Yeah, there is no question about it. This website clearly says that it's the legit source for 7zip. There is even a red box on the right side of the page. This needs to be taken down if this is not an official source.

The left side has a navigation to different translations of the page. All but the English version link to the German page as well.

I'm guessing it was once part of the build pipeline but has since been abandoned.

So yeah, it is an official source. It's just outdated

Or you know, the author of 7-zip could pay for a digital certificate and sign the executable. Fake websites and "Trojans" are a known problem, with a known solution.

Unfortunately, 7-zip barely has any security involved. No digital signatures, no ASLR, no NX bit, no stack canaries, no nothing.

Hopefully these security concerns wake up Ivor. Its not the 90s anymore: developers have to participate to get a proper security posture. That's why Windows tried so hard to get everyone to use sandboxed Win10 Apps / Metro Sandbox by default, because these problems require the developers to care about security.

> So yeah, it is an official source. It's just outdated

`whois 7-zip.de` resolves to a private person in Germany. This does not look official to me. More like a crowdsourced effort of providing translated websites with a dangerous effect in case of security vulnerabilities.

The versions provided are (as of 2018-05-04T10:20:00Z): en 18.05, de 16.04, zh 16.04/18.05, eo 18.01, fr 18.01, ja 18.05, pt 18.01, es 18.01, th 18.05, vi 18.01