Can SourceForge regain its credibility?

SourceForge alienated many Linux users and developers a while back when the site was plagued with malware ads and other problems. Now SourceForge has a new owner, but is it too late for SourceForge to regain credibility with the open source community?

[ Also on InfoWorld: 19 open source GitHub projects for security pros. | Discover how to secure your systems with InfoWorld's Security newsletter. ]

Sean Gallagher reports for Ars Technica:

SourceForge, under DHI's ownership, had become a den of deceptive advertising, with download pages filled with "advertisements" that disguised themselves as download buttons. These ads were often "malvertising," linked to borderline or even malicious downloads. And they were frustrating to developers. Despite DHI's pledge to police the ads, they continued to spread--and many developers moved their projects to their own sites.

But even as some projects checked out, SourceForge continued to host many departed open source projects--"mirroring" them without developers' knowledge and in some cases wrapping them in custom installers that doubled as a revenue source. The adware installers were part of SourceForge's "DevShare" program, which was originally intended to be a voluntary revenue-sharing program--generating money both for Slashdot and those hosting their software on the site.

When the acquisition closed, Abbott said, "The first thing we did was eliminate the DevShare program that bundled adware in installers." While DHI said that it had ended the practice of using DevShare installers with open source mirrors after the controversy boiled over last summer, the "bundle" offers were still a major chunk of the revenue strategy for the site before the acquisition.

There are still ads--and lots of them, since SourceForge's business model is driven by advertising. But the company put a staff member full time on the job of hunting down deceptive download button ads and blacklisting the advertisers behind them. "Ninety-nine percent of these ads are removed," Abbott noted, "and we are about to roll out a reporting system where any user can report a bad ad for blacklisting. We have not announced this yet, but it is live for 30 percent of our user base and will be fully live by the end of this week."

More at Ars Technica

Readers of the SourceForge article had...