Page 1 of 1

SourceForge introduces adware into installers (?)

Posted: Mon Jun 15, 2015 4:18 pm
by MrFlibble
As I was browsing VOGONS a topic caught my attention called Will Dosbox continue to use sourceforge? The OP goes like this:
Sourcefourge is right now getting a really bad rap for some of the things it has done.

Many projects including Gimp and notepad++ have jumped ship in disgust.

I was wondering what the community and Devs thoughts on this matter were?
As I hadn't heard anything bad about SourceForge, I decided to check out what the problem was. And it turns out that the scale of this is apparently pretty serious:
SourceForge grabs GIMP for Windows’ account, wraps installer in bundle-pushing adware
SourceForge, the code repository site owned by Slashdot Media, has apparently seized control of the account hosting GIMP for Windows on the service, according to e-mails and discussions amongst members of the GIMP community—locking out GIMP's lead Windows developer. And now anyone downloading the Windows version of the open source image editing tool from SourceForge gets the software wrapped in an installer replete with advertisements.
Apparently, SourceForge's mysterious "sf-editor1" has also claimed ownership of a number of other accounts for open source and other software projects. The following are just a sampling of downloads now "brought to you by sf-editor1":
  • Most of the Apache Foundation's projects—including Allura, Derby, Directory Studio, the Apache HTTP server, Hadoop, OpenOffice, Solr, and Subversion;
  • The Mozilla Project's Firefox, Thunderbird, and FireFTP;
  • The Evolution and Open-Xchange mail clients;
  • The Drupal and WordPress content management systems;
  • The Eclipse, Aptana, Komodo, MonoDevelop, and NetBeans integrated development environments;
  • The VLC, Audacious,, Helix, and Tomahawk media players;
  • The Reaver WPS Wi-Fi hacking tool;
  • and a host of games, utilities, and other applications.
A more recent article:
SourceForge sorry for adware, promises only opt-in in future

Also it appears that plans to introduce "optional" adware existed since 2013:
In July 2013, SourceForge announced that it will provide project owners an optional feature called DevShare, which places closed-source ad-supported content into the binary installers and gives the project part of the ad revenue.[30] Opinions of this new feature vary, with some complaining about downloaders not being as aware of what they are getting or being able to trust the downloaded content, whereas others see it as a reasonably harmless option that keeps individual projects and users in control.[31]

In November 2013, GIMP, a free image manipulation program, removed its download from SourceForge, citing misleading download buttons that potentially confuse customers, as well as SourceForge's own Windows installer, which bundles third-party offers. In a statement, GIMP called SourceForge a once "useful and trustworthy place to develop and host FLOSS applications" that now faces "a problem with the ads they allow on their sites ..."[32] In May 2015, SourceForge transferred the GIMP for Windows project page to the ownership of the "SourceForge Editorial Staff" account, and re-enabled adware downloads.[33] The same happened to the developers of nmap.[34][35]
Source: DevShare adware controversy (Wikipedia)

Posted: Mon Jun 15, 2015 5:49 pm
by Quadko
That's evil, I hadn't heard about that. Though, I can't tell if that's SF policy or a poorly acting / hacked admin? The 2013 quote leans it toward policy, the lock out toward hack, I'd think...

And here I thought OSS was all about doing no evil and making no money... :P

God, Jesus Christ, is number one!hehe

Posted: Mon Jun 15, 2015 6:07 pm
by tienkhoanguyen
Jesus Christ!hehe

Well, there are kind people in my life who donates to me so I do not need to ask for money. However I can see The Holy Bible passage is true! You give your programs away for free and they also support you for free. This is like barter. When we have RICE to sell, but do not have technology there is an exchange where money is NOT necessary. Someone donates two or three gamepads and a USB drive. In exchange they got a little work done for them hopefully that relationship lasts?

Anyways, I am still poor even though I have a home to stay in now. If the home was in my name I would say I am a little better off and that is fine. God says if you have it late it is better. It is something along the lines of saving the best for last if what God tends to say in my experiences!

Well, along the lines of what we are talking about - softwares. Being a developer for almost a year now makes me appreciate what the people went through. Some of them spent all their talents on a single software and have no other means of income. I am able to produce enough to last for a year so far however I am out of ideas for the moment. The softwares that are left undone are out of my reach at this moment in time. I just don't feel like going back and updating them. I am discouraged since I just browsed eBay and saw so many official softwares selling for the old MS-DOS. I am surprises to see so many games especially since it is for MS-DOS...

To sum up, these produces have to make ends meet somehow. Did you know that because I produce these softwares for free that I have to go to the welfare office. I don't mind since it gives security. However I just wish I had the money to buy an authentic MS-DOS 25mhz rig with monitor and all ready to use MS-DOS 5.0. I would love to have a floppy drive that works and an optional included CD-ROM for the many projects that I have.

Anyways, privacy is a big concern so I don't even bother ordering or asking online these days. Back in the days, I remember a transaction was easy. I would sell something on a BBS and some lady and her kid would come to my parent's place and pick it up. These days there are unknown outcomes. I don't know how Joel Olsteen does it. He goes to Lakewood Church here in Texas and somehow goes home after seeing in person thousands of people. Did I say it seems to be in person? hehe

Last but MOST important, Thank you God through Jesus I have a place!

In 1999 or such time I was homeless and that was when I was a rebel. My bless mom because she loves Jesus gave me a one way Greyhound bus ticket home from California to Texas. Although my humble real dad cut me off for being a rebel he left me with enough knowledge to be old enough to be a developer who gets by.

God, Jesus Christ, is number one!hehe

Posted: Mon Jun 15, 2015 7:40 pm
by tienkhoanguyen
Jesus Christ!hehe

That reminds me. A public thank you to @MrFlibble for adding some of my freewares on the official lists. Also, an aside, I still remember Joris hint hint. Thanks. I've been so busy for the past year that I didn't stop to smell the roses meaning some of my stuffs are officially published on the website.

Thank you God!

Posted: Tue Jun 16, 2015 11:07 pm
by wardrich
This has been spreading like wildfire on Slashdot (which has the same parent company as Sourceforge).

They've been wrapping installers for a while now - FileZilla has been wrapped for ages.

Nobody is being forced to install the crapware, but the wording is really deceiving and it's really easy to accidentally accept the garbage.

The biggest controversy is over SourceForge 1. going against their word from about a year ago saying they would not wrap installers without the author's permission, and 2. the fact that the files are no longer "pure" as they have been wrapped.

Essentially, SourceForge got a new owner that doesn't seem to understand free open-source software (FOSS) or how that community works. I assume they just saw a huge stockpile of software and imaginary dollarsigns dripping out of them.

I think the DosBox team should GTFO. If their project gets wrapped, it could hurt their image as well. They should look into other repositories like github.

Posted: Wed Jun 17, 2015 2:10 pm
by Chilly Willy started doing the same thing some years ago. If I want something, I'll download the file for it. I don't want other "suggested" apps or ads compiled in an installer.

I miss the days of DOS. Everything is bloated anymore. The good thing is, I can still use DOS or even Windows 98 and forget the world around me. :D

Posted: Wed Jun 17, 2015 3:01 pm
by MrFlibble is a completely different story. One would think that FOSS and adware installers are mutually exclusive, hence the reaction from the community to what SourceForge did.

BTW, a while ago I heard about something called OpenCandy which IIRC was essentially an attempt to pass adware-wrapped open source software as "recommendations by developers" or something.

Posted: Sat Jul 04, 2015 6:03 pm
by Cmaza
It's pretty shitty what they've done, but certainly not something new or recent; This has been going on for quite some time now.

If, however, you're wanting to host from SourceForge, the easy solution is simply to not have your download be a self-executable; SourceForge auto-bundles self-executables in the aforementioned way to make a quick buck, but they don't seem to touch things like archives; Doesn't excuse what they're doing, but, it's a workable compromise if you want to continue using SourceForge to host your projects.

Of course, there are plenty of alternatives around for hosting, too.

God, Jesus Christ, is number one!hehe

Posted: Sat Jul 04, 2015 7:49 pm
by tienkhoanguyen
Jesus Christ!hehe

The point is although I produce freewares, someone has to back me up.

If I have no backup I don't eat.

Right now, I have welfare and government assistance for the poor.

However these other programmers they don't have that luxury.

Many probably have real jobs they do in the day time?

Posted: Tue Jul 07, 2015 10:17 pm
by wardrich
You've got a good point, Tien, but the fact of the matter is, your host shouldn't be meddling with your files. What if you hosted your stuff on a site that suddenly started wrapping your files with sketchy 3rd-party apps? It could hurt the way the public views you.

There are other hosts out there, things like Git, for example. SourceForge screwed up, and I hope they come to their senses and fix things up before they run themselves out of existence.

God, Jesus Christ, is number one!hehe

Posted: Tue Jul 07, 2015 10:24 pm
by tienkhoanguyen
Jesus Christ!hehe

haha - well, now that you mention they could screw with my DEMOs!

Oh I guess you're right.