On 10/08/2013 12:30 AM, Giovanni Mugnai wrote:
2013/10/8 <pete.goodeve@xxxxxxxxxxxx>:On Mon, Oct 07, 2013 at 10:21:43PM +0200, Giovanni Mugnai wrote:2013/10/7 Giovanni Mugnai <musical777@xxxxxxxxx>:2013/10/7 trondd <trondd@xxxxxxxxx>:The file is named PackageBuilder.zip.exe.zip.exe is clearly a problem. Why would a Haiku application be a .exe?I have downloaded again this file from Haiku (webpositive) and result in a clean zip file. If that website is compromise, we should alert the webmaster :-)Ok, i have seen the issue. To download the "good" file, you have to uncheck "Use our download manager and get recommended downloads". If this option is checked, you will download a fake file. Unchecking that option. you will download, instead, the right zip file.Another reason to keep using *Net*Positive when you can...! (:-)) I just went to the page using that, and I don't even *see* that checkbox! Just a "Download" button that gets me a vanilla zip fie.In fact on Haiku, using WebPositive and Qupzilla, i don't see that checkbox. I only see that checkbox using Chrome and Firefox on Windows 7. Another reason to keep using, improving and develop Haiku ;-) I guess that this website shows the "bad checkbox" depending to the user agent.
Folks, please stop those silly arguments. If the website has been compromised, you simply shouldn't trust any content from it.(*) If the hacker(s) knew about Haiku and would put some effort into it they could simply replace the content of the zip file with malware as well. Since, by default, you're executing any program as root on Haiku, such a malware would have access to anything on your computer (including the OSs on other partitions/drives).
CU, Ingo(*) In principle it is risky to trust any software you download, unless you can verify its authenticity somehow.
