incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: Draft blog post: Avoiding OpenOffice Download Scams
Date Tue, 01 May 2012 01:12:45 GMT
On Mon, Apr 30, 2012 at 7:41 PM, NoOp <glgxg@sbcglobal.net> wrote:
> On 04/30/2012 11:10 AM, Rob Weir wrote:
>> https://blogs.apache.org/preview/OOo/?previewEntry=draft_avoiding_openoffice_download_scams
>>
>> I know Louis and others have dealt with these things for longer.
>> Anything else I should mention?
>>
>> I considered adding a discussion of the importance of MD5 hashes,
>> etc., but that is not really the skill level of the end user who
>> downloads OpenOffice.
>>
>> I'm also cc'ing trademarks@ since it may be of interest to them and/or
>> they might have feedback.
>
> A few questions & a few comments:
>
> 1. I am confused regarding the use of "trademarks": 'OpenOffice' and/or
> 'Apache OpenOffice'. A USTPO search shows only:
> Serial Number   Reg. Number     Word Mark Check Status  Live/Dead
> 1       85298190                OPENOFFICE      TARR    DEAD
> 2       79041234        3458383 HIPATH OPENOFFICE       TARR    LIVE
> 3       78581289        3063339  OPENOFFICE.ORG         TARR    LIVE
> 4       77021413        3287409  OPENOFFICE.ORG         TARR    LIVE
> 5       76087516                OPENOFFICE.ORG  TARR    DEAD
>
> The 'OPENOFFICE' (85298190) mark was the one that Tightrope Interactive
> filed and later abandoned. Have Apache applied for 'OpenOffice' and
> 'Apache OpenOffice' as trademarks? Further:
> <http://www.openoffice.org/about/> states:
> "Because of trademark issues, OpenOffice.org must insist that all public
> communications refer to the project and software as "OpenOffice.org" or
> "OpenOffice.org 3.x," and not "OpenOffice" or "Open Office."
> Given that, should you not modify your blog from 'OpenOffice' to
> OpenOffice.org (or Apache Openoffice if indeed Apache have the trademark
> aproval)?
>

I'm not sure how familiar you are with US trademark law, but there are
registered trademarks, denoted with (R) or an R-in-circle, as well as
unregistered trademarks, denoted by a "TM".  In the US unregistered
trademarks offer quite a bit of protection.

I agree that we should update the page that you linked to.

> 2. I'd recommend caution when generalizing statements about sites
> offering support and/or 3rd party installations with the downloads.
> While I detest a true scammer, I think it wise to look at sites like
> www.openoffice.us.com (Tightrope Interactive) whereby they provide full
> disclosure[1]. Further, it is quite likely that the 'user' did indeed
> download a 'genuine' copy of AO/OO.o - and only the 3rd party
> 'add-on'(s) were of issue. I suspect that this is what your 'user' ran
> into. Lack of proof that the 3rd party add-ons are actually "spyware" or
> "malware" could also lead to trouble.
>

My blog post does not refer to any website or distributor.

> 3. I'd recommend against stating:
>
> o "Remember this simple rule:  www.openoffice.org  is the official
> website for OpenOffice.   That is the only official download site for
> OpenOffice.".
>
> That puts valid redistributors and applications providers like
> PortableApps (http://sourceforge.net/projects/portableoo/) in the 'scam'
> area. You may also run into 'user' issues when they go to
> www.openoffice.org, begin their download, and then see that the download
> is actually coming from a mirror/redirector site ala:
> <http://sourceforge.net/projects/openofficeorg.mirror/files/stable/3.3.0/OOo_3.3.0_Linux_x86_install-rpm-wJRE_en-US.tar.gz/download>

There is only one official download site.  There may be other sites
that offer legitimate copies of OpenOffice as well, and are not scams.
 But that does not make them official download sites.

But point taken about not confusing users when they face redirects to
mirror sites, etc.  I think I can clarify that.

> Yes, you and I know how the mirror/redirectors work, but you've just
> told these 'users' that the only official website for downloading is
> www.openoffice.org. Remember, these are likely to be the same 'users'
> that neglected to read the T's & C's when they downloaded AO/OOo from
> another website.
>

Right.  So we can talk about "links to downloads" being on
download.openoffice.org.


> o "However, what no one has permission to do is modify OpenOffice and
> then confuse consumers into believing that it is actually still the
> OpenOffice product. ". That is likely to put Apache on the defensive to
> prove that the 'consumer' didn't receive a proper copy of AO/OOo. IANAL
> so check with your legal folks regarding such statements.
>

Absurd.

> [1] Note: I'm not defending and/or advocating www.openoffice.us.com and
> am only using them as a sample. I think they have pretty much covered
> all of the disclosure bases:

Not necessarily.  Putting a disclaimer does not mean you can do
whatever you want.  How far do you think you would get with a domain
name called Microsoft.us.com, offering modified versions of  products
and using Microsoft logos, but then putting a small disclaimer on the
page?  24 hours?  36 hours?

> 1. Front web page:
> http://www.openoffice.us.com/
> They state: "OpenOffice is an open source product licensed under GNU
> LGPL v3. Source code for OpenOffice can be found here." and provide a
> link to openoffice.org.
> 2. Download Terms:
> <http://www.openoffice.us.com/openoffice/download-terms.php>
> Pretty well spell out what the terms are.
> 3. Terms of Service:
> <http://www.openoffice.us.com/openoffice/terms-of-service.php>
> 4. Privacy:
> <http://www.openoffice.us.com/openoffice/privacy.php>
> 5. Support:
> <http://www.openoffice.us.com/openoffice/openoffice-support.php>
> They provide links to OOo support. However they do not charge for this
> "support" & state in their other pages that they make their money off of
> advertising (see 6 below)
> 6. Disclaimer:
> <http://www.openoffice.us.com/openoffice/disclaimer.php>
> Pretty clear IMO that Pricegong and Weatherbug are their advertisers.
> Does Apache really want to get into a legal cat fight with Earth
> Networks (WeatherBug is a brand of Earth Networks).
>
> Point being is that while you want to head off 'scammers', you also have
> to be careful
>

Mime
View raw message