On Thu, Oct 10, 2013 at 8:30 PM, Michael Schumacher <schum...@gmx.de> wrote:
>> Gesendet: Donnerstag, 10. Oktober 2013 um 08:10 Uhr
>> Von: "Ean Schuessler" <e...@brainfood.com>
>> My girlfriend downloaded the GIMP windows build referenced off the GIMP.org
>> website and it seems to have a Malware/Adware package called "Sweetpacks"
>> bundled with it.
> We found that some people get confused by the ads on the Sourceforge site and
> click on them instead of wainting for the real downloads. It has become a
> common practice by malwertizers to emulate those big green download arrows to
> lure in visitors. This is why ad blockers are no longer an optional add-on,
> but mandatory.
This being said, if this is really what happens, that's still bad. I
indeed remember a previous bugzilla report (and maybe even some email
discussions), where someone was complaining about what I think was the
And as I said on this ticket, I think we should consider backing off
from Sourceforge for any official release of GIMP. Sourceforge is one
of the first big forge for Free Software, and I am thankful for its
history, but it has become clear that it is now a center of completely
unfiltered over-advertising and phishing. If I go on any Sourceforge
page, I have more blinking ads than actual project text.
And the "wait 5 seconds while looking to our ads before download" is
completely unacceptable too in my opinion.
Also the disclaimer that the Windows build is half true in my opinion.
As the user says, we are still linking it from our main download page,
and we are clearly taking the Windows platform more seriously. Jernej
is a GIMP committer, and his installer is in the gimp-2-8 branch, we
fix bugs for Windows now, and if someone uses Jernej's build, we don't
say "sorry, that's not official". So somehow, it is official, in my
>> I realize that the Windows version of GIMP is linked with a "hey, this isn't
>> us" kind of disclaimer but the fact that GIMP.org links to it gives the
>> sense that its contents are trustworthy or, at least, not hostile.
> As said above, please try to verify whether this was the actual installer, or
> one offered via one of the ads.
> We have agreed to move the installers to the gnome ftp servers to get rid of
> this problem.
Good, that's what I was going to propose, as I already did in the
bugzilla report. :-)
> GPG: 96A8 B38A 728A 577D 724D 60E5 F855 53EC B36D 4CDD
> gimp-user-list mailing list
> List address: email@example.com
> List membership: https://mail.gnome.org/mailman/listinfo/gimp-user-list
gimp-user-list mailing list
List address: firstname.lastname@example.org
List membership: https://mail.gnome.org/mailman/listinfo/gimp-user-list