Comment Re:Go to the software producer's site (Score 2) 228
People are creatures of habit, and once they learn how to use the download.com ( or some other site like freshmeat.net ) interface, they just return to it out of habit, and the fact that they already know how to search and navigate the site.
Thought here's a small but crucial difference between download.com and freshmeat/whatevertheheckit'snowadays: Download.com hosts stuff, while freshmeat just listed and categorised software, linking to developers. The details on where to get the software are posted by the developer on freshmeat. You get the software exactly where the developer wants you to get the software. A choosy user can then download the source or official binaries or just say "hey, it looks like it's already packaged in my distro".
In open source world, you can see that there's a chain of trust going on: You can be pretty sure that if the developers say that the source or binaries that are hosted somewhere are kosher, then you can trust them. You can be pretty sure that if you go to a major Linux distro and look at the packaged binaries, they were built and vetted by the distro people and in most cases the developer is very much aware that the packages exists in these distros. You trust the developer, you trust the people the developer chooses to trust.
In similar vein, it wouldn't be bad if I knew that the developers had vetted the distribution site. If I see an open source project sticking files in SourceForge, I kind of trust that they trust on SourceForge to do their job properly. You can fully expect VLC folks to come out and say "oops, well, VLC was also listed on Download.com, but we didn't check what they do to the binaries. We didn't even link to them, so in the future, take all unofficial builds with a grain of salt."
It boggles my mind that people keep looking for software from sites that don't necessarily have the developer's trust. I just tried to find Windows 7 drivers for a piece of older hardware, and I was assaulted by a bunch of random megadownload links. Yeah. Right. Manufacturer has changed name, has apparently ended support for the old model, and I'm supposed to download kernel mode stuff from some random megadownload posting which isn't even mentioned by the manufacturer anywhere. Sounds totally legit to me!
It's like Wikipedia: People just trusted everything they read online, and now they're slowly waking up to the realisation that other people just might be posting bullshit and that they need to actually check the sources - and not just in Wikipedia, they need to do that everywhere. People need to be taught to be more critical and not believe everything they see.