You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openoffice.apache.org by John Barrett Rose <wo...@aon.at> on 2014/02/22 15:01:27 UTC
Malware infection
Dear Sirs,
On my recommendation, a friend in Salzburg tried to install
Openoffice.org on his iMac on Thursday 20 Feb and found it was infected
with Genieo malware including fake Adobe and fake Java installations.
Manage to clean out the mess, but it left me looking stupid as I have
had OO.org on my computer for several years without problems.
Be warned.
John Barrett Rose
--
Any answer should be sent to johnbarrettrose2@gmail.com
Thank you.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Andrea Pescetti <pe...@apache.org>.
On 24/02/2014 Rob Weir wrote:
>>> http://blogs.apache.org/OOo/entry/how_to_safely_download_apache
> We could use the Apache URL shortener service to give it a clearner
> URL if we want.
I've created http://s.apache.org/genuine-openoffice as an alias; if you
prefer other options, just create another alias on s.apache.org (or just
use the original URL).
Regards,
Andrea.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Rob Weir <ro...@apache.org>.
On Sun, Feb 23, 2014 at 6:27 PM, Andrea Pescetti <pe...@apache.org> wrote:
> Rob Weir wrote:
>
>> On Sun, Feb 23, 2014 at 6:09 PM, Andrea Pescetti wrote:
>>>
>>> Can we agree that we will answer all those mails by simply sending a link
>>> to
>>> a webpage or wiki page?
>>
>> When I respond I just sent them to this blog post:
>> http://blogs.apache.org/OOo/entry/how_to_safely_download_apache
>
>
> I often point there people who complain they had to pay for OpenOffice, but
> you are right, indeed it covers all kinds of "bad" download sites. It would
> be OK for me to point users to it. And to have a link to it in the sidebar
> of our download page.
>
> The only problem I see is the horribly mangled URL. But this is courtesy of
> Roller and it wouldn't make sense to change it now.
>
We could use the Apache URL shortener service to give it a clearner
URL if we want.
-Rob
>
> Regards,
> Andrea.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Andrea Pescetti <pe...@apache.org>.
Rob Weir wrote:
> On Sun, Feb 23, 2014 at 6:09 PM, Andrea Pescetti wrote:
>> Can we agree that we will answer all those mails by simply sending a link to
>> a webpage or wiki page?
> When I respond I just sent them to this blog post:
> http://blogs.apache.org/OOo/entry/how_to_safely_download_apache
I often point there people who complain they had to pay for OpenOffice,
but you are right, indeed it covers all kinds of "bad" download sites.
It would be OK for me to point users to it. And to have a link to it in
the sidebar of our download page.
The only problem I see is the horribly mangled URL. But this is courtesy
of Roller and it wouldn't make sense to change it now.
Regards,
Andrea.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Rob Weir <ro...@apache.org>.
On Sun, Feb 23, 2014 at 6:09 PM, Andrea Pescetti <pe...@apache.org> wrote:
> On 23/02/2014 Max Merbald wrote:
>>
>> Hi David,
>> your answer is quite interesting. On one hand you write fairly rough
>> answers to people who ask for support
>
>
> (dropping John, the original poster, from CC since this is irrelevant to his
> support request)
>
> OK, we as a group have different opinions on the tone of this answer. But
> fact is, we will regularly receive this kind of complaints when someone
> downloads something that is not OpenOffice thinking he is downloading
> OpenOffice.
>
> Can we agree that we will answer all those mails by simply sending a link to
> a webpage or wiki page?
>
When I respond I just sent them to this blog post:
http://blogs.apache.org/OOo/entry/how_to_safely_download_apache
-Rob
> Max, feel free to create a text and put it in e-mail, or wiki page or
> whatever. We'll review it together, make sure it cannot be perceived as
> offensive and then we'll agree to put it online and answer these complaints
> by simply sending that link.
>
>
>> It's not a solution not to do anything about it.
>
>
> For the record, we filed complaints to search engines already. But download
> sites change so frequently that it's very hard to keep up with them. Anyway,
> if we know the URLs we can try and enforce our trademarks with search
> engines. This is far more effective than trying to have the sites shut down.
>
> Regards,
> Andrea.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Andrea Pescetti <pe...@apache.org>.
On 23/02/2014 Max Merbald wrote:
> Hi David,
> your answer is quite interesting. On one hand you write fairly rough
> answers to people who ask for support
(dropping John, the original poster, from CC since this is irrelevant to
his support request)
OK, we as a group have different opinions on the tone of this answer.
But fact is, we will regularly receive this kind of complaints when
someone downloads something that is not OpenOffice thinking he is
downloading OpenOffice.
Can we agree that we will answer all those mails by simply sending a
link to a webpage or wiki page?
Max, feel free to create a text and put it in e-mail, or wiki page or
whatever. We'll review it together, make sure it cannot be perceived as
offensive and then we'll agree to put it online and answer these
complaints by simply sending that link.
> It's not a solution not to do anything about it.
For the record, we filed complaints to search engines already. But
download sites change so frequently that it's very hard to keep up with
them. Anyway, if we know the URLs we can try and enforce our trademarks
with search engines. This is far more effective than trying to have the
sites shut down.
Regards,
Andrea.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Max Merbald <ma...@gmx.de>.
Hi David,
your answer is quite interesting. On one hand you write fairly rough
answers to people who ask for support, on the other hand you react quite
sensitively to the responses to your mail. Do you see the discrepance?
Ok, I could have omitted the "conveniently" .... i apologise for this.
Your answer to John could, indeed, be interpreted to mean that you're a
bit annoyed with people who have problem with an infected version of
OpenOffice because it frequently happened. I did not mean to make you
leave the project, that's your own - and regrettable - decision. This
whole thing shows that it is necessary to be careful what we write to
people who ask for support. John was angry and embarrassed that after he
gave his friend a tip to use openoffice his computer was infected with
malware. And then he received a seemingly "annoyed" answer and got even
more angry because from your answer it must have seemed to him that you
weren't taking him quite seriously.
As to the question for the link from where his friend downloaded
Openoffice, you may think it doesn't help a lot to know where that is. I
don't share your opinion. And it's not an excuse that other projects
suffer from the same problem. Of course we need to know where these
things come from because if we don't we can't do anything against it.
Ok, we can't do a lot, but those requests come fairly often and I think,
not enough is done about those folks who use this wonderful project as a
vehicle for their malware or who exploit it to make a lot of money with
it. It's not a solution not to do anything about it. What do you think
happens when articles in computer magazines or online start appearing
which say that OpenOffice should not be used because it "regularely
comes adorned with malware" or something? That would mean real trouble!
And please do NOT turn your back on OpenOffice!
Max
Am 23.02.2014 19:21, schrieb Dave Barton:
> -------- Original Message --------
> From: Max Merbald <ma...@gmx.de>
> To: dev@openoffice.apache.org
> Date: Sun, 23 Feb 2014 15:02:18 +0100
>
>> of course we are grateful for the tip.
> Agreed!
>
>> It seems, however, that Dave did not make that clear enough.
> >From John's reactionary & unnecessarily abusive response, that is
> clearly the case.
>
>> He appears to be more annoyed by people who mention trouble with download than with those fraudulent people who provide downloads infected with malware.
> 100% incorrect! Regrettably, my commentary came across to John and
> possibly others, in a way that it was not intended.
>
>> Please be so kind as to tell us from where you downloaded the infected version of OpenOffice
> That would be "interesting", but of little value. OpenOffice.org, Apache
> OpenOffice, LibreOffice and numerous other OSS projects projects have
> suffered this kind of fraud since the internet came into existence. Even
> if we could cut off this one Google fraudster, he/it would simply
> reappear under a different identity, along with hundreds of other
> like-minded fraudsters out there.
>
>> Dave conveniently forgot to ask for that.
> "conveniently..." What do you mean by this snotty attitude?
>
> John, do you see how Max's above "hopefully" innocent comment can be
> misinterpreted into something that was not intended. This is one of the
> pitfalls of trying to provide user support without the ability to read
> the mind of those who pose the question/issue.
>
>> We apologise for the misunderstanding.
> +1 from me.
>
>> and hope that by now you found yourself an uninfected download for OpenOffice.
> With the wisdom of hindsight, I think we can be confident that this is
> the case.
>
>> Yours sincerely
>>
>> Max
> After more than decade of "attempting" to provide support and
> contributions to the OOo/AOO project, it appears that I lack the ability
> to contribute anything worthwhile. Therefore, I will remove myself from
> Apache and move on to other interests.
>
> Dave
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by jan i <ja...@apache.org>.
On 23 February 2014 19:21, Dave Barton <db...@tasit.net> wrote:
> -------- Original Message --------
> From: Max Merbald <ma...@gmx.de>
> To: dev@openoffice.apache.org
> Date: Sun, 23 Feb 2014 15:02:18 +0100
>
> > of course we are grateful for the tip.
>
> Agreed!
>
> > It seems, however, that Dave did not make that clear enough.
>
> From John's reactionary & unnecessarily abusive response, that is
> clearly the case.
>
> > He appears to be more annoyed by people who mention trouble with
> download than with those fraudulent people who provide downloads infected
> with malware.
>
> 100% incorrect! Regrettably, my commentary came across to John and
> possibly others, in a way that it was not intended.
>
> > Please be so kind as to tell us from where you downloaded the infected
> version of OpenOffice
>
> That would be "interesting", but of little value. OpenOffice.org, Apache
> OpenOffice, LibreOffice and numerous other OSS projects projects have
> suffered this kind of fraud since the internet came into existence. Even
> if we could cut off this one Google fraudster, he/it would simply
> reappear under a different identity, along with hundreds of other
> like-minded fraudsters out there.
>
> > Dave conveniently forgot to ask for that.
>
> "conveniently..." What do you mean by this snotty attitude?
>
> John, do you see how Max's above "hopefully" innocent comment can be
> misinterpreted into something that was not intended. This is one of the
> pitfalls of trying to provide user support without the ability to read
> the mind of those who pose the question/issue.
>
> > We apologise for the misunderstanding.
>
> +1 from me.
>
> > and hope that by now you found yourself an uninfected download for
> OpenOffice.
>
> With the wisdom of hindsight, I think we can be confident that this is
> the case.
>
> > Yours sincerely
> >
> > Max
>
> After more than decade of "attempting" to provide support and
> contributions to the OOo/AOO project, it appears that I lack the ability
> to contribute anything worthwhile. Therefore, I will remove myself from
> Apache and move on to other interests.
>
Please reconsider that, we are all just humans who make good/bad judgements
and THAT IS ALLOWED in here.
Speaking with my PMC hat on, we would have a really dull community if we
only accepted mails that conformed to a non-existing standard. We want to
have (and do have) a vibrant community, where the mails sometimes are a bit
on edge.
This ML is NOT a user support mail list so users should expect more rough
responses, than on e.g. forums.a.o
Its unfortunate that your response ended up like this. But please put it
behind you as one of those events you dont want to think long about.
Life is too short to take a single event to seriously !
Developing/supporting/being part of openSource/Apache/AOO is (and should
always be) fun.
In the hope to see continued contributions from you
rgds
jan I.
> Dave
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
>
Re: Malware infection
Posted by Jonathon <to...@gmail.com>.
On February 23, 2014 12:50:12 PM PST, Xuacu wrote:
>I can't see anything snotty in saying that we can't do anything to prevent malicious sites offering tampered with copies of Apache OpenOffice.
The issue is that the vocabulary that was used, implied that the victim was entirely to blame.
That is not the way to make friends and influence people.
I have not yet seen the URL that the software was downloaded from.
That URL is needed, to determine what the person really downloaded, and the appropriate follow up action.
(The OP didn't mention AOO in their tale of woe. Nor did they mention which version of Mac OS X was used.)
--
Your language. Your documents. Your way.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Xuacu <xu...@gmail.com>.
2014-02-23 20:34 GMT+01:00 Andrea Pescetti <pe...@apache.org>:
>
> (By the way, there was nothing wrong in the tone of your first reply in this
> thread; I was going to copy/paste it for a user reporting a similar
> problem).
>
Indeed. I can't see anything snotty in saying that we can't do
anything to prevent malicious sites offering tampered with copies of
Apache OpenOffice.
Regards
--
Xuacu
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Andrea Pescetti <pe...@apache.org>.
Dave Barton wrote:
> After more than decade of "attempting" to provide support and
> contributions to the OOo/AOO project, it appears that I lack the ability
> to contribute anything worthwhile. Therefore, I will remove myself from
> Apache and move on to other interests.
Even if you can only continue to help with moderation, with the
occasional forwarding of misdirected replies and with some quick reply
to users, this will be an appreciated contribution to the project.
Please just continue this way: it may be less than you hope to
contribute, but it is still worthwhile and useful to the project.
(By the way, there was nothing wrong in the tone of your first reply in
this thread; I was going to copy/paste it for a user reporting a similar
problem).
Regards,
Andrea.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Larry Gusaas <la...@gmail.com>.
On 2014-02-23, 3:06 PM Max Merbald wrote:
> Your answer to John could, indeed, be interpreted to mean that you're a bit annoyed with
> people who have problem with an infected version of OpenOffice because it frequently happened.
It could only be interpreted that way by a bloody moron. There was nothing wrong with his response.
--
_________________________________
Larry I. Gusaas
Moose Jaw, Saskatchewan Canada
Website: http://larry-gusaas.com
"An artist is never ahead of his time but most people are far behind theirs." - Edgard Varese
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Dave Barton <db...@tasit.net>.
-------- Original Message --------
From: Max Merbald <ma...@gmx.de>
To: dev@openoffice.apache.org
Date: Sun, 23 Feb 2014 15:02:18 +0100
> of course we are grateful for the tip.
Agreed!
> It seems, however, that Dave did not make that clear enough.
>From John's reactionary & unnecessarily abusive response, that is
clearly the case.
> He appears to be more annoyed by people who mention trouble with download than with those fraudulent people who provide downloads infected with malware.
100% incorrect! Regrettably, my commentary came across to John and
possibly others, in a way that it was not intended.
> Please be so kind as to tell us from where you downloaded the infected version of OpenOffice
That would be "interesting", but of little value. OpenOffice.org, Apache
OpenOffice, LibreOffice and numerous other OSS projects projects have
suffered this kind of fraud since the internet came into existence. Even
if we could cut off this one Google fraudster, he/it would simply
reappear under a different identity, along with hundreds of other
like-minded fraudsters out there.
> Dave conveniently forgot to ask for that.
"conveniently..." What do you mean by this snotty attitude?
John, do you see how Max's above "hopefully" innocent comment can be
misinterpreted into something that was not intended. This is one of the
pitfalls of trying to provide user support without the ability to read
the mind of those who pose the question/issue.
> We apologise for the misunderstanding.
+1 from me.
> and hope that by now you found yourself an uninfected download for OpenOffice.
With the wisdom of hindsight, I think we can be confident that this is
the case.
> Yours sincerely
>
> Max
After more than decade of "attempting" to provide support and
contributions to the OOo/AOO project, it appears that I lack the ability
to contribute anything worthwhile. Therefore, I will remove myself from
Apache and move on to other interests.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Max Merbald <ma...@gmx.de>.
Hello John,
of course we are grateful for the tip. It seems, however, that Dave did
not make that clear enough. He appears to be more annoyed by people who
mention trouble with download than with those fraudulent people who
provide downloads infected with malware. Please be so kind as to tell us
from where you downloaded the infected version of OpenOffice - Dave
conveniently forgot to ask for that. We apologise for the
misunderstanding and hope that by now you found yourself an uninfected
download for OpenOffice.
Yours sincerely
Max
Am 23.02.2014 05:47, schrieb John Barrett Rose:
> "You say..." What do you mean by this snotty attitude?
>
> I realise it was not an Apache site.
>
> I thought it might help you to know that there is a bloody swine operating
> on Google under your name.
>
> I imagined you might be grateful for the tip.
>
> No? So go and get stuffed.
>
>
> On 22 February 2014 17:46, Dave Barton <db...@tasit.net> wrote:
>
>> -------- Original Message --------
>> From: John Barrett Rose <wo...@aon.at>
>> To: dev@openoffice.apache.org
>> Date: Sat, 22 Feb 2014 15:01:27 +0100
>>
>>> Dear Sirs,
>>>
>>> On my recommendation, a friend in Salzburg tried to install
>>> Openoffice.org on his iMac on Thursday 20 Feb and found it was infected
>>> with Genieo malware including fake Adobe and fake Java installations.
>>>
>>> Manage to clean out the mess, but it left me looking stupid as I have
>>> had OO.org on my computer for several years without problems.
>>>
>>> Be warned.
>>>
>>> John Barrett Rose
>> If whatever it was you installed contained the malware you say, then it
>> was not Apache OpenOffice and you were hoodwinked into downloading from
>> a malicious website. Regrettably, this is something that Apache
>> OpenOffice is unable to prevent.
>>
>> The only official download website is:
>> http://www.openoffice.org/download/index.html
>> The download link there will take you to the official SourceForge.net
>> servers.
>>
>> Dave
>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by John Barrett Rose <jo...@gmail.com>.
"You say..." What do you mean by this snotty attitude?
I realise it was not an Apache site.
I thought it might help you to know that there is a bloody swine operating
on Google under your name.
I imagined you might be grateful for the tip.
No? So go and get stuffed.
On 22 February 2014 17:46, Dave Barton <db...@tasit.net> wrote:
> -------- Original Message --------
> From: John Barrett Rose <wo...@aon.at>
> To: dev@openoffice.apache.org
> Date: Sat, 22 Feb 2014 15:01:27 +0100
>
> > Dear Sirs,
> >
> > On my recommendation, a friend in Salzburg tried to install
> > Openoffice.org on his iMac on Thursday 20 Feb and found it was infected
> > with Genieo malware including fake Adobe and fake Java installations.
> >
> > Manage to clean out the mess, but it left me looking stupid as I have
> > had OO.org on my computer for several years without problems.
> >
> > Be warned.
> >
> > John Barrett Rose
>
> If whatever it was you installed contained the malware you say, then it
> was not Apache OpenOffice and you were hoodwinked into downloading from
> a malicious website. Regrettably, this is something that Apache
> OpenOffice is unable to prevent.
>
> The only official download website is:
> http://www.openoffice.org/download/index.html
> The download link there will take you to the official SourceForge.net
> servers.
>
> Dave
>
>
Re: Malware infection
Posted by Dave Barton <db...@tasit.net>.
-------- Original Message --------
From: John Barrett Rose <wo...@aon.at>
To: dev@openoffice.apache.org
Date: Sat, 22 Feb 2014 15:01:27 +0100
> Dear Sirs,
>
> On my recommendation, a friend in Salzburg tried to install
> Openoffice.org on his iMac on Thursday 20 Feb and found it was infected
> with Genieo malware including fake Adobe and fake Java installations.
>
> Manage to clean out the mess, but it left me looking stupid as I have
> had OO.org on my computer for several years without problems.
>
> Be warned.
>
> John Barrett Rose
If whatever it was you installed contained the malware you say, then it
was not Apache OpenOffice and you were hoodwinked into downloading from
a malicious website. Regrettably, this is something that Apache
OpenOffice is unable to prevent.
The only official download website is:
http://www.openoffice.org/download/index.html
The download link there will take you to the official SourceForge.net
servers.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: Malware infection
Posted by Toki <to...@gmail.com>.
On 2/22/2014 6:01 AM, John Barrett Rose wrote:
>On my recommendation, a friend in Salzburg tried to install
Openoffice.org on his iMac on Thursday 20 Feb and found it was infected
with Genieo malware including fake Adobe and fake Java installations.
Please provide the exact URL that OpenOfice.org was downloaded from.
jonathon
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org