You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@openoffice.apache.org by Tom Panfil <ta...@verizon.net> on 2014/11/29 17:03:14 UTC
Suggestion of Ways to Combat Fake AOO Download Sites
So many people get burned by doing a search for Apache Open Office or
just for Open Office then downloading from a malicious 3rd party site
that the Apache OO Project should do what it can to try to warn people
*in advance*. It is impossible to do that globally and repeatedly but
perhaps some site could be developed to provide the official download
links for Apache OO and other good Open Source software like that from
Mozilla. All the projects could watch that site's links to catch any
corruption introduced maliciously to the download links .
Perhaps a press release could then be sent to prominent computer gurus
with significant followings to invite them to alert their audiences to
the problem of people being tricked into making downloads from malicious
sites. It could point them to the consolidated site for links to the
official download sites. There are probably many such gurus with wide
followings. I'd suggest Kim Komando as a start. (Maybe she'd even
consider hosting that consolidated site -- I bet that she would.)
Perhaps help could be enlisted from socially responsible Search Engine
operators too. I hope that such creatures exist. I'd invite them to
demonstrate their good will toward the honest computer uses of the world
by ranking the official community wide download link site first when
people search for any of the Open Source SW which it advertises.
v/r, Tom Panfil
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org
Re: Suggestion of Ways to Combat Fake AOO Download Sites
Posted by jonathon <to...@gmail.com>.
On November 29, 2014 8:03:14 AM PST, Tom Panfil wrote:
> All the projects could watch that site's links to catch any corruption introduced maliciously to the download links .
People redirected to the SourceForge from Openoffice.org have ended up downoading the program from a malicious third party. Whilst the cause of that issue has been dealt with, it is extremely difficult to deal with all the mutations of persuading people to part with a buck to download something.
The only practical solution is to constantly educate people about good computer hygiene practices. (What is really sad, is that malware that used to only be found only in the cyberspace equivalent of a bar that prohibited unarmed patrons, is now peddled by major websites.)
jonathon
--
Your documents. Your language. Your way.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org
Re: Suggestion of Ways to Combat Fake AOO Download Sites
Posted by Andrea Pescetti <pe...@apache.org>.
On 29/11/2014 Tom Panfil wrote:
> perhaps some site could be developed to provide the official download
> links for Apache OO
For Apache OpenOffice, that site is our official site:
http://www.openoffice.org ; it almost always comes first in Internet
searches (but yes, sponsored links are the problem; more below).
> Perhaps a press release could then be sent to prominent computer gurus
> with significant followings to invite them to alert their audiences
That post already exists at http://s.apache.org/genuine-openoffice ;
everyone is welcome to give visibility to it.
> It could point them to the consolidated site for links to the
> official download sites.
I don't know if a consolidated site (linking in turn to the individual
official sites) is a solution. In the end, the openoffice.org site is a
resource that we fully control, it is official and it comes higher in
Internet searches.
> Perhaps help could be enlisted from socially responsible Search Engine
> operators too.
When you see suspicious sites come up in a web search for one of our
trademarks, please inform us as explained at
https://openoffice.apache.org/trademarks.html ; in some cases (although
it needs a significant effort) we managed to enforce them and get the
sponsored links removed.
Regards,
Andrea.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org
Re: Suggestion of Ways to Combat Fake AOO Download Sites
Posted by DaveMainwaring <da...@gmail.com>.
NINITE gets excellent reviews and is the source I use and trust
About Ninite
Ninite was founded by Patrick Swieskowski and Sascha Kuzins. Investors
include Y Combinator <http://ycombinator.com> and a small collection of
helpful angels <http://en.wikipedia.org/wiki/Angel_investor>.
We believe in simplicity.
You can contact us via email <co...@ninite.com> or at our office:
Secure By Design Inc.
795 Folsom Street -- First Floor
San Francisco, CA 94107
--
"To succeed, stay focused, Do what you do best,
* up-skill, prepare for new challenge, make time for earning"*
Advocate: Client Focused Health Care Providers: Physicians, Hospitals,
Nursing Homes, and Other Care Services
<https://www.linkedin.com/groups?home=&gid=6555482&trk=anet_ug_hm>
http://tinyurl.com/nmnvme3
Dave+Mainwaring+Knowledge+Networks
--
On Sat, Nov 29, 2014 at 11:03 AM, Tom Panfil <ta...@verizon.net> wrote:
> So many people get burned by doing a search for Apache Open Office or just
> for Open Office then downloading from a malicious 3rd party site that the
> Apache OO Project should do what it can to try to warn people *in
> advance*. It is impossible to do that globally and repeatedly but perhaps
> some site could be developed to provide the official download links for
> Apache OO and other good Open Source software like that from Mozilla. All
> the projects could watch that site's links to catch any corruption
> introduced maliciously to the download links .
>
> Perhaps a press release could then be sent to prominent computer gurus
> with significant followings to invite them to alert their audiences to the
> problem of people being tricked into making downloads from malicious
> sites. It could point them to the consolidated site for links to the
> official download sites. There are probably many such gurus with wide
> followings. I'd suggest Kim Komando as a start. (Maybe she'd even
> consider hosting that consolidated site -- I bet that she would.)
>
> Perhaps help could be enlisted from socially responsible Search Engine
> operators too. I hope that such creatures exist. I'd invite them to
> demonstrate their good will toward the honest computer uses of the world by
> ranking the official community wide download link site first when people
> search for any of the Open Source SW which it advertises.
>
> v/r, Tom Panfil
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: users-help@openoffice.apache.org
>
>