Techie News: SourceForge transforming open source products they don't own into malware

Discussion in 'The Bar' started by newcastlefan, May 31, 2015.

  1. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,918
    Joined:
    Dec 31, 2011
    Messages:
    57,693
    Likes Received:
    17,006
    You really want to avoid SourceForge and Slashdot Media (same company) now.

    Burying Stories About Slashdot Media Owned SourceForge
    If you’ve followed any tech news aggregator in the past week, you’ve probably seen the story about how SourceForge is taking over admin accounts for existing projects and injecting adware in installers for packages like GIMP. For anyone not following the story, SourceForge has a long history of adware laden installers, but they used to be opt-in. It appears that the process is now mandatory for many projects.

    People have been wary of SourceForge ever since they added a feature to allow projects to opt-in to adware bundling, but you could at least claim that projects are doing it by choice. But now that SourceForge is clearly being malicious, they’ve wiped out all of the user trust that was built up over sixteen years of operating. No clueful person is going to ever download something from SourceForge again. If search engines start penalizing SourceForge for distributing adware, they won’t even get traffic from people who haven’t seen this story, wiping out basically all of their value.

    Whenever I hear about a story like this, I’m amazed at how quickly it’s possible to destroy user trust, and how much easier it is to destroy a brand than to create one. In that vein, it’s funny to see Slashdot (which is owned by the same company as SourceForge) also attempting to destroy their own brand. They’re the only major tech news aggregator which hasn’t had a story on this, and that’s because they’ve buried every story that someone submits. This has prompted people to start submitting comments about this on other stories.

    [​IMG]

    I find this to be pretty incredible. How is it possible that someone, somewhere, thinks that censoring SourceForge’s adware bundling on Slashdot is a net positive for Slashdot Media, the holding company that owns Slashdot and SourceForge? A quick search on either Google or Google News shows that the story has already made it to a number of major tech publications, making the value of suppressing the story nearly zero in the best case. And in the worst case, this censorship will create another Digg moment1, where readers stop trusting the moderators and move on to sites that aren’t as heavily censored. There’s basically no upside here and a substantial downside risk.

    I can see why DHI, the holding company that owns Slashdot Media, would want to do something. Their last earnings report indicated that Slashdot Media isn’t doing well, and the last thing they need is bad publicity driving people away from Slashdot:

    Corporate & Other segment revenues decreased 6% to $4.5 million for the quarter ended March 31, 2015, reflecting a decline in certain revenue streams at Slashdot Media.

    Compare that to their post-acquisition revenue from Q4 2012, which is the first quarter after DHI purchased Slashdot Media:

    Revenues totaled $52.7 … including $4.7 million from the Slashdot Media acquisition

    “Corporate & Other” seems to encompass more than just Slashdot Media. And despite that, as well as milking SourceForge for all of the short-term revenue they can get, all of “Corporate & Other” is doing worse than Slashdot Media alone in 20122. Their original stated plan for SourceForge and Slashdot was “to keep them pretty much the same as they are [because we] are very sensitive to not disrupting how users use them …”, but it didn’t take long for them realize that wasn’t working; here’s a snippet from their 2013 earnings report:

    advertising revenue has declined over the past year and there is no improvement expected in the future financial performance of Slashdot Media’s underlying advertising business. Therefore, $7.2 million of intangible assets and $6.3 million of goodwill related to Slashdot Media were reduced to zero.

    I can understand the desire to do something to help Slashdot Media, but it’s hard to see how permanently damaging Slashdot’s reputation is going to help. As far as I can tell, they’ve fallen back to this classic syllogism: “We must do something. This is something. We must do this.”

    1. Ironically, if you follow the link, you’ll see that Slashdot’s founder, CmdrTaco, is against “content getting removed for being critical of sponsors”. It’s not that Slashdot wasn’t biased back then; Slashdot used to be notorious for their pro-Linux pro-open source anti-MS anti-commercial bias. If you read through the comments in that link, you’ll see that a lot of people lost their voting abilities after upvoting a viewpoint that runs against Slashdot’s inherent bias. But it’s Slashdot’s bias that makes the omission of this story so remarkable. This is exactly the kind of thing Slashdot readers and moderators normally make hay about.

    2. If you want to compare YoY results, Slashdot Media pulled in $4M in Q1 2013.
     
    DarkFriday likes this.
  2. XuXu

    XuXu VIP Extreme Gold

    Reputations:
    786,378
    Joined:
    Jan 15, 2012
    Messages:
    20,884
    Likes Received:
    16,027
    TL;DR
     
  3. BrulesRules

    BrulesRules Just grab 'em in the biscuits

    Reputations:
    348,385
    Joined:
    Jan 18, 2012
    Messages:
    133,536
    Likes Received:
    60,207
    I pay for software.
     
  4. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,918
    Joined:
    Dec 31, 2011
    Messages:
    57,693
    Likes Received:
    17,006
    Sourceforge is wrapping free software like GIMP in malware installers without the permission of the software owners. Slashdot is burying news stories that report this about Sourceforge. Both admit that Sourceforge is really doing this.
     
    XuXu likes this.
  5. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,918
    Joined:
    Dec 31, 2011
    Messages:
    57,693
    Likes Received:
    17,006
    Some people like open source software.
    Do you use Firefox or Chrome? If you get them or plugins for them from Sourceforge, then you are affected. Sourceforge is making them pay for free software without informing them first. If you pay for free software then your are stupid.
     
  6. DarkFriday

    DarkFriday Fired as a MOD...Twice. Gold

    Reputations:
    718,882
    Joined:
    Jul 6, 2011
    Messages:
    172,061
    Likes Received:
    87,275
    :bug::shakey:

    [​IMG]
     
  7. DarkFriday

    DarkFriday Fired as a MOD...Twice. Gold

    Reputations:
    718,882
    Joined:
    Jul 6, 2011
    Messages:
    172,061
    Likes Received:
    87,275
    :console:
     
  8. BrulesRules

    BrulesRules Just grab 'em in the biscuits

    Reputations:
    348,385
    Joined:
    Jan 18, 2012
    Messages:
    133,536
    Likes Received:
    60,207
    I download Chrome from google, why would I download it from sourceforge?
     
  9. DarkFriday

    DarkFriday Fired as a MOD...Twice. Gold

    Reputations:
    718,882
    Joined:
    Jul 6, 2011
    Messages:
    172,061
    Likes Received:
    87,275
    [​IMG]
     
  10. newcastlefan

    newcastlefan גֵּרְשֹׁם VIP

    Reputations:
    135,918
    Joined:
    Dec 31, 2011
    Messages:
    57,693
    Likes Received:
    17,006
    Because not everyone can access Google for downloads. Many companies wisely block Google's app stores because of their history of not verifying that the software they offer is clean of Trojans and dial home exploits.
     
  11. gwartney

    gwartney Unafilliated Gold

    Reputations:
    103,074
    Joined:
    Sep 23, 2010
    Messages:
    42,906
    Likes Received:
    15,339
    I used to use Trojans before I got snipped.
     
  12. Schmoopy

    Schmoopy Shit Mult Hunter

    Reputations:
    216,454
    Joined:
    Aug 25, 2010
    Messages:
    211,015
    Likes Received:
    33,726
    GIMP????? WTF????? What does that mean, Froggy????? What does that mean?????:nooo:
     
  13. Schmoopy

    Schmoopy Shit Mult Hunter

    Reputations:
    216,454
    Joined:
    Aug 25, 2010
    Messages:
    211,015
    Likes Received:
    33,726
    Oh. This doesn't affect Schmippy.:grad:
     
  14. gwartney

    gwartney Unafilliated Gold

    Reputations:
    103,074
    Joined:
    Sep 23, 2010
    Messages:
    42,906
    Likes Received:
    15,339
    You're going to have to start using Windows Paintbrush.
     
  15. wetback

    wetback #1 Asshole VIP

    Reputations:
    58,680
    Joined:
    Dec 13, 2011
    Messages:
    42,933
    Likes Received:
    4,444
    Do you have a list of all these free software programs that might be involved @newcastlefan
     
  16. XuXu

    XuXu VIP Extreme Gold

    Reputations:
    786,378
    Joined:
    Jan 15, 2012
    Messages:
    20,884
    Likes Received:
    16,027
    I'm getting close to just saying fuck it and becoming Amish.
     
  17. Danas Boyfrien

    Danas Boyfrien Trump's African American Gold

    Reputations:
    141,323
    Joined:
    Oct 13, 2010
    Messages:
    25,470
    Likes Received:
    14,369
    How does this affect internet jackin'sites?
     
    Tigger Please likes this.