incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From NoOp <gl...@sbcglobal.net>
Subject Re: Draft blog post: Avoiding OpenOffice Download Scams
Date Tue, 01 May 2012 02:01:36 GMT
On 04/30/2012 06:12 PM, Rob Weir wrote:
> On Mon, Apr 30, 2012 at 7:41 PM, NoOp <...> wrote:
...
>> o "However, what no one has permission to do is modify OpenOffice and
>> then confuse consumers into believing that it is actually still the
>> OpenOffice product. ". That is likely to put Apache on the defensive to
>> prove that the 'consumer' didn't receive a proper copy of AO/OOo. IANAL
>> so check with your legal folks regarding such statements.
>>
> 
> Absurd.

And why would you feel that this is absurd? The entire blog is in
reference to "Avoiding OpenOffice Download Scams". In the second
paragraph you state:

"the first thing I ask is, "Where did you download OpenOffice from?"
In today's case, when the user checked his browser's history he found
what I suspected, that it was not a genuine copy of OpenOffice,
downloaded from www.openoffice.org, but a modified version that was
installing applications that are variously known as "adware",  "spyware"
or "malware". "

My point is that I think you may be setting Apache up for having to
prove that this claim is true. The user goes back to the website, claims
that Apache informed him/her that this was not a "genuine copy" of
OpenOffice(sic).
  User then goes to the BBB or media and claims the same. Website
operator turns around and sues Apache; Apache are required to prove that
it was not a "genuine copy".

Sorry, but many of these 'scammers' in the past have simply pointed
their downloader to an OOo mirror - so the binary is an
md5sum/bit-for-bit "genuine copy". Even if someone (scammer or
otherwise) were copy to their server & supply the download from there,
it very likely may actually be a bit-for-bit "genuine copy". Here is a
good example:
<http://download.cnet.com/OpenOffice-org/3000-18483_4-10263109.html>

  Keep in mind (from your draft): "Note that OpenOffice, with its open
source software license, permits you and anyone else to redistribute it.
 You can make copies, give them away, sell them, put them on your
website, etc.  These are all permissions you have under the license."
  What is "absurd" is the FUD leading 'users' to believe that the only
valid/genuine place a copy of OOo can be obtained is from
www.openoffice.org. Certainly it is best practice to do so, but that is
not the ony place they can obtain a "genuine copy".

Gary Lee


> 
>> [1] Note: I'm not defending and/or advocating www.openoffice.us.com and
>> am only using them as a sample. I think they have pretty much covered
>> all of the disclosure bases:
> 
> Not necessarily.  Putting a disclaimer does not mean you can do
> whatever you want.  How far do you think you would get with a domain
> name called Microsoft.us.com, offering modified versions of  products
> and using Microsoft logos, but then putting a small disclaimer on the
> page?  24 hours?  36 hours?
> 
>> 1. Front web page:
>> http://www.openoffice.us.com/
>> They state: "OpenOffice is an open source product licensed under GNU
>> LGPL v3. Source code for OpenOffice can be found here." and provide a
>> link to openoffice.org.
>> 2. Download Terms:
>> <http://www.openoffice.us.com/openoffice/download-terms.php>
>> Pretty well spell out what the terms are.
>> 3. Terms of Service:
>> <http://www.openoffice.us.com/openoffice/terms-of-service.php>
>> 4. Privacy:
>> <http://www.openoffice.us.com/openoffice/privacy.php>
>> 5. Support:
>> <http://www.openoffice.us.com/openoffice/openoffice-support.php>
>> They provide links to OOo support. However they do not charge for this
>> "support" & state in their other pages that they make their money off of
>> advertising (see 6 below)
>> 6. Disclaimer:
>> <http://www.openoffice.us.com/openoffice/disclaimer.php>
>> Pretty clear IMO that Pricegong and Weatherbug are their advertisers.
>> Does Apache really want to get into a legal cat fight with Earth
>> Networks (WeatherBug is a brand of Earth Networks).
>>
>> Point being is that while you want to head off 'scammers', you also have
>> to be careful
>>
> 



Mime
View raw message