Status
Not open for further replies.

Littlebits

Retired Staff
Joined
May 3, 2011
Messages
3,868
#1
SourceForge’s new Installer bundles program downloads with adware.

If you have been downloading programs from SourceForge in the last days, you may have noticed that some do not provide you with direct downloads of the programs anymore. Instead, you download something called SourceForge Installer which bundles the software with third party offers used for monetization.

This is in fact similar to how some download portals are offering downloads right now. Programs like FileZilla or Hotspot Shield have joined SourceForge's DevShare program which is currently in beta. It aims to offer a new funding option for Open Source projects.

While that is a legitimate cause, it at the same time puts the site into a shady corner of the Internet right next to other illustrious sites such as Download.com. The core difference here is that on SourceForge, software developers profit from the inclusion, while they do not profit at all from it on third party download sites.

SourceForge Installer

There is no mentioning of the SourceForge Installer when you click on a file to download it to your system. You won't notice any difference if you are download versions for Linux or Mac, as they do not come with the installer included. So, no changes for those operating systems.

Windows users who click on the default download option will however receive the message on the download page that the "SourceForge Installer download will start". It is a small installer that bundles the program with the advertisement. A download wrapper of sorts which means that you do need an Internet connection when you run it.



Source
 

Littlebits

Retired Staff
Joined
May 3, 2011
Messages
3,868
#3
Sourceforge is no longer a trusted download site, only offering online installers that download a bunch of crap to your temp folders even if you decline the adware. I just downloaded an installer and launch it in Sandboxie decline all adware and still I couldn't believe all of the temp files it downloaded. Only download zip files from Sourceforge and you want get the adware installers.

Thanks. :D
 

MrXidus

Super Moderator (Leave of absence)
Joined
Apr 17, 2011
Messages
2,171
#6
Well now that's a shame to hear. Money gets the best of everyone tho.

Hopefully once they make the money they need from this they revert back to not providing users with adware and crap file infested installers, CNET went this route and I haven't used them since.

Softpedia, MajorGeeks and Filehippo are still my top 3 favorite download websites all offering fast speeds and no adware bundled crapware installers.

Thanks.
 

Littlebits

Retired Staff
Joined
May 3, 2011
Messages
3,868
#7
I'm sure some open-source software developers will move their projects to other hosting sites since this will cause them to loose users.

Some have already moved to Google Code.

Thanks. :D
 

Spawn

Administrator
MalwareTips Team
Verified
Joined
Jan 8, 2011
Messages
17,570
Operating System
Windows 10
Antivirus
Windows Defender
#8
Another alternative is Github.
https://github.com

I read on Wikipedia, Free accounts for open-source projects.
 
Joined
Jul 28, 2013
Messages
95
#9
What a shame for free and open-source project community.

Any another recommendation? for my project
http://sourceforge.com/projects/viratt
 

Littlebits

Retired Staff
Joined
May 3, 2011
Messages
3,868
#10
xpressive said:
What a shame for free and open-source project community.

Any another recommendation? for my project
http://sourceforge.com/projects/viratt
Try Google Code, a lot of open-source developers have already moved their products there.

Thanks. :D
 
Joined
Jul 28, 2013
Messages
95
#11
Littlebits said:
xpressive said:
What a shame for free and open-source project community.

Any another recommendation? for my project
http://sourceforge.com/projects/viratt
Try Google Code, a lot of open-source developers have already moved their products there.

Thanks. :D
Thank you very much, now I just need to discuss with my team. :D
 
Joined
Aug 10, 2013
Messages
3
#13
Sourceforge.net wrongly tolerates installers infected with opencandy malware

this is nowhere near as eggregious as SourceForge hosting the opencandy MALWARE

adware that runs with admin context is absolutely malware

the option to see ads ought happen before one downloads: [ adware or actual-freeware ]

opencandy adware is malware because it fails to attain INFORMED consent

opencandy adware is malware because it "serruptitiously" scans your machine without first obtaining opt-in then leaves junk behind post-install or uninstlal
 

Littlebits

Retired Staff
Joined
May 3, 2011
Messages
3,868
#14
substantive said:
this is nowhere near as eggregious as SourceForge hosting the opencandy MALWARE

adware that runs with admin context is absolutely malware

the option to see ads ought happen before one downloads: [ adware or actual-freeware ]

opencandy adware is malware because it fails to attain INFORMED consent

opencandy adware is malware because it "serruptitiously" scans your machine without first obtaining opt-in then leaves junk behind post-install or uninstlal
Actually this adware installer provided by Ask.com is even worse then OpenCandy. It leaves behind more junk, doesn't have clear opt-out options on their installers and bundles more adware. Even if you pay close attention to the installer, you have to click cancel on the adware to opt-out, unselecting adware doesn't always work, the installer for the adware covers up the installer for the program that you want to install, the cancel button appears to cancel the complete installation process, so many users will click next then the adware installs.

To block all connections to this Ask.com adware bundles add the following lines to your host file, it is recommended to use HostsMan:

Code:
127.0.0.1 pipoffers.apnpartners.com
127.0.0.1 www.pipoffers.apnpartners.com
127.0.0.1 ak.pipoffers.apnpartners.com
127.0.0.1 www.ak.pipoffers.apnpartners.com
127.0.0.1 apnpip.ask.com
127.0.0.1 www.apnpip.ask.com

Also will block the installation of the Ask Toolbar if you forget to opt-out.

Enjoy!! :D
 
Status
Not open for further replies.