy noticed a floater and reported it here on MESO, that’s when guys checked their gear and it was quickly realized that it was a large-scale issue. So large that the source closed up shop and left for good. Have you given consideration to something like that? That was a big fuckup and lots of guys faced the decision of whether to refilter or toss multiple vials that were purchased over a 6 month period prior to the first observation. That would probably be several $1,000s.
Things like that unfortunately do happen. I'm not sure the time period of Sym's problem, but lets say, all these customers who noticed was in the same week, and purchased through escrow, their money is still with us and is easily refundable..
If this is a large scale issue going back months, and customers didn't notice, I honestly can't say. People should be checking their gear on a regular basis. If its an issue that spans months and months and through blind trust and negligence, no one has noticed, I'm not sure any marketplace has any fix for that.
Since we can't be holding onto a source's money for that long, the money is definitely gone. Though i'm sure the goodwill of fellow sources(trying to soak up the open market) this would be remedied.
Making the transition easy in the event of a scam
Adding to this, it would be relatively easy to arrange a scenario like this if both the exiting vendor(s) and the goodwilled vendor(s) are on the same platform. No headache on the customers end.
Worst case scenario
But what about worst case scenario? Seeing how full on exit scams are generally few and far in between, we can likely cover this out of pocket, 100% if no vendors are willing to step up. Though, as DO mentioned, it's a great way for a vendor to step in, make things right, and gain business and respect from customers. I anticipate that will be the most likely course of action and it's something easily facilitated by being on the same platform.
No back and forth emailing, proving you were scammed, or placing new orders would be required.
Lol yep check the header on the site you'll see a link.
@Brewly
I agree Laravel is more strict than Express, Django is still my favorite out of the two, I also hate PHP.
In terms of business, you need to have a verification system, such that NO source is allowed to sell without some kind of PROVEN record, what's stopping me from just opening a shop right now on Brewly and sell Cynaide as Anavar? You need Uber-like verification, no driver is allowed unless 100% verified as safe and legit.
I agree Laravel is more strict than Express, Django is still my favorite out of the two, I also hate PHP.
In terms of business, you need to have a verification system, such that NO source is allowed to sell without some kind of PROVEN record, what's stopping me from just opening a shop right now on Brewly and sell Cynaide as Anavar? You need Uber-like verification, no driver is allowed unless 100% verified as safe and legit.
We touched upon this review system for vendors above and our process concerning them, in my response to bbbg
Hopefully no one out here tryna sell cyanide.. whats wrong with yall?
