Fifteen years ago, the deep tech side of the Internet was a vastly different place. Geek news aggregator Slashdot was the place to go for all the latest IT and open source news and discussion, and SourceForge was the spot for open source project hosting and distribution. Much like MySpace, it seemed that these two stalwarts of the open source community would reign forever.
Much like MySpace today, these two sites now live mainly on the margins, and at least in the case of SourceForge, that's been of its own doing.
Based on its actions over the past few weeks, it appears that SourceForge is actually trying to provide a concrete example of how to completely destroy a previously successful business. According to statistics provided by SourceForge itself, the site hosts 430,000-plus projects with more than 3.7 million registered users, and pushes 4.8 million downloads a day.
I would tend to doubt that many of those 3.7 million users are active, but the fact remains that SourceForge was the top open source project hosting service for many years. Now it appears to be setting itself on fire as it completes its descent into irrelevance. Worse, it’s also tarnishing the names of many open source projects as it goes.
Recently, SourceForge began taking over projects it was hosting and wrapping their installers with adware/malware. Put into plain English, SourceForge was subverting its own users projects in order to push crapware on unwitting downloaders. The ads and adware/malware pushed through these methods bring payments back to SourceForge.
This practice has not been limited to small or abandoned projects (as some defenders have said). In fact, SourceForge has been doing this to downloads of stalwarts Apache, Audacity, LibreOffice, GIMP, MySQL, PostgreSQL, VLC Media Player, Thunderbird, VirtualBox, WordPress, and many, many others. These are hardly small, abandoned projects. They are major infrastructure services and extremely popular desktop applications. Somehow, SourceForge got the idea that users downloading MySQL might want to install some horrible online backup software or adware masquerading as a virus checker at the same time.
To do this, SourceForge has essentially taken over the management accounts of these projects -- which have mostly left SourceForge due to the fact that it hasn’t kept up in terms of features and resources -- and altered them to bundle these “offers” with their installers. SourceForge is mirroring the releases so that they appear to be current, when they’re actually dormant on SourceForge’s site.
Basically, these projects left SourceForge for bigger and better pastures at competitors such as GitHub, and now SourceForge is keeping their old accounts alive as zombies, pushing out ads and unwanted bundled software upon those unlucky enough to choose to download the software from SourceForge rather than from the current home of the project. It’s disgusting.
What we are witnessing is a series of increasingly poor decisions that have gutted an entity that once held a position of respect in a massive community. The same may be happening to Slashdot, which also appears to be falling by the wayside. Both SourceForge and Slashdot were acquired 18 months ago by DHI Group. Although the group said it planned no significant changes, in addition to this nonsense with SourceForge, it has been trying to rework Slashdot and make it more generic, which resulted in a boycott last February. Frankly, a little more than a year later, I’m not sure that many people care enough anymore.
It appears that we have to toss these sites on the same bonfire that claimed MySpace, as well as Pets.com, GeoCities, AltaVista, and untold thousands of other cratered ventures. Losing Slashdot and SourceForge in this way hurts more, however. It would have been better if they had simply closed shop. For SourceForge to continue to live on as a zombie, hawking crapware to users who are starting to experiment and learn about open source software is a fate worse than death.