Slashdot Mirror
SourceForge Appeals To Readers For Help Nixing Bad Ad Actors
Last week, we mentioned that the GIMP project had elected to leave SourceForge as its host, citing SourceForge's advertising policies. SourceForge (which shares a parent company with Slashdot) has released a statement about those policies, addressing in particular both ads that are confusing in themselves and their revenue-sharing system called DevShare, based on the provision of third-party software along with users' downloads. Among other things, the SF team is appealing to users to help them find and block misleading ads, and has this to say about the additional downloads: "The DevShare program has been designed to be fully transparent. The installation flow has no deceptive steps, all offers are fully disclosed, and the clear option to completely decline the offer is always available. All uninstallation procedures are exhaustively documented, and all third party offers go through a comprehensive compliance process to make sure they are virus and malware free."
I don't want useless add on application/browser extension/etc being installed when I chose to download something. No matter how much vetting and transparency, this is simply wrong.
If you don't want complaints then make the DevShare program opt-in instead of opt-out.
You may argue that few people would choose to opt-in, but that's the point, isn't it?
just not doing the installation share thing AT ALL. I don't care how well it gets documented, it's a tactic that is built to take advantage of the large group of people that will do nothing but hit "next" 7 or 8 times and not look at anything.
All they are doing now is stepping up their tap dancing in the hopes that people will fail to see the obvious about their bundled downloads.
I am Slashdot. Are you Slashdot as well?
With rare, mutually beneficial, exceptions, it seems to generally be the case that if I can get paid for putting an 'offer' in front of a user, no matter how transparent and not-spyware and whatnot, that's a good sign that the value to the user is negative.
Gosh, yes, I'd love to receive offers from your carefully selected content partners!
Obviously, a continuum exists, from pure drive-by malware to the-box-isn't-even-checked-by-default opt-in stuff; with various levels of 'all the boxes start checked; but you can uncheck them if you can find them' and 'sure, just go down the stairs, take a left at the sign that says "beware of the leopard", pick the lock on the third door on your right, and choose the 'advanced install' package from the bottom drawer of the filing cabinet'; but just because sleaze occupies a continuum doesn't mean you want to get any on you...
dont mind ads and most people that use Sf are smart enough to see around them.
But SF had a reputation for be clean installs that could be trusted. That is no longer the case.
SF you blew your done and gone.
Linux modi 2.6.26-2-parisc
SVN is lame; Gimp is where it's at, baby.
Github is 6th Street. Sourceforge is the old Main Street, with mostly boarded-up buildings.
When I want to download software, I want that software, not other piece of software that's going to install itself in my browsers and mine my information.
As others have said, make it purely opt-in and I can live with it. The opt-out stuff just pisses me off because it is so transparently trying to profit off people that aren't paying attention.
SourceForge has shown it can't be trusted. The only way they could regain trust at this point is by legally committing themselves to never bundling anything with an installer, and using an open source installer. Instead, their terms still read "We reserve the right at our sole discretion and at any time to ... change the terms and conditions of this Agreement."
Sorry, SourceForge. You got caught. Promising you won't do it again isn't good enough. That's just PR spin.
... and I left them too, almost a decade ago. it cost me downloads, but saved my customers from their intrusive bundled downloads.
The bottom line is that GIMP didn't want to be associated with tricking its users into installing borderline malware. If a program's installer is filled with traps that you have to carefully watch for to avoid - that sets off huge blaring alarms in the heads of most experienced users.
This is especially a problem for the open-source community, which still struggles to get a fair comparison with commercial software in the corporate IT world. If even major software gets saddled with nonsense like SourceForge is trying to pull, it could set back progress by years.
SourceForge had better smarten up before it becomes a ghost town. GIMP is certainly not going to be the last high-profile departure if things don't change.
While we're at it, the summary of this story was blatantly whitewashed. Mentioning the parent company link should be a bare minimum, not an excuse to abandon all pretense of impartiality.
Alphanos
I hope they don't mess up /. too.
Help stamp out iliturcy.
All uninstallation procedures are exhaustively documented, and all third party offers go through a comprehensive compliance process to make sure they are virus and malware free.
Except that you and the Sourceforge people know damn well that next to no one actually wants that crapware. 99% of cases it will be installef by someone merely clicking through not expecting crapware in the installer.
They are putting these ads on their site and they are getting the revenue from the ads and they want me to to tell them which ads are appropriate and which are not. For free! Screw you, I already have a paying job, I don't need to do your job for you as well.
In the wake of the scandal I have just finished moving all my projects to GitHub, and man, it's been worth it. I mean, have you noticed how incredibly slow SourceForge is lately? I've been using it for over ten years now, and it's been getting slower and slower. I got used to it, but now on GitHub I'm constantly amazed that I don't have to wait a few minutes for the project page to load. Or the fact that I don't even have to go there any more because I can make releases by creating a tag and project web page is just another git branch. How do you update a SourceForge web page again? I'll have to look it up, 'cause I don't remember at all. I only remember that ssh, scp, and lots of manual copying was involved. SourceForge's release system is a pain, and really, the only feature SourceForge has that GitHub does not is access statistics, but this feature hasn't worked properly ever since the big UI overhaul a few years back. Frankly, I don't see any reason to ever go back to SourceForge.
Don't bundle /anything/ other than what the user wanted with the download. Don't bundle toolbars, helper programs, utilities, assistants, or anything else you choose to call your advertising product.
Trust that is lost can't ever really be regained, especially on the Internet. The quick dollars gained came at the expense of the dollars in the long run. You need to start with an apology that acknowledges what was wrong along with a promise in plain English never to do it again.
Now, I didn't say anything about not running advertising on the pages. Advertising is what makes sites run, and anyone with any length of time in the industry understands their importance. Google style ads that aren't disruptive are generally respected and static graphical ads from companies like Microsoft and IBM must work as they have advertised here for years. The problem is if things get pushed too far and the content can't be read without irritation.
If the website isn't functional (loads within 1 second without distractions or intermission ads) than you site has gone over too far and the next visit and every visit thereafter will be filtered. We also understand how these things work on the back-end, know how to implement ABP, No Script, Ghostery and other things with advertising gets overbearing.
At this point it is up to the WebMasters to show that they understand "don't be evil". You can't do it with fine print though, for this audience, reads the fine print.
All uninstallation procedures are exhaustively documented, and all third party offers go through a comprehensive compliance process to make sure they are virus and malware free.
You clowns at SourceForge/Dice are missing the point. Users DON'T WANT this garbage on their system. You are deliberately trying to get them to install it, even if it's by mistake.
And what about all the institutions providing you with mirroring? Are they getting a cut of this revenue now? If they're not, then you are DELIBERATELY attempting to profit from their charity and generosity. Personally, I hope every single mirror deletes any SourceForge related material from their servers and tells you to go die in a fire. You are attempting to profit from the work and resources of others who believed they were contributing to the free software community. For that, you are to be shamed, shunned, and written off as yet another group of clueless MBA's out to monitize the entire fucking world at the expense of others. Go fuck yourselves and look for a real job where you have to WORK instead of ruining other people's reputations by bundling useless shit with their software.
"So after all this, you make my case for me. To end this stalemate, you must die..."
I haven't posted much since the takeover but I wanted to log in one last time to say:
1) Thanks for ruining SF, that was remarkably fast.
and
2) FUCK OFF!
/. feeds will be deleted now, no more clicks to read comments for you parasites.
All
Imagination drew in bold strokes, instantly serving hopes and fears, while knowledge advanced by slow increments...
You ate too much of your own cake.
The migration to other services has begun.
You might never recover from this.
May it be a lesson for all other "free" services trying to make hasty profit.
"Find and block misleading ads"
Why is this our job?
Why do you not know what's being advertised on your own website?
Why do you run a business based on something you can't control?
Why don't YOU go through your ads and start removing the misleading crap?
[they] strongly encourage the top projects to use a new (closed source only) installer
SourceForge not only seems to have missed this key point but has completely reversed it's previous position on Open Source being a key component to transparency. Instead, SourceForge claims:
The DevShare program has been designed to be fully transparent. The installation flow has no deceptive steps...
Who says it has no deceptive steps? How do I audit the source code to the installation flow?
For anyone that reads the SourceForge blog, this seems to be a very jarring change in prospective on the part of SourceForge. Several previous SourceForge blog posts bring up transparency, but always in the context Open Source Software. Before November 2013, I can't find any SourceForge blog posts that refer to close source as "fully transparent." I also can't find any other SourceForge blog post that tries to claim close source software contain no deceptive steps. Once SourceForge is able to make the leap that a close source installer is fully transparent, there really is no common ground to continue a discussion on. It isn't a matter of a third party being a bad actor, SourceForge itself is the bad actor. This SourceForge blog post is proof of erosion taking place on fundamental ideal which where the foundation of SourceForge.
Are they even seriously asking right now? All of them. 100% of them. Fucking pick one at random. They ALL have undesireable, misleading, coinstalled crapware. None of them don't have it. How else can I phrase it so these dishonest scam artists?
For the record, I haven't used sourceforge for a long time. On the other hand... Last few weeks I had several autoplaying video adds on /. front page.
I often leave slashdot open when I do something else. For a few days straight I went gaming with a couple of friends using skype. In the middle of the game a frigging add starts playing... yeah. ,,,on /. main page... I do understand having adds on main page...
BUT GODDAMN AUTOPLAYING VIDEO ADDS ON /. FRONT PAGE THAT REFRESH WITHOUT ASKING:
Contemplating on finding a better source for my nerd news.
Per the Sourceforge blog article: