openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus (OOo)" <>
Subject Re: Draft blog post: Avoiding OpenOffice Download Scams
Date Mon, 30 Apr 2012 19:17:56 GMT
Am 04/30/2012 08:57 PM, schrieb sebb:
> On 30 April 2012 19:41, Rob Weir<>  wrote:
>> On Mon, Apr 30, 2012 at 2:27 PM, sebb<>  wrote:
>>> On 30 April 2012 19:10, Rob Weir<>  wrote:
>>>> I know Louis and others have dealt with these things for longer.
>>>> Anything else I should mention?
>>>> I considered adding a discussion of the importance of MD5 hashes,
>>>> etc., but that is not really the skill level of the end user who
>>>> downloads OpenOffice.
>>>> I'm also cc'ing trademarks@ since it may be of interest to them and/or
>>>> they might have feedback.
>>> A few suggestions:
>>> The first paragraph should be quoted and / or in italic.
>>> s/the open source license/its open source license/ - there are several
>>> instances of this.
>> Yes.
>>> If the end-user is likely to find the concept of MD5 difficult, won't
>>> they also find it difficult to use the provided e-mail link?
>> It is a hyperlink so in most cases it will just launch their email.
> Sorry, was not clear - I meant that they might have difficulty
> de-mangling the anti-spam measure.
> Maybe it would be better to direct them to a web-page that can give
> more information on reporting such problems.
> That page could be updated as necessary (e.g. when the e-mail address
> changes on graduation).

The German community of the old OOo project has written something very 

It's to inform users that OOo is free of change, they shouldn't pay 
anything for it, where to download the original software, etc.

Of course it's currently only in German ;-( but maybe it makes sense to 
translate it into English and to go on with using it.


> Or the page could use plain-text mail links to temporary mail aliases
> that are rotated (would need to involve infra on that).
> Having a separate reporting page would be much more flexible; just
> make sure that its URL does not change (or a redirect is used).
>>> i.e. mailto:ooo-private-AT-incubator.apache-DOT-org
>>> Also, do such reports need to go to the private mailing list?
>> It is for the user's safety.  Otherwise I can be sure we'll get their
>> home phone numbers and credit card numbers posted to the public list.
>> Remember, we're talking about the very end users who have already been
>> scammed once.  So we already know that they are not the most careful
>> web users.
> OK, understood.
>> Of course, we don't need to collect their reports if we don't want to.
>>   But they send them already.  This particular one was sent to our
>> security list.
>> -Rob
>>>> -Rob

View raw message