alt Hacker NewsHow can the average 7zip user know which one it is?
Search results can be gamed by SEO, there were also cases of malware developers buying ads so links to the malware download show up above legitimate ones. Wikipedia works only for projects prominent enough to have a Wikipedia page.
What are the other mechanisms for finding out the official website of a software?
Replies
How would you ensure that the "average user" actually gets to the page he expects to get to?
There are risks in everything you do. If the average user doesn't know where the application he wants to download _actually_ comes from then maybe the average user shouldn't use the internet at all?
Open source software will have a code repo with active development happening on it. That repo will usually link to official Web page and download places.
1. Go to the wikipedia article on 7-Zip
2. Go the listed homepage
> How can the average 7zip user know which one it is?
I dunno, if you type "download 7zip" into Google, the top result is the official website.
Also, 7zip.com is nowhere on the first page, and the most common browsers show you explicitly it's a phishing website.
This is actually a pretty good case of the regular user being pretty safe from downloading malware.
open About in the app?
There is normally a wiki page for every popular program which normally contains an official site URL. That's how I remember where to actually get PuTTY. Wiki can potentially be abused if it's a lesser known software, but, in general, it's a good indicator of legitimacy.