On 04/30/2012 11:10 AM, Rob Weir wrote: > https://blogs.apache.org/preview/OOo/?previewEntry=draft_avoiding_openoffice_download_scams > > I know Louis and others have dealt with these things for longer. > Anything else I should mention? > > I considered adding a discussion of the importance of MD5 hashes, > etc., but that is not really the skill level of the end user who > downloads OpenOffice. > > I'm also cc'ing trademarks@ since it may be of interest to them and/or > they might have feedback.
A few questions & a few comments: 1. I am confused regarding the use of "trademarks": 'OpenOffice' and/or 'Apache OpenOffice'. A USTPO search shows only: Serial Number Reg. Number Word Mark Check Status Live/Dead 1 85298190 OPENOFFICE TARR DEAD 2 79041234 3458383 HIPATH OPENOFFICE TARR LIVE 3 78581289 3063339 OPENOFFICE.ORG TARR LIVE 4 77021413 3287409 OPENOFFICE.ORG TARR LIVE 5 76087516 OPENOFFICE.ORG TARR DEAD The 'OPENOFFICE' (85298190) mark was the one that Tightrope Interactive filed and later abandoned. Have Apache applied for 'OpenOffice' and 'Apache OpenOffice' as trademarks? Further: <http://www.openoffice.org/about/> states: "Because of trademark issues, OpenOffice.org must insist that all public communications refer to the project and software as "OpenOffice.org" or "OpenOffice.org 3.x," and not "OpenOffice" or "Open Office." Given that, should you not modify your blog from 'OpenOffice' to OpenOffice.org (or Apache Openoffice if indeed Apache have the trademark aproval)? 2. I'd recommend caution when generalizing statements about sites offering support and/or 3rd party installations with the downloads. While I detest a true scammer, I think it wise to look at sites like www.openoffice.us.com (Tightrope Interactive) whereby they provide full disclosure[1]. Further, it is quite likely that the 'user' did indeed download a 'genuine' copy of AO/OO.o - and only the 3rd party 'add-on'(s) were of issue. I suspect that this is what your 'user' ran into. Lack of proof that the 3rd party add-ons are actually "spyware" or "malware" could also lead to trouble. 3. I'd recommend against stating: o "Remember this simple rule: www.openoffice.org is the official website for OpenOffice. That is the only official download site for OpenOffice.". That puts valid redistributors and applications providers like PortableApps (http://sourceforge.net/projects/portableoo/) in the 'scam' area. You may also run into 'user' issues when they go to www.openoffice.org, begin their download, and then see that the download is actually coming from a mirror/redirector site ala: <http://sourceforge.net/projects/openofficeorg.mirror/files/stable/3.3.0/OOo_3.3.0_Linux_x86_install-rpm-wJRE_en-US.tar.gz/download> Yes, you and I know how the mirror/redirectors work, but you've just told these 'users' that the only official website for downloading is www.openoffice.org. Remember, these are likely to be the same 'users' that neglected to read the T's & C's when they downloaded AO/OOo from another website. o "However, what no one has permission to do is modify OpenOffice and then confuse consumers into believing that it is actually still the OpenOffice product. ". That is likely to put Apache on the defensive to prove that the 'consumer' didn't receive a proper copy of AO/OOo. IANAL so check with your legal folks regarding such statements. [1] Note: I'm not defending and/or advocating www.openoffice.us.com and am only using them as a sample. I think they have pretty much covered all of the disclosure bases: 1. Front web page: http://www.openoffice.us.com/ They state: "OpenOffice is an open source product licensed under GNU LGPL v3. Source code for OpenOffice can be found here." and provide a link to openoffice.org. 2. Download Terms: <http://www.openoffice.us.com/openoffice/download-terms.php> Pretty well spell out what the terms are. 3. Terms of Service: <http://www.openoffice.us.com/openoffice/terms-of-service.php> 4. Privacy: <http://www.openoffice.us.com/openoffice/privacy.php> 5. Support: <http://www.openoffice.us.com/openoffice/openoffice-support.php> They provide links to OOo support. However they do not charge for this "support" & state in their other pages that they make their money off of advertising (see 6 below) 6. Disclaimer: <http://www.openoffice.us.com/openoffice/disclaimer.php> Pretty clear IMO that Pricegong and Weatherbug are their advertisers. Does Apache really want to get into a legal cat fight with Earth Networks (WeatherBug is a brand of Earth Networks). Point being is that while you want to head off 'scammers', you also have to be careful
