It’s no secret that SourceForge has been around since 1999. We’ve changed a lot over the years, but not always for the better. Our number one goal has always been to help make open source projects successful, and along the way, we realized that by placing ads on the download pages, we could make money to keep the site going. In theory, that’s a great thing. It allowed us to keep the site alive and pay for all the costs associated with serving up over 2,000,000 downloads a day. It allowed us to give back to the community in the form of conference sponsorships and things like the Community Choice Awards.
But somewhere along the way, we stopped listening to our project admins, especially with regard to those very ads. For example, I will tell you the story of Audacity. Audacity is a fantastic piece of open source sound editing software that works on virtually every platform. It’s used by millions of people and has been around a long time. When Audacity first came along about 10 years ago, they decided to host on SourceForge. Over the years, the project grew so large that it became a target for scammers. Evil entities would spoof the Audacity name, and trick the user into clicking on their links to download something that was decidedly *not* Audacity (and usually for a fee). Many times these scammers’ ads were being shown on Audacity’s SourceForge.net download page, which made it even more likely that the user would be tricked into clicking a spoofed link.
Users complained, of course, but not to SourceForge. They complained to Audacity. When Audacity would bring these concerns to us, they were met with an “ok, we’ll look into it,” or a “we’re working on it.” Months passed, and Audacity still kept asking us to do something about those malicious ads. Unfortunately, there were always higher priorities, as happens when you have limited resources. Audacity had been one of our biggest supporters, and were forced to take their downloads somewhere else, otherwise their own reputation would be permanently tarnished in the eyes of their user base.
Instead of helping an open source project succeed, we did just the opposite.
Recent conversations and honest feedback from the Audacity team have made this a priority for us. We have done some restructuring at SourceForge, and are committed to learning from our past mistakes and moving forward. We want to get better, and it’s this type of open communication that helps us do just that.
So what are we doing to fix this problem?
I should clarify that the ads in question were served by third parties, and not the ads we work with vendors on. While we don’t have complete control over those third party ads, we are able to filter out domains manually. Until we get a better system in place, if you see ads that are malicious and misrepresentations of actual SourceForge.net projects, please send me an email right away (elizabethn.at.sourceforge.net) with the name of the project and the domain where the ad points. We will be sure to block those ads across the entire SourceForge.net site, so they don’t show up on *anyone’s* project.
We are also looking in to utilizing our legal staff here at SourceForge to send Cease and Desist letters to Audacity spoofers on behalf of the Audacity team. We have recently done this with another project, and hopefully we will be able to do it again.
Thanks again to the Audacity team for their openness, and I encourage the rest of the community to do the same. Your honest feedback is the only way we can get better!