Advertising, Bundling, Community and Criticism

Over the last days, we heard a number of concerns around how our business practices affect the community sentiment. A few concerns were expressed by several developers, included the GIMP community, about confusing ads on SourceForge pages. Along with that, we also heard complaints about the DevShare program. We want you to be assured that we are always listening to you, learning from you, and taking action on your feedback.

1. About the Confusing Ads

We work with several different Ad Network partners like Google to show ads on our site, and from time to time, a few confusing ads show up. Just like all of you, we do not like these ads, and last month, we asked our Ad Network partners to remove over 200 deceptive ads; however, it’s an ongoing process and we need your help.

In order to eliminate these sometimes misleading ads from SourceForge pages, we’re asking you to drop us an email at providing the screenshot and, more importantly, the full link to the confusing ads [to copy it right click on the link, and choose “Copy Link Location” in FireFox; “Copy Shortcut” in Internet Explorer; “Copy Link” in Safari and “Copy Link Address” in Chrome]. We will make sure to review all such requests, and if we agree with you, take immediate action. Please help us to make SourceForge a better place. Your input is material to help mitigate this issue.

2. About Bundling Open Source with Additional Offers

In July 2013, we launched a pilot version of an opt-in revenue-sharing program called DevShare. DevShare is a partnership program offered to SourceForge developers to turn downloads into a source of revenue for them, by bundling their applications with third parties’ offers. This revenue will help these projects grow, help the developers keep contributing to the Open Source community, and help us keep offering free hosting, distribution, and other services.

Let’s start by providing some context around this issue first.

We started the DevShare program for two reasons:

  1. Some projects were already using the SourceForge infrastructure to deliver bundled offers to monetize their downloads, and most of them were complaining about the lack of control on the quality of the offers and user experience. In addition, many other open source projects expressed interest in monetizing their downloads by bundling relevant offers, but the lack of control with Installer Partners was a key concern for them.
  2. SourceForge also makes a small amount of revenue from this program to continue offer free hosting, distribution, support and ultimately to keep enhancing Allura, it’s fully open source platform now in incubation at Apache.

Therefore, we evaluated a few Installer Partners to help us address end-users’ complaints related to one or more of the following reasons:

a) opaque installation flows providing little or no choice about secondary offering installations;

b) undocumented and difficult to uninstall procedures for those secondary offerings;

c) secondary offerings that are not always safe, trusted and secure applications.

We addressed points a) to c), and our approach was highly appreciated by eminent members of different open source communities.

What DevShare Means to You

End-users are provided with a clear and transparent installer behavior, all programs are malware-free and clearly described. All uninstall procedures are extensively tested, so that if end-users install it by mistake they can easily remove it.

Developers aren’t just compensated in money, but they are in full control of both the installer behavior and what sort of secondary offerings will be presented to their users.

Where are We and Where are We Going

Currently in the Pilot phase, we only have 3 projects participating in the DevShare program all of which explicitly opted-in. This represents 3 out of 300,000+ projects in our entire catalog. This is a 100% opt-in program for the developer, and we want to reassure you that we will NEVER bundle offers with any project without the developers consent.

The DevShare program has been designed to be fully transparent. The installation flow has no deceptive steps, all offers are fully disclosed, and the clear option to completely decline the offer is always available. All uninstallation procedures are exhaustively documented, and all third party offers go through a comprehensive compliance process to make sure they are virus and malware free.

Having said that, we believe we should do more to make sure all our stakeholders are pleased with the program and how it works.

In the near future, we’ll share a blueprint of how we believe this program can be improved, and we’ll ask the community for feedback. We will not be accepting any new projects into this pilot until the community has vetted possible changes and improvements to the program.

In Closing

You are welcome to join the conversation at the DevShare forum on SourceForge, your opinion rules.

31 Responses to “Advertising, Bundling, Community and Criticism”

  1. No Way Jose Nov 14, 2013 at 4:22 pm #

    SourceForge is now, and has been garbage. I do not use it any longer.

  2. Developer Nov 14, 2013 at 5:37 pm #

    If you think the descrition “a few confusing ads show up” is accurate, I suggest that you pay more attention to your business.  You know very well that policing the ads will reduce your revenue. You are in danger of losing the support of the open source community.  Perhaps you that as positive rather than negative since they do not provide direct revenue, but I suggest that is short sighted. There are two distinct types of developers – those who wish to monetize via advertising (deceptive or not) and those who do not.  You should immediately stop using your installer for those who wish their install process to be transparent and free.  To do otherwise makes you appear greedy, since developers are not dumb – they know you are monetizing their work for yourself. As an open source developer, I resent the use of your installer and the deceptive advertising.  Because I do no believe that you are still willing to host open source software without monetizing it, I will no longer be using SF to host my projects. Dice should stick to its core business instead of picking a fight with the open source community.

  3. Dev1 Nov 14, 2013 at 6:41 pm #

    If you think that hand-waving away the concerns by making adware more transparent or whatever is going to win back favor from the community, I’ve got some bad news for you.  Whether or not 3 or 300,000 applications are using

  4. JasonTreadwell Nov 14, 2013 at 9:12 pm #

    I used to see sourceforge as a reliable source. Now when searching software and see a link for sourceforge, I run away, assuming it is some sort of scamware of malware. So sad, as many in the open source community once flocked here, but the trust has been erased. It’s only a notch or two above MacKeeper on the scamware levels…

  5. happyskeptic Nov 15, 2013 at 5:59 am #

    Recently the only safe way for normal users to download something from Sourceforge was with an ad-blocker, otherwise they got tricked into installing malware and crapware by those big green ‘Download Now’ ads that appear on every download page. All this post says is that the deceptive big green buttons are now going to start appearing in the installers as well.  Notice how in the Filezilla installer on the page where it presents the malware/crapware it has a greyed-out ‘Decline’ button and a big green ‘Accept’ button. This is clearly designed to trick users who are used to clicking ‘Accept’ through SW license agreements during installs, and associate the ‘Decline’ option with cancelling the installation. A fairer wording would be ‘Install Filezilla without installing promotional software’ or ‘Install Filezilla with promotional software’, with both buttons in green!

  6. cquirke Nov 15, 2013 at 3:51 pm #

    What you are suggesting is stepping on ants, one by one – we’re supposed to tell you when you are hosting bad ads (implying you have no control or monitoring in place) and then you “may” act.  That’s playing whack-a-mole, and pretty much ensures you will still have bad ads at any time, on the basis that “no-one has complained” (yet).

  7. galoppini Nov 15, 2013 at 6:39 pm #

    @cquirkeUnfortunately there is no other way around. Take the adsense page, it says that in order to block ads you have to      Enter the [exact!]display URL shown on the ad or the destination      URL to block new and existing ads. There is no way to know in advance what kind of ads would be displayed, and having over 300.000 projects we might hardly be able to remove all confusing ads if we do not get help from the community.

  8. chilinux Nov 19, 2013 at 12:13 am #

    The idea that a close source installer can be fully transparent sounds like marketing double talk. A key point made by the GIMP project was: >  “[they] strongly encourage the top projects to use a new (closed source only) installer” SourceForge not only seems to have missed this key point but has completely reversed it’s previous position on Open Source being a key component to transparency. Instead, SourceForge claims: >  “The DevShare program has been designed to be fully transparent. The installation flow has no deceptive steps…” Who says it has no deceptive steps? How do I audit the source code to the installation flow? For anyone that reads the SourceForge blog, this seems to be a very jarring change in prospective on the part of SourceForge. Several previous SourceForge blog posts bring up transparency, but always in the context Open Source Software. Before November 2013, I can’t find any SourceForge blog posts that refer to close source as “fully transparent.” I also can’t find any other SourceForge blog post that tries to claim close source software contain no deceptive steps. Once SourceForge is able to make the leap that a close source installer is fully transparent, there really is no common ground to continue a discussion on. It isn’t a matter of a third party being a bad actor, SourceForge itself is the bad actor.  Bottom line, this SourceForge blog post which backs the use of a close source installer is proof of erosion taking place on fundamental ideal of the foundation of SourceForge.

  9. Free Willy Nov 19, 2013 at 3:31 am #

    Offering things for free to the public and establishing a cash flow by selling ads is the only business model that keeps the Internet alive. The free offer like all these beautiful cloud services or search engines or social networks are the baits. The fish is data to precisely place ads.  So even Microsoft discovered this a few month ago and now eagerly tries to use Windows 8.1 as a platform for this. Nevertheless this business model is completely unethical, because it forces people to pay for something  they never ordered just by taking some beer or chocolate from the supermarket. So if South Forge is a valuable service and distributes great software, both developers and downloaders should pay for it. But dont try to become an orgainsation like mozilla that claims to be open und for free and in reality earn tens of millions of dollars just by favoring Google as a Starter Page and using Google “technology” for scanning sites to profile the user.

  10. galoppini Nov 19, 2013 at 6:21 pm #

    @DeveloperWe are fighting deceptive advertising and do not want it on our site.  We have no interest in revenues from deceptive advertisers.  We have layers of protection to stop these ads coming in from ad networks, but no level of protection stops it completely – so we need the communities help.  You can help us prove the point that we don’t want revenue from deceptive advertisers. We do not bundle any project without their consent, and it has never been our intention to do so. DevShare partners have opted-in and are all paid on a revenue-sharing basis.

  11. galoppini Nov 19, 2013 at 6:35 pm #

    @happyskepticFilezilla’s installer flow has been throughly discussed and reviewed with the project’s admin, both for what concerns the installation flow and how offers are presented. You can actually choose to either ‘Accept’ or ‘Decline’ the offer, while many installers have just a ‘Next’ button. The description of the additional offer provides information, and the install requires a positive opt-in from the user. Last but not least you have a link to a web page describing why you’re seeing this offer.

  12. galoppini Nov 20, 2013 at 3:19 am #

    chilinuxThanks for your feedback. We disagree that we strongly encourage top projects to join the DevShare program. The Gimp-Win Administrator wrote this to us – “while you (Sourceforge) were offering the bundle, when I said I’m not interested, that was it.”  Feel free to ask him for confirmation.  We informed our projects about the program and some of them asked to talk to know more. About deceptive steps. The DevShare program is compliant with Google’s strictest policies about secondary offerings, moreover we received positive feedback from community members as the OSI Director Simon Phipps.  Along the line of the upcoming blueprint we’ll consider if creating an open source installer would make a difference to our community.

  13. chilinux Nov 20, 2013 at 6:14 am #

    galoppini Your welcome for the feedback.  Thank you for your reply. Getting endorsements is not the same as transparency. In regards to Google, several of the RSS feeds I monitor have had recent reports about Google being fined between $17 million and $22.5 million in the Safari privacy case.  Also, there has been an on-going stream of articles about members of the security community claiming problems with malware distributed via the Google Play application store.  So, if Google has such great policies in place to stop deceptive activity, why are they having so much trouble actually stopping it?  And if it is Google we should put our trust in, why don’t we just move our projects to Google Code and the binary downloads to Google Docs? I understand that OSI Director Simon Phipps may have positive things to say about money being invested back into projects on SourceForge via the DevShare program.  But  do you have any quotes from Simon Phipps which indicate that he believes close source programs to be just as transparent as open source programs?  The claim of “positive feedback” is also not an indication of transparency. It is being able to actually audit the activity of a company or program that results in transparency.  If you want instead to play the game using the names of impressive companies or people as the right way to handle this, then I can play that game too.  I can produce several quotes that are very favorable towards Enron.  None of them would change what Enron was or did but they would be quotes from key companies and people.  I want SourceForge to be something more than the Arther Andersen of project hosting.  It is my hope that you want that as well. What bothers me the most, is no one has explained the “cost” which would be involved in the DevShare program being based on truly fully transparent open source installer.  For example, if secondary offerings where provided by a NullSoft Installer and publically available NSIS script, then would installs of the secondary offering be worth less?  Is clicking to install a secondary offering from a closed source installer actually worth more than clicking to install a secondary offering from an open source installer?  What is the percentage difference in worth between an install performed by an open installer vs. a closed installer?  Please explain to me if DevShare is already “designed to be fully transparent” then why does it require the installer to be closed source? Thanks again for your reply.

  14. wanderson1 Nov 20, 2013 at 1:23 pm #

    About two thirds of my friends and/or family members attempting to download Free/Open Source Software (FOSS) from Sourceforge that I recommend end up “inadvertently” downloading some proprietary crap to their Windows machines. In reviewing their experiences, I fully understand how difficult it has become for innocent persons – and even for me if not paying astute attention to a ‘simple’ download, to discern the differences  between the desired application download versus some bloatware, even with the download process itself. Sourceforge must have a, “enforced”  process by which  any ‘proprietary’ download or other type category application is ‘explicitly” clarified – clearly and obviously displayed – as not being part of or necessary to the FOSS application download, before the download process begins. Anything else is deceit.

  15. RAINMAN Nov 20, 2013 at 5:07 pm #

    last week i downloaded a program from sourceforge with one of those “transparent” installers….at first i was somewhat shocked, having to carefully- very carefully re-read, and then re-read again, so i did not end up with some crap/garbage on my computer: i found the wording, and layout TO BE VERY DECEPTIVE-AS TO TRICK ME INTO ALLOWING UNWANTED MATERIAL!!!! i made it past the B.S.-but it would have BEEN VERY EASY TO HAVE MADE A MISTAKE WITHOUT TREATING IT LIKE A LAWYER DOES WITH A LEGAL DOCUMENT!!!! my shock has slowly turned to sadness: as i am realizing the full implications: MY TRUSTED SOURCEFORGE IS SELLING IT’S SOUL-WITHOUT TRUST- THE FOUNDATION WILL CRUMBLE-ALL THAT WAS GOOD -ALL THAT WAS CAMELOT WILL BE JUST A FADING MEMORY!       PLEASE-THINK THRU THIS CAREFULLY……SOURCEFORGE IS AT THE CROSSROADS!!! thank-you, RAINMAN- one of many loyal subjects-one who still wants to believe that Camelot still shines brightly!

  16. galoppini Nov 25, 2013 at 3:41 pm #

    @Free Willy Are you suggesting we charge a minor fee for downloading on a per download basis?  Interesting suggestion.

  17. galoppini Nov 25, 2013 at 3:43 pm #

    wanderson1 Thanks for your feedback on the “enforced” process, we’ll take it into consideration as we work through the new blueprint.

  18. xsudo64 Nov 26, 2013 at 1:22 pm #

    galoppini PLEASE don’t charge us or the developers for downloads. Adware can be avoided (though a pain) it’s still worth the promotion of FOSS.

  19. xsudo64 Nov 26, 2013 at 1:23 pm #

    galoppini PLEASE don’t charge us. Adware is farely easy to  maneuver  around, and it’s worth having free software!

  20. matfanjol Dec 3, 2013 at 9:53 am #

  21. galoppini Dec 11, 2013 at 9:44 am #

    chilinuxThanks again for your further comment. We agree that endorsements are different than transparency, however, Simon Phipps described how what we do matches his own seven metrics for identifying best practice in download services.  We scored pretty well and one metric is specifically – transparency.  As per Simon, “All installer behavior is transparent; no surprises or side effects, including global system changes.”  So in this case, the fact that we are transparent was part of the broader endorsement. Google policies about how secondary offers are proposed to end-users are the strictest on the market.  Talking about Google Code we’re actually observing the opposite pattern: some projects hosted on google code are now moving their downloads to SourceForge, since Google will soon eliminate that service. Last but not least, we’ll consider if making our installer open source would make a difference to our audience, stay tuned for reviewing our blueprint.

  22. galoppini Dec 11, 2013 at 9:51 am #

    JasonTreadwell , thank you for your criticism which we disagree with and many in the open source community do as well.  That said, we want everyone to use Sourceforge and look forward to winning back you trust – thank you for letting us know because we have to hear all feedback to make the best possible service for everyone

  23. galoppini Dec 19, 2013 at 4:30 pm #

    @RAINMAN There are so few projects that are part of the devshare program that I’m what you ran into was someone else’s installer.  Just last week, we had to remove a project (fromimagestovideos) because it was bundling a search engine that was not easy to remove.  Can you share the project with me? We have work to do on the blueprint and your input is being heard– on our installer all offers are clearly presented and transparent.  If this was someone else’s installer, this is the issue we were trying to address with the devshare program in the first place.

  24. galoppini Dec 27, 2013 at 8:16 am #

    For further comments and feedback everyone is invited to use at our forum, thanks.

  25. jeez May 28, 2015 at 6:36 am #

    I guess I won’t be donating to sourceforge anymore, as you have decided to go this alternative financing route. If you ask for donations, you better not have any of this adware crap. Good luck with your choices.


  1. SourceForge: Advertising, Bundling, Community and Criticism | Enjoying The Moment - Nov 14, 2013

    […] via Hacker News […]

  2. The Geek’s Reading List – Week of November 15th 2013 | thegeeksreadinglist - Nov 14, 2013

    […] […]

  3. Siti Internet Aziendali » SourceForge: solo pubblicita’ gradita - Nov 18, 2013

    […] alle critiche sollevate in Rete, SourceForge non fa ammenda ma promette ora trasparenza e libertà di scelta. Il repository, che già lavorerebbe con i network di […]

  4. The Reddit - SourceForge Lynch Mob - FOSS Force - Nov 22, 2013

    […] Thursday, in an attempt at damage control, the folks at SourceForge explained the DevShare program in some […]

  5. Linux Outlaws 327 – Sausage Input Protocol | Sixgun Productions - Nov 24, 2013

    […] SourceForge defends its installer and ads […]

  6. Promised: No Bundled Installers, No Toolbars, No Unfair Advertisements | Greenshot - Feb 4, 2014

    […] We are not alone: the developers of the open source image editor GIMP no longer upload their releases to the SourceForge file system; for the sake of completeness and fairness, here is SourceForge’s statement regarding to this discussion. […]