[Salix-main] Sourceforge new policy

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

[Salix-main] Sourceforge new policy

Dimitris Tzemos-3

Hello. I was just want to share with you some thoughts.

Yesterday i uploaded two isos of slackel-openbox on sourceforge servers.

I was surprised to take in slackel malware page (only developers can see it) the message below

"Malware Summary

Listed below are files within the project that have been identified by our malware scanners as containing potentially malicious or unwanted software. This summary is only viewable by admins of the project.

If you feel there is a legitimate reason for any of these files to contain known malware signatures, or are otherwise deserving of consideration for whitelisting, please submit a support ticket here. Please delete any others, and optionally re-upload them once you're confident they are clean"

I thought it was flash-plugin and faad2 included in isos. So i removed these two files and re-uploaded the isos, in a staged folder. Again i received same message.

Since as they say here they have a new policy now. https://sourceforge.net/blog/category/sitestatus/

So wrote a ticket to them 

"Hello. Why these iso files are malware or having unwanted software. It is slackel distribution isos. Slackel is based on Slackware and Salix. Slackel joined sourceforge since 2010-11-16
openbox/beta/slackellive64-openbox-6.0.5.iso
openbox/beta/slackellive-openbox-6.0.5.iso

What is going on? If you for any reason do not want slackel to exist on sourceforge. It is more honest to tell about clearly.

Sincerelly
Dimitris Tzemos
Electrical Engineer graduate of Democritus University of Thrace Greece
Teacher at 1st technical school of Agrinion Greece."


What a pity. For openshource projects. Since sourceforge was sold to a new company.

So, since sourceforge has this policy. Slackel is dead and it will be developed for personal use only since this was also the reason first created on 2001. I use it since then for my main everyday OS.

Dimitris Tzemos






------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main
Reply | Threaded
Open this post in threaded view
|

Re: [Salix-main] Sourceforge new policy

Thorsten M.-2
Hi Dimitris,

have a look here:
https://en.wikipedia.org/wiki/SourceForge#Controversies
AFAIK Sourceforge has/had a bad reputation because it has added unwanted
AdWare to installers. According to the new owner these practices should
be completely eleminated now to get a better reputation again. Probably
they also add malware scanning for the same reason and you are just
getting false positives with your Isos.

Thorsten


Am 25.04.2016 08:06 schrieb Dimitris Tzemos:

> Hello. I was just want to share with you some thoughts.
>
> Yesterday i uploaded two isos of slackel-openbox on sourceforge
> servers.
>
> I was surprised to take in slackel malware page (only developers can
> see it) the message below
>
> "Malware Summary
>
>  Listed below are files within the project that have been identified
> by our malware scanners as containing potentially malicious or
> unwanted software. This summary is only viewable by admins of the
> project.
>
>  If you feel there is a legitimate reason for any of these files to
> contain known malware signatures, or are otherwise deserving of
> consideration for whitelisting, please submit a support ticket here
> [1]. Please delete any others, and optionally re-upload them once
> you're confident they are clean"
>
> I thought it was flash-plugin and faad2 included in isos. So i removed
> these two files and re-uploaded the isos, in a staged folder. Again i
> received same message.
>
> Since as they say here they have a new policy now.
> https://sourceforge.net/blog/category/sitestatus/ [2]
>
> So wrote a ticket to them
>
> "Hello. Why these iso files are malware or having unwanted software.
> It is slackel distribution isos. Slackel is based on Slackware and
> Salix. Slackel joined sourceforge since 2010-11-16
>  openbox/beta/slackellive64-openbox-6.0.5.iso
>  openbox/beta/slackellive-openbox-6.0.5.iso
>
> What is going on? If you for any reason do not want slackel to exist
> on sourceforge. It is more honest to tell about clearly.
>
> Sincerelly
>  Dimitris Tzemos
>  Electrical Engineer graduate of Democritus University of Thrace
> Greece
>  Teacher at 1st technical school of Agrinion Greece."
>
> What a pity. For openshource projects. Since sourceforge was sold to a
> new company.
>
> So, since sourceforge has this policy. Slackel is dead and it will be
> developed for personal use only since this was also the reason first
> created on 2001. I use it since then for my main everyday OS.
>
> Dimitris Tzemos
>
>
>
> Links:
> ------
> [1]
> https://sourceforge.net/p/forge/site-support/new/?summary=Malware%20whitelist%20request%20for%20slackel&description=Specify%20filename,%20virus%20signature,%20and%20other%20details%20here&labels=malware
> [2] https://sourceforge.net/blog/category/sitestatus/
>
> ------------------------------------------------------------------------------
> Find and fix application performance issues faster with Applications
> Manager
> Applications Manager provides deep performance insights into multiple
> tiers of
> your business applications. It resolves application problems quickly
> and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>
> _______________________________________________
> Salix-main mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/salix-main

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main
Reply | Threaded
Open this post in threaded view
|

Re: [Salix-main] Sourceforge new policy

Dimitris Tzemos-3
Hi Thorsten. Nice to talk again to you. :-)

Ok. I can move these files from staged folder to become public
available. But as they mention in their message a link about malware
software will appeared while users download the isos.

But as you said i have nothing to loose. I will make these isos public
available and see what will happen. :-)

But if someone use sourceforge for sale things as they say they can
close this site. And not do this. Smae in salix forums, we ban any user
write about sale sites.

Dimitris


On 25/04/2016 09:56 πμ, Thorsten M. wrote:

> Hi Dimitris,
>
> have a look here:
> https://en.wikipedia.org/wiki/SourceForge#Controversies
> AFAIK Sourceforge has/had a bad reputation because it has added unwanted
> AdWare to installers. According to the new owner these practices should
> be completely eleminated now to get a better reputation again. Probably
> they also add malware scanning for the same reason and you are just
> getting false positives with your Isos.
>
> Thorsten
>
>
> Am 25.04.2016 08:06 schrieb Dimitris Tzemos:
>> Hello. I was just want to share with you some thoughts.
>>
>> Yesterday i uploaded two isos of slackel-openbox on sourceforge
>> servers.
>>
>> I was surprised to take in slackel malware page (only developers can
>> see it) the message below
>>
>> "Malware Summary
>>
>>   Listed below are files within the project that have been identified
>> by our malware scanners as containing potentially malicious or
>> unwanted software. This summary is only viewable by admins of the
>> project.
>>
>>   If you feel there is a legitimate reason for any of these files to
>> contain known malware signatures, or are otherwise deserving of
>> consideration for whitelisting, please submit a support ticket here
>> [1]. Please delete any others, and optionally re-upload them once
>> you're confident they are clean"
>>
>> I thought it was flash-plugin and faad2 included in isos. So i removed
>> these two files and re-uploaded the isos, in a staged folder. Again i
>> received same message.
>>
>> Since as they say here they have a new policy now.
>> https://sourceforge.net/blog/category/sitestatus/ [2]
>>
>> So wrote a ticket to them
>>
>> "Hello. Why these iso files are malware or having unwanted software.
>> It is slackel distribution isos. Slackel is based on Slackware and
>> Salix. Slackel joined sourceforge since 2010-11-16
>>   openbox/beta/slackellive64-openbox-6.0.5.iso
>>   openbox/beta/slackellive-openbox-6.0.5.iso
>>
>> What is going on? If you for any reason do not want slackel to exist
>> on sourceforge. It is more honest to tell about clearly.
>>
>> Sincerelly
>>   Dimitris Tzemos
>>   Electrical Engineer graduate of Democritus University of Thrace
>> Greece
>>   Teacher at 1st technical school of Agrinion Greece."
>>
>> What a pity. For openshource projects. Since sourceforge was sold to a
>> new company.
>>
>> So, since sourceforge has this policy. Slackel is dead and it will be
>> developed for personal use only since this was also the reason first
>> created on 2001. I use it since then for my main everyday OS.
>>
>> Dimitris Tzemos
>>
>>
>>
>> Links:
>> ------
>> [1]
>> https://sourceforge.net/p/forge/site-support/new/?summary=Malware%20whitelist%20request%20for%20slackel&description=Specify%20filename,%20virus%20signature,%20and%20other%20details%20here&labels=malware
>> [2] https://sourceforge.net/blog/category/sitestatus/
>>
>> ------------------------------------------------------------------------------
>> Find and fix application performance issues faster with Applications
>> Manager
>> Applications Manager provides deep performance insights into multiple
>> tiers of
>> your business applications. It resolves application problems quickly
>> and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>>
>> _______________________________________________
>> Salix-main mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/salix-main
> ------------------------------------------------------------------------------
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> _______________________________________________
> Salix-main mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/salix-main


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main
Reply | Threaded
Open this post in threaded view
|

Re: [Salix-main] Sourceforge new policy

Dimitris Tzemos-3
In reply to this post by Thorsten M.-2
Another thing. I am afraid the same will happen for salix isos. Since
they include the same software for stable. While slackel include current
slackware software.



On 25/04/2016 09:56 πμ, Thorsten M. wrote:

> Hi Dimitris,
>
> have a look here:
> https://en.wikipedia.org/wiki/SourceForge#Controversies
> AFAIK Sourceforge has/had a bad reputation because it has added unwanted
> AdWare to installers. According to the new owner these practices should
> be completely eleminated now to get a better reputation again. Probably
> they also add malware scanning for the same reason and you are just
> getting false positives with your Isos.
>
> Thorsten
>
>
> Am 25.04.2016 08:06 schrieb Dimitris Tzemos:
>> Hello. I was just want to share with you some thoughts.
>>
>> Yesterday i uploaded two isos of slackel-openbox on sourceforge
>> servers.
>>
>> I was surprised to take in slackel malware page (only developers can
>> see it) the message below
>>
>> "Malware Summary
>>
>>   Listed below are files within the project that have been identified
>> by our malware scanners as containing potentially malicious or
>> unwanted software. This summary is only viewable by admins of the
>> project.
>>
>>   If you feel there is a legitimate reason for any of these files to
>> contain known malware signatures, or are otherwise deserving of
>> consideration for whitelisting, please submit a support ticket here
>> [1]. Please delete any others, and optionally re-upload them once
>> you're confident they are clean"
>>
>> I thought it was flash-plugin and faad2 included in isos. So i removed
>> these two files and re-uploaded the isos, in a staged folder. Again i
>> received same message.
>>
>> Since as they say here they have a new policy now.
>> https://sourceforge.net/blog/category/sitestatus/ [2]
>>
>> So wrote a ticket to them
>>
>> "Hello. Why these iso files are malware or having unwanted software.
>> It is slackel distribution isos. Slackel is based on Slackware and
>> Salix. Slackel joined sourceforge since 2010-11-16
>>   openbox/beta/slackellive64-openbox-6.0.5.iso
>>   openbox/beta/slackellive-openbox-6.0.5.iso
>>
>> What is going on? If you for any reason do not want slackel to exist
>> on sourceforge. It is more honest to tell about clearly.
>>
>> Sincerelly
>>   Dimitris Tzemos
>>   Electrical Engineer graduate of Democritus University of Thrace
>> Greece
>>   Teacher at 1st technical school of Agrinion Greece."
>>
>> What a pity. For openshource projects. Since sourceforge was sold to a
>> new company.
>>
>> So, since sourceforge has this policy. Slackel is dead and it will be
>> developed for personal use only since this was also the reason first
>> created on 2001. I use it since then for my main everyday OS.
>>
>> Dimitris Tzemos
>>
>>
>>
>> Links:
>> ------
>> [1]
>> https://sourceforge.net/p/forge/site-support/new/?summary=Malware%20whitelist%20request%20for%20slackel&description=Specify%20filename,%20virus%20signature,%20and%20other%20details%20here&labels=malware
>> [2] https://sourceforge.net/blog/category/sitestatus/
>>
>> ------------------------------------------------------------------------------
>> Find and fix application performance issues faster with Applications
>> Manager
>> Applications Manager provides deep performance insights into multiple
>> tiers of
>> your business applications. It resolves application problems quickly
>> and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>>
>> _______________________________________________
>> Salix-main mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/salix-main
> ------------------------------------------------------------------------------
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> _______________________________________________
> Salix-main mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/salix-main


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main
Reply | Threaded
Open this post in threaded view
|

Re: [Salix-main] Sourceforge new policy

Dimitris Tzemos-3
In reply to this post by Thorsten M.-2
thorsten,

isos are ready for download. Even the warning is there for admin,

The users do not see anything and also till now there is no warning
about malware software when visitor click to download the iso.

Lets see what will happen in the next hours.

can test it. Links are here
http://www.slackel.gr/forum/viewtopic.php?f=3&t=174


On 25/04/2016 09:56 πμ, Thorsten M. wrote:

> Hi Dimitris,
>
> have a look here:
> https://en.wikipedia.org/wiki/SourceForge#Controversies
> AFAIK Sourceforge has/had a bad reputation because it has added unwanted
> AdWare to installers. According to the new owner these practices should
> be completely eleminated now to get a better reputation again. Probably
> they also add malware scanning for the same reason and you are just
> getting false positives with your Isos.
>
> Thorsten
>
>
> Am 25.04.2016 08:06 schrieb Dimitris Tzemos:
>> Hello. I was just want to share with you some thoughts.
>>
>> Yesterday i uploaded two isos of slackel-openbox on sourceforge
>> servers.
>>
>> I was surprised to take in slackel malware page (only developers can
>> see it) the message below
>>
>> "Malware Summary
>>
>>   Listed below are files within the project that have been identified
>> by our malware scanners as containing potentially malicious or
>> unwanted software. This summary is only viewable by admins of the
>> project.
>>
>>   If you feel there is a legitimate reason for any of these files to
>> contain known malware signatures, or are otherwise deserving of
>> consideration for whitelisting, please submit a support ticket here
>> [1]. Please delete any others, and optionally re-upload them once
>> you're confident they are clean"
>>
>> I thought it was flash-plugin and faad2 included in isos. So i removed
>> these two files and re-uploaded the isos, in a staged folder. Again i
>> received same message.
>>
>> Since as they say here they have a new policy now.
>> https://sourceforge.net/blog/category/sitestatus/ [2]
>>
>> So wrote a ticket to them
>>
>> "Hello. Why these iso files are malware or having unwanted software.
>> It is slackel distribution isos. Slackel is based on Slackware and
>> Salix. Slackel joined sourceforge since 2010-11-16
>>   openbox/beta/slackellive64-openbox-6.0.5.iso
>>   openbox/beta/slackellive-openbox-6.0.5.iso
>>
>> What is going on? If you for any reason do not want slackel to exist
>> on sourceforge. It is more honest to tell about clearly.
>>
>> Sincerelly
>>   Dimitris Tzemos
>>   Electrical Engineer graduate of Democritus University of Thrace
>> Greece
>>   Teacher at 1st technical school of Agrinion Greece."
>>
>> What a pity. For openshource projects. Since sourceforge was sold to a
>> new company.
>>
>> So, since sourceforge has this policy. Slackel is dead and it will be
>> developed for personal use only since this was also the reason first
>> created on 2001. I use it since then for my main everyday OS.
>>
>> Dimitris Tzemos
>>
>>
>>
>> Links:
>> ------
>> [1]
>> https://sourceforge.net/p/forge/site-support/new/?summary=Malware%20whitelist%20request%20for%20slackel&description=Specify%20filename,%20virus%20signature,%20and%20other%20details%20here&labels=malware
>> [2] https://sourceforge.net/blog/category/sitestatus/
>>
>> ------------------------------------------------------------------------------
>> Find and fix application performance issues faster with Applications
>> Manager
>> Applications Manager provides deep performance insights into multiple
>> tiers of
>> your business applications. It resolves application problems quickly
>> and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>>
>> _______________________________________________
>> Salix-main mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/salix-main
> ------------------------------------------------------------------------------
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> _______________________________________________
> Salix-main mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/salix-main


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main
Reply | Threaded
Open this post in threaded view
|

Re: [Salix-main] Sourceforge new policy

Dimitris Tzemos-3
In reply to this post by Dimitris Tzemos-3

I received the following message from sourceforge support.

  • status: unread --> fixed
  • Comment:

Hello,

We have fixed the issue with these files being flagged.
I also added your other project "salix" to our whitelist for the following: "password protected".

Thanks,
SourceForge Support


On 25/04/2016 10:04 πμ, Dimitris Tzemos wrote:
Another thing. I am afraid the same will happen for salix isos. Since they include the same software for stable. While slackel include current slackware software.



On 25/04/2016 09:56 πμ, Thorsten M. wrote:
Hi Dimitris,

have a look here:
https://en.wikipedia.org/wiki/SourceForge#Controversies
AFAIK Sourceforge has/had a bad reputation because it has added unwanted
AdWare to installers. According to the new owner these practices should
be completely eleminated now to get a better reputation again. Probably
they also add malware scanning for the same reason and you are just
getting false positives with your Isos.

Thorsten


Am 25.04.2016 08:06 schrieb Dimitris Tzemos:
Hello. I was just want to share with you some thoughts.

Yesterday i uploaded two isos of slackel-openbox on sourceforge
servers.

I was surprised to take in slackel malware page (only developers can
see it) the message below

"Malware Summary

  Listed below are files within the project that have been identified
by our malware scanners as containing potentially malicious or
unwanted software. This summary is only viewable by admins of the
project.

  If you feel there is a legitimate reason for any of these files to
contain known malware signatures, or are otherwise deserving of
consideration for whitelisting, please submit a support ticket here
[1]. Please delete any others, and optionally re-upload them once
you're confident they are clean"

I thought it was flash-plugin and faad2 included in isos. So i removed
these two files and re-uploaded the isos, in a staged folder. Again i
received same message.

Since as they say here they have a new policy now.
https://sourceforge.net/blog/category/sitestatus/ [2]

So wrote a ticket to them

"Hello. Why these iso files are malware or having unwanted software.
It is slackel distribution isos. Slackel is based on Slackware and
Salix. Slackel joined sourceforge since 2010-11-16
  openbox/beta/slackellive64-openbox-6.0.5.iso
  openbox/beta/slackellive-openbox-6.0.5.iso

What is going on? If you for any reason do not want slackel to exist
on sourceforge. It is more honest to tell about clearly.

Sincerelly
  Dimitris Tzemos
  Electrical Engineer graduate of Democritus University of Thrace
Greece
  Teacher at 1st technical school of Agrinion Greece."

What a pity. For openshource projects. Since sourceforge was sold to a
new company.

So, since sourceforge has this policy. Slackel is dead and it will be
developed for personal use only since this was also the reason first
created on 2001. I use it since then for my main everyday OS.

Dimitris Tzemos



Links:
------
[1]
https://sourceforge.net/p/forge/site-support/new/?summary=Malware%20whitelist%20request%20for%20slackel&description=Specify%20filename,%20virus%20signature,%20and%20other%20details%20here&labels=malware
[2] https://sourceforge.net/blog/category/sitestatus/

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications
Manager
Applications Manager provides deep performance insights into multiple
tiers of
your business applications. It resolves application problems quickly
and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z

_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main



------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Salix-main mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/salix-main