Hi On 2012-04-30, at 15:17 , Marcus (OOo) wrote: > Am 04/30/2012 08:57 PM, schrieb sebb: >> On 30 April 2012 19:41, Rob Weir<[email protected]> wrote: >>> On Mon, Apr 30, 2012 at 2:27 PM, sebb<[email protected]> wrote: >>>> On 30 April 2012 19:10, Rob Weir<[email protected]> wrote: >>>>> https://blogs.apache.org/preview/OOo/?previewEntry=draft_avoiding_openoffice_download_scams >>>>> >>>>> I know Louis and others have dealt with these things for longer. >>>>> Anything else I should mention? >>>>> >>>>> I considered adding a discussion of the importance of MD5 hashes, >>>>> etc., but that is not really the skill level of the end user who >>>>> downloads OpenOffice. >>>>> >>>>> I'm also cc'ing trademarks@ since it may be of interest to them and/or >>>>> they might have feedback. >>>> >>>> A few suggestions: >>>> >>>> The first paragraph should be quoted and / or in italic. >>>> >>>> s/the open source license/its open source license/ - there are several >>>> instances of this. >>>> >>> >>> Yes. >>> >>>> If the end-user is likely to find the concept of MD5 difficult, won't >>>> they also find it difficult to use the provided e-mail link? >>>> >>> >>> It is a hyperlink so in most cases it will just launch their email. >> >> Sorry, was not clear - I meant that they might have difficulty >> de-mangling the anti-spam measure. >> >> Maybe it would be better to direct them to a web-page that can give >> more information on reporting such problems. >> That page could be updated as necessary (e.g. when the e-mail address >> changes on graduation). > > The German community of the old OOo project has written something very > similar: > > http://www.openoffice.org/de/abgezockt/ > > It's to inform users that OOo is free of change, they shouldn't pay anything > for it, where to download the original software, etc. > > Of course it's currently only in German ;-( but maybe it makes sense to > translate it into English and to go on with using it. >
Actually the list associated with it worked fine, and I was also a recipient of it and after a while, an admin. Further, we also had other pages that served similar functions in English, though the German communities site was really the best. A simple email alias (or ideally wiki that is linked via Jscript or the like to a list) also works well. What we did in the months prior to transfer was collect urls of miscreants and then, when possible, proceed against them and defend the innocent. :-) Cheers Louis > Marcus > > > >> Or the page could use plain-text mail links to temporary mail aliases >> that are rotated (would need to involve infra on that). >> >> Having a separate reporting page would be much more flexible; just >> make sure that its URL does not change (or a redirect is used). >> >>>> i.e. mailto:ooo-private-AT-incubator.apache-DOT-org >>>> >>>> Also, do such reports need to go to the private mailing list? >>>> >>> >>> It is for the user's safety. Otherwise I can be sure we'll get their >>> home phone numbers and credit card numbers posted to the public list. >>> Remember, we're talking about the very end users who have already been >>> scammed once. So we already know that they are not the most careful >>> web users. >> >> OK, understood. >> >>> Of course, we don't need to collect their reports if we don't want to. >>> But they send them already. This particular one was sent to our >>> security list. >>> >>> -Rob >>>>> -Rob
