RSS FeedBlogs
RSS FeedSubscribe to this blog
About Author
Simon Phipps

With a focus on open source and digital rights, Simon is a director of the UK's Open Rights Group and president of the Open Source Initiative. He is also managing director of UK consulting firm Meshed Insights Ltd.

Download Hosts Withdrawing

Fewer and fewer services offer open source projects the ability to host downloads of their binaries. Should we be worried?

Article comments
English: A download symbol.

With news this week that GitHub is banning storage of any file over 100Mb and discouraging files larger than 50Mb, their retreat from offering download services is complete. It's not a surprising trend; dealing with downloads is unrewarding and costly. Not only is there a big risk of bad actors using download services to conceal malware downloads for their badware activities, but additionally anyone offering downloads is duty-bound to police them at the behest of the music and movie industries or be treated as a target of their paranoid attacks. Policing for both of these -- for malware and for DMCA violations -- is a costly exercise.

As a consequence we've seen a steady retreat from offering downloads, even by those claiming to serve the open source community. First GitHub bowed out of offering the service, claiming that it was "confusing" for the clients. More recently Google followed suit, bringing Google Code Download services to an end. They stated that “downloads have become a source of abuse, with a significant increase in incidents recently”. Community reactions to this have been mixed.

GitHub didn’t have an alternative plan for it’s users and clearly has no desire to be a full-service community host. Google suggested using its Drive cloud file storage service to host files, though this is clearly far from ideal as, for a start, no analytics are available for downloaders. Small projects are left with a rapidly decreasing number of options. They could pay of course, for S3, but for a free downloader solution SourceForge seem to be the only high-profile answer. SourceForge are doing everything in their power to make it easy for users of Google Code and GitHub to transition across to their service and GitHub have even included a link to SourceForge in their help pages, recommending them as a viable alternative. SourceForge assures us that they have no intention of shutting down their upload/download services at all.

SourceForge providing an alternative is potentially handy for those whose projects would otherwise be held up by this lapse in services and they will no doubt welcome the wave of new users. The issue shouldn’t be coming up at all though. Confusion for and abuse by users may sound like reasonable pretexts, but perhaps the real problem encountered by both the closing services is a somewhat less reasonable one. There’s a growing expectation that they should regulate the downloads, acting the part of police on behalf of copyright holders.

The pressure to behave that way, whether through a desire to preserve a safe harbour status or simply to tread carefully in the eyes of the law, is an unreasonable hack that appears to mend copyright law online but in fact abdicates the responsibility of legislators to properly remake copyright law for the meshed society and over-empowers legacy copyright barons. These changes to downloads are an inconvenience for open source developers, but should serve as a warning to the rest of us that the copyright system is beyond simple patching.

Follow Simon as @webmink on Twitter and Identi.Ca and also on Google+

Enhanced by Zemanta


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
* *