Thursday, June 18, 2015
SourceForge is now listed as malicious by Google
If you've been following along in the tech/programming sector, you know we've been seeing some pretty bad stuff come out of SourceForge lately.
According to a Redditor with the handle "arromatic" many popular programs have been taken, packed full of MalWare and then re-listed on SourceForge. Unsuspecting people download the fake version and then their PC turns into a mess.
A lot of Proteomics freeware and opensourceware has been listed on SourceForge, but due to the fact that we're a pretty small subset of the population you'd think we wouldn't be a target, but I've ran into a few odd things when trying to hunt down cool programs.
Sorry if this is a silly blog post but I thought I'd share some tips that we could follow, primarily: Make sure the link makes sense.
For example...if you Google "MSFileReader" the top hit is a weird link ("something something.informer.com?". MSFileReader is a product of Thermo Fisher Scientific. You get it (and virtually all other Thermo software, including Demo versions of proteomics software) at this link: https://thermo.flexnetoperations.com/
This is a piece of software that is popular enough that it can be diverted for nasty reasons. Not to say that link that is a top hit is malicious, but why take that chance?
For OpenSource or FreeWare produced by the great programmers in our field, always go to their website first or to the publication and follow that link exactly. If they posted their software to SourceForge, skip past this red screen on Google. SourceForge itself isn't bad, neither are the programmers that post their work. The con-men taking advantage of good programs are the problem and you can avoid them with just a little extra effort, but its worth it. Cause processing data is a whole lot faster if the PC isn't all crammed full of spyware and malware!