So I've heard some scary things about adware in FileZilla from its official website. Does the copy I would get from apt install filezilla contain adware? Are there any other trusted sftp clients available? I need to be able to link to the sftp client from the browser.
Do you mind sharing the source of these rumours? I do say rumours because a quick search online showed me some not-too-recent articles and reddit threads about this. So while it's entirely possible this is still a problem, it's also possible this has been blown out of proportion as it's commonly the case.
From what I've seen this also seemed to be an issue with the Windows installer, so it's unlikely to be affecting Linux.
Still, avoid installing software from packages downloaded on the web. If your distribution's repositories has the package you are looking for, use that instead. In fact, when downloading from the FileZilla official website it'll tell you exactly this:
Built for Debian 10.0 (Buster) 64bit edition. It is highly recommended to use the package management system of your distribution or to manually compile FileZilla if you are running a different flavour of Linux.
Another thing that you should do when downloading files from the internet it verify the checksums, if they are available. You can find the FileZilla checksums in their website after clicking "Show additional download options".
Although in this case, assuming the project has added this 3rd party software bundle in the installer the checksums would probably checkout. This is only a concern if the packages have been tampered with.
3 Likes
What are the "scary things about adware" that you read, and do you have a link to the page with what you are concerned about?
edit:: zenzen and I posted roughly the same time. The link I am asking for is a link on the FileZilla site...not a page from Reddit. Information on Reddit has the same probability of accuracy as Wikipedia...in my view.
3 Likes
There is a thread dating back to 2017 on their forums. It's not an official statement but one of the site administrators seems to confirm this. But again, emphasize on the Windows installer.
2 Likes
Interesting. I used FileZilla for years on a Win 7 desktop to serve a number of sites I was maintaining at the time; I got out of that about 5 years ago. I never recall getting ads then but perhaps matters have changed.
Searching the FileZilla site they make a mention of using the IP for ads. That is it. So, is the OP issue the ads or the IP? I see a lot of people get hives over their IP and security while at the same time they encrypt nothing they transmit. 
I retired from a line of business that can I just about guarantee folks they have precious little anonymity on the web or their cell phone, despite their best efforts.
I do not like ads in the least but for as functional as FileZilla was for me I probably would have tolerated a few ads. Knowing me, I would have offered to purchase a non-ad key for my copy.
3 Likes
Seconded.
A lot of fuss is made over VPN's as they got marketed for profit, too. It seems paradoxical to me... Users trusting unknown strangers to manage their ports with an easy and simplified GUI application.
Either way, they offer precious little in the way of anonymity.
A person can get a lot of privacy and security within their home network. Past that... and they are walking outside in public for everyone to see.
A general rule of thumb for roaming the net: Behave as though you are being watched.
1 Like
I heard about it on Wikipedia, though the section is outdated. FileZilla - Wikipedia
Not really worried about ads, just the security aspect. So you guys think it's fine to get it from repos?
The outdated warning is hard to miss... and the only source cited has updated their article in that regard years ago. It's also clear that the issue was not with FileZilla itself but with SourceForge, and the way the software was distributed.
I have no reason to believe otherwise.
For the sake of clarity maybe the title of the thread should be updated, just to make sure more people don't jump to rushed conclusions?
2 Likes
Edited title to pose the question asked in the O.P.
3 Likes
Alright thanks guys.
1 Like
nixCraft reported the silent and sudden change to FileZilla's installer for Windows. Most users will probably just download the default Windows installer while new users are unlikely to read some of the small text beneath the large download button. That text simply reads "This installer may include bundled offers", which often translates to "apps with ads" or even just "ads".
So it is the windows installer as far as I can tell from various google searches, however, as with other vendors that have gone this route many techie people boycott companies for such shenanigans.
2 Likes
Yes, it's amazing that companies continue to get away with this, even after so many years of repeating the same patterns over and over again. Using repositories a.k.a.: "app stores" sort of solves this problem which is why they have become so popular even on Windows, a much overdue addition. Still users should be very careful with what they download and install. And also, look for alternatives when companies pull out shady stuff like this.
3 Likes
I miss the old shareware model, where the basic application / game was free and you would purchase the full version for extra levels, dlc, features and support ect
1 Like
As well as always follow up and check on know reputable companies. Because not only can they change, but they silently change hands.
Audacity and Waterfox come to mind... both of which were ruined when bought by Marketing Companies.
1 Like
I was thinking of Piriform, I really liked CCleaner, Recuva, Speccy...
2 Likes
Oh yeah, I remember the wailing and gnashing of teeth when Piriform sold and the new buyers where doing way too much monitoring. I still use the copy of CCleaner that was prior to the selling of the company.
Supposedly, later the new owners stopped the monitoring of their users. No idea if that is true.
2 Likes
Yep, Waterfox was a huge disappointment. When the original owner sold it, he tried to paint a bright picture to all of us complaining but, that did not go over well. I still have an older install on my Win 7 but it has places it will not work. Still using Vivaldi for the most part and will use Firefox when I need geolocation. Vivaldi does not do geolocation, I have heard two stories as to why that is but am unsure which is more accurate...perhaps both are accurate.
3 Likes
I found LibreWolf is a nice replacement for what Waterfox once was.
1 Like
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.