It has been like that for a long time. Many years I believe. There is an option to download clean versions on their website. "Download > Show Additional download options" is the page you are after.
If you check the filename of the windows installer you download from the frontpage the name is FileZilla_Version_Sponsored-setup.exe
The installer available from the link above does not contain the word "Sponsored" and the installer is 2.5 MB smaller.
Additional. Windows Defender tries it best to prevent you from installing the version found on the frontpage due to the adware. It has no issues with the other installer.
We've had to ban the application entirely from our work machines. At least when we went through review, even the "clean" versions packaged things that tripped our antivirus software, and at that point, we as an organization decided to stop trusting the author entirely.
There's quite a lot of forum posts where the author defends this practice, so we don't see this reversing any time soon.
As someone who is happy to pay for good software, I can't ever see myself buying a paid version of something (no matter how good it might be) if the author has a history of using dark patterns and showing their apparent contempt for their users with the "free" edition. I'd be constantly wondering what other traps might be lurking in there.
Right. The fact that you can get around something, or that someone failed to do something to you is not the important thing. What matters far more is the fact that they tried and wanted to.
>If you check the filename of the windows installer you download from the frontpage the name is FileZilla_Version_Sponsored-setup.exe
Damn...that reminds me of the old days of sneaky checkboxes hidden in installers, usually actually hidden, that would be pre-checked confirming your consent to whatever ad/spyware to be installed alongside whatever you wanted to install.
I remember that shit being everywhere for a few years. Got tricked by them once or twice and had a hell of a time cleaning things up after.
Yeah, the one I remember was RealPlayer, which during the install wizard had a list of check boxes. The ones initially visible were unchecked, but if you scrolled you'd find the spam consent ones were checked.
Really depends what you use it for (dual pane SSH file manager/FTP file manager/file manager). You can do this with Nautilus or Fman plus GNOME if you want to, since gvfs abstracts protocols such as FTP, SSH, SMB, ...
On Windows you go such as well, including Fuse/Dokan, and on macOS you got MacFuse. Hence on macOS I use (by default CLI but if that does not cut it) Finder/Fman, and if that doesn't work, Cyberduck. Fman and Cyberduck also work on Windows, on Linux Cyberduck does not work but Fman does. CrossFTP might also work for you, as might Wine.
I'm not sure about all features, such as FXP (which is insecure anyway, and only used in scene).
Is it really a controversial comment? Or are people just tired of hearing the same "but Microsoft does this this and this" everytime something positive comes up?
Are you saying we all should switch away from Microsoft right this instant? If you aren't, then what? Let's boycott windows defender? Make our windows experience even worse? That will show them.
In the start menu you automatically get stubs for apps like Candy crush, Adobe CC, and others. You never requested them but they'll install on first use.
User: Just downloaded filezilla from the "official site". This one and was infected by adware which trashed my browser. WTF. I have trusted filezilla for years this is MOST Disappointing.
Admin: The offer-enabled installer may display third-party offers during installation. Nothing is installed without your prior consent. In case you have accidentally agreed to an offer, you can completely uninstall it from Windows' Add/Remove Programs dialog. If you do not wish to use the offer enabled installer, have a look at the additional download options page.
You already probably imagine that the installer has default-selected checkbox that will install something extra if you don't catch it and deselect it.
But what surprised me was, it actively reacts and tries again if you do catch it.
If you don't stop it, it installs something extra. Straightforward.
But if you DO stop it, it then tries to install a 2nd, different extra unwanted crap. There are 2 things in the installer from the get-go, but it only hits you with the 2nd one if you managed to catch and decline the 1st one.
That's a whole special extra level of actively attempting to trick and decieve. That is crossing a line from at least plausible deniability that it's just a passive annoyance, into activly adversarial behavior against your own users.
Fraud... maybe. It might possibly qualify as an attempt to deceive. I think it would be a very weak case and practically impossible to make that argument.
That dynamic reactive 2nd attempt to trick you, which is only invoked if you caught and declined the first, is materially different from the first attempt, and different from if the installer always presented both extras.
The special difference is just that it exposes the intent which was theoretically deniable otherwise, even if everyone "just knows" what's really going on.
If an installer always proposes an extra, or 2, or 13, then the vendor can claim "I'm just offering this extra that I honestly and sincerely believe the user might be interested in and might benefit from".
We "just know" that's bs, but it's possible and it's hard to disprove purely on the face of it.
You could try by pointing out things like how the outer packaging only said that the contents would be Product not Product+OtherProduct, and how the checkbox for the non-advertized and un-expected extra was pre-selected and visually tiny. But that just doesn't quite add up to proof of anything.
But offering one extra, and then only trying again with another if the user declined the first, THAT exposes that the only intent of the extra was to get the user to take it any way they can manage to do it, and not a sincere "offer" of something the user might have actually voluntarily sought otherwise.
It's not that it's 100x more evil. The norm is already bad, and this is just a little more of the same.
It's that it exposes the true intent in a way that can't be denied.
It also invalidates any arguments based on "the user accepted" something. You'd never actually win in court, but in plain conversational argument, if say the crapware caused some damage, the vendor could't claim that the user voluntarily accepted the risk of damage by voluntarily installing the software. But like I said that's just fantasy academic theory. You'd never actually make that stick in court.
> The offer-enabled installer may display third-party offers during installation. Nothing is installed without your prior consent. In case you have accidentally agreed to an offer, you can completely uninstall it from Windows' Add/Remove Programs dialog.
Except in looking into it further, there was a particular sketchy offer that was being sent called "Search Bundle" that was completely opaque, put what is essentially an APT on the machine, and was not listed in Add/Remove programs.
The other applications (Firefox, Opera, etc) seemed to allow for normal uninstallation, but not that one.
When FileZilla started doing the adware thing years ago, I switched to WinSCP on Windows and never looked back. I was so pissed at FileZilla that I stopped using it on Linux even though their Linux builds didn't have any adware. gFTP is good enough for most servers, and recent versions fixed a lot of long standing bugs. On Mac it's Cyberduck all the way.
In the golden age of FTP there are plenty of great proprietary clients. Of of my mind I can think of (for Windows) FlashFXP, FTPRush, CuteFTP, SmartFTP, and so on.
Transmit is good too, although I really liked the Scheduling function YummyFTP had. It was great for setting a large download to 2AM when the DSL network wasn't overloaded. Wish Transmit would add that feature. I suppose it can be done with Automator but it's not as nice as built in.
It's been a long time ... perhaps 12 or 15 years ... but when I was driving a FreeBSD desktop I would install Konqueror as a file manager and then plug in:
fish://
... addresses and browse SFTP-capable addresses very conveniently.
I have no idea if any of these components (Konqueror ? fish ?) are still in use ?
I thought it was a tremendously convenient workflow and it was nice to not have a different application for file management and SSH file endpoints.
Which leads me to my lament that all these years later you can't just put an sftp:// address into the mac finder. It's an almost comically blatant missing feature.
It still works just as you'd expect in Dolphin (the current KDE file manager), you click in the breadcrumb address bar on top, type in fish:// and the address, and you get a login prompt.
All of the other KIO slaves work as well, certainly SMB/CIFS works great and I use it all the time.
KDE has all these nice convenient little features that just makes everyday tasks a bit easier.
I use dolphin with i3 on arch. It's not nothing (particularly if you install optional deps for features like thumbnailing or search indexing), you have a lot of the foundational modules like kparts and kio required, but it's not like you'll end up installing kdm, kwin, or the desktop apps: https://archlinux.org/packages/extra/x86_64/dolphin/
any chance you know of something comparable for linux? I have tried a half dozen or so in last few months and keep coming back to filezilla, maybe it's because it's familiar, but always like options.
I use this all the time not due to ISP limits but in Australia the 200-400ms latency limits you instead especially as you go over 50Mbit. Mirror command is also great :)
Your file manager probably does FTP. Try enter a [s]FTP[s]:// URL into your location field. Depending on your distro, for gnome or derivatives you might have to install a gvfs plugin package first.
Just to add, you file manager probably does SCP and SFTP too. So, on Linux just launch whatever tool you use to browse and copy files, it will probably work seamlessly.
It's Windows that does nothing out of the box, so people has to go after tools.
Windows does this out of the box, by typing in an ftp:// address into the default explorer file manager address bar. it even saves logins if you want. Windows has done this since Windows 95 /IE4 days. Good to know that Linux has finally joined the fresh tech wave of the 90's and copied that basic useful function.
My little brother once heard Jack and Diane on the radio, and proudly proclaimed that John Cougar Mellencamp has copied Jessica Simpson's "I Think I'm in Love with You." That also was funny.
Last time I compared the two Filezilla was a lot faster on fast connections. Grabbing the same bunch of files from the same server it was as at times literally twice as fast as WinSCP.
The nice thing about FileZilla is that you don't have to qualify which OS you're using. Now it's "Grab WinSCP if you're using Windows, X if Linux, Y if macOS. Now here are 3 separate pages we probably didn't keep up to date on how to connect and download what you need from our servers."
Nah, they had a long runing bug where the client was -significantly- slower at transferring files than filezilla (or plain old CLI). They fixed it a couple years ago though and I'd say now it's easily an equal without all the baggage.
Neither Cyberduck nor WinSCP seem to be able to do parallel transfers as well as FileZilla can, especially over SFTP - i.e. FileZilla is about twice as fast downloading from a server ~300ms away than WinSCP is, and this is on a gigabit connection.
Could as well just use Double Commander, or platform-specific analogs, and have a good file manager for both local files and ftp/ssh. (Though admittedly fewer features might be supported over the net.)
For most of the time, I use KDE's own KIO slaves but, sometimes for long running stuff I want something more advanced. TBH, my remote servers list is taking a lot of space on the left pane. :D
Will take a look to Krusader, didn't check it for a very long time.
Edit: Just checked, it looks a lot like PathFinder (for macOS). Will try it, thanks again.
Agreed, but FZ has built in support for backblaze b2. Anyone have an alternative? Other than cyberduck, the performance was too low to be useful to me.
Ironically, Sourceforge (which many years ago had their own adware-adding program, i.e. otherwise-clean software would be infected if downloaded from SF) has cleaned up their act, started enforcing against adware, and as a result the SF version of FileZilla is clean (or at least was when I last checked).
I was still actively lurking around slashdot when the new guys came in and bought slashdot and sourceforge.
I don't know if any of them are reading, but I think you've done a remarkable job. It saddens me that I don't get to experience your improvements because...ultimately...slashdot and sourceforge just don't turn up on my radar anymore.
The new Sourceforge team has generally done a great job. Here is a review that might help some people.
Pros:
For general project discussion, Sourceforge's traditional discussion forum is far superior to Github/GitLab issues (though I haven't tried Github Discussions beta yet). The forum can be configured for users to be able to post without creating an account (though only as a specific user named "Anonymous", not arbitrary names) which is as important feature when creating software for users who aren't likely to have Github or Sourceforge accounts.
Sourceforge download statistics tracking of releases (including graphing per country and with arbitrary timestamps) is far superior to Github, which doesn't offer even private tracking of download numbers without directly using their API. This is actually a really ridiculous situation.
Cons:
Sourceforge recently added the ability for the project administrator to mark any review as spam, which automatically hides it. This single change has completely ruined the trustworthiness of Sourceforge's reviews, as unscrupulous application authors are able to mark all poor reviews as spam so users only see good reviews. Because of this, I recommend AlternativeTo (http://alternativeto.net/), as they have better review non-interference policy.
Sourceforge's entire website seems to go into maintenance mode for a few minutes every 24 hours, which is frustrating for those in less favorable timezones.
Even after using it for a long time, Sourceforge user-interface and settings/permissions is overly complex, confusing and non-intuitive. I find Github's well designed settings page much easier. Though admittedly Github has its share of UI quirks. New Github users are understandably initially confused by the concept of Pull Requests (which should have been called Merge Requests) and the fork user-interface. As a developer familiar with both tools (and git, PRs etc) I find Github easier to use than Sourceforge, which is saying something.
Many Sourceforge projects tend to have their source code mirrored on a rarely updated Github project, which then gets forked and developed without changes being upstreamed, which causes fragmentation.
Many third-party tools (like CircleCI) tend to target only Github (and to a lesser degree GitLab/Bitbucket) and ignore Sourceforge entirely.
It's too easy for newbie users to download older releases (Github has the same issue unless you create a Github Pages site to highlight the most recent release).
Conclusion:
Sourceforge is actually a reasonable tool to develop open-source software in 2021.
For new projects I would generally suggest sticking with Github and GitLab, but for existing projects on Sourceforge changing hosting to Github may not be required.
The real killer is lack of integration of third-party tools like CircleCI. That's enough to switch to Github. But you will likely miss the excellent download statistics, anonymous support forum and user review system.
I find it interesting that ads are considered acceptable and commonplace in Android and to a slightly lesser extent iOS apps; but on desktop they are seen as almost malware.
To be clear, I also avoid it when I can, and most of the time ad-free or open-source alternatives are available (in this case I have been using WinSCP). I dislike the mobile app ecosystem with its plethora of garbage, privacy invading apps; and I am glad that desktop apps usually aren't like that. But if a program is much better than its alternatives and the ads are not too annoying, I guess I don't mind supporting its development via ads. Being a poor person from a poor country, I couldn't afford purchasing the program or donating to it, so ads sound like one way of supporting a program I like so much (though my ad views are probably worthless for the same reason).
The only adware program I actually have is PotPlayer (the only thing that comes close is KMPlayer, which I used before; but it's originally built by the same developer and added ads even earlier). I think a few other programs I use had adware-bundled installers (e.g. JDownloader, CDisplayEx,...) but I had found adware-free installers. Even in the case of PotPlayer, it doesn't show ads, just an empty window (maybe again because I am in a poor country?) so I blocked the empty "ads" via hosts file. What's the point of annoying myself if that's not even supporting the developer? But if PotPlayer actually showed ads to me; assuming it didn't upload my private data and no comparable open-source/ad-free program emerged, I feel like I should be fine with it rarely showing some ads in the corner.
> I find it interesting that ads are considered acceptable and commonplace in Android and to a slightly lesser extent iOS apps; but on desktop they are seen as almost malware.
Totally different beast. The Android and iOS variety are embedded in the App. On Windows they are almost always a third party application installed separately with it's own uninstaller and granted near admin rights to the machine.
It's the difference between inviting your friend over to your home and him showing up wearing a Nike shirt, or showing up with a dude you've never met who is spinning a sign. He can roam about your house without your knowledge and doesn't leave when your friend does.
Usually Android ads are embedded in the apps. Close the app and the ad goes away. Uninstall the app and you won't see its ads again. Just including ads in an application doesn't make it adware.
Adware infects the whole system, displaying popups and installing unwanted extensions in your web browser that follow you around. If FileZilla wants to include ads in the actual app that's one thing, but that's not what people are taking issue with.
The well was so badly poisoned by malware in the late 90s/early 2000s that anyone who was active in that era has a visceral reaction to the idea of bundled shitware or ads in desktop software.
You haven't lived until you've had to repeatedly clean out forty-five different search toolbars that your clueless relative managed to install alongside Adobe Acrobat...
I suspect there are various reasons why advertising is accepted on mobile platforms and not on desktop operating systems.
One could simply be a difference in the user base. I am fairly certain those who object to advertising on desktop operating systems also object to it on mobile platforms, but there is a large number of people who use mobile devices who rarely use traditional computers.
Another difference is intended use. Mobile devices are largely intended for media consumption, much as televisions, broadcast radio receivers, and newspapers/magazines. These are markets where advertising has been accepted for decades. Traditional computers are more likely to be used for productivity, where advertising has never been widely accepted.
There is also the nature of the software itself. Software on mobile devices have a lower perceived value since it offers less value (at least in terms of features). The publishers of the software desire some means of generating revenue, so consumers have not been left with much of an option.
One reason I’m opposed to adware on desktop is because it often leaks into the entire computer. If I install FileZilla and is has ads only in the application, I would probably consider that acceptable.
But instead, ads show up in my web browser, pop up from the systray, add themselves as shortcuts in my file manager, etc. It’s the definition of malware.
I use iOS which is mostly immune to this, but I know showing notification ads on Android while the app is closed is met with the same amount of criticism.
How are notification ads even a thing? Showing ads whilst I am trying to use the app is bad enough (particularly these full-screen ones that you can dismiss if you tap the tiny black cross on a grey background that shows up after 10 seconds), but actually interrupting me with a notification when I’m doing something entirely unrelated is a whole other level. I’m glad I never came across one of those.
> One reason I’m opposed to adware on desktop is because it often leaks into the entire computer.
That's a valid point.
> I know showing notification ads on Android while the app is closed is met with the same amount of criticism.
Is that even a thing these days? I seem to recall Google making changes to the notification system a few releases back that should have addressed that. Then again, I usually stick to apps distributed via F-Droid so I don't know what the typical user has to deal with.
This isn't an image display ad; it's straight up browser-hijacker malware, new search tab replacement, URLs-you-enter redirector, entering your bank URL might not go to your bank type of shit.
To be clear, I don't consider ads "acceptable" on my phone, either. If I download an application and there are ads, there's a high likelihood I'll either block the ads or - if that proves impossible - I'll uninstall the app entirely.
For clarification, FileZilla itself does not appear contain adware nor has it switched to ads within the app from my analysis. The main download page for Windows installers contains a bundleware offer within the installer as you install (this offer may currently be offline). The installer filename contains the string _sponsored_. If you click through to the show additional download options, you can get all the installers without bundleware for all OSes.
Wow. I recall when this first happened because of SourceForge being sold to shady people who decided to put ad/malware loaders around the installers of all the exes hosted there (like FileZilla). But that was the early/mid-2000s. It's hard to believe it is being allowed to happen again in modern times.
SourceForge was a huge blunder. They were so close to being Github, but they opted to to squeeze out every last dollar, instead. ExpertsExchanges and AIM are similar--products that could have been medium-large opportunities today, but business and product choices that left an opening for a competitor.
That said, I'm not convinced SourceForce could have actually been Github because it didn't have the culture, the brand was mispositioned, and it's hard to to be Github without lots of VC.
It really amazes me that people keeps using FileZilla or dedicated ftp graphical clients in general. Linux and Windows has built-in graphical clients in file managers, and I don't recall if MacOS Finder has the same.
It sure does, Finder can easily connect to FTP and other network shares with Finder -> Go -> Connect to Server.
Reasons I can think for dedicated graphical clients is the transfer log and the additional controls when connecting to servers. I agree that it's not really necessary unless you have very specific requirements, I guess.
It's not really comparable. The default side-by-side view most of FTP graphical client use is ciritial and almost essential for any semi-serious use with FTP that is beyond just copying a few files.
I do agree that most of people only use FTP for that, so I guess it's sufficient for average user. Protocol support would still be an issue though.
The FTP support in Windows and MacOS has always been terrible.
Windows used to do it through Internet Explorer, and it was very easy to screw up your whole desktop session as soon as there was anything slightly wrong with an FTP connection. It also did not support ftps or sftp, and often would not handle write permissions properly. I’ve not checked recently but if i remember correctly, years ago there were reports that Microsoft would (rightly) remove support at some point (ftp is just a bad and insecure protocol in 2021).
MacOS Finder afaik never had write-permission support for ftp, and overall the experience was similarly poor. I used to run Cyberduck or Transmit if forced to use FTP.
Linux desktops did include decent support for FTP, particularly in KDE Konqueror which had a great plugin architecture; I expect they still do. FileZilla was never popular on Linux anyway.
Last time I used the built-in FTP client in Windows Explorer it was an awful experience (think it was Windows XP). It also does not support SFTP or SCP.
Then you aren't thinking too hard. Most of these GUIs have advanced features that can be quite useful as well as making it easy to set up sites that you would like to keep but don't want to have to remember the entire address of (aka a sites list). So they definitely have their uses if you aren't just a casual ftp/sftp user.
You can keep a list of different FTP connections in FileZilla and easily connect to one or the other. That's why I keep using it (although less and less these past few years as FTP isn't really a thing anymore).
The site manager of a dedicated FTP client can do more than just save an address.
It can save multiple accounts within the same site, have different IPs and auto rotate, have different profiles about speed limit, thread limit, listing method, encodings, default folder to open on both sides, to name a few.
The Finder is a bit rubbish though, for FTP. It never quite works like it should and likes to hang the Finder, if not the whole device, quite frequently. Transmit is brilliant, though.
I occasionally use this software through Debian's package for it, which of course doesn't contain the adware. But the strategy employed here does leave me with a bit of a sour taste and a desire to stop using the software altogether.
I use FileZilla on Linux because the file manager integrated ftp clients were not very good, and did not save connections etc. Just less of a PITA. I see I should try gftp or another alternative though.
this is the result of parasitic capitalism. i have no doubts that a dev who contributed so strongly to the opensource ecosystem for such a long time specifically wants to be in this situation. you wouldn't, i don't, they probably don't.
how else are we supposed to support our families and the community? there's no other source of revenue or support for a freelance programmer in caretaker mode for a mature and stable codebase. donations don't cut it, obviously.
Open Source is not a business model, it is a development methodology — and that development methodology invites modifications by users under a license which upholds a set of conditions friendly to such modifications (spelled out in OSI's Open Source Definition).
Nobody has to write software that abuses its users with freakin' adware, proprietary or open source — and any creator who does so should be shunned. All the more so if they simultaneously abuse us and invite open source collaboration. This isn't starving people being driven to steal food.
Minor correction, I think you meant "I have doubts..." not "I have no doubts" (or you meant to double negative it later with "I have no doubt that... would not want...")
Get a different job? It may not have anything to do with FileZilla but no software developer with a successful open source project on their resume is forced to use adware. I'd understand if they were unable to work for whatever reason, but FileZilla development looks too active for that.
The issue with that is so much of the software industry is propped up by advertising. There is nowhere to go without being involved with ads, so why fight it?
Towards the end of the shareware era this became more and more common. I have to wonder how much money this must be bringing in for the Filezilla project for them to just be so blasé about it. I
Can someone explain this to me in layman's terms?
The link from a Twitter reply[0] shows about 14 malware items contained in the installer. Do these get invisibly installed onto your computer? Is there some way to detect them after the fact and remove them?
Since I was worried, I checked my most recent FileZilla FTP Client installation file, and it seems clear[1].
As others have pointed out, FileZilla has been caught doing shady stuff for a while now. Antivirus doesn’t pick up on everything; furthermore, just because it’s clean today doesn’t mean it will be tomorrow, and FileZilla’s actions have demonstrated that they’re not above shipping malware. There are better, free tools out there that don’t have this issue. FileZilla fell behind the competition well over a decade ago; you should look into finding a new tool that meets your needs. WinSCP is a popular option.
Yes - this doesn't really answer my question. Another comment mentions the dark patterns trying to get you to install things you don't want in the process. That kind of thing is annoying but manageable. Quietly installing malware is a whole different animal, so I'm trying to get an explanation of if that's what's happening with the bad installation file above.
(And yes given this thread, I've already downloaded WinSCP to use going forward, though I haven't installed it / used it yet.)
You've got SFTP and rsync. There's no need for these kind of stuff if you're on Linux. Some DEs file manager are giving you the option to mount SFTP servers
As someone that's spent multiple decades living on the command line for almost all my file management... sometimes I still open the GNOME file manager because a GUI makes a select few tasks simpler.
It's all about the right tool for the job. Some people are more comfortable with a GUI for the majority of file management tasks, some people are more comfortable with the CLI for the majority of file management tasks. It's just a bit silly to be a zealot and put yourself through a lot of pain if one of these isn't optimal for whatever you're trying to do.
-I've noticed the overall experience of downloading and installing on a lot of "classic" windows apps making installing a little dicier- ads are served on the download page, and look like official install links, and installers themselves have issues like the above.
-App store is one way I supposed - it's a way to cryptographically sign things but with an element of control delegated to the central computer vendor; which is unpalatable to a lot of the open source/free computing crowd
-The one thought that came to me - is blockchain tech - i.e. Blockchain Chicken Farm, NFTs, etc a parallel development to address this sort of thing? The parallel seems to mirror Jennifer 8. Lee's book on the rise of General Tso's Chicken (open source) vs. McDonald's Chicken McNuggets (corporate), vs. the old ESR essay re "The Cathedral vs. the Bazaar" model of Microsoft vs. Linux development?
As I remember it, ads/malware trying to look like install (or download) links have been common for the last 10 years - to the point of training me to ignore any image that has the word "Download" in it. Choco helps work around much of that.
It's more concerning to have official installers contain adware/malware though.
While I liked and used FileZilla just several months ago, I discovered that most Linux distributions come with ftp and sftp programs, and it's very easy to use them, easy as navigating your system through command line.
With sftp you connect with "sftp -P [port] [ip address]", and navigation is very intuitive.
cd changes directory on server, lcd changes directory on local machine
Same with ls/lls (first lists directory on server, latter on local machine).
get downloads files, put uploads them, add -r option for folders, and that's pretty much it. exit for exit of course lol
Any idea what kind of revenue this potentially brings in, assuming this is the rationale begins this decision? In contrast to tarnishing the Filezilla name (albeit this could mostly be controversial in the hn crowd)
Around $0.01 per active user per year from open source donations. Many factors: depends on the type of open source (infra vs user-facing) and the technical ability and geographic location of your users.
PPI malware seems to go for around $0.40/install [0]
I usually got it from brew cask, not sure which "version" it downloaded - never saw any ads in it, myself but either way - I'd rather just not deal with a scummy project anymore.
Interestingly the applications are free to collect any personal data as they are not included in GDPR.
When I requested from one company to let me export my data from the application in a human readable format or to at least send documentation of their file format, so that I can port my data to another application, they refused saying that GDPR only applies to online apps.
It's possible that companies will be moving their online apps to electron or native phone apps to bypass GDPR.
IANAL but I have worked on GDPR compliance and I’m not sure how that will fly if they are phoning home. Of course the EU regulators probably won’t have bandwidth to chase these minnows but worth reporting in any case.
I think in OP case the app is not phoning home. The data are still in his pc, but he would like to export it in another format. I don't think GDPR applies here, but I am not an expert.
It's a little tricky to infer the specifics, but adware that collects personal data would be non-sensical if it doesn't phone home. In fact the whole idea of "collecting data" implies it is being sent to storage under control of the collecting entity. I think this is pretty clear cut under GDPR and there's no bypassing it based on the technicality of web app vs native app—I believe regulators learned their lesson about tight coupling to specific technical implementions with the earlier cookie laws.
On the other hand, you could be write that OP is just talking about data portability in which case there is "data collection", just lack of an export feature.
As has already been said, this is not news, nor is it a change, it is not news. It is not even something, that can be reprehensible to the people who maintain the Filezilla project. Funny to see people who have been using the software for half their lives, criticizing this. This can only surprise someone who installed filezilla for the first time, or had not installed it for half a lifetime..
Some of the software the adware installer requires an opt out to not install can be harmful or hard to remove, like the "Search Offer powered by Bing" in the article linked elsewhere in this site. Even the free AVs will often start you as a trial for the paid version or have incredibly easy ways to convert your install to such a trial and nag the user to pay up once the trial expires, arguably reducing their computer security.
I know HN has a strong libertarian bent, and uou could argue this is a free market, buyer beware situation, but in that case, wouldn't the criticism posted be part of that and how buyers know that they should beware?
So the people who dont know better pay for stuff they dont need? Sounds like literally everything else. Most people who buys cars dont know anything about cars and thus they likely overpay.
This sucks but its in fact a "free market" thing.
All the infos about cars are easily available. It chances nothing, most buyers of car simply dont care enough to get fundamental knowledge about cars. If you would value the time it takes for an average car buyer to get fundamental knowledge it would cost way more than what they overpay so unless you already have above average knowledge it makes no sense to dig into it. You are better off asking someone who has the knowledge and no incentive to fool you aka a friend not the sale person.
https://filezilla-project.org/download.php?show_all=1
If you check the filename of the windows installer you download from the frontpage the name is FileZilla_Version_Sponsored-setup.exe
The installer available from the link above does not contain the word "Sponsored" and the installer is 2.5 MB smaller.
Additional. Windows Defender tries it best to prevent you from installing the version found on the frontpage due to the adware. It has no issues with the other installer.