On Dec 28, 2011, at 12:18 PM, Dennis E. Hamilton wrote: > I see a number of factors related to the bug report, below: > > 1. The high search-result placement for a pay-for-download site > 2. The prospect that the download is not authentic > 3. The collection of a payment for the download > > It is unclear what appropriate actions are available. > > - Dennis > > INFORMAL THOUGHTS: > > 3. Technically, there is not much to be done about (3) beyond education and > also anything about the absence of any support in exchange for the payment. > (If the download is unmodified or has a thin façade with all of the support > links intact, it becomes a problem in many ways for the project and > peer-supporting users.) This is what makes folks indignant, but it is the > least preventable so long as there is no misrepresentation. And even then > ... . > > 2. That is a more-worrisome concern to me. This impacts packaging of > distributions, how they are authenticated, and what they incorporate that > directs users to authentic sources of support and also future versions. It > would seem that there are measures to be taken here, along with branding. I > don't quite know how that might impact downstream developers of co-branded, > re-branded binary distributions (e.g., for a specific platform, with > particular bundling, etc.) Apache branding requirements and ensuring that it > is easy to honor them in a non-Apache binary release is going to take some > head-scratching.
I believe the Foundation is working on digital signatures with certificates. The projects releases will be signed and verifiable. Someone will need to discuss this with infrastructure. Regards, Dave > 1. Gaming SEO is something that it should be possible to combat and mitigate. > Having the site in our hands can help there. It is important to work it for > NL pages as well as the main get-your-free-downloads-here pages. > > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Wednesday, December 28, 2011 11:42 > To: [email protected] > Subject: DO NOT REPLY [Bug 118700] New: fake openoffice site > > https://issues.apache.org/ooo/show_bug.cgi?id=118700 > > Bug #: 118700 > Issue Type: DEFECT > Summary: fake openoffice site > Classification: Infrastructure > Product: www > Version: current > Platform: All > OS/Version: All > Status: UNCONFIRMED > Severity: major > Priority: P5 > Component: openoffice.org website general issues > AssignedTo: [email protected] > ReportedBy: *redacted* > CC: [email protected] > > > Hello there, > I'm writting from Spain. > I was trying to download OpenOffice. A search engine(Bing)gave me this address > http://office.version-es.com/ > I found out it's not an official node, it charges 14€ to activate the > download, > throug two Sms,charges 7.08€ each. > Don't know if you can do anything to prevent other people to be fooled or > whether there are more webs for other languages. It's very sad some people > dishonour your proyect and name through such bussines. > Thank you for attend my complain. > Snorquel > PS.- i'm unsure about who to this "issue".In case you are not involve in > solving this problems, I beg you help my message to reach someone who can do > something. >
