SoylentNews is people
SoylentNews
from the this-is-not-the-host-you-are-looking-for... dept.
Google, or someone using their hosting service, noted that SourceForge had established a mirror to the official GIMP-for-Windows site and were now offering downloads which contained adware:
It appears that +SourceForge took over the control of the 'GIMP for Windows' account and is now distributing an ads-enabled installer of GIMP. They also locked out original owner of the account, Jernej Simončič, who has been building the Windows versions of GIMP for our project for years.
So far they haven't replied to provide explanations. Therefore, we remind you again that GIMP only provides builds for Windows via its official Downloads page.
SourceForge's mirrored sites facility is described thus:
The Open Source Mirror Directory is an extension to our existing software directory, where we'll be mirroring projects that are not hosted on SourceForge, and SourceForge projects that have been abandoned.
The problem, though, is that GIMP-for-Windows is not an abandoned project, but moved from SourceForge to Google because the writers "had concerns about the presence of misleading third-party ads on SourceForge".
SourceForge has responded, acknowledging that Gimp-Win had abandoned SourceForge due to misleading ads and claim "They were not alone in those concerns — we were also concerned — leading us to establish a program to enable users and developers to help us remove misleading and confusing ads." They also admit "Mirrored projects are sometimes used to deliver easy-to-decline third-party offers..." which suggests that they have merely changed the way that they deliver their ads - but not necessarily the ad's content. So, some might say, they've rectified the situation by providing both misleading ads and misleading hosting.
SourceForge also say "Since our change to mirror GIMP-Win, we have received no requests by the original author to resume use of this project. We welcome further discussion about how SourceForge can best serve the GIMP-Win author." Perhaps letting the writer choose where he hosts his project would be a good place to start.
Sourceforge hijacks GIMP For Windows project, adds malware to downloads
SourceForge (SF) has taken over control of the GIMP for Windows SF project and is now distributing an adware/malwared installer for GIMP. They also locked out the maintainer, Jernej Simončiči. Sourceforge claims it was "abandoned" and they're providing a service by "mirroring" the original, though it's unclear how much value malware adds for the end user, rather than for SF. (This comes two years after SF claiming its malware was just "misunderstood".)
Since being busted, SF is now serving an .exe that matches that at the official download site.
Other projects recently hijacked by SF include many Apache projects (Allura, Derby, Directory Studio, the Apache HTTP server, Hadoop, OpenOffice, Solr, and Subversion); Mozilla Firefox, Thunderbird, and FireFTP; Evolution and Open-Xchange; Drupal and WordPress; Eclipse, Aptana, Komodo, MonoDevelop, and NetBeans; VLC, Audacious, Banshee.fm, Helix, and Tomahawk media players; and many others.
[Editor's Comment: First Submission and 2nd Submission. Submissions significantly edited before publication]
(Score: 4, Informative) by MrNemesis on Thursday May 28 2015, @04:04PM
...this story, despite being submitted to TOGS (in related news, anyone checked out their firehose recently? It seems to have turned into Craiglist), hasn't made their front page yet. I assume the editors are too busy fucking up their CSS and putting in polls about Max Max in as stories.
GIMP aren't exactly doing a great job of publicising their windows build however. Going to the old GIMP win32 page I get a "page obsolete, look on our downloads page". On the downloads page there's no windows builds listed, only a set of hashes for the source tarballs and a link off to darkrefraction.com for nightlies. To find the windows exe, along with the actual source tarballs, you've got to hit the download site which is given less prominence than the list of MD5's and for the windows builds, spot the directory at the bottom of the page. And why make users compare versions instead of just having a nice "latest" at the top and the specific versions underneath instead of having to spot that the most recent version is in the middle of the list? Heck, I'd argue that most visitors hitting the GIMP site would be after the windows build because shurely most *nix users would be installing it through their distro repositories...? It all seems a bit "beware of the leopard" to me.
Small wonder then that piss-poor sites like Dice is wont to take control of are taking advantage of GIMP not publicising their builds terribly well...
http://www.gimp.org/windows/ [gimp.org]
http://www.gimp.org/downloads/ [gimp.org]
http://nightly.darkrefraction.com/gimp/ [darkrefraction.com]
http://download.gimp.org/pub/gimp/v2.8/ [gimp.org]
http://download.gimp.org/pub/gimp/v2.8/windows/ [gimp.org]
"To paraphrase Nietzsche, I have looked into the abyss and been sick in it."
(Score: 1, Informative) by Anonymous Coward on Thursday May 28 2015, @06:33PM
I dunno, the Gimp for Windows link is right on the Downloads page. It's the largest text on the page and it's right at the top if your user agent says you're running Windows (the only other version with similarly large text is for the OSX version, assuming you're seeing the whole list and not just the user-agent detected version).
http://www.gimp.org/downloads/ [gimp.org]
The source tarballs and nightly link is a fair bit below that.
They should probably make it bigger though, and make the gimp.org/windows/ an autoredirect to that section of the page.
(Score: 3, Informative) by MrNemesis on Thursday May 28 2015, @09:56PM
Aha - I think this is where RequestPolicy kicked in. Apparently the version detection doesn't kick in unless you allow requests to ajax.googleapis.com; once that's enabled the HTML for the windows version is loaded, if not it completely invisible.
"To paraphrase Nietzsche, I have looked into the abyss and been sick in it."
(Score: 0) by Anonymous Coward on Friday May 29 2015, @05:57PM
I wonder if this OS detection is the reason why I so often can't find the links to Windows versions of software to send to people via internet chat... I often like to send direct links to make sure people get the correct version, but quite often have great difficulty tracking down those links.
I had to click "other versions" under what appeared to be a section titled "GIMP for Unix-like systems" which I didn't expect to contain anything other that more Unix versions. Had I not read your post saying that the link was there, after scanning the page, I would have assumed it wasn't and went straight to the FTP servers looking for it like the GP did.
Pages hiding portions of their content behind javascript is really confusing, and completely unnecessary as it isn't as if space is limited. Correct design such as putting "choose your OS" links at the top of the page would eliminate the need to scroll through the page without hiding anything from anyone. If one really wants to detect the OS, it would be better just to highlight that version and maybe display it first rather than remove all of the links to the other versions.