you documentatoin leads people to download a nasty virus

Mon Oct 6 15:51:16 UTC 2014

On Sep 22, 2014 3:48 AM, "Andrew E. Slater" <slater126 at gmail.com> wrote:
>
> The add on that page (which deceptively looks like the download I went to
your site for) was a virus. It loaded all kinds of stuff onto my computer
which were very difficult to remove.
>
> Regards, Andy
>
>
>
> Andrew Slater
>
> On Sep 19, 2014 10:40 PM, "Chaoyi Zha" <cydrobolt at fedoraproject.org>
wrote:
> >
> > Hi,
> >
> > Can you provide the information that has led you to believe that
> > DivHasher is a virus? Based on my research, it seems like a perfectly
> > legit application.
> >
> > Thanks,
> >
> > --
> >
> > Chaoyi Zha
> > cydrobolt at fedoraproject.org
> >
> >
> > On Wed, Sep 17, 2014 at 8:54 PM, Andrew E. Slater <slater126 at gmail.com>
wrote:
> > >
> > >
> > > On this page:
> > >
http://docs.fedoraproject.org/en-US/Fedora/20/html/Burning_ISO_images_to_disc/sect-Burning_ISO_images_to_disc-Validating_the_Files-Validating_in_the_Windows_Graphical_Environment.html
> > >
> > >
> > >
> > > You suggest this download
> > >
> > >
> > >
> > > DivHasher: http://soft.mydiv.net/DivHasher.html
> > >
> > > Which leads to a site that totally compromises the users computer
> > >
> > > Please remove from your site.
> > >
> > > Regards, Andy
> > > --
>
> I'm passing this along to the docs list to ensure it gets reviewed by
those responsible for the content.  Any elaboration or citations you can
provide will be very helpful, Andy.
>
> --Pete

Any site could have deceptive advertisements.  Personally, I despise them,
and I can understand your frustration after falling into their trap.

However, the site isn't quite responsible for the advertising selection.
Usually a webmaster allows an ad service a given area of the page, and the
ads are selected based on a combination of what that service knows about
the site, and what the service knows about *you*.  I see a completely
different ad there, and you have a good chance of encountering the same
troublesome ad at millions of other websites.

The best guidance I can give you is to be cautious when browsing.  You can
use ad blocking browser extensions, do-not-track headers, etc to make that
easier, but we will never completely sanitize the internet of risk.

That said, I've done some hashing for $dayjob recently using native
PowerShell capabilities, and will look into adding instructions for that to
the installation guide.

--Pete
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/docs/attachments/20141006/ebb088c1/attachment.html>