It’s hard to teach people it’s worth their time to double-check these things of course, but I try to show a chain of trust:
1. Files come from Wayback Machine, which is trusted to serve legitimate snapshots
2. There is a sha1 and size listed for most files (though these come from Wayback)
3. Checking signature is easy enough from Explorer
Perhaps a page on “how to know this is legit” is a good idea to help educate about this. The goal of the project is to have legitimate downloads with good SEO, without having to cut through ads/spam/sketchy redirects (still has a few ads but intentionally non-obtrusive), so people aren’t blindly downloading from sketchy sites.
1. Files come from Wayback Machine, which is trusted to serve legitimate snapshots
2. There is a sha1 and size listed for most files (though these come from Wayback)
3. Checking signature is easy enough from Explorer
Perhaps a page on “how to know this is legit” is a good idea to help educate about this. The goal of the project is to have legitimate downloads with good SEO, without having to cut through ads/spam/sketchy redirects (still has a few ads but intentionally non-obtrusive), so people aren’t blindly downloading from sketchy sites.