this post was submitted on 09 Apr 2024
170 points (99.4% liked)

Notepad++

172 readers
2 users here now

A community for discussing the notepad++ text editor https://notepad-plus-plus.org/

Looking for mods, if you want to mod the community feel free to dm @[email protected]

founded 10 months ago
MODERATORS
 

The Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. There is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack.

you are viewing a single comment's thread
view the rest of the comments
[–] Pyro 17 points 7 months ago* (last edited 7 months ago) (2 children)

Reporting the website for malicious content when its a glorified redirect seems a bit harsh tbh. Why not try to set up a dialogue with the copycat website owner first before burning bridges?

[–] [email protected] 16 points 7 months ago

In this situation, I wish Google offered a “Not Authoritative” option to report sites.

But I mean, doing so would mean then that users have the opportunity to improve google’s search algorithm so that it’s useful, and therefore folks spend less time hunting for info on sites that serve Google Ads. So… that won’t happen.

[–] [email protected] 6 points 7 months ago (1 children)

So should we wait until they do, users download it and only then should we start appeals to have it taken down?

[–] Pyro 1 points 7 months ago* (last edited 7 months ago) (1 children)

I specifically said set up a dialogue FIRST. Sure if the owner does not respond or acts in bad faith, they can escalate.

Immediately starting with reporting the copycat as malicious seems like a overreaction.

[–] [email protected] 1 points 7 months ago

I don't think so. This absolutely looks to me similar as the xz problem that's hot right now. They set up a website that looks nicer and more polished than the original one, they link the original website at first, the little bitty disclaimer at the bottom is there just for the plausible deniability... Then, when enough people trust it (and Google's algorithm maybe starts showing it first, who knows...) they can just change the links and suddenly there's an attack.

Maybe if the site had a big "fan site" text in the header where everyone can see it right away, I would be less suspicious.