SourceForge and GIMP [Updated]

New submitter tresf writes: In response to a Google+ post from the Gimp project claiming that "[Sourceforge] is now distributing an ads-enabled installer of GIMP," Sourceforge had this response: "In cases where a project is no longer actively being maintained, SourceForge has in some cases established a mirror of releases that are hosted elsewhere. This was done for GIMP-Win.

Submitter's note: Gimp is actively being maintained and the definition of "mirror" is quite misleading here as a modified binary is no longer a verbatim copy. Download statistics for Gimp on Windows show SourceForge as offering over 1,000 downloads per day of the Gimp software.

In an official response to this incident, the official Gimp project team reminds users to use official download methods. Slashdotters may remember the last time news like this surfaced (2013) when the Gimp team decided to move downloads from SourceForge to their own FTP service. "Therefore, we remind you again that GIMP only provides builds for Windows via its official Downloads page." Note: SourceForge and Slashdot share a corporate parent. Editor's note: I just got back from a busy weekend to see that a bunch of people are freaking out that we're "burying" this story, so here it is. Go hog wild. Sorry it took so long. (And for future reference, user submissions are easily found in the firehose, listed in the order they appear, newest first.)

Update: 06/01 22:37 GMT by T : The SourceForge blog has a welcome update; SourceForge, it says, has effective today "stopped presenting third party offers for unmaintained SourceForge projects. ... At this time, we present third party offers only with a few projects where it is explicitly approved by the project developer, or if the project is already bundling third party offers."

Took long enough for you to post this Slashdot

[NotDrWho]

I remember seeing a submission on this early last week.

Re:Took long enough for you to post this Slashdot

[weilawei]

I am also pleased that they've finally posted it, but still seriously miffed that it took this long.

Re:Took long enough for you to post this Slashdot

Apparently there's only one editor.

Re:Took long enough for you to post this Slashdot

[NotDrWho]

And his weekends start on Wednesday.

Re:Took long enough for you to post this Slashdot

but still seriously miffed that it took this long.

Slashdot has always been slow to post news. You see people in the comments all the way back to before there was even registered accounts, complaining they saw the news first elsewhere and that stuff posted to Slashdot can't be news because of how old it is at that point. I don't know why people expected them to move lightning fast on this story any more than elsewhere.

If anything, if they posted stuff on this right away, that would be more suspect to me meaning they had pressure to break from the status quo.

Re:Took long enough for you to post this Slashdot

If you go back and look at the sheer number of submissions on this last week, you'll see that this was not your typical "oh, we just overlooked it" story.

Re:Took long enough for you to post this Slashdot

Not saying it was the case here (I don't have enough details to know for sure), but in his defense, my weekend started on Wednesday last week - I took a long weekend for a small vacation. Maybe he did the same?

(Also, I appreciate the "we were trying to get more info" response that's in this thread somewhere - in my opinion, it's always good to get as much info as possible before running with a story)

Re:Took long enough for you to post this Slashdot

[Sarten-X]

I saw several submissions, and frankly, not one of them was decent journalism. I voted them down.

Copying a juicy bit from the article and saying "Link to original source" is not a summary.

Re:Took long enough for you to post this Slashdot

I suspect Timothy just loads stuff on cron at the start of the weekend and takes off fishing, or something. Once, there were no posts for about three hours on the top story because of some glitch in the action URL. Then there was the "Susan Sandberg" fiasco, up there for at least six hours in the headline and TFS after Sheryl Sandberg's husband died, while people posted snarky stuff at the editor's expense.

Re:Took long enough for you to post this Slashdot

[RazorSharp]

Decent journalism? You know you're on slashdot, right?

Re:Took long enough for you to post this Slashdot

et tu sourceforge. . well, it was nice while it lasted, and thanks for giving me the incentive to move all remaining projects away from you

Re:Took long enough for you to post this Slashdot

[OzPeter]

I suspect Timothy just loads stuff on cron at the start of the weekend and takes off fishing, or something.

I actually think that someone loads "Timmy" up on cron at the start of the weekend and takes off fishing.

Re:Took long enough for you to post this Slashdot

I wonder if he told his GF or wife about his 5-day weekend.

Re:Took long enough for you to post this Slashdot

[Sarten-X]

Right, and that's why I excuse my double standard.

Considering the poor quality of the submissions, and the flood of nearly-identical comments on other stories, I'm suspicious of the intent. It wouldn't be the first time Slashdot has been used to slander others, and the irony of having one Dice subsidiary embarrass another Dice subsidiary makes this a particularly appealing attack.

Re:Took long enough for you to post this Slashdot

[desdinova+216]

Decent journalism? You know you're on the Internet right?

FTFaccuracy

Re:Took long enough for you to post this Slashdot

Poll idea:
* I bother to read TFA {1,2,5,10,20,50,100}% of the time before posting.
* CowboyNeal reads the articles to me, you insensitive clod!

I'm betting the median is around 5%. Takers?

Re: Took long enough for you to post this Slashdot

I found out from a reliable news source... Reddit!

Re:Took long enough for you to post this Slashdot

"Sourceforge and Gimp" is really indexable. This story is going to be easy to rediscover in searches.

Re:Took long enough for you to post this Slashdot

[codemachine]

Given the trajectory of the SourceForge site, do you really find the story suspicious?

SourceForge went from showing deceptive ads with a big Download button, then started bundling a malware installer with any projects that wished to opt-in to their revenue sharing scheme.

Is it really hard to believe that they'd start bundling that same installer with "abandoned" projects? Plenty of other news sites seemed quite able to post about the story without finding it super suspicious, or requiring so much research to verify the story.

Face it, the reason that the story didn't immediately come up on Slashdot is because the site is owned by Dice. That is the reason for the suspicion you have, and the need for the editors to be cautious about posting the story.

The caution by the editors in this case is understandable and expected; just as the anger of the user base is also understandable and expected. No point in anyone pretending otherwise.

Re:Took long enough for you to post this Slashdot

[Zero__Kelvin]

"Copying a juicy bit from the article and saying "Link to original source" is not a summary."

What the hell are you talking about? The best summaries do exactly that. It's the ones where the submitter tries to write their own content where things tend to get stupid real quick.

Re:Took long enough for you to post this Slashdot

[Zero__Kelvin]

"Decent journalism? You know you're on planet Earth right?"

FTForGreater Acurracy (by your definition of "accuracy")

Re:Took long enough for you to post this Slashdot

[Enfixed]

I remember seeing about 3 submissions that got buried earlier this week. To hell with slashdot, I only came here because I saw this finally made it through while reading my news on itworld. So long slashdot and thanks for ..... meh whatever.

What will they do next?

[Chrisq]

*** BUY ACME SPEARMINT ***
Interfere with slashdot posts?
*** BUY ACME SPEARMINT ***

Re:What will they do next?

[NotDrWho]

This post brought to you by Carl's Jr.

Re:What will they do next?

Fuck you, I'm posting.

Re:What will they do next?

I'm thinking Arby's! Where the meat gets slashdotted!

Re:What will they do next?

Well, all they serve is slimy garbage too so...

Finally!

At last. Now that moron who's been spamming every story with an off topic post of this can shut up.

Re:Finally!

With pleasure. You think we like having to do that? It's like having to trash your apartment to get the landlord to fix the faucet.

Re:Finally!

If it hadn't been for that moron, today's /. submission would've probably not been posted.

Re:Finally!

[Narcocide]

Your apartment, and the one downstairs.

Re:Finally!

If it hadn't been for that moron, today's /. submission would've probably not been posted.

Nonsense! Soulskill would have posted it as soon as he returned from his busy 5-day weekend.

Not ignoring the story is a good start!

[rmdingler]

Issuing an opinion on something the umbrella corporation did that you may have no control over would be a solid follow up.

Re:Not ignoring the story is a good start!

[Luxemburg]

Additionally, offering such a weak*) excuse for sitting on this story (apparently) for a week actually rings all my alarm bells. Please slashdot editors, explicitly deny (or confirm) there has been any kind of pressure influencing your treatment of this topic.

*) Weak to react to it cynically, dismissively, the editor just had a busy weekend, and how dare the readers ever even imagine there might be some sort of hesitation on your part for not publishing this article promptly. After all, it's only a very grave accusation to a service run by the same company for the same audience.

Re:Not ignoring the story is a good start!

[Soulskill]

There's been no pressure influencing my treatment of this topic.

The main reason it's late is that we were asking some questions internally so we could put up a more informative post on the subject. Unfortunately, communications were slow. Rather than keep waiting, I just put up the most accurate submission we've gotten. (May or may not still happen later.)

Re:Not ignoring the story is a good start!

Then why the hell did you blame a busy weekend to start? Smells like BS to me.

Re:Not ignoring the story is a good start!

[sinij]

While I didn't find DICE response satisfactory (they should rend garments and ash their heads), I appreciated its inclusion. It would have been great follow-up story to original "This just in!" story. Keep in mind, /. is not stale news for nerds for the most part.

Re:Not ignoring the story is a good start!

[OzPeter]

^^ THIS

Re:Not ignoring the story is a good start!

[rmdingler]

Hmmm...

/. being slower than everyone else to report on a story.

That is suspicious.

Re:Not ignoring the story is a good start!

[Soulskill]

You're conflating two different things -- the story wasn't posted immediately because we were trying to gather more information. When I got in this morning, I saw people were upset that it was taking so long, so I posted it.

Re:Not ignoring the story is a good start!

[jrumney]

Keep in mind, /. is not stale news for nerds for the most part.

You must be new here.

Re:Not ignoring the story is a good start!

There's been no pressure influencing my treatment of this topic.

I can believe SoulSkill can say that, but I don't believe other "editors" here can.

Re:Not ignoring the story is a good start!

[OzPeter]

Your statement here appears to conflict with your edit in TFS. Both of which look like excuses rather than genuine reasons. As such the damage IS done. You are going to need to be 100% transparent even to start recovering from this debacle.

Re: Not ignoring the story is a good start!

Why?

Do you ask more information from other companies when you post stories about them?

Goodbye slashdot.

Re:Not ignoring the story is a good start!

[Soulskill]

People are going to look for reasons to be mad, no matter what I do. They're entitled to that. I'm just doing what I can to make the situation right.

Re:Not ignoring the story is a good start!

[OzPeter]

And I am pointing out that posting two mutually exclusive reasons for why this particular story was not posted until today is a major fuck up. But continually repeating them (without acknowledging that it is a fuck up) just adds to the fucked upness of the whole situation.

Re:Not ignoring the story is a good start!

[LVSlushdat]

Then it sounds to me that we have a case of the "left hand" not having a clue what the "right hand" is doing.. vis a vis the Dice/Slashdot crew and the Dice/ Sourceforge crew... Is that about it??

Re:Not ignoring the story is a good start!

[C3ntaur]

Keep in mind, /. is not stale news for nerds for the most part.

Have you been to Arstechnica, Phoronix, and The Register? Browse their headlines and you'll see a 12-24 hour preview of what's going to show up on /.

Re:Not ignoring the story is a good start!

[Soulskill]

I acknowledge that this was a fuck up. As I said in my note on the story, I'm sorry it took so long for this post to go up.

Re:Not ignoring the story is a good start!

Out with it then, what information were you buying time for exactly? It must be really good considering you then decided to make the excuse/lie of 'Hey just got back from a buzy weekend! And just to let you know, your all pigs!' * line.

* well, you said hogs, but we see what you did there.

Re:Not ignoring the story is a good start!

Um yeah - good one. I guess it works for you because many readers wont bother reading these comments.

Re:Not ignoring the story is a good start!

[Soulskill]

I suppose you could put it that way. Slashdot and SourceForge have been under the same roof for a long time, but they've always been separate entities. I have no interaction with the SourceForge folks on a daily basis.

Re:Not ignoring the story is a good start!

[tresf]

Thanks for posting it, @Soulskill. Better late than never. I'll support you a bit in saying that the readers are focusing on the wrong point. It is the FOSS malware bundling which is the real issue here. The misrepresentation of a product against the author's/community's will is THE issue. Stop trolling the journalist, he's not the one installing malware on your computer, SF is.

Offering a great product for free should be good enough to drive the traffic and ad revenue that SF needs. Taking a sh** on these great projects does nothing but alienate SF from the very community that helped it gain notoriety in the first place. Sure this is old news, but 1,000 malware installations a day aren't old news. 1,000 malware installations a day should be criminal.

Coincidentally -- the day after posting this article -- a colleague of mine made a similar mistake of installing OpenOffice from a high-ranking search result and is now dealing with the consequences. Long term, I'm not sure how we fix these bait-and-switch problems, but @Soulskill getting the word out is a good start.

On a personal note... I manage the downloads for a QT-based project known as LMMS and we too feared the day that our installers would be compromized. In anticipation of this, LMMS has moved everything off of SF hosting. This took almost a year as it included forums, downloads, bug tracker, et al. We we very fortunate to get corporate sponsoring, but not all projects have success in this regard.

On a personal-side-note, I'd like to add that I've been happy enough with the services over at GitHub that I've chosen them for some of non-free projects (private, paid repositories). Is this not how revenue **should** be generated? Should the exchange of good, honest services for cash not be the norm? Should preying on the innocent and invading privacy, installing viruses for those that would least suspect it NOT be ostracized? SF has become a predator against the unsuspecting.

Re:Not ignoring the story is a good start!

These people are mad, convinced that you are acting against their interests, and are ignoring any evidence which supports a kinder or more reasonable interpretation of your motivations.

Here's my take: The editors saw a story with claims relevant to their own area of expertise. They decided to do some digging before publishing a story with potentially false or incomplete data. The public outcry convinced Soulskill to publish the best of the unverified stories rather than waiting for the analysis to complete. Soulskill noticed the outcry after a busy weekend.

This narrative fits the facts and attributes no malicious motives to anyone.

I suggest that a more open process would avoid recurrent allegations that anyone have acted improperly. I propose this: When a story affecting a company related to /. is submitted, it is posted immediately but bearing the usual related story disclosure and a note saying that the facts have not been verified by /. staff. If there is analysis done that alters the story, then publish that as a separate submission by the editors themselves.

Am I disappointed in SourceFourge? Sure.
Will I use it ever again? Probably not.
Do I trust /. any less? Nope.

Re:Not ignoring the story is a good start!

[OzPeter]

but bearing the usual related story disclosure

/. does't even publicly disclose when Dice shills post stories here.

Re:Not ignoring the story is a good start!

[Khyber]

Your statement clearly conflicts with screencaps many have of the firehose, where almost EVERY SINGLE STORY regarding this was removed despite comments and being RED status.

Would you care to try again, SoulSkill? You seem to forget how easily the internet can keep track of what you do and when.

Re:Not ignoring the story is a good start!

[bv728]

I think people are getting hung up on some (admittedly bad) phrasing. The statement "Editor's note: I just got back from a busy weekend to see that a bunch of people are freaking out that we're "burying" this story, so here it is." isn't why they delayed the story, but why they're posting it now. That is, they were trying to gather information before the weekend, the weekend happened, they came back, and posted it without the additional info because they were seeing the freakout.

Re:Not ignoring the story is a good start!

[Khyber]

"The editors saw a story with claims relevant to their own area of expertise."

Hijacking accounts with 'sf-editor1' (Who wants the passwords to sf-editor1 through sf-editor3?) is their area of expertise? Yep, definitely sounds like a coverup in not getting the story published faster, and also deleting commented and red-labeled firehose submissions regarding said story just adds fuel to the fire.

Re:Not ignoring the story is a good start!

[h4rr4r]

When has it ever been any different?

Re:Not ignoring the story is a good start!

[Soulskill]

As stated at the end of the summary, old submissions are visible in the firehose. They're ordered by time, most recent first. If you scroll back through the past several days, you'll find a bunch of SourceForge-related submissions still alive and well.

Re:Not ignoring the story is a good start!

[RavenLrD20k]

Based upon this response, I believe it's safe for us to assume that whenever an article is posted that reflects on the actions of Dice or its properties, Slashdot will guarantee that it will delay posting so it can perform some form of a PR role before it performs a journalistic role. This, unfortunately, makes sense.

Re:Not ignoring the story is a good start!

[i.r.id10t]

The copyright holder(s) of the software need to go after SF and whoever else (Cnet!), etc. - the license they use may be using one of those "integrity of the authors code/name/work/project name" clauses. Or the recipients need to - if there is only a single license agreement (say, the GPL v2) presented, then the source for the adware/malware/etc must also be given if asked for.

Re:Not ignoring the story is a good start!

[Khyber]

I see several that I voted up totally removed (the tell-tale 'imprinting' of the bar when you vote being the giveaway.)

Every story I see back through Wednesday is one I hadn't voted on.

Re: Not ignoring the story is a good start!

Of course he won't, he will keep saying the same shit his corporate overlords tell him to say. He no longer speaks for himself, he is a puppet.

There is proof that this story was blocked several times. And his( and Dice ) reply was I was busy, oh yea and I needed more info, was slow getting it( are you kidding me? ) But that still doesn't explain why the story was surpressed.

Dice intentionally surpressed this story because it is going to cost them money. Soulskill states that getting info was slow, yet he works for the same company for Christ sakes, you don't have a line you can call and say hey guys, what's the deal here, readers are getting upset.

Dice saw pressure from its members just like it saw pressure against beta, and acted accordingly. They only released the story after they received pressure. I'm willing to bet that if no one said shit, this story would have still been surpressed.

Re:Not ignoring the story is a good start!

[simplypeachy]

Not that long ago I went hog wild over something that turned out to be a genuine bug in the Firehose. On top of that, it was very old news anyway. This time the hog was not let loose, and frankly, all the little bitches whining and crying about it are entertaining me.

Thanks for your hard work, btw. /. is a great place to be.

Re:Not ignoring the story is a good start!

[phorm]

I want *blood* because the site which I use regularly but pay money for doesn't meet my exacting standards, is that right? Geeze, man, chill out a little bit. If you're truly that unhappy, then move on to another site. Otherwise, accept the apology for what it is.

Seriously, all caps. Demand for a public apology. Perhaps a "the persons responsible have been sacked" message? Geesh.

Re:Not ignoring the story is a good start!

At least they're all named Nerval's Lobster, so they're easy to spot.

Re:Not ignoring the story is a good start!

Stop trolling the journalist, he's not the one installing malware on your computer, SF is.

This applies to all of the journalists who actually reported on this. The fact that Slashdot didn't until now strongly suggests that Dice doesn't allow them the independence required of ethical journalists. In other words, Dice is the one installing malware on your computer, and Dice is the one that censored reporting on it.

Re:Not ignoring the story is a good start!

[jlv]

Editor's note: I just got back from a busy weekend to see that a bunch of people are freaking out that we're "burying" this story, so here it is. Go hog wild. Sorry it took so long.

You said "sorry it took so long" but your excuse in the article doesn't match what you just said down here. It's long on bogosity.

Re:Not ignoring the story is a good start!

True, I tend to find things out from places other than /. but... then I come here for the discussion of those things. I bet like many others here part of the reason RTFA is running joke is because we're mostly all familiar with the gist of whatever subject may be being discussed and just dive right in regardless of having read the "specific" article submitted. And, wacky opinions from know it alls that are just winging it off the headline can be very amusing and sometimes insightful.

I've been aware that sourceforge has fallen so far as to now be fucking hijacking the GIMPwith adware for a while.

Then, to make it that much more repulsive, the subject being glaringly absent from here?

That is fundamentally atithetical to what slashdot was.

Re:Not ignoring the story is a good start!

Sounds more like the internal questions was asking Dice if it was ok to post it and they were taking their time giving you the 'ok'.

I arrive at this assumption given the quality of many other articles we get that don't get the same "care" for accurate details or factual information over clickbait headlines...

Re: Not ignoring the story is a good start!

[ColdWetDog]

Goodbye slashdot.

AC's are leaving?

Excellent!

Re:Not ignoring the story is a good start!

[ShaunC]

Have you been to Arstechnica, Phoronix, and The Register? Browse their headlines and you'll see a 12-24 hour preview of what's going to show up on /.

I've never heard of Phoronix, and since Ars came to be, I've considered it a good companion to Slashdot. As for El Reg, their stories used to be a daily thing on the front page here, but I rarely see them referenced anywhere anymore.

15 years ago, Slashdot was a very good source of timely tech news. They'd have news before CNet's news.com did. It's slipped a little; now most of the stories are at least a day old and have been reported in many other places. Here's the thing, though. Slashdot is a news aggregator. People submit links to things that are reported elsewhere. Even long ago, it was rare that any news "broke" on Slashdot. That simply isn't how this site works.

The web has evolved to become a far more real-time medium than it used to be. When I started on Slashdot, things like Facebook, Twitter, and reddit didn't exist. There were no smartphones, there were no apps, "going viral" wasn't a thing. Now a lot of people get their news in a massively crowdsourced/swarmed manner through social sites and apps, so by the time anything gets here it's bound to be "old news" to a large part of the audience.

Slashdot still offers a unique enough community that I keep visiting every day, even if the news is a bit stale.

Re:Not ignoring the story is a good start!

[penguinoid]

Here's my take: it doesn't take a week to download a file from Sourceforge and see if in contains crapware. (Unless their connection quality is as bad as their software)

Re:Not ignoring the story is a good start!

Problem is, we've been upset with SF about this for a week. That /. is only just now posting it, given both its relationship to the company in question and its status as an historical pillar of FOSS community media, is more than enough justification for the outrage toward Soulskill -- more so now that the explanation appears to be far more amorphous than first presented; see his further postings for more information.

Re:Not ignoring the story is a good start!

[ancientt]

I think you meant:

I want *blood* because the site which I use regularly but don't pay money for doesn't meet my exacting standards

To which I'd say: I actually do pay. I've supported /. directly for years. I do expect a certain level of professionalism and editorial freedom from them, not only because that's what I pay for, but because that's the honorable thing to do.

With that said, I don't think SK is being unprofessional or unreasonable. I think that the concern that dice might hurt what is good about /. is a legitimate one, but not necessarily one I'd consider supported by this single instance of a delay.

If you actually meant to say that people who are paying money don't deserve to get what they paid for, then I'm very confused by your post.

Re:Not ignoring the story is a good start!

[tresf]

I'd like to add that I partially regret singing up for a Slashdot account to write this article. I've had to unsubscribe myself from 5 mailing lists since the article was created last week. It's becoming pretty obvious that SF isn't the only snake-oil merchant in town.

Re: Not ignoring the story is a good start!

[KGIII]

I have never witnessed anyone that claimed to be leaving actually leave.

Re:Not ignoring the story is a good start!

[KGIII]

Isn't that only true if it hooks into the kernel?

Re:Not ignoring the story is a good start!

The kernel is not the only Freely licensed code base out there... and the GPL v2 is not the only Free license.

Re: Not ignoring the story is a good start!

[Pubstar]

I don't know that's a good thing. I love watching a bunch of ACs fighting while pretending its one man with multiple personalities.

Re:Not ignoring the story is a good start!

Yeah, but you're a dick.

Dick.

Re:Not ignoring the story is a good start!

[KGIII]

While true I dimly recall that GIMP was GPLv2? I could check... Google is so far away though.

Re:Not ignoring the story is a good start!

[ihtoit]

so which is it? Long weekend, or gathering more information?

You've not only jumped the shark here, you dangled your junk in its mouth while you flew over.

Re:Not ignoring the story is a good start!

Your statement clearly conflicts with screencaps many have of the firehose, where almost EVERY SINGLE STORY regarding this was removed despite comments and being RED status.

Would you care to try again, SoulSkill? You seem to forget how easily the internet can keep track of what you do and when.

Link?

Re: Not ignoring the story is a good start!

we are multiple personalities. Some call us Legion.

That said, though, I think we may be heading for a fork. At least one of my voices has developed a blood lust and another is convinced all the others are out to get him.

Re:Not ignoring the story is a good start!

[tehcyder]

so which is it? Long weekend, or gathering more information?

Clearly these are mutually exclusive, and so it is a CONSPIRACY.

Re:Not ignoring the story is a good start!

[ihtoit]

I don't take my work phone with me when I go hunting.

Absolutely unacceptable behaviour

[sinij]

This behavior should get SourceForge blacklisted as both cyber-squatters and adware, possibly malware vendor.

Re:Absolutely unacceptable behaviour

This is why nobody uses sourceforge anymore. Years old versions of projects or look alikes of projects distributing malware.

So yeah...use anything BUT sourceforge. Hell put it in your hosts file as going to 127.0.0.1, apk would approve.

Re:Absolutely unacceptable behaviour

Cnet irreparably destroyed the reputation of both download.com and the cnet brand.

Sourceforge's brand is probably damaged to a similar level for me.

I'm about ready to DNS blackhole sourceforge because it cannot be trusted at all anymore. 10 years ago, it was my go-to site.

Re:Absolutely unacceptable behaviour

Agreed. I actually had no idea that SourceForge behaved that badly. Everyone must react to this and stop using SourceForge until they officially declare that they won't adwareify other peoples code ever again.

Re:Absolutely unacceptable behaviour

RIP SourceForge. You died dishonourably.

Re:Absolutely unacceptable behaviour

"But we're incentivizing downloads from us by bundling in all this great optional software! Your browser needs more search bars and you can never be too safe from viruses. PLEASE LOVE US!"

-SourceForge Management

Re:Absolutely unacceptable behaviour

[NotDrWho]

I'd piss on the grave, but why waste good piss?

Re:Absolutely unacceptable behaviour

Especially if it is frosty.

Re:Absolutely unacceptable behaviour

This!!

Re:Absolutely unacceptable behaviour

Agreed. SourceForge is dead. Cnet is very dead. Download.com is super dead. Slashdot might as well be dead too. These organisations don't deserve anyone's trust any more. They're just rats-nests of malware and junk trying to scam people out of money. They don't serve any "community" but themselves.

Thanks DICE!

[Lumpy]

Glad to see DICE holding strong on their scumware downloaders.

Re:Douch move for sure on SF

[fuzzyfuzzyfungus]

Aren't we all smart enough to turn off the adware during install? I even know some old people who turn off "add-ons" that they don't need.

Well, given that adware 'offers' still get injected into installers, I'm going to use my incredible mental thinking skills to hypothesize "no, we aren't".

Aside from that, even if you don't get hit by the adware, having to defang an installer just to use a program leaves the indistinguishable taste of pure sleaze in your mouth for the rest of the process(looking at you, Oracle and the Ask.com toolbar...)

Sourceforge is dragging the GIMP project's name through the mud by bundling this shit, even if they don't hit anyone. That alone is more than enough to be displeased by.

I don't buy the /. editors' explanation.

[pop+ebp]

I don't buy the /. editors' explanation.

This story has been repeatedly submitted since at least late Wednesday and has been voted to red multiple times in the firehose.

Meanwhile, most other red stories have already appeared on the front page, so clearly some editors were still around...

Re:I don't buy the /. editors' explanation.

Eh, who cares? It's not like it's actually that important a story. Besides, Soulskill's response was funny.

Re:I don't buy the /. editors' explanation.

Nice try, Soulskill. Nobody's buying it.

Re:I don't buy the /. editors' explanation.

[linkdude64]

Maybe it's time to start emailing some advertisers to expose corruption in Tech journalism?

Re:I don't buy the /. editors' explanation.

Problem: journalists control the media. Real world example: #gamergate.

You can't go after the media, because they control the only platform from which you can preach your story. Meanwhile, they can freely slander your platform without any fear of exposure... because who is going to report on it?

Re:I don't buy the /. editors' explanation.

[linkdude64]

If you're interested in helping to contact DHI Group Inc. for SF's potential violation of their Code of Ethics, gathering evidence, and sending the message to the greater mirroring community that wrapping FOSS projects in malware without the creator's consent is unacceptable, there is a board set up at 8chan.net (an open-source Freedom-respecting imageboard) to help coordinate efforts, evidence, and discussion. Though it is still in its infancy, we are in need of people who care about the public image of FOSS and want to see Sourceforge and other responsible parties held accountable beyond a temporary PR fiasco.

https://8ch.net/sourcefraud/

8chan's privacy policy can be found here:
https://8ch.net/privacy.pdf

If you have questions about 8chan in general, please read the FAQ.
https://8ch.net/faq.html

Disclosure: I am not financially invested in 8chan.net, nor am I making any money off of sharing this board. Please enable your Adblocker before visiting, by all means.

Seems to Be a Pattern of Behavior

[Kunedog]

Anyone buying the "busy weekend" excuse? Can't say I am, since the story broke near the middle of last week, and we've seen /. willfully ignore the community so many times. Look at the amount of pushback it took to defeat Beta and Bennet Hasselton.

Wonder if they'll ever drop the anti-Gamergate narrative too (probably not, since they have most of the tech media circling wagons with them on the pro-corruption side)?

Re:Seems to Be a Pattern of Behavior

Bennet Hasselton cannot be defeated. He's merely resting.

Re:Seems to Be a Pattern of Behavior

Anyone buying the "busy weekend" excuse? Can't say I am, since the story broke near the middle of last week, and we've seen /. willfully ignore the community so many times. Look at the amount of pushback it took to defeat Beta and Bennet Hasselton.

Wonder if they'll ever drop the anti-Gamergate narrative too (probably not, since they have most of the tech media circling wagons with them on the pro-corruption side)?

The Sans Culottes will wrest control over Slashdot!

Re:Seems to Be a Pattern of Behavior

[sinij]

>>>Bennet Hasselton cannot be defeated. He's merely resting.

Bennet Hasselton article shows up only if someone mentions Bennet Hasselton three times in a single post.

Re:Seems to Be a Pattern of Behavior

TBH, very few Slashdotters actually wear culottes.

Re:Seems to Be a Pattern of Behavior

[0100010001010011]

It's just the Nth 'eternal September'.

It's also happening to Little Registry Cleaner. If you don't read every dialog box very, very carefully you end up with crapware (look at the reviews).

The tail end of GenX/Initial GenYs that originally ran Slashdot have moved on with their lives. They sold out (no problem with that, I would have too). Dice put a bunch of kids that grew up on Reddit in charge so you see Slashdot trying to mirror Reddit's content, 'messege', tone & look and it's showing to old hat /.ers.

If anyone is bored and looking for a place to lure my 30s year old self. Redo slashdot, allow markdown, bbedit, html, LaTeX.. editing. Keep the -2 to +5 moderation system because it limits band-wagoning and group think. Now that everyone can have an opinion it shows. I used to revel in the days that little 19 year old me was bestowed with 5 points to vote with (and tried to ration them accordingly).

Design a proper responsive layout (It was not Beta) and keep it about tech

I'm looking for a good place to discuss stuff that is relevant to me like Slashdot used to be. Reddit is good for certain things. Long drawn out posts with actual information isn't one of them. Everyone wants a tl;dr:.

[And this message took longer to type than one in Markdown because HTML is pretty slow now that I use markdown for everything, blog and all. Not that I don't know but ** is easier, ~~~~, ]

Re:Seems to Be a Pattern of Behavior

[chihowa]

In his house at R'lyeh, dead Bennet Hasselton waits dreaming.

Re:Seems to Be a Pattern of Behavior

TBH, very few Slashdotters actually wear culottes.

Then you are sans...

Oh, skip it.

Re:Seems to Be a Pattern of Behavior

[TWX]

>>>Bennet Hasselton cannot be defeated. He's merely resting. Bennet Hasselton article shows up only if someone mentions Bennet Hasselton three times in a single post.

You bastard!

Aaargh! you made me do it too!

Re:Seems to Be a Pattern of Behavior

[TWX]

Maybe they all came to Phoenix ComiCon last week and this weekend and were too busy staring at attractive women in their costumes to care about what happens in the digital world...

Re:Seems to Be a Pattern of Behavior

[AmiMoJo]

Look at the amount of pushback it took to defeat Beta and Bennet Hasselton.

I was actually quite surprised at how responsive the owners have been on those two issues. They clearly invested a lot of money and time into beta, and I dread to think what kind of favours Bennet was offering, but in the end they listened to us. I really didn't think it would happen, I expected beta to become the only option and my beloved (in an abusive partner kind of way) Slashdot die a slow and painful death.

So kudos for listening. And yeah, I can buy the weekend excuse. Come on, this is Slashdot, the "editors" seem barely literate at times and can't remember posting the same story a mere 24 hours previously. Never attribute to malice what can be adequately explained by incompetence.

Re:Seems to Be a Pattern of Behavior

[bill_mcgonigle]

If anyone is bored and looking for a place to lure my 30s year old self. Redo slashdot, allow markdown, bbedit, html, LaTeX.. editing.

If this is where your interests are, Soylent has forked an re-opened Slash, so people can contribute to it. There's been tremendous cleanup/ and some refactoring, to make Slash a more sane/maintainable project.

They're very picky on submissions, though, so the variety and community aspects aren't what Slashdot is.

Re:Seems to Be a Pattern of Behavior

[ideonexus]

The adware bundling is also happening with Filezilla now too. I recently downloaded the FTP program to my computer at work and it set off a bunch of virus alerts with our system engineers. It was very embarrassing, but the engineers said they fell for it too.

The worst part is that there is no opt-out option in the installation process. By downloading the version of the package with the adware, you are agreeing to install the viruses. I eventually found a clean install of Filezilla on Sourceforge, but it's not obvious.

Google needs to flag Sourceforge as a malware site for these shenanigans.

Re:Seems to Be a Pattern of Behavior

try soylent news or pipedot.

the noise floor is not zero but people are trying.

Re:Seems to Be a Pattern of Behavior

I wasn't aware Bennet had been defeated. One small victory at least.

Re:Seems to Be a Pattern of Behavior

[meta-monkey]

I think you dropped this: .org

soylentnews.org

Re:Seems to Be a Pattern of Behavior

[meta-monkey]

Same thing. I ran Malwarebytes Anti-Malware scanner on my windows box the other day and found a few piggybacked pieces of crap that could only have come from Sourceforge downloads. It's wrong! Wrong I tell you, wrong!

Re:Seems to Be a Pattern of Behavior

Agree with everything except markdown. It's a half assed markup language.

Re: Seems to Be a Pattern of Behavior

Avoid this by using ninite.com

I'm not affiliated, just a happy user.

Re:Seems to Be a Pattern of Behavior

[slashdice]

Bennet Hasselton is easily startled but he'll soon be back, and in greater numbers of shitty diaries.

Re:Seems to Be a Pattern of Behavior

[hendrips]

Honestly, I think you're being unfair to Reddit - Slashdot has a much worse tone and look. I've taken a look at Slashdot's homepage with no adblock or anything - completely filled with flashing banner ads, video ads for cosmetics, clickbait links from Taboola, etc. At least on Reddit the advertisements aren't so visually assaulting. Also, it tends to be easier to avoid Reddit's overall "message" in most cases, at least for me, because it is more convenient to go directly into the specialized subreddit I'm interested in - I can't remember the last time I looked at the actual reddit.com homepage.

Re:Seems to Be a Pattern of Behavior

[aardvarkjoe]

I was actually quite surprised at how responsive the owners have been on those two issues. They clearly invested a lot of money and time into beta, and I dread to think what kind of favours Bennet was offering, but in the end they listened to us.

The anti-beta crowd essentially managed to make the comment threads unusable for a couple days before Slashdot finally relented. I think that was more a matter of them realizing that by the time they rolled out the beta, all the normal readers would have already been driven away.

Re:Seems to Be a Pattern of Behavior

[0100010001010011]

could only have come from Sourceforge downloads.

Well I guess it's one way to cash out before you lose all market share to GitHub.

Re:Seems to Be a Pattern of Behavior

[0100010001010011]

I've taken a look at Slashdot's homepage with no adblock or anything - completely filled with flashing banner ads, video ads for cosmetics, clickbait links from Taboola, etc.

Are you comparing 1999 Slashdot to 2015 Reddit or 2015 Slashdot to 2015 Reddit?

Slashdot even used to reward you for not making shit posts. There was a simple checkbox to turn all of that off if you had enough Karma. They actually valued your posts so much to drive people to /. that they allowed you to turn off all ads.

I used to hate that I never knew what my Karma was. But now I'm glad I didn't. It just turns people into narcissists as they try and go for more link and post karma. "Excellent" is all I needed to know.

Re:Seems to Be a Pattern of Behavior

[0100010001010011]

And when all you're doing is trying to communicate a few ideas with links. I shouldn't have to remember the full HREF specification to link out or ul,ol,li to make a list. For short terse online discussion it's a perfectly cromulent language.

Re: Seems to Be a Pattern of Behavior

+1 they are malware site. They are tarnishing good projects with their installer.

Avoid sourceforge, it is not a safe site.

Re:Seems to Be a Pattern of Behavior

Soylent? Nope. They aren't trying hard enough, and several people have quit submitting stories. Many others have left because of the low number of posted stories. Others have been banned because they're too smart for the others (I recall one of the earliest guys, Khyber, forced them to upgrade their stuff because they were too full of themselves in trying to get away from /. to read up on prior vulns when they installed the last version of SlashCode.)

Why would you want to go to an incompetent site like that?

Re:Seems to Be a Pattern of Behavior

[Culture20]

Keep in mind, FileZilla agreed to the malware installer, unlike GIMP.

Re:Seems to Be a Pattern of Behavior

[pop+ebp]

For the record, the FileZilla developers actually opted-in to this, several years ago, in some kind of revenue-sharing program with Sourceforge.

What is new is that SF now does it with "abandoned" projects without the owners' consent too.

Re: Seems to Be a Pattern of Behavior

They're right-wingers. Perhaps if that's your cup of tea, but I abandoned them a few months ago.

Re:Seems to Be a Pattern of Behavior

[stooo]

>> I've taken a look at Slashdot's homepage with no adblock or anything

Who would want to surf the net without adblock ?

Re:Seems to Be a Pattern of Behavior

[SirSlud]

They still let you turn off all ads if you have sufficient karma.

Re:Seems to Be a Pattern of Behavior

btw, his name is Bennett Haselton.

Re:Seems to Be a Pattern of Behavior

[0100010001010011]

Thanks. I haven't browsed unprotected in a long time.

Re:Seems to Be a Pattern of Behavior

Yeah, but I didn't agree to anything.

Re:Seems to Be a Pattern of Behavior

Slashdot has ads?
(I have an adblocker, you insensitive clod!)

Re:Seems to Be a Pattern of Behavior

[SScorpio]

Have you heard of http://ninite.com/?

You can install Filezilla directly from them without the bundled malware and other shenanigans.

Their installer does take away choice so software will install to the default location. But it skips desktop shortcuts, bundled toolbars, and other crap I don't want.

They work especially well when you are setting up a new PC, you simply select what you want to install and it will automatically install the latest versions of everything without you needing to track down individual installers or prompting you during installation.

Re: Seems to Be a Pattern of Behavior

They're right-wingers. Perhaps if that's your cup of tea, but I abandoned them a few months ago.

They beat their wives / girlfriends, too, I heard. I understand that they'll soon be abusing puppies.

Re: Seems to Be a Pattern of Behavior

And torture their data!

Re:Seems to Be a Pattern of Behavior

[AmiMoJo]

I think the boycott and the appearance of Soylent News really did it. They say what would happen, and changed course. Well done for doing that.

Re:Seems to Be a Pattern of Behavior

It's too bad that CBS and NBC didn't do as well when they were creating Fox News and Rush Limbaugh.

Re:Seems to Be a Pattern of Behavior

But we're all geeks here. I don't expect you to author a website in ed, but HTML links are kind of basic.

Re:Seems to Be a Pattern of Behavior

They're very picky on submissions, though, so the variety and community aspects aren't what Slashdot is.

Yeah, they're very picky, indeed. They only seem to allow through submissions that have already been posted on Slashdot earlier, or ones that are total rubbish.

Many of the submissions are from a small number of users with extremist agendas to push. These submissions will link to little-known or unknown sources, which upon further inspection are clearly pushing agendas, rather than delivering news in as impartial a way as is possible. Yet instead of being thrown out, these garbage submissions end up on the SoylentNews main page!

Very recently there was a massive editorial fuck up resulting in an apology.

Slashdot's submissions are sometimes shitty, but it's nowhere near as bad as it consistently is at SoylentNews.

Re:Seems to Be a Pattern of Behavior

[Kazymyr]

Yes, the checkbox is still there. But it doesn't do anymore what it says it should do. For a while it did, but not anymore.

And the Slashdot mobile site is even worse, with non-dismissable pop-over boxes that take up to 25% of the screen.

Re: Seems to Be a Pattern of Behavior

I don't think they're right-wingers, and surely not libertarians. Frequently the discussion there takes on an overtly left-wing slant. They're typically against the police, for example, unless it's a case of the police going against someone that these SoylentNews users dislike. Then it's perfectly fine with them. This is a typical left-wing attitude. Other examples include how they'll rush to the defence of people like Aaron Swartz and Michael Brown who very likely engaged in criminal behavior, how they militantly support open source software, how "white people" are allegedly responsible for everything bad that ever happens, how any questioning of climate change is met with ridicule, and how Obama can do no wrong. The moderation system there is also often used to suppress discussion that does not promote left-leaning ideals and opinions. When considering all of this, it's clear that their ideals can't be described as right-wing, they can't be described as libertarian, and they can't be described as centrist. They can be described as left-wing, however. That's due to the majority of the users there being left-wingers.

Re:Seems to Be a Pattern of Behavior

Here's the link to the repository

Re:Seems to Be a Pattern of Behavior

You bring up a good point. Another major problem at SoylentNews is that most people there can't comprehend the concept of a shared account like Anonymous Coward. They think that every Anonymous Coward is just one person, even when there are obviously many different people posting without logging in.

By the way, friend, the saying is "come on" or "c'mon", not "common". You look like a complete moron when you make mistakes like that.

Re:Seems to Be a Pattern of Behavior

[ShaunC]

I used to hate that I never knew what my Karma was. But now I'm glad I didn't. It just turns people into narcissists as they try and go for more link and post karma. "Excellent" is all I needed to know.

Has this changed on Slashdot? "Excellent" is still all I see. I know there used to be a hard cap of 50, but if that's changed and my "Excellent" translates to something >50, I don't see what that number is.

Re:Seems to Be a Pattern of Behavior

[FacePlant]

> Anyone buying the "busy weekend" excuse?

It has been a constant complaint about /. that the feed is slow.
This it certainly more obvious all these years later, compared to the unmoderated, crowd-sourced feeds of Reddit, etc.

Re:Seems to Be a Pattern of Behavior

[jellomizer]

Well probably busy weekend where he didn't see it escalate. But I expect for the most part this story doesn't sound that much newsworthy in begin with. I mean who in their right mind still uses sourceforge.

Re:Seems to Be a Pattern of Behavior

[timothy]

Y'know, a "tl;dr" line for every single story would be interesting -- good idea. I'm going to put that is as a feature request. I think that would be a cool thing on many sites, actually; it would be a cool thing if more newsy/texty sites had a checkbox to turn on that feature.

And I wish idiotic clickbait image ads (the "You'll never believe which naked celebrity said you should eat this one weird vegetable ..." ones) came with it, too, you could could at least kill the curiosity by knowing the answer to their tease questions. "It's Roseanne Barr! And the weird vegetable is just Boy Choi, nothing all that weird!"

Re: Seems to Be a Pattern of Behavior

[henryteighth]

Pro tip: go to filezilla website, go to the download page (left hand menu). Ignore the big green "download from sourceforge" button, and go for "show additional download options". The Windows installers linked to *there* are clean of all the sourceforge-bundled crap (well I only use the 64 bit exe version, but I presume the others are OK too)

Re:Seems to Be a Pattern of Behavior

If anyone is going to re-implement Slashdot, they should at least do moderation correctly.

The proper way to do moderation is to have the system choose posts at random to be moderated. In this way, every post has an equal chance of earning a high score, and so people are rewarded for taking the time to write a good post rather than being rewarded for being the first to post anything at all.

The way things are now, one can post relative garbage ten seconds after the story hits and as long as anyone at all agrees with what they've written, they'll receive positive moderation. Meanwhile, anyone who doesn't post until 6 hours later when there are hundreds of comments will rarely receive positive moderation on their post regardless of how good it is because no one is ever going to read it, they're instead going to read the 50 or so well-moderated posts so far and nothing else. Add in "karma" and you end up with a situation where certain people's opinions on every subject are always brought to the top for little reason other than that they are frequently one of the first people to post to any story and their opinions aren't terrible enough to invoke sufficient down-moderation.

The worst example of this nonsense was when Obama made a web site to take suggestions. When it was first announced on Slashdot I went there and there were about 50 postings to vote on at the time. I spent about an hour trying to make the most efficient use of the limited number of characters available and when I finished there were thousands. I then went through the voting process only to discover that there were only two ways to sort the posts: in the order in which they were received, or by top scores. However, no one was going to read through more than a few dozen before finding something else to do with their time, and so anyone who wasn't one of the first few dozen posters was never going to have anyone read what they submitted. It's no surprise that the top scoring comment was about the legalization of marajuana. While it is an issue people care about, people certainly care about other things a lot more, but there are a lot of drug-addicted losers on the internet and so it is no surprise that that issue was one of the very first to be submitted, and thus no surprise that it was one of the top-scoring posts. If they'd wanted that whole exercise to have any meaning whatsoever, they would have simply collected people's suggestions for a week, then invited everyone to return to vote, presenting each voter with as many randomly selected posts as they cared to vote on that day, which would likely give each issue at least ten votes, then select the top-scoring comments for a second round of voting where they'd receive more scrutiny by being voted upon by vastly more people.

Unfortunately no one cares that much about accurate scoring online. They just assume that if you accept any input at all and do anything with it at all, you'll magically end up with sensible results that represent something useful. That's just not true. In reality it's another case of garbage in, garbage out.

Re:Seems to Be a Pattern of Behavior

no its common as in a common peasent (see 4, 5 and 7).

common
[kom-uh n

adjective, commoner, commonest.
1.
belonging equally to, or shared alike by, two or more or all in question:
common property; common interests.
2.
pertaining or belonging equally to an entire community, nation, or culture; public:
a common language or history; a common water-supply system.
3.
joint; united:
a common defense.
4.
widespread; general; ordinary:
common knowledge.
5.
of frequent occurrence; usual; familiar:
a common event; a common mistake.
6.
hackneyed; trite.
7.
of mediocre or inferior quality; mean; low:
a rough-textured suit of the most common fabric.
8.
coarse; vulgar:
common manners.
9.
lacking rank, station, distinction, etc.; unexceptional; ordinary:
a common soldier; common people; the common man; a common thief.
10.
Dialect. friendly; sociable; unaffected.
11.
Anatomy. forming or formed by two or more parts or branches:
the common carotid arteries.
12.
Prosody. (of a syllable) able to be considered as either long or short.

Re:Seems to Be a Pattern of Behavior

[radarskiy]

Never attribute to malice what can be adequately explained by incompetence.

What is more likely, that Slashdot was successfully engaging in a cover up, or that they failed to establish editorial coverage over a weekend?

Re:Seems to Be a Pattern of Behavior

It's not like they have a business to run, one that would require a second person to accept posts just in case the first one met with an untimely accident. I guess their bus number is 1.

Re:Seems to Be a Pattern of Behavior

[codemachine]

https://pipedot.org/ has a lot of potential, but doesn't have the traffic of this site or Soylent.

Re:Seems to Be a Pattern of Behavior

[Hotawa+Hawk-eye]

Naked Roseanne Barr eating weird Boy Choi? (DO NOT WANT)^20, pass the jumbo bottle of brain bleach please.

Re: Seems to Be a Pattern of Behavior

Mit and the journal repository didn't want to press charges against Arron Swartz. The prosecutor tried to make an example of him because he was so well known. And he had legal access to the papers he was downloading as a student at mit.

Re:Seems to Be a Pattern of Behavior

[Canth7]

No, I do not buy into the 'busy weekend' excuse. Sounds like CYA bullshit to me.

Re:Seems to Be a Pattern of Behavior

[fustakrakich]

If this is where your interests are, Soylent has forked an re-opened Slash...

Careful! They got unicode. You already know what that can do to your iPhone.

Re:Seems to Be a Pattern of Behavior

You do bring up the point that slashdot.org should have gone .com a long time ago.
Yes, I know that the non-profit qualification for .org went away, but still- it would be the decent thing to do.

Nah- who am I kidding... it will never happen.

Re:Seems to Be a Pattern of Behavior

[readingprofile]

I suspect this will not get noticed, but for what it's worth...

You CAN download the clean, non-ad-infected version of FileZilla from its official web site... you just need to know how:

Go here: https://filezilla-project.org/...

That link can also be found by going to the FileZilla download page and clicking on "additional download options". You will notice the binary downloads have a URL ending with ?nowrap, which tells SourceForge to point to the clean builds only.

Re:Seems to Be a Pattern of Behavior

[thegarbz]

So kudos for listening.

They didn't listen. They were ground into submission by an angry mob who were wreaking the very project they were defending. I mean this in a good way. It was a high-impact revolt that was sure to get noticed and forced the hand of the site owners by making it very clear that a) the existing customers cared little for their shit, and b) that new potential customers ended up at a news aggregating site where all comments are filled with hate for the very site they were on.

It's not kudos for listening. Just be thankful they didn't drive the entire site into the ground with their ignorance. Heck the Beta thing went back for many many months with certain accounts and visitors, the complains from the site were the same complaints as their mobile site had long before (and still has to this day). The rollout was incredibly poorly managed and they backtracked under extreme pressure.

Re:Seems to Be a Pattern of Behavior

> They're very picky on submissions, though, so the variety and community aspects aren't what Slashdot is.

I disagree. I've been at soy since the first week and I watch the submission queue all the time. The problem isn't about being picky, its about low volume. Soylent needs more (active) users. Come over and contribute. We promise not to bite.

Re:Seems to Be a Pattern of Behavior

[penguinoid]

Yes, if they did it once are you really going to risk them doing it again? I updated my sig to link to Google's "report malware sites" page. If they take a big enough hit, maybe next time a greedy bastard buys a useful website, they might keep it useful for fear of the backlash no matter how tempted they are to make a quick buck at their users' expense.

Should have done this ages ago, when they started serving crapware disguised as a download button.

Re:Seems to Be a Pattern of Behavior

[ihtoit]

shut up, Wesley.

Re:Seems to Be a Pattern of Behavior

[tehcyder]

>> I've taken a look at Slashdot's homepage with no adblock or anything

Who would want to surf the net without adblock ?

Well, people at work who aren't allowed to install add-ons or alternative browsers, for one.

Re:Seems to Be a Pattern of Behavior

[tehcyder]

btw, his name is Bennett Haselton.

And alas! he is no longer a regular contributor.

Re:Seems to Be a Pattern of Behavior

[kiddygrinder]

they had years to do this shit and failed at it. they did this kind of half hearted upgrade of the site and it's better but ultimately only a little bit better. kind of like sourceforge.

Re:Seems to Be a Pattern of Behavior

[0100010001010011]

They fell to the same problem that most websites fall to. They failed to change.

There is no reason a site for nerds shouldn't have had full unicode support years ago.

Re:Seems to Be a Pattern of Behavior

[painandgreed]

>> I've taken a look at Slashdot's homepage with no adblock or anything

Who would want to surf the net without adblock ?

Well, people at work who aren't allowed to install add-ons or alternative browsers, for one.

...and people who find installing and keeping such ad block software up to date as tiresome as the ads themselves as they must not go to the same annoying ad infested websites as most people (probably porn).

Re: Seems to Be a Pattern of Behavior

[dave420]

The majority of the world are left-wingers. Deal with it, gramps.

Re: Seems to Be a Pattern of Behavior

Your first paragraph is correct. But this:

"Aaron Swartz got what he deserved."

Shows you for the sociopath fucktard that you are.

Re:Seems to Be a Pattern of Behavior

If you're interested in helping to contact DHI Group Inc. for SF's potential violation of their Code of Ethics, gathering evidence, and sending the message to the greater mirroring community that wrapping FOSS projects in malware is unacceptable, there is a board set up at 8chan.net (an open-source Freedom-respecting imageboard) to help coordinate efforts, evidence, and discussion. Though it is still in its infancy, we are in need of people who care about FOSS and want to see Sourceforge hit where it hurts.

https://8ch.net/sourcefraud/

Re:Seems to Be a Pattern of Behavior

If you're interested in helping to contact DHI Group Inc. for SF's potential violation of their Code of Ethics, gathering evidence, and sending the message to the greater mirroring community that wrapping FOSS projects in malware is unacceptable, there is a board set up at 8chan.net (an open-source Freedom-respecting imageboard) to help coordinate efforts, evidence, and discussion. Though it is still in its infancy, we are in need of people who care about the public image of FOSS and want to see Sourceforge and other responsible parties held accountable.

https://8ch.net/sourcefraud/

8chan's privacy policy can be found here:
https://8ch.net/privacy.pdf

If you have questions about 8chan in general, please read the FAQ.
https://8ch.net/faq.html

Disclosure: I am not financially invested in 8chan.net, nor am I making any money off of sharing this board. Please enable your Adblocker before visiting, by all means.

Re:Seems to Be a Pattern of Behavior

If you're interested in helping to contact DHI Group Inc. for SF's potential violation of their Code of Ethics, gathering evidence, and sending the message to the greater mirroring community that wrapping FOSS projects in malware without the creator's consent is unacceptable, there is a board set up at 8chan.net (an open-source Freedom-respecting imageboard) to help coordinate efforts, evidence, and discussion. Though it is still in its infancy, we are in need of people who care about the public image of FOSS and want to see Sourceforge and other responsible parties held accountable beyond a temporary PR fiasco.

https://8ch.net/sourcefraud/

8chan's privacy policy can be found here:
https://8ch.net/privacy.pdf

If you have questions about 8chan in general, please read the FAQ.
https://8ch.net/faq.html

Disclosure: I am not financially invested in 8chan.net, nor am I making any money off of sharing this board. Please enable your Adblocker before visiting, by all means.

Re:Seems to Be a Pattern of Behavior

[antdude]

But once in a while, they get unchecked to enable the ads. Sometimes I never notice because I am using ABP extension. ;)

Re:Seems to Be a Pattern of Behavior

Thank you I didn't know about this site. I just went there and it looks like good bye slashdot. Its sad though I have been reading here for years but your right this site has gone down hill since it was sold out.

It is shameful that a site like this that has made its living off of promoting open source would pollute open source applications with marketing shit. It goes to show the owners of this site have no morals and bought this site to only make a buck.

No longer are the geeks in charge here all that is left is marketing whores. Oops I should say marketing shits or somthing. I shouldn't insults whores they have better ethics as a whole.

Re:Seems to Be a Pattern of Behavior

you did. whether you can read or not remains suspect

Re:Seems to Be a Pattern of Behavior

Sorry but Soylent News is not Picky!

It is absolutely full of Hugh Pickens shit....

Re:Seems to Be a Pattern of Behavior

[Xest]

Have they actually said Bennet is gone, or is it just that they haven't posted anything for him in a while? I must've missed this victory against Bennet and I need to know the gossip!

Re:Seems to Be a Pattern of Behavior

[AmiMoJo]

No statements, he just seems to have stopped posting.

Re:Seems to Be a Pattern of Behavior

[Xest]

Ah, I wont hold my breath as I think there have been gaps before though, I notice Jeff Cogswell got another post this week too, and really, Jeff Cogswell is just another manifestation of Bennet, albeit slightly more on topic, though still fundamentally useless and wrong about everything.

For future reference

[tomhath]

(And for future reference, user submissions are easily found in the firehose, listed in the order they appear, newest first.)

Just curious here. Does voting a submission up or down have any effect on whether it's accepted? It seems some stories appear on the front page as soon as they're submitted, others languish for days. Gives the impression the editors are selecting stories based on some agenda other than what slashdot readers want to see.

Re:For future reference

[Soulskill]

When we select submissions, voting is the strongest factor, but it's not the only factor — timeliness, factual accuracy, the degree to which it's on topic, and several other characteristics all factor in. For example, we're not going to run a 5-year-old story no matter how many people vote it up, nor a story about the sun being made of freshly chopped artichoke hearts.

Re:For future reference

And they won't run a story critical of Dice until they persuade the corporate overlords that it's too late to stop it.

Re:For future reference

[Rei]

Yeah, because this is untimely, facturally inaccurate, five years old, and equivalent to a story about the sun being made of freshly chopped artichoke hearts? Meanwhile things like this and this are timely wellsprings of useful information?

And care to respond to the people mocking your "busy weekend" excuse, given that your weekend appears to be five days long and your "the main reason it's late" post which gives an entirely different reason for the delay?

Re:For future reference

[Soulskill]

As I've mentioned elsewhere, you're talking about two different things. The reason it wasn't posted immediately is that we were attempting to put together a more detailed post. The reason I posted it now is because people started getting upset and suspicious about our lack of a post.

Re:For future reference

[serviscope_minor]

First, thanks for coming on the thread to answer questions.

Out of interest, what is the criteria for the editorial staff putting together a post. Most of the front page stories are more or less exactly as the submitter submitted them. Under what circumstances do you generally exercise this kind of editorial control?

Re:For future reference

[Sir_Real]

Well this is a fucking joke. All of those submissions were factually accurate and timely. They weren't about artichokes and they weren't five years old.

It is pretty clear that this was buried intentionally. The excuse that you wanted to wait to discuss internally and provide more information is stupid. STUPID. You've done nothing of the sort and there were submissions prior to this were acceptable by the criteria you've outlined.

Admit it. This was buried. Someone was scared or coerced.

Re:For future reference

[0100010001010011]

timeliness, factual accuracy, the degree to which it's on topic, and several other characteristics all factor in.

Factual accuracy and degree on topic hasn't stopped Slashdot from trying to shoehorn a SJW narrative in or other stuff that would have never been relevant on slashdot a decade ago.

This isn't Reddit, quit trying to shove what ever narrative Dice is pushing and leave it about tech. You're certainly not going to lure any teens and 20 somethings to Slashdot and all you're doing is pissing off all the Slashdotters here that would stay if it wasn't for shit like this.

Re:For future reference

Disinclination is not the same thing as not being able to. Soulskill has editorial control and can post whatever he wants. I don't think they have much of hand in the day-to-day at Slashdot, and Sourceforge is almost certainly a foreign country. It is a professional courtesy to ask Sourceforge what is going on with this before running the story, and theoretically in that instance you might CC someone at Dice, assuming someone there has responsibility for Sourceforge.

I really don't know what you're imagining this situation is. Dice is not an evil editor-in-chief with pointy hair and horns. It's a separate corporate entity that isn't in the same business as Slashdot. There is not as much oversight as you seem to think.

Re:For future reference

[Khyber]

" For example, we're not going to run a 5-year-old story no matter how many people vote it up"

This is slashdot. 5 years old story is considered RECENT.

We've already seen you post stories over two years old, so I don't know who you're trying to fool.

Re:For future reference

[pop+ebp]

OK, that's actually a reasonable explanation.
Though it would have been more believable (and prevented some angry comments in this thread) if you wrote this in the summary.

Re:For future reference

But if it's "3D Printing" it does not matter how useless and repetitive it is. It gets published.

Re:For future reference

[RoccamOccam]

I can only comment on stories that I've posted, as I don't see other submissions, but my posts have been edited many times (maybe every time). In my opinion, the editing always improved on what I submitted.

Re:For future reference

It is a professional courtesy to ask Sourceforge what is going on with this before running the story

A courtesy that is not extended to non-Dice properties, and one which Soulskill hasn't even claimed to have extended to Sourceforge.

Re:For future reference

Well at least one man wants to tell the story while smoothing things over.

Re:So?

[pop+ebp]

This is news because Sourceforge used to be trustworthy.
It used to be a respected site where open-source developers could host their binaries without fear of someone tampering with it.

Haven't they been doing this for months already?

[Narcocide]

I thought this was old news though. What is new about it this time? How is anyone even surprised, with the types of ads they would fly on that site?

Re:So?

[serviscope_minor]

As much fun as it is for the conspiracy theorists here to presume Slashdot is some tyrannical overlord, I figured there was a different reason for not posting it

ITYM Dice, not slashdot, who also holds Sourceforge. Anyway, it was all over the tech news and all over the firehose. This story is very belated. Now, sure, soulskill may have been away, but it's not like no new stories were put on the front page in the intervening time.

It's hardly paranoia that a company attempts to control its image on the "properties" that owns.

Re:Douch move for sure on SF

[AthanasiusKircher]

Aren't we all smart enough to turn off the adware during install?

No -- most people just keep clicking "OK" until the install is finished. Just like most people keep signing pages or initialing forms when presented with a bunch of paperwork... they stop reading the details.

The number of people who actually stop and read everything they sign is similar to the number that consider all the options during install scripts -- and that number is VERY SMALL.

(Small anecdote -- quite a few years ago I signed the rental agreement for my first apartment. I was told to initial each of the 10 pages or so and sign the final page. I stopped and read the thing before doing so. My landlord -- who managed something like 40 apartments and had been doing so for a couple decades -- said he could only recall one other person who read the whole rental agreement before signing. And I actually discovered some really interesting rental policies while doing so.)

Also, more on point -- there's the rather obvious evidence that companies wouldn't bother bundling adware if no one ever installed it.

I even know some old people who turn off "add-ons" that they don't need.

And I even know many young people who don't seem to pay any attention while installing and end up with all sorts of weird "add-ons" and don't know how they got there. What's your point?

Re:Haven't they been doing this for months already

Project maintainers have been able to opt-in to adware installers (eg. FileZilla), the news is that SourceForge are hijacking complete projects they claim are abandoned, and replacing the binaries without the real developers having a say.

Re:So?

[houstonbofh]

If they are modifying the binary, would that not make it a derivative work? And so by the license, would that not make it a violation to call it "Gimp?" I know that would be the case on my FOSS project.

Note to self

Note to self: never use SourceForge.

Re:Douch move for sure on SF

[NotDrWho]

Hard to believe that Sourceforge was once a fairly reputable place to download software from. Seems like a millions years ago now.

Re:Haven't they been doing this for months already

They were doing a developer opt-in scheme for a while with revenue sharing from the ads. Now, they claim that the project was abandoned for 18 months despite multiple releases being posted in that time. So they took over the project and started added ads to the installer without developer permission.

So this is new.

stopped using sourfeforge after filezilla

a year or so back they started doing that with filezilla.....and its malware NOT adware

Re:stopped using sourfeforge after filezilla

[Rei]

Not only do they bundle it with adware, but they've apparently sabotaged GIMP too - for example, they apparently changed the save dialog so that you can only save XCF files and have to click through a "you have unsaved changes" warning when you export to a different format. They added an very difficult to precisely adjust sliders to things like brush size. They took out 16 bit color support. Basically, sourceforge has really totalled GIMP. ;)

Re:stopped using sourfeforge after filezilla

[ColdWetDog]

You mean they've gimped GIMP?

Re:stopped using sourfeforge after filezilla

Can anyone verify?

Re:stopped using sourfeforge after filezilla

[zenbi]

but they've apparently sabotaged GIMP too - for example, they apparently changed the save dialog so that you can only save XCF files

These changes affect the Linux version too; and I agree, they are kind of annoying.

Re:stopped using sourfeforge after filezilla

Sourceforge, GIMP, malware - three things that pretty much everyone hates!

Re:stopped using sourfeforge after filezilla

[geminidomino]

Actually, it was the GIMP team themselves broke saving in 2.8. (If they've since fixed it, then sourceforge probably just doesn't have the updates).

Their GNOME-like "reasoning" was that "professional" users wanted to save in XCF, and that amateurs should just use something else. It rang pretty hollow when the gold-standard Photoshop didn't behave the same way.

Re:stopped using sourfeforge after filezilla

[Jiro]

they've apparently sabotaged GIMP too - for example, they apparently changed the save dialog so that you can only save XCF files and have to click through a "you have unsaved changes" warning when you export to a different format.

This wasn't done by Sourceforge, this was done on purpose by the maintainers of GIMP, because they're idiots.

Re:stopped using sourfeforge after filezilla

> Actually, it was the GIMP team themselves broke saving

I thought the parent post was shooting for a funny moderation.

Sourceforge bundling crapware can't do much to ruin its already crappy reputation.

Re:stopped using sourfeforge after filezilla

[painandgreed]

Their GNOME-like "reasoning" was that "professional" users wanted to save in XCF, and that amateurs should just use something else. It rang pretty hollow when the gold-standard Photoshop didn't behave the same way.

And that few if any professionals have heard of XCF. Really, making something that is "eXperimental" in the name part of the default workflow?

Re:So?

[EmeraldBot]

This is news because Sourceforge used to be trustworthy. It used to be a respected site where open-source developers could host their binaries without fear of someone tampering with it.

Yeah, I know. USED to be. Seriously guys, they've been doing stuff like this since 2013. I remember telling it to everyone back then, but was only met with dismissal. Why is everyone so outraged now? Here, here's a blog post from that period where they started it. Did nobody keep up with what was going on? Did nobody use Sourceforge at all in that time period?

I know I sound incredulous, but it's because I am. I've known about this for years, yet nobody cared at all. I don't know why GIMP is a special snowflake compared to the other projects whose reputations they've ruined in the meantime, and I'm pretty sure even GIMP's had this installer for quite a bit longer than this last week (I don't know for sure, I don't use GIMP to be truthful).

Don't you feel any shame?

Any at all for being so closely affiliated with a company distributing adware and using deceptive practices riding on the backs of open source?

Re:Don't you feel any shame?

[NotDrWho]

I'm pretty sure that the ability to feel shame is bioengineered out of all Slashdot employees as part of the orientation process.

Re: Don't you feel any shame?

FileZilla is installing malware, not adware.

Sorceforge is a warez site now.

Re: Don't you feel any shame?

Well, hopefully the people responsible go to prison in accordance with the Computer Fraud and Abuse Act. Finally something useful would come of that law.

Re:Douch move for sure on SF

[ThePhilips]

Do you even have an experience with such malware ridden installers?

The creators abuse every possible linguistic trick on the book to confuse the user about what s/he had selected and what is going to be installed. Sometimes even blatantly lying and claiming that something will not work properly if you choose not to install the optional "performance enhancer".

I had to deal once with such installer for a freebie game, which was bundled with 5(?) pieces of malware. Luckily for me it was an InstallShield which was showing a summary screen of what is going to be installed before doing anything. I had to go through the install wizard three times before the summary screen was showing that only the game itself would be installed. The last one was the trickiest: in description they used effectively triple negative and user had to actually check the box to not to install the malware.

Re:So?

[serviscope_minor]

The GIMP is GPL'd so they can make derivative works all they like so long as they're also GPL'd. Mere aggregation (i.e. putting some other crap plus gimp in the same installer) doesn't make the other aggregated things have to fall under the GPL, as is specified in the license.

Re:Douch move for sure on SF

[LVSlushdat]

For those who still use Windows and want GIMP (and a LOT of other opensource and freeware Windows programs) you can't beat Ninite.. https://ninite.com/ Ninite does all of the work to make sure you only get the desired opensource program and NONE of the crapware/malware garbage that so many installers are adding on today.. (Yes, I'm looking at YOU, Oracle... You and your fuckin' Ask toolbar on Java installs)... Thankfully I've switched completely to Linux and don't have to worry about that crap...

Listed in the order they appear

I've never not seen a list listed in the order it appears.

Re:So?

[LVSlushdat]

(cough) Ninite (cough) .... The ONLY way to get GIMP and a LOT of other good stuff freeware/opensource programs for Windows.. Back when I still used Windows, I wouldn't be without it...

Re:So?

[Megane]

GPL covers the rights to use and distribute code. I was not aware that it also included the right to use of trademarks. (Assuming GIMP was even properly trademarked.) See also "Iceweasel".

My experiences with SourceForge

[jdeisenberg]

1) I recommended an open source screencast recorder for Windows to a co-worker. She downloaded it from SourceForge, it loaded adware on her system and made her system pretty much unusable. It cost her quite a bit to have her system restored (she wanted to have it done professionally to make sure it was done right). The next time I recommended some other open source software, her response was "No, I don't want to go to that time and expense again. I don't trust anything Open Source any more." Thanks, SourceForge!

2) I call bullshit on SourceForge's assertion that their adware only comes with projects that aren't actively maintained. There have been a lot of complaints about FileZilla downloads (see, for example, https://forum.filezilla-projec...), and it is definitely a very active project.

Re:My experiences with SourceForge

[pop+ebp]

2) I call bullshit on SourceForge's assertion that their adware only comes with projects that aren't actively maintained. There have been a lot of complaints about FileZilla downloads

FileZilla developers actually opted-in to this though.

That is not the case with GIMP.

Re:My experiences with SourceForge

That is not new. I personally think the project owner willfully enabled the malware installer, because this topic has been brought up multiple times, and each time he insists there isn't any malware by referring to the all-files section.

Re:My experiences with SourceForge

Sorry, I meant the FileZilla project owner.

Re:My experiences with SourceForge

I will add, the filezilla installer within the past year has become unsafe to use in any way on windows.
IF you decline the installs in the installer, BUT agree to install filezilla, THEN the EULA will contain language that allows the installation of malware.

NO SAFE CHOICE, READ THE EULA

Re:My experiences with SourceForge

1) I recommended an open source screencast recorder for Windows to a co-worker.

Recommend the Java.com Java to her, tell her it is closed source from Oracle (in contrast to the OpenJDK). The likelihood of her installing the optional Ask Toolbar is nearly 100%.

I call bullshit on SourceForge's assertion that their adware only comes with projects that aren't actively maintained.

You should check your reading skill, that is not what SourceForge asserted, in the case of FileZilla it is the FileZilla maintainers that make use and profit of SourceForges adware themselves.

Re:My experiences with SourceForge

[JohnnyBGod]

As a recent victim of FileZilla, I must point out that FileZilla has actually agreed to have "bundled software" in the installer, and the fact that some of that is malware doesn't seem to faze them. Thankfully the one I got was easy enough to remove.

Re:My experiences with SourceForge

paraphrasing the EULA : By installing FileZilla, we are going to install all that crap you just worked around in the installer, or similar 3rd party special offers.

google+

found the one active google+ user

Re: Haven't they been doing this for months alread

[Bing+Tsher+E]

It is particularly an issue with The GIMP because it is an open-source gateway program. GIMP is the first open-source software that some people directly experience. I know artists who use it and it's their first contact with the open source community. Sure, they use a lot of OS software without knowing, but this is a highly visible individual program.

Lots of geeks suggest The GIMP to their friends who are otherwise pirating Photoshop or languishing in MS Paint. It's just not a good thing for them to end up downloading malware laden crap because they went to a page Google found for them and not the real download site.

dupe or new info?

[gl4ss]

I remember seeing pretty much this same story last week on slashdot!?

is it an update to the story or is it a dupe?

Re:dupe or new info?

[RavenLrD20k]

It never posted to the front page, but several people made postings about this to the Firehose and when it was seemingly ignored for several days after many up-votes, /. users started hijacking threads (in many cases thwarting the "first post" trolls) as their method of recourse to bring attention to the general user-base that there was an FOSS story of relative importance that was not being put on the front page. This didn't look too good on the eds since it was a negative piece about SourceForge which led to the hijackers making claims of conspiracy and censorship on the part of /. and Dice. I have to admit, Soulskill may have been on vacation, but someone was running the wheels of /. since Wednesday and making a popular post in the Firehose disappear...multiple times.

Re:dupe or new info?

Yep, the six-day weekend excuse is just classic whitewashing. It's not fooling anyone with two or more brain cells.

Re:dupe or new info?

[Zero__Kelvin]

"I remember seeing pretty much this same story last week on slashdot!?"

You remember a different Slashdot than everyone else on the planet.

Re:dupe or new info?

It never posted to the front page, but several people made postings about this to the Firehose and when it was seemingly ignored for several days after many up-votes, self important wankers started hijacking threads (in many cases thwarting the "first post" trolls) as their method of recourse to bring attention to the general user-base that there was an FOSS story of relative importance that was not being put on the front page.

FTFY

Re:dupe or new info?

[RavenLrD20k]

Doesn't injecting your own judgemental opinion into someone else's post and then re-broadcasting it make you a self-important wanker? or is that nullified by making sure you post as an AC?

Whether or not they were self-important wankers is a matter of opinion (one that I do agree with, but I was trying to keep my opinion out of my post). The fact is that, self-important wankers or not, they were slashdot users who felt they were justified in hijacking threads to ensure that an issue they felt important and being ignored was seen by the general slashdot population.

Re: Douch move for sure on SF

Or do like Apple does and require you to install all the parts of Itunes including crap in the file that can be installed independently after being extracted. I don't want most of the garbage, but they seem to think I need it.

Re: So?

Right and Gimp is going to have to do something about it or risk losing any trademarks they have. One of the few things about IP in the US that's actually sensible.

Enough is enough

[Pollux]

OzPeter,

Soulskill has apologized. Repeatedly, and professionally. Accept it and move on.

Re:Enough is enough

[Richard_at_work]

So why the fuck should he bother? His reasons seem plausible enough, and yet it seems that you wouldn't accept anything short of him saying "yup, its a conspiracy theory, my overlords required me to not post it until this morning while they hoped it would all go away"...

Also, you aren't due an apology, not even one little one.

Re:Enough is enough

[OzPeter]

So why the fuck should he bother?

Because regardless of how good his reasons are, what is more important is how his apology is perceived. There is a huge difference between saying "Yeah, I'm sorry", and saying "Yes, we fucked up in how we treated this story. Sorry, we'll try and do better next time".

Re:Enough is enough

There is a huge difference between saying "Yeah, I'm sorry", and saying "Yes, we fucked up in how we treated this story. Sorry, we'll try and do better next time".

There's also a huge difference between: 1) Soulskill doing what he thinks is best and 2) Soulskill molding his behavior to your obsessive-compulsive demands. Goddamn, Oz, if you even have any, I feel sorry for the kids you've compulsed into adulthood- no telling how many little Oz-Neurotics you've turned loose on the world, daddy-dearest.

Oh, look at the time- shouldn't you be emotionally abusing your wife about right now?

Re:Enough is enough

Actually, yeah he is. It's customer service. He's a customer. See those banner ads all over the fucking screen? That's revenue being generated off of your patronage; that makes you a customer, and customers are due at least a modicum of common decency and respect, lest they take their business elsewhere. That's how business works, and businesses that don't figure this out don't stay businesses for very long. So stick your fucking attitude, because in the grand scheme of things, he's just asking a customer rep to do his damned job.

Re:Enough is enough

[ancientt]

What banner ads? Between directly supporting /. and Adblock, I don't see any. Of course since I'm paying them, I do have some expectation of professionalism. This seems like the sort of thing the sainted Commander Taco himself would have done, up to a point, except I'm not sure the saint himself would have been as patient and understanding of the asshattery I've seen in this thread.

Re:Enough is enough

[ancientt]

Me neither.

Re:Enough is enough

No. Blaming a busy weekend is absolutely unprofessional and disingenuous.

Re:Enough is enough

Oh christ this is so fucking important, isn't it? For god's sake you aren't woodward and fucking bernstein. Get the fuck over yourself.

BRAKING NEWS!!!

[ArhcAngel]

Stop the presses! /. has an editor?

Re:BRAKING NEWS!!!

No, he only plays one on TV.

Re:So?

[meta-monkey]

I didn't know because until earlier this year I did absolutely nothing on Windows.

People Still Use Sourceforge?

[Greyfox]

I've classified Sourceforge as a malicious site for a long time now. Is there some reason other than their early history with the open source movement that they're still around? It seems like they've been trading on and abusing that good will for a VERY long time.

SubjectsSuck

[aardvarkjoe]

The original announcement for when Sourceforge added the "feature" of injecting malware into installers said that the money earned would be shared with the developers. So I have to wonder: did they send the GIMP a check? Have the GIMP developers demanded that Sourceforge do so?

On the assumption that Sourceforge did not, it seems like they've just burned a bridge that they shouldn't have. They killed any trust that users would have had for SF projects a long time ago, but developers who were willing to sell out have stuck around. But now that developers know that SF is willing to just assume control of a project (and the associated profits), why would any developer continue to use SF.

Re:SubjectsSuck

[aardvarkjoe]

By the way, thanks for posting this, Soulskill.

Frankly, the excuse of why it took so long is pretty lame -- we're supposed to believe that it's just a coincidence that the story critical of a /. sister site is the only one that got delayed for several days? -- but at least now it's been acknowledged.

PR Rule: Always disclose a conflict of interest

[dcooper_db9]

How is it possible that you got blind-sided by this story? For a company with media holdings Dice sure does a lousy job of handling public relations. It's not like slashdot is the first publisher to have a conflict of interest involving it's parent company. The smart thing would have been to simply disclose up front the fact that slashdot's parent company owns sourceforge.

OK, a practical question from a SourceForge user

[Ulric]

As someone who actually uses SourceForge in the way it was originally intended, i.e. a place to host one of my software projects, this is certainly something I would not want to happen. What is a good alternative? Right now I mostly put release tarballs on SourceForge, the git repository and wiki pages have already moved to GitHub.

Trust

[Andy+Smith]

I blanked my Mac a few weeks ago and when I started reinstalling software I got some survey crap popping up on my screen asking for my details. Turns out it was the SourceForge installer for FileZilla that had sneaked it through. Googling it threw up enough horror stories to make me just blank the Mac again and start over. I'll never download anything from SourceForge again. A decade of trust destroyed in one stupid move.

Re:So?

Host your own stuff and sign your downloads, or at least publish hashes. Come on folks, how often do you need to get bitten? "Trust" is an irrelevant concept when dealing with businesses.

Re:OK, a practical question from a SourceForge use

Since you're already using GitHub..

Note what they mention at the end:

You can also attach binary assets (such as compiled executables, minified scripts, documentation) to a release.

Check out FileZilla and how they handle it

[future+assassin]

This one is voluntary though. I even got the crapwere when I denied the install.

https://forum.filezilla-projec...

Re:Check out FileZilla and how they handle it

[Osgeld]

here's how I handle filezilla

stopped using it, frankly it wasnt even that grand of a program to begin with, just easy to remember heh so fuck-em, bout the same time I stopped downloading anything from sourceforge

Re:Check out FileZilla and how they handle it

[KGIII]

I bought a copy of AbsoluteFTP way back many moons ago. It came with lifetime upgrades back then. I do not think they make it any more. Anyhow, I have what I believe is the last version and it works on any Windows OS I have tried it on. You can, if you want, find it via other means.

Thanks Soulskill

What about the other editors? You're not the only one left manning the ship, right?

Re:Thanks Soulskill

What about the other editors? You're not the only one left manning the ship, right?

Paging back through some of the recent posts shows that it's pretty much just Timothy, Samzenpus, and Soulskill posting. The FAQ says that Unknown Lamer and Nerval's Lobster are also editors, but that's probably woefully out of date. (Updated February 2013. Hint: maybe that doc should be updated once in a while)

With only three people posting stories and whatever else it is that the 'editors' do (no, really, I have no idea how picking some submissions takes an entire working day, but that's neither here nor there) it's not too hard to imagine that the 'editors' load up a queue of newsposts and then let the site run more or less on autopilot, especially during off-hours or the occasional 5-day weekend.

Dice handled this case really bad

[cheesybagel]

What was the problem? Was it the bandwidth costs? AFAIK most of the files you can download from SourceForge are actually not served by SourceForge itself but by mirrors. So those guys are shouldering the brunt of the costs not you. By doing something like this I would not be surprised if some of the mirrors decided they do not want to work with you anymore.

If you wanted the extra revenue by bundling ads with applications you should have done this explicitly with a prior public notification of this being done. For example News.com for a couple of years now bundles their own installer with the downloads they provide. I've seen other places do the same thing. But you should always be able, as a user, to disable the adware installation. Also the user should know before downloading a binary that it has adware in it. Not stealth adding it without people knowing about it. Last but not least hijacking someone else's account for these shenanigans was quite pathetic and fail. This was all handled quite poorly.

A lot of people have been leaving SourceForge as is because it has worse Git integration than other more recent sites and this is just another nail in the coffin.

Re:Dice handled this case really bad

[cheesybagel]

s/News.com/Download.com

Re:Dice handled this case really bad

[cheesybagel]

I also want to add that the binary downloads service SourceForge that provided was one of the few remaining distinguishing useful features in it.

What about Audacity?!?!?!

They fucked audacity up quite a bit. SF is clearly shit.

So who can we trust?

[Remus+Shepherd]

Sourceforge used to be the one site I trusted to not contain adware and viruses, because it was near-impossible to add those without the OSS community noticing them. Now they're fuxing with the code after community review.

What sites still exist that I can trust? Sometimes I need to download apps and code, like when I'm loading up a new PC. Are there any remaining software/shareware sites that do *not* stuff their downloads full of malware?

Re:So who can we trust?

[be951]

If you use Windows, I like ninite.com as a starting point. Strips out the opt-out extras (toolbars, junkware) and gives one installer for as many of their supported programs as you want to include. Also, wikipedia has a decent list of source repositories. But as with anything, when downloading, caveat emptor.

Re:So?

Speaking of which: Does anyone know if SF provide source code for their malware? Otherwise it seems rather like a GPL violation to me. (I'm not downloading that stuff to find out.)

Re:So?

[pop+ebp]

they've been doing stuff like this since 2013. I remember telling it to everyone back then, but was only met with dismissal. Why is everyone so outraged now?

Because back then they were doing it only for projects whose maintainers consented to it. (as a kind of twisted revenue-sharing program)

Now they are hijacking the installers of so-called "abandoned" projects, and locking out the owners too.

Re:So?

[Remus+Shepherd]

Seriously, if you're downloading from a third-party mirror, why would you not check the hash of the binary compared to the original? I mean, why would anyone even use Sourceforge for this in the first place? The official website has the official versions, and whatever distro you're using has screened versions in their repos.

Where is the official website? The GIMP is easy; Google knows that it originated at gimp.org. But a search also brings up GIMP at 'softtonic', 'gimpshop', CNet, and TechRadar -- all of which probably have added malware. If the program were more obscure, finding the correct link would be more difficult.

It would be nice to have one site that served trustable downloads for shareware and open-source code. Sourceforge used to be that site.

WARNING: WOT still flags SF as "Trusted"

[FreeUser]

This behavior should get SourceForge blacklisted as both cyber-squatters and adware, possibly malware vendor.

I agree 100%. 10 years ago sourceforge was a great site. Now it's basically a malware haven. Unfortunately, plugins like Web of Trust (WoT) seem to have been slow to catch up ... WoT is still marking sourceforge as green ("trusted"). Perhaps blackholing the site in DNS really is the best answer...

This whole thing is a lie. Lawsuit Info In Post

[Khyber]

http://danluu.com/slashdot-sou...

SF claims the project was abandoned in 2013.

To quote another user from Ars:

"the files page has the folder GIMP + GTK+ (stable release) with a last modified time of 2014-11-18. In that, GIMP 2.8.14 is the latest with the 2014-11-18 modification date. The previous file, GIMP 2.8.10 has a modification date of 2014-05-29. (This is just shy of 6 months.) The one before that, GIMP 2.8.8 is also last modified 2014-05-29, and the one before that is GIMP 2.8.6 last modified on 2013-06-24. (This one is just shy of 11 months back.)

So the project was abandoned, but a year later, it's still updating files. And it had three releases in the year after it was supposedly abandoned. The last release was just a few days over 6 months ago, and the project has a history of up to 11 months between releases. How does that qualify as "abandoned"?

No, this is a bullshit excuse Sourceforge was hoping no one would delve into the details to call their bullshit on. There is no other way to put it than they flat-out lied about the abandonment."

Oh, and to boot - According to the gimp-win developer, they locked him out of his account.

That's right, SourceForge STOLE THE ACCOUNT using an account called SF-editor1 in order to wrap one of the most popular FOSS projects with a malware installer.

So here's what we do, guys. I've got a really good attorney. Same one that helped me kick EA's ass back in the Spore lawsuit days.

We band together, we find every person that has had this malware pushed on them, and we sue the ever-living shit out of SourceForge in a class-action suit where accepting a settlement is NOT AN OPTION. Knowingly distributing malware, using misleading language to get the malware to install, and the damage the malware does to the user's computer are all entirely actionable in court and we need to band together to put a legal end to this crap once and for all. We now have the evidence in the testimony of the former account holder, we have copies of the malware, we have copies of the installer, we have screencapped evidence of the lies SourceForge has posted. SourceForge is DEAD IN COURT.

Look up Mark Punzalan Law. Let him know Alex from the Spore/EA case sent you.

If you want, I can come forth as class representative again. I will be more than happy to be the headman ripping these people apart in court.

Re:This whole thing is a lie. Lawsuit Info In Post

As someone who had to reinstall OSs after SourceForge installer usages (after giving the installers admin access and once some alleged adware is offered, all trust goes out the window), I want to thank you for your upcoming work regarding this issue. In my opinion, it is a very costly problem they are causing.

A question I would like Slashdot journalists to look into is: did the alleged adware/malware cause any of the major national or commercial security breaches since this appears to involve FileZilla?

You may be able to target some software maintainers/developers -- in my opinion some of them purposely joined the alleged adware network despite numerous complaints in the application's blogs/wikis.

Best of luck and thanks for your work!

Re:This whole thing is a lie. Lawsuit Info In Post

[Khyber]

Meh, don't thank me. It's something that while I feel I must do, I'd much rather not have to do it, because of some attachment or another.

Re:This whole thing is a lie. Lawsuit Info In Post

[linkdude64]

Maybe we need to find a place to congregate that respects user's freedoms to discuss it. I know 8chan enables board creation, does not log IP addresses for more than 24 hours, and respects the 1st amendment to the full extent that it is legal. A board could be created there to organize.

Re:This whole thing is a lie. Lawsuit Info In Post

[Khyber]

Well, that's a possibility.

Make the board, spread the word.

Re:This whole thing is a lie. Lawsuit Info In Post

[linkdude64]

Alright, the board has been made, but before I start to spread it around, I need to create a board sticky and do some basic digging to provide some direction - you, or anybody else reading, can help out with this portion if you want, and post results here.

What I am going to be looking for is a list of advertising supporters and a list of university hosts, along with all of the associations stated Code of Ethics, as well as that of SourceForge. If (and I am positive that is actually a "when") violations are found, they will be cited properly, and after that, a list of email addresses for relevant people to email will be grouped into a document and linked to in that sticky. That's where the emails come in. Citing the Code of Ethics violations, investigations will be launched by those respective institutions, and when enough people make a splash, that's when heads start to turn, and change starts to happen.

Unfortunately this is happening on today of all days, and I am tied up with obligations, but I fully intend to have a functional sticky very soon. I will update you within 24 hours, with at least some research done, if you are willing to actually pursue this and assist in spreading the word here in the comments section and elsewhere in the FOSS community. If you aren't actually interested, please let me know.

Re:This whole thing is a lie. Lawsuit Info In Post

[Khyber]

I'll spread the word. If I were you, something else I suggest is (ugh) grabbing yourself copies of the installers and having them uploaded somewhere for dissection by others more qualified than myself. I'm not THAT good but I'm competent enough to turn a presentation into layman's terms for the average joe to understand.

Re:This whole thing is a lie. Lawsuit Info In Post

[linkdude64]

I am not "That good" in the manner which we're speaking, either. We will have to hope that we can get this some attention from people who want to protect the image of FOSS and actually are "that good" to take a look, or see what we might be able to learn as we go along.

Updates to come later.

Re:This whole thing is a lie. Lawsuit Info In Post

[tarlek1234]

Do you realize that SF already removed the crapware installer? I think this happened like 2-3 days ago. There could have been a mistake or misunderstanding but that doesn't warrant being immature about the whole thing.

Re:This whole thing is a lie. Lawsuit Info In Post

[linkdude64]

The bones of the site are up. I will add more information the coming days, but from what I am gathering the bee hive has already been kicked - we just need to organize and direct that energy somewhere that it can do some good - at advertisers and higher-ups. Make them hurt where it counts.

https://8ch.net/sourcefraud/ca...

Destroy the mirrors

[Khyber]

SourceForge doesn't actually pay for most of the servers and bandwidth used to serve up their projects and they never have. All of the downloads are hosted on a network of mirrors run by organisations like universities out of the pure goodness of their heart.

I think it's time to have a serious talk with those providers. We remove SourceForge's mirror providers, we remove SourceForge.

Re:Destroy the mirrors

[tarlek1234]

No, don't.

Regardless of the misunderstandings going on right now, that would be a childish solution. SF hosts my binaries for *free* and mirrors them worldwide, which I can't afford to do myself. Hopefully there are better solutions to this issue than this.

Re:Destroy the mirrors

[lgw]

Any reason you're not using GitHub?

Re:Destroy the mirrors

[tarlek1234]

I use GitHub for source, SF for binaries/project web site. When development slows down I might put sources on SF in sync with the binary releases, but it's more work and I have links back to the GitHub repo anyway.

Re:Destroy the mirrors

[lgw]

You know github can also host the binaries, right?

Re:Destroy the mirrors

[tarlek1234]

Yeah, and who would see them? Nobody, unless I link them from the website SF hosts for free.

Re:Destroy the mirrors

[Khyber]

Uhh, you *DO* know what Bittorrent is, right?

Because that's a far superior way for binary release. I've found plenty of OSS projects by torrent instead of the SF site, and that was just doing a regular google search.

Re:Destroy the mirrors

[Khyber]

If you don't know how to advertise your product, you probably shouldn't be trying to get it out to everyone that might need it.

Because as it stands right now with the word getting out, plenty of people are going to see SourceForge and shy right away from it. It took /. a week to respond. Ars, Reddit, HackerNews, Google News, they've all already covered this, and tons of people now know to stay the hell away from Sourceforge.

Re:Destroy the mirrors

Sourceforge turned the mirrors into fun-house mirrors. With herpes.

SF is dead

theres a reason I refuse to DL anything from SF anymore.

Compare editing a CSV with a spreadsheet

[tepples]

they've apparently sabotaged GIMP too - for example, they apparently changed the save dialog so that you can only save XCF files and have to click through a "you have unsaved changes" warning when you export to a different format.

Is that any different from how Microsoft Excel, LibreOffice Calc, or Gnumeric prompts to save a spreadsheet in native format even if you've already exported it to CSV? Or how Microsoft Word, LibreOffice Writer, or AbiWord prompts to save a document in native format even if you've already exported it to plain text or RTF? Most formats other than XCF do not support layers, and if your document has layers, flattening them to save would lose data.

Re:Compare editing a CSV with a spreadsheet

[Rei]

What are you talking about? I just did "echo 1,2 > test.csv" then opened test.csv in OpenOffice Calc, then saved it as test2.csv from the save dialog. No complaints. Then I clicked to close it. No complaints about unsaved changes. Did you actually try that out before you commented? I don't have any of the other programs you mention on this computer, so I'll pick another - let's try OpenOffice Writer. Made a text file, opened it, saved it as a .txt file, it asked me for the encoding, I confirmed it, I clicked closed, and it closed without trying to force me to save as an .odt.

I'm sorry, but GIMP's change is totally broken behavior. The most common workflow for GIMP (as you can see from all of the rage on the forums when these changes occurred) is not long complex workflows, but simple changes to jpegs or pngs. Open, change it, save it, close it. What sort of moron do you take people for to think that you have to "protect" them from choosing a format of file that doesn't save layers, and instead try to make them always save whatever they do in a format that no other programs support? As if a dialog warning them that it doesn't save layers and asking them if they want to flatten it, like Gimp used to do, isn't enough? What on earth is the point of *banning* people from typing in a file with the suffix that they want to use in the save menu, and instead making them choose an entirely different menu? Actually two different menus, depending on context, only one of which has a keyboard shortcut. It's just ridiculous. We're not preschoolers, we don't need the hand-holding.

Anti-pattern: Demand Apology

[tepples]

Demanding an apology is an anti-pattern.

Re:Douch move for sure on SF

[phorm]

I believe one issue with Ninite is then you can only manage stuff through Ninite, so you don't get the individual items in the programs list to remove.

Re:So?

It may also depend on the SF Terms Of Use. It would not surprise me that there is a clause that allows them to distribute software under your trademark as part of hosting a project there (how could they legally do their normal job without?)

Re:So?

Look ma, no malware windows downloads: https://ninite.com/

When in Rome, do as the Romans do

[tarlek1234]

If SourceForge isn't competitive and doesn't do what their competitors do, then they won't get the business. Nobody likes crapware installers, but it's what the customers (who got the money to burn) want and expect. But isn't this over already?

From: https://sourceforge.net/blog/g...

[updated on 28-5-2015] Since yesterday, SourceForge Gimp-Win mirror downloads only the original software without any offers. We also invite the Gimp-Win developer to take back control of the project if that is his desire, while respectfully asking that he maintain any project updates or allow us to do so.

GIMP project's official statement on SourceForge's

[Derek+Pomery]

GIMP project's official statement on SourceForge's actions:

https://mail.gnome.org/archive...

Re:So?

Can you not provide the checksums for the binaries on the SourceForge page ? Or are they actively modifying those as well ?

Recourse?

Is there anything we can do to sourceforge? Most of our slashdot posters seem to be in agreement sourceforge's masters are adding malware, are exploiting the fact GIMP uses the GPL, etc etc... but our posts are just preaching to the choir. What about helping the clueless masses? Are there ways we can downrank/poison/mark-as-malware slashdot's search engine rankings in the search engines? Or post malware warnings about slashdot downloads in shareware review sites? Or ask GIMP to start a kickstarted lawsuit? Who's running the show at sourceforge, can we identify them so all their future enrichment attempts through thievery will be tougher? Anything else? I used to love sourceforge and now I feel betrayed and I have some cash to contribute to some retribution.

Funhouse mirror

Is SF going to be another one of these sites, and there are many of them, that packs adware in with the applications they host?

enjoying the ill-gotten gains, were you?

[rewindustry]

or not - please feel free to correct me.

when you finally wake up from your party, please also explain why you picked the submission that managed to down play the fact that your parent overlords are wrapping GIMP - our DEARLY BELOVED GIMP - in.. i can't find the words to describe the insult... deep breath..

you FAIL.

none of us is convinced.

what soul?

** answer me, damn you **

i don't mind being wrong about this - correct me.

i also love slashdot.

i do NOT like this.

Re:Douch move for sure on SF

[Bowlich]

Could you imagine what would happen if adware installers ever became a standard practice in the Linux environment. You run "yum upate" or "apt-get update" and find that someone added the ask toolbar as a requirement for some random C dev-lib?

I have a Windows PC for gaming still and every time I jump on it and find that I need to update software or download something that I've completely forgotten about how disingenuous businesses are towards their Windows clients. I don't even think about there being bundled installers on Linux, but its still in this day and age a standard practice for products in windows. Bewildering.

Editors pompous note

I believe the expression is: "Christ, what an asshole."

let us see what the post NEXT?

[rewindustry]

i have to admit i know nothing of the people behind ./ and have really only been reading for the news and the chance to yell back at the boxen, occasionally.

this has drawn me in, i expect i will regret that it did.

hello sk, i think i'm sorry i yelled at you below, but i also expect you've been prepared to duck since you hit submit.

i learned today that firehose is where the news is, and am now in search of an rss for this, as opposed to the one that shows up bonostyle in my feed reader.

i think i learned also that (a) this is not too common an occurance around here and (b) there exist a way for people to complain about, when it happens.

i think that's ok so far.

all that remains is to see what slashdot have to say when they report on themselves, as they say they will.

in the meantime - thanks for all the fish and that?

user submissions are easily found in the firehose

[rewindustry]

this seems to the takeaway - NEWS is found in the firehose - slashdot per se is more the DICE magazine section.

Re:Douch move for sure on SF

"Sourceforge is dragging the GIMP project's name through the mud by bundling this shit, even if they don't hit anyone."

This is one of more sickening angles to this. The GIMP has a hard enough time, even though it's excellent. For a free piece of software it's absolutely amazing. Something like this could make their project that much harder to keep going, and way more miserable.

Then factor that across all FOSS, amplified by every single project SF violates. Words fail me...

This

AC is BS exempt.

Re:So?

Yeah, we all gave up on SF ages ago, but it still has a sentimental attachment even though i haven't touched it since way before 2013. Feels like this is the cinderblock that broke the camels back.

Re:So?

5. Conveying Modified Source Versions.

    You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:

        a) The work must carry prominent notices stating that you modified
        it, and giving a relevant date.
[...]
    6. Conveying Non-Source Forms.

    You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
[...]

Re:Douch move for sure on SF

If you don't want to miss out on extra free offers, make sure not to click outside the box otherwise contraindicated to the left of the below field.

Re: Haven't they been doing this for months alread

One of my friends girlfriends installed GIMP on his computer, presumably from an unofficial source, thus installing some piece of adware. This went a long way toward convincing my friend that open source software was not to be trusted.

This is exactly why open source software tends to struggle - people pay to be brainwashed into thinking they're getting top quality. Open source software doesn't even try.

I might get burned for this, but here goes...

[cloud.pt]

Saying you had a "very busy weekend", to my eyes, feels just like a euphemism for "management argued a lot before this got posted, and when it did get posted, the expression modified binary had to replace bundled with malware".

Personal Note: "bundled with malware" is what every other place I read the article used to define it.

Personal Note 2: If I happened to stumble on some facts, I want to stress I understand them completely as I also happen to have a very policy-centered full time job. I'm just letting my thoughts fly in a comment, because, well, comment section is still community moderated in full that I know, thus still being free (in the extreme, FSF-like sense of the word "free").

Re:I might get burned for this, but here goes...

[cloud.pt]

Except maybe that one comment you had to remove from a court order or something. No, I'm not being ironical, I just remembered it now that I re-read my comment. I also know /. struggled for that.

I just have to add something:

The first time that I ever downloaded something from sourceforge it was gimp. It was when I was around 15, so this was around 15 years ago give or take. And I distinctly remember the installer was packaged with 2 or 3 cruddy applications. It only took 10-15 years for people on /. to realize that this kinda sucks?

Things change.

[westlake]

Redo slashdot, allow markdown, bbedit, html, LaTeX.. editing.
Design a proper responsive layout (It was not Beta) and keep it about tech

Personally, I find markup on a laptop or tablet pure agony and a distraction from what I want and need to post. The informal forum for me.

The days when the geek could wall himself off from the world are long gone, every decision he makes exists within a larger social context.

That is why stories like Gamersgate touch a raw nerve and can't be wished away.

Re:Things change.

[0100010001010011]

That is why stories like Gamersgate touch a raw nerve and can't be wished away

Gamergate touched a raw nerve because it was forced down our throats. Most people I know don't care. I personally find both sides to be idiots yelling at each other over different stuff.

It doesn't help that "Gamergate" has no clear definition.

And you can remain completely walled off and just talk about tech.

My Company Has SourceForge Blacklisted

Just sayin'.

We can't even browse there from our corporate machines.

Big pain, as there are still a number of relevant projects on it.

However, I think SF may be one of those funky brown bits circling around the hole in the bottom of the commode.

"Busy weekend"? Yeah, right. This story was FP'd by a bunch of other sites (probably deliberately to tweak your nose) in the middle of last week.

Slashdot Credibility...

You're rapidly losing what little credibility and user trust you have left Slashdot. Get off the fucking indignant horse and stop playing fucking politics.

You're associated with scumbag companies. Hold them to a higher standard where your business is concerned.

People distrust open source because of SF

[blazemonkey]

You wouldn't believe how many people I watched instantly dismiss and distrust open source software, in a single instant, because of the bullshit being bundled with files at SourceForge. At work, I once suggested a free open source alternative to an office application to some folks. Lo and behold, 5 people now had malware infecting their otherwise clean computer. I can't even mention open source software to them now without being laughed at, they aren't techies after all.

The point is, people turn to open source software for the transparency and because they knew exactly what they're getting. SourceForge has gone and fucked up all of that trust, and basically destroyed their own brand, not to mention the image of many open source projects who never wished to have their applications bundled with malware in the first place.

In the firehose?

"(And for future reference, user submissions are easily found in the firehose, listed in the order they appear, newest first.) "

Actually I couldn't find this particular summary in the firehose. Was the title renamed to be less clickbaity for once?

Also you seem to be keeping ACs at the very least from posting a second time for over an hour on this story. Good job! :P

Exact error messages from Excel and Gnumeric

[tepples]

You are correct that I misremembered the behavior of LibreOffice Calc. But both Gnumeric and Excel failed to treat an exported CSV as having been "saved". Gnumeric's alert after I exported CSV and closed a worksheet was as follows:

Save changes to workbook 'test.csv' before closing?

If you close without saving, changes will be discarded.

Excel's was as follows when I exported:

test.csv may contain features that are not compatible with CSV (Comma delimited). Do you want to keep the workbook in this format?

*To keep this format, which leaves out any incompatible features, click Yes.
*To preserve the features, click No. Then save a copy in the latest Excel format.
*To see what might be lost, click Help.

Followed by this when I closed:

Do you want to save the changes you made to 'test.csv'?

LibreOffice Calc's was as follows when I exported:

This document may contain formatting or content that cannot be saved in the currently selected file format "Text CSV".

Use the default ODF file format to be sure that the document is saved correctly.
[X] Ask when not saving in ODF format

I assume these programs are referring to changes to column widths, formulas, and other things not typically represented in CSV.

What sort of moron do you take people for to think that you have to "protect" them from choosing a format of file that doesn't save layers

Any of the morons who reported "What happened to my layers?" through support channels.

and instead try to make them always save whatever they do in a format that no other programs support?

The same morons who pass around PSD files made in Photoshop. At least XCF has a reference implementation distributed under a free software license. Has Adobe released a spec or free library for manipulating PSD files? Which interoperable multilayer raster format were you recommending?

What on earth is the point of *banning* people from typing in a file with the suffix that they want to use in the save menu, and instead making them choose an entirely different menu?

If the names of the "Export" items on the File menu were changed to "Flatten and Save", would that satisfy you?

Actually two different menus, depending on context, only one of which has a keyboard shortcut.

Then you must have edited your keyboard shortcuts. My copy of GIMP 2.8.10 has keyboard shortcuts for export:

Export (Ctrl+E)
Export As... (Ctrl+Shift+E)
Create Template...

Re:Exact error messages from Excel and Gnumeric

[Jiro]

Any of the morons who reported "What happened to my layers?" through support channels.

The typical use case for most people using GIMP is on a file that doesn't have any layers in the first place. If that's the real reason, then they could produce the warning message only when the file contains layers rather than all the time. Perhaps a second warning message, that can be turned off, if the file format is lossy.

If the names of the "Export" items on the File menu were changed to "Flatten and Save", would that satisfy you?

Just putting the word "save" on the "Export" menu item would still leave you getting warnings about not having saved it. You'd have to put the word "save" on the "Export" item and have it actually count as a save for the purpose of deciding whether you need to get a save file warning.

Re:So?

[I+AOk]

If I want to download something I'm not familiar with, I look for the official site in Wikipedia.

[Heavy sigh] Still no news on 2.10? [grumble]

[mark-t]

I know... It'll be done when it's done, but I needed to vent a little.

ChaosEsqueAnthology 3d FPS hosted on sourceforge.

(Fork of Xonotic) Fully FLOSS FPS with 70+ weapons 100+ maps.
Lots of mutators and years of work.
Look at some pics then follow the DL or Project page links.

Some people have said to choose another host but who else provides so much space and isn't fly-by-night. I don't know of any.

http://www.lgdb.org/game/chaos...

The decline of SourceForge

[codemachine]

I knew the site was in trouble as soon as they started showing those misleading ads with the big "Download" button, which were more prominent than the actual download links. Any site that actually cared about its user base or the projects it hosts would've stopped that right away. Instead, these guys double down on the deception, moving the malware from the ads to the actual content of the site. The initial appearance of those ads told me all that I needed to know about the new owners of the site.

It is really sad that SourceForge was bought out by such parasites. It used to be THE place to download and host open source software. In the hands of someone who actually wanted provide that service, it could have remained useful.

It is sad that someone would buy the premier open source hosting site if they had no interest in continuing to provide the premier open source hosting site. Some may say that the site's downfall was inevitable, but really it wasn't. They could have modernized the service, or sold it to someone who actually wanted to run a business around it. Instead it was sold to someone that intends to milk every last dollar out of it, while simultaneously destroying any value the site actually had. The site doom wasn't a foregone conclusion, but rather a result of the decisions made by the site owner.

Re:So?

Seems like all Windows users need is a VM. Install Ubuntu, Fedora or whatever in there, and use the repo for all your applications. Let Windows just be sort of like a hypervisor.

Re:So?

as long as the ads are distributed openly :p

Re:Haven't they been doing this for months already

[KGIII]

I have a few programs over at SF that I uploaded long ago. They are not FOSS, they are simply free. There is no restrictions, they are public domain as that is how I released them. You can take them and sell them or do whatever you want.

They are also fairly XP-centric so they are no longer that popular. Anyhow, my point is that I do not even have the email address any more and the projects are abandoned in every sense of the word. I checked and, no, they do not have any wrappers with adware. I suspect popularity matters (as it would rationally do).

Re:And with this news

[KGIII]

Yeah, right... You won't be leaving. I guarantee that I see AC posts in the next article's comments. I am on to you!

moneymaking

[fkodama]

source forge is a direct competitor of github, if they don't figure out how to make money without screwing with content then they will bankrupt cause its old tech. also stopped using filezilla, instead, wrote my own ftp then no other ftp client will make me download any shit from them while they are fucking around.

Sue SourceForge and sink it already

Sue them and close this crap site already.
It's been dead for a long time now anyway.

Re:Douch move for sure on SF

Apart from the sub-heading "Trusted by millions", how are we supposed to trust this site, having never seen it mentioned anywhere else?
The big green Download button just looks plain scary. The fact that it requires an installer program to be downloaded and installed is also damned scary. What do they promise to do better than the authentic original source of each of these apps?

Re:So?

Seriously guys, they've been doing stuff like this since 2013. I remember telling it to everyone back then, but was only met with dismissal.

Their original announcement was that project owners could CHOOSE to use the revenue-gaining setup process, and it seemed fairly reasonable to accept that some project owners might go that way, but it was NEVER something that SourceForge was going to force on any hosted project. This recent decision to go stamping their own setup on any project that looks a little unsupported was a shock, but I don't think it has been happening since 2013.

Re:Douch move for sure on SF

[Pubstar]

That is not the case. It just grabs the installer packs and installs the software for you. You still have all the individual listing in your programs list.

Re:So?

[houstonbofh]

It may also depend on the SF Terms Of Use. It would not surprise me that there is a clause that allows them to distribute software under your trademark as part of hosting a project there (how could they legally do their normal job without?)

Your original code... Not a derivative work based on your code.

Re:So?

[houstonbofh]

You are right. Seems they never trademarked the name, so there is nothing they can do but shame them. (And Source Forge has had no shame for years...)

Recent movement of slashdot japan

Recently, OSDN Inc., who had been operating Slashdot Japan and SourceForge.JP, announced that they changed the name of "Slashdot Japan" to "Srad" and also changed the name of "SourceForge.JP" to just "OSDN".
"Srad" is an abbreviation of "Srado", and "Srado" is an Japanese abbreviation of "Slashdot".
OSDN have also announced that the mismatch between the direction of OSDN and Dice Holdings is the main reason.

After the spreading of the news of SourceForge.net, OSDN have announced that OSDN never add adware to sleeping projects and that OSDN does not permit malware bundled software.
In Srad, editors picked the news of SourceForge.net on May 28.

I think that Japanese community had not welcome the change of Slashdot Japan initially.
People in Japan, however, come to praise the OSDN's decision after these news are spread.

Re:Recent movement of slashdot japan

I wonder if OSDN is looking to buy any US sites? Pretty please?

Re:OK, a practical question from a SourceForge use

AppStores and Linux Repos?

They are still part of the problem though

Even with the update, Sourceforge is still part of the Spyware/crapware problem on PC. The amount of time and money IT dept's have to waste to clean up this garbage, isn't small.

SF shouldn't distribute apps with junkware at all. They should be at the frontline of trying to end it, but instead, all they are doing now is changing their policies. Until they cancel their bundled spyware crap program entirely, there is still no good reason for end users to be happy with sourceforge.

WinZip Installs Crapware Too

WipZip from WinZip Computing is another program that I trusted and respected. However, some time after they were bought by Corel, they start adding crapware offers to their installer. I trusted the company, so I ran their installer, carefully declining any offers to install other software. However, the installer still changed the search provider on all my browsers to some sleazy site I've never heard about before. It was very difficult to remove the sites. They screwed up the browsers to try and remain entrenched. I ended up wiping and reinstalling Chrome and Firefox to get rid of it. I never did totally fix IE, but I don't use it anyway. I will never trust Winzip again. End of rant.

Wow

This is why I don't read Slashdot anymore. Followed this link from a story about this burying. Slashdot is just another useless site now. Check out SoylentNews or HN now.

Buried again

[An+Ominous+Coward]

So editors are in here with disingenuous arguments that Slashdot hasn't been trying to bury the story. Just a busy 5-day weekend for one editor and despite other articles continuing to be posted during that time, this one got missed. Sorry, not "this one", I mean, "the three or four top-rated Firehose submissions". And finally this morning, after letting an article go through, it disappeared off the page after about an hour. Totally unrelated SQL glitch, right?

Re:Douch move for sure on SF

[phorm]

I haven't used it in over a year, so likely it's changed since then, but I do recall some software (used to) not show up in my programs list.

Web of Trust!

[antdude]

Others and I rated negatively on https://www.mywot.com/en/score... ... Overall, still showing positive ratings since SF is an old popular web site. :(

Somebody bashed your skull in?

So what?

Crime happens all the time.

Re:Douch move for sure on SF

By the way, how to get Java without Ask.com ?

I wasn't able to do it - not that I am very tech-savvy, though.