When people download software from SourceForge, or any major repository of Open Source software, they expect the software to be trustworthy. (baring unintentional bugs)
They do not expect the software to be a source of “drive by installer†style malware, spyware, adware, or any other unrelated/unintended software.
SourceForge’s new owners, Dice, have consciously and deliberately moved to a model violating this trust.
With their recent changes, users downloading from SourceForge now receive a special closed source installer which attempts to foist unrelated third party software onto them.
View the full article