Home > Computing > SourceForge takes liberties with open-source…

SourceForge takes liberties with open-source software, uses it to push advertisements

For many, open-source image editing tool GIMP is the ideal low-cost alternative to Adobe Photoshop — but it seems that code repository SourceForge has found another use for the software. The site has apparently taken control of the account that hosts the program on SourceForge servers, and is manipulating the installer available to users.

The application is intended to be distributed freely, but SourceForge has sneakily crammed a few ads for services like Norton AntiVirus and MyPCBackup into its installer. Users smelled a rat, and the tool’s developers were just as surprised, according to a report from Ars Technica.

Jernej Simončič, the developer behind the Windows version of GIMP, operates a SourceForge account to act as an alternate method for users to download the software. Simončič is no longer able to access that account, which has been transferred to SourceForge staff user ‘sf-editor1’.

SourceForge is defending the practice by claiming GIMP’s account was abandoned. Members of the software’s open source community dispute that claim, however. The website didn’t directly address the addition of ads to the software, instead directing to an earlier blog post about how the site’s users can help find and remove unwanted ads.

The account-snatching doesn’t seem to stop there. A number of other open-source programs have reportedly been claimed by ‘sf-editor1’, including some very broadly used applications. Mozilla Firefox, VLC media player, the WordPress CMS and many of the Apache Foundation’s projects are among the pieces of software affected.

Related: I’m in the empire business: Breaking Bad themed malware

It seems that the individual accounts that uploaded these applications to the site have been closed, but SourceForge staff has made the decision to keep the files available for download. That could be viewed as a way to help this open-source code reach as many people as possible, but the addition of ads to installer clients will likely raise the ire of many users.

Whatever the reasoning behind the ads, locking developers out of the process seems like risky ground for SourceForge to be walking. The open-source movement is founded on trust and respect for one another’s work — abusing it may well come back to bite the site if their next move doesn’t demonstrate some good will towards the development community.