If you check the filename of the windows installer you download from the frontpage the name is FileZilla_Version_Sponsored-setup.exe
The installer available from the link above does not contain the word "Sponsored" and the installer is 2.5 MB smaller.
Additional. Windows Defender tries it best to prevent you from installing the version found on the frontpage due to the adware. It has no issues with the other installer.
There's quite a lot of forum posts where the author defends this practice, so we don't see this reversing any time soon.
Remove the adware, replace the logo, sell commercial licenses.
Damn...that reminds me of the old days of sneaky checkboxes hidden in installers, usually actually hidden, that would be pre-checked confirming your consent to whatever ad/spyware to be installed alongside whatever you wanted to install.
I remember that shit being everywhere for a few years. Got tricked by them once or twice and had a hell of a time cleaning things up after.
On Windows you go such as well, including Fuse/Dokan, and on macOS you got MacFuse. Hence on macOS I use (by default CLI but if that does not cut it) Finder/Fman, and if that doesn't work, Cyberduck. Fman and Cyberduck also work on Windows, on Linux Cyberduck does not work but Fman does. CrossFTP might also work for you, as might Wine.
I'm not sure about all features, such as FXP (which is insecure anyway, and only used in scene).
...as if Windows (10) itself didn't contain any. More than 2.5MB of it, no doubt! How ironic to see the pot calling the kettle black.
Edit: if you don't believe me, search around here and elsewhere for "Windows 10 adware". I'm surprised that this is even a controversial comment.
Are you saying we all should switch away from Microsoft right this instant? If you aren't, then what? Let's boycott windows defender? Make our windows experience even worse? That will show them.
An article from 2018...
A question about it on their forum from over 4 years ago
FileZilla now contains adware...
it always did, but it does now, too.
User: Just downloaded filezilla from the "official site". This one and was infected by adware which trashed my browser. WTF. I have trusted filezilla for years this is MOST Disappointing.
Admin: The offer-enabled installer may display third-party offers during installation. Nothing is installed without your prior consent. In case you have accidentally agreed to an offer, you can completely uninstall it from Windows' Add/Remove Programs dialog. If you do not wish to use the offer enabled installer, have a look at the additional download options page.
You already probably imagine that the installer has default-selected checkbox that will install something extra if you don't catch it and deselect it.
But what surprised me was, it actively reacts and tries again if you do catch it.
If you don't stop it, it installs something extra. Straightforward.
But if you DO stop it, it then tries to install a 2nd, different extra unwanted crap. There are 2 things in the installer from the get-go, but it only hits you with the 2nd one if you managed to catch and decline the 1st one.
That's a whole special extra level of actively attempting to trick and decieve. That is crossing a line from at least plausible deniability that it's just a passive annoyance, into activly adversarial behavior against your own users.
Fraud... maybe. It might possibly qualify as an attempt to deceive. I think it would be a very weak case and practically impossible to make that argument.
That dynamic reactive 2nd attempt to trick you, which is only invoked if you caught and declined the first, is materially different from the first attempt, and different from if the installer always presented both extras.
The special difference is just that it exposes the intent which was theoretically deniable otherwise, even if everyone "just knows" what's really going on.
If an installer always proposes an extra, or 2, or 13, then the vendor can claim "I'm just offering this extra that I honestly and sincerely believe the user might be interested in and might benefit from".
We "just know" that's bs, but it's possible and it's hard to disprove purely on the face of it.
You could try by pointing out things like how the outer packaging only said that the contents would be Product not Product+OtherProduct, and how the checkbox for the non-advertized and un-expected extra was pre-selected and visually tiny. But that just doesn't quite add up to proof of anything.
But offering one extra, and then only trying again with another if the user declined the first, THAT exposes that the only intent of the extra was to get the user to take it any way they can manage to do it, and not a sincere "offer" of something the user might have actually voluntarily sought otherwise.
It's not that it's 100x more evil. The norm is already bad, and this is just a little more of the same.
It's that it exposes the true intent in a way that can't be denied.
It also invalidates any arguments based on "the user accepted" something. You'd never actually win in court, but in plain conversational argument, if say the crapware caused some damage, the vendor could't claim that the user voluntarily accepted the risk of damage by voluntarily installing the software. But like I said that's just fantasy academic theory. You'd never actually make that stick in court.
I had believed that only a government prosecutor in the United States could "file criminal charges." Do you know how this works?
You start here: 
Except in looking into it further, there was a particular sketchy offer that was being sent called "Search Bundle" that was completely opaque, put what is essentially an APT on the machine, and was not listed in Add/Remove programs.
The other applications (Firefox, Opera, etc) seemed to allow for normal uninstallation, but not that one.
... addresses and browse SFTP-capable addresses very conveniently.
I have no idea if any of these components (Konqueror ? fish ?) are still in use ?
I thought it was a tremendously convenient workflow and it was nice to not have a different application for file management and SSH file endpoints.
Which leads me to my lament that all these years later you can't just put an sftp:// address into the mac finder. It's an almost comically blatant missing feature.
All of the other KIO slaves work as well, certainly SMB/CIFS works great and I use it all the time.
KDE has all these nice convenient little features that just makes everyday tasks a bit easier.
That is, if I am using a different window manager such as ion3...
One of the most valuable features is its ability to download a single file over multiple connections
pget -n 4 your.file.tar.gz
It's Windows that does nothing out of the box, so people has to go after tools.
My little brother once heard Jack and Diane on the radio, and proudly proclaimed that John Cougar Mellencamp has copied Jessica Simpson's "I Think I'm in Love with You." That also was funny.
I don't think anyone has said that Linux didn't do this in the 90s too, e.g. KDE supports this since KDE2, released in the year 2000: https://en.wikipedia.org/wiki/K_Desktop_Environment_2
In pretty much its current transparent form, though more protocols have been added since.
Not sure what CDE supported, which I think was the big pre-Gnome/KDE UI.
For macOS, I'm spoiled with Forklift, which does a lot of things out of the box, sufficiently.
Also there's Krusader (KDE/Qt - https://krusader.org/ ) if you want something with two panes.
Will take a look to Krusader, didn't check it for a very long time.
Edit: Just checked, it looks a lot like PathFinder (for macOS). Will try it, thanks again.
Ironically, Sourceforge (which many years ago had their own adware-adding program, i.e. otherwise-clean software would be infected if downloaded from SF) has cleaned up their act, started enforcing against adware, and as a result the SF version of FileZilla is clean (or at least was when I last checked).
I don't know if any of them are reading, but I think you've done a remarkable job. It saddens me that I don't get to experience your improvements because...ultimately...slashdot and sourceforge just don't turn up on my radar anymore.
Nevertheless, I'd like to thank you guys!
For general project discussion, Sourceforge's traditional discussion forum is far superior to Github/GitLab issues (though I haven't tried Github Discussions beta yet). The forum can be configured for users to be able to post without creating an account (though only as a specific user named "Anonymous", not arbitrary names) which is as important feature when creating software for users who aren't likely to have Github or Sourceforge accounts.
Sourceforge download statistics tracking of releases (including graphing per country and with arbitrary timestamps) is far superior to Github, which doesn't offer even private tracking of download numbers without directly using their API. This is actually a really ridiculous situation.
Sourceforge recently added the ability for the project administrator to mark any review as spam, which automatically hides it. This single change has completely ruined the trustworthiness of Sourceforge's reviews, as unscrupulous application authors are able to mark all poor reviews as spam so users only see good reviews. Because of this, I recommend AlternativeTo (http://alternativeto.net/), as they have better review non-interference policy.
Sourceforge's entire website seems to go into maintenance mode for a few minutes every 24 hours, which is frustrating for those in less favorable timezones.
Even after using it for a long time, Sourceforge user-interface and settings/permissions is overly complex, confusing and non-intuitive. I find Github's well designed settings page much easier. Though admittedly Github has its share of UI quirks. New Github users are understandably initially confused by the concept of Pull Requests (which should have been called Merge Requests) and the fork user-interface. As a developer familiar with both tools (and git, PRs etc) I find Github easier to use than Sourceforge, which is saying something.
Many Sourceforge projects tend to have their source code mirrored on a rarely updated Github project, which then gets forked and developed without changes being upstreamed, which causes fragmentation.
Many third-party tools (like CircleCI) tend to target only Github (and to a lesser degree GitLab/Bitbucket) and ignore Sourceforge entirely.
It's too easy for newbie users to download older releases (Github has the same issue unless you create a Github Pages site to highlight the most recent release).
Sourceforge is actually a reasonable tool to develop open-source software in 2021.
For new projects I would generally suggest sticking with Github and GitLab, but for existing projects on Sourceforge changing hosting to Github may not be required.
The real killer is lack of integration of third-party tools like CircleCI. That's enough to switch to Github. But you will likely miss the excellent download statistics, anonymous support forum and user review system.
It's probably too late for them to gain back meaningful market share given how popular github has become, but credit where credit is due.
To be clear, I also avoid it when I can, and most of the time ad-free or open-source alternatives are available (in this case I have been using WinSCP). I dislike the mobile app ecosystem with its plethora of garbage, privacy invading apps; and I am glad that desktop apps usually aren't like that. But if a program is much better than its alternatives and the ads are not too annoying, I guess I don't mind supporting its development via ads. Being a poor person from a poor country, I couldn't afford purchasing the program or donating to it, so ads sound like one way of supporting a program I like so much (though my ad views are probably worthless for the same reason).
The only adware program I actually have is PotPlayer (the only thing that comes close is KMPlayer, which I used before; but it's originally built by the same developer and added ads even earlier). I think a few other programs I use had adware-bundled installers (e.g. JDownloader, CDisplayEx,...) but I had found adware-free installers. Even in the case of PotPlayer, it doesn't show ads, just an empty window (maybe again because I am in a poor country?) so I blocked the empty "ads" via hosts file. What's the point of annoying myself if that's not even supporting the developer? But if PotPlayer actually showed ads to me; assuming it didn't upload my private data and no comparable open-source/ad-free program emerged, I feel like I should be fine with it rarely showing some ads in the corner.
Totally different beast. The Android and iOS variety are embedded in the App. On Windows they are almost always a third party application installed separately with it's own uninstaller and granted near admin rights to the machine.
It's the difference between inviting your friend over to your home and him showing up wearing a Nike shirt, or showing up with a dude you've never met who is spinning a sign. He can roam about your house without your knowledge and doesn't leave when your friend does.
Adware infects the whole system, displaying popups and installing unwanted extensions in your web browser that follow you around. If FileZilla wants to include ads in the actual app that's one thing, but that's not what people are taking issue with.
You haven't lived until you've had to repeatedly clean out forty-five different search toolbars that your clueless relative managed to install alongside Adobe Acrobat...
One could simply be a difference in the user base. I am fairly certain those who object to advertising on desktop operating systems also object to it on mobile platforms, but there is a large number of people who use mobile devices who rarely use traditional computers.
Another difference is intended use. Mobile devices are largely intended for media consumption, much as televisions, broadcast radio receivers, and newspapers/magazines. These are markets where advertising has been accepted for decades. Traditional computers are more likely to be used for productivity, where advertising has never been widely accepted.
There is also the nature of the software itself. Software on mobile devices have a lower perceived value since it offers less value (at least in terms of features). The publishers of the software desire some means of generating revenue, so consumers have not been left with much of an option.
But instead, ads show up in my web browser, pop up from the systray, add themselves as shortcuts in my file manager, etc. It’s the definition of malware.
I use iOS which is mostly immune to this, but I know showing notification ads on Android while the app is closed is met with the same amount of criticism.
That's a valid point.
> I know showing notification ads on Android while the app is closed is met with the same amount of criticism.
Is that even a thing these days? I seem to recall Google making changes to the notification system a few releases back that should have addressed that. Then again, I usually stick to apps distributed via F-Droid so I don't know what the typical user has to deal with.
Unremovable and hidden also.
That said, I'm not convinced SourceForce could have actually been Github because it didn't have the culture, the brand was mispositioned, and it's hard to to be Github without lots of VC.
Reasons I can think for dedicated graphical clients is the transfer log and the additional controls when connecting to servers. I agree that it's not really necessary unless you have very specific requirements, I guess.
I do agree that most of people only use FTP for that, so I guess it's sufficient for average user. Protocol support would still be an issue though.
Windows used to do it through Internet Explorer, and it was very easy to screw up your whole desktop session as soon as there was anything slightly wrong with an FTP connection. It also did not support ftps or sftp, and often would not handle write permissions properly. I’ve not checked recently but if i remember correctly, years ago there were reports that Microsoft would (rightly) remove support at some point (ftp is just a bad and insecure protocol in 2021).
MacOS Finder afaik never had write-permission support for ftp, and overall the experience was similarly poor. I used to run Cyberduck or Transmit if forced to use FTP.
Linux desktops did include decent support for FTP, particularly in KDE Konqueror which had a great plugin architecture; I expect they still do. FileZilla was never popular on Linux anyway.
It can save multiple accounts within the same site, have different IPs and auto rotate, have different profiles about speed limit, thread limit, listing method, encodings, default folder to open on both sides, to name a few.
Cyber duck for me !
People still say Linux DEs aren't user friendly but IMO they're much more so than other OSes largely because other OSes have a moat to protect.
this is the result of parasitic capitalism. i have no doubts that a dev who contributed so strongly to the opensource ecosystem for such a long time specifically wants to be in this situation. you wouldn't, i don't, they probably don't.
how else are we supposed to support our families and the community? there's no other source of revenue or support for a freelance programmer in caretaker mode for a mature and stable codebase. donations don't cut it, obviously.
Nobody has to write software that abuses its users with freakin' adware, proprietary or open source — and any creator who does so should be shunned. All the more so if they simultaneously abuse us and invite open source collaboration. This isn't starving people being driven to steal food.
Since I was worried, I checked my most recent FileZilla FTP Client installation file, and it seems clear.
(And yes given this thread, I've already downloaded WinSCP to use going forward, though I haven't installed it / used it yet.)
1. Open Dolphin (file manager)
2. Right click in the Places section on the left to add entry
3. Type `fish://<the-address>`
4. Click OK
It's all about the right tool for the job. Some people are more comfortable with a GUI for the majority of file management tasks, some people are more comfortable with the CLI for the majority of file management tasks. It's just a bit silly to be a zealot and put yourself through a lot of pain if one of these isn't optimal for whatever you're trying to do.
-I've noticed the overall experience of downloading and installing on a lot of "classic" windows apps making installing a little dicier- ads are served on the download page, and look like official install links, and installers themselves have issues like the above.
-App store is one way I supposed - it's a way to cryptographically sign things but with an element of control delegated to the central computer vendor; which is unpalatable to a lot of the open source/free computing crowd
-The one thought that came to me - is blockchain tech - i.e. Blockchain Chicken Farm, NFTs, etc a parallel development to address this sort of thing? The parallel seems to mirror Jennifer 8. Lee's book on the rise of General Tso's Chicken (open source) vs. McDonald's Chicken McNuggets (corporate), vs. the old ESR essay re "The Cathedral vs. the Bazaar" model of Microsoft vs. Linux development?
It's more concerning to have official installers contain adware/malware though.
With sftp you connect with "sftp -P [port] [ip address]", and navigation is very intuitive.
cd changes directory on server, lcd changes directory on local machine
Same with ls/lls (first lists directory on server, latter on local machine).
get downloads files, put uploads them, add -r option for folders, and that's pretty much it. exit for exit of course lol
They have saved me so much headache not dealing with such bundled adware / malware.
PPI malware seems to go for around $0.40/install 
I also remember running Serv-U FTP Server 2.5 on a dial-up modem back in the AOL/NetZero days. Good times.
The solution? WinSCP. Filezilla has been rubbish for years!
On the other hand, you could be write that OP is just talking about data portability in which case there is "data collection", just lack of an export feature.
I know HN has a strong libertarian bent, and uou could argue this is a free market, buyer beware situation, but in that case, wouldn't the criticism posted be part of that and how buyers know that they should beware?
1. easy entrance/exit to the market,
2. many buyers and sellers, and
3. perfect information availability.
If the players don't have good information, it is at best a severely degraded free market.