SourceForge Responds To nmap Maintainer's Claims

An anonymous reader writes: A few days ago, the maintainer of nmap (an open source network mapping tool) complained that SourceForge had taken over the nmap project page. SourceForge has now responded with a technical analysis of the nmap project history. They said, "We've confirmed conclusively that no changes were made to the project or data, and that all past download delivery by nmap on SourceForge was through our web hosting service where content is project-administered."

They detail the history of services used by the nmap project, and use screenshots from the Internet Archive to show how long the project was empty. SourceForge said, "The last update date in 2013 relates to the migration of the nmap project (along with all other projects on the site) from SourceForge's sfx code base to the new Apache Allura-based code base. This migration was an automated operation conducted for all projects, and this platform change did not augment data in the Project Web service or File Release System. We therefore conclude that no content has been removed from the nmap project page." They also confirmed that nmap downloads were never bundled with ads: "Infosec professionals do not generally wish to install secondary offers." Note: SourceForge and Slashdot share a corporate overlord.

Public Relations Arm

Must be nice for SourceForge to have their own Public Relations arm now via slashdot. Just post the story you want, say "Nah - It's fine trust us" and then boost it to the front page of /.

I'll await my downvotes

Controlling the message

[buk110]

Must be nice for Sourceforge. Controlling the message via slashdot. Listen, no one wants malware. You can shine it up and call it "a secondary offer" but it's still junk. I hope as time goes on more people realize what a virusden that site is and more people rely on github

Dice is rape

[Megaweapon]

Just shut every fucking site you've purchased down already. I can't imagine you guys EVER regaining whatever credibility you might have thought you had. Your websites are bleeding to death while you're picking their pockets for every last penny you can find.

You've "won". It's over. Shut them all down.

Re:Obvious solution

[mwvdlee]

That's what I'm doing.

Hope to have my SF projects migrated after the weekend.
My actively developed projects are already on GitHub.

But just because a project isn't active doesn't mean it's dead; it just means there has been no need (or requests) for changes.

Luckily none are big enough to be near the top of SF's "loot-&-pillage" list.
But even then, this seems to me to be the last dying breaths of SourceForge.
I don't expect them to exist in any recognizable form this time next year.

You can't, and that's the problem

[bradley13]

That's the problem: you can't shut down a SourceForge project. If you try - if your project is popular enough - they will "provide a service to the community" by mirroring your new project page. With ads. And malware.

They've found a way to abuse open source. Precisely because it is open source, they can create a mirror. The only thing that will stop them is publicity - like this has been receiving. I assume that most techies stopped going to SF a year or two ago, when they started with the malware wrappers. Anyone who wasn't put off by that, will surely now be put off.

I would actually prefer that people not all go to GitHub - it's already getting too big and too influential. Bigness seems to inevitably lead to evilness, sooner or later. It would be better to spread hosting around on many different services. We then just need a couple of central directories that say where a particular project's homepage is. If a directory turns evil, that's easier to replace than a whole hosting service.

Re:Alternatives

[0100010001010011]

It's worse. Their CEO is married to a guy that ran a ponzi scheme. They try to shoehorn SJW into everything. Some of us just want a place to talk the merits of tech.