Slashdot Mirror

Filezilla uploads and downloads files from and to your web site.

Notepad++ is used for fundamental work, like programming and checking the validity of HTML and organizing HTML web pages. (See the Tidy2 plugin.)

See the list of Notepad++ plugins.

I guess there's still hope for FileZilla Server to eventually get SFTP support before I die. It's quite astonishing that this "obvious" feature of file transfer server software hasn't been implemented yet (despite the FileZilla Client having had SFTP support for years). I mean, it's "only" been 13 years since the feature was originally requested - easily beating the master password encryption feature request by a full 3 years. And, yep, someone recently suggested closing the SFTP feature request because Tim Kosse has done nothing about it for well over a decade :-(

Where are you getting your FileZilla from to have adware? Neither my Mac or Linux system's versions show ads, and I'm getting it from here: https://filezilla-project.org/. Maybe it's just a Window$ thing?

Try using the Gimp, it is very easy to communicate directly with he developers - and you don't even need a Microsoft O/S, as it works fine on Linux!

CorelDRAW is not a paint program.

Besides, while a lot of free software is amazing, FLOSS can certainly have its own issues. I've heard it said, "if ever you are unsatisfied with the software, please feel free to return it for a full refund of the purchase price." That's a nice way of saying that if you don't like the software, you really have no recourse or even a right to complain, because you paid nothing for it.

If you ever want to be disabused of the notion that free software is always more responsive to it's users, then just read this thread. It's ten pages of users begging for a workaround to a problem they're having, and the developer essentially telling them to piss off.

I'm not picking on free software. After all, my first two examples were of commercial software. I'm just saying that it's prone to the same shitty customer service, although I suspect it may be often for different reasons.

Indeed. Comment 31 aka Codesquid's Bridge is truly awesome:

No, the engineer really did exist in another world. Not only was he incapable of understanding that a bridge costs more than a car or a truck, he didn't even understand that many people do not own the bridges they drive over. He even thought that customers would prefer his truck because it couldn't drive over this particular bridge.

It's one step better than that - this page distributes malware-loaded Filezilla installers - https://filezilla-project.org/...

So it's not at all unreasonable to think that Filezilla is 100% to blame here, for both the unencrypted password file and for the malware infection.

Apparently, there's a bug in Microsoft's IIS server that causes corruption when attempting to resume large downloads. FileZilla does not take this into account, and as a result, the download is corrupted. Clearly, this is Microsoft's fault, but the situation is that there are many buggy IIS servers out there, and Filezilla, by not having a workaround for this (other FTP clients do have a workaround), ends up corrupting the download. After looking at this ticket, it shows that the developer clearly does not live in the real world.

Personally, this issue hasn't affected me, but the exchange I linked to tells me a lot about the attitude of the developer. I only even discovered this issue when reading about FileZilla.

So is this fork going to address this issue?

https://filezilla-project.org/...

It may depend on what OS you're using right now. On this Mac I am seeing no link to SourceForge here: https://filezilla-project.org/... . I've checked on Windows as well but not Linux. You can always download it from SourceForge as we do not allow FileZilla to bundle anymore: https://sourceforge.net/projec...

That asshole (botg) understands it just fine. He's just doing what every sellout has ever done - spin and misdirection. This thread shows it quite clearly - https://forum.filezilla-projec...

The behavior was so bad over at Sourceforge that it was probably illegal:

https://forum.filezilla-projec...

For reference to others: https://forum.filezilla-project.org/viewtopic.php?p=112970#p112970

I suspect this will not get noticed, but for what it's worth...

You CAN download the clean, non-ad-infected version of FileZilla from its official web site... you just need to know how:

Go here: https://filezilla-project.org/...

That link can also be found by going to the FileZilla download page and clicking on "additional download options". You will notice the binary downloads have a URL ending with ?nowrap, which tells SourceForge to point to the clean builds only.

As a recent victim of FileZilla, I must point out that FileZilla has actually agreed to have "bundled software" in the installer, and the fact that some of that is malware doesn't seem to faze them. Thankfully the one I got was easy enough to remove.

As a recent victim of FileZilla, I must point out that FileZilla has actually agreed to have "bundled software" in the installer, and the fact that some of that is malware doesn't seem to faze them. Thankfully the one I got was easy enough to remove.

As a recent victim of FileZilla, I must point out that FileZilla has actually agreed to have "bundled software" in the installer, and the fact that some of that is malware doesn't seem to faze them. Thankfully the one I got was easy enough to remove.

As a recent victim of FileZilla, I must point out that FileZilla has actually agreed to have "bundled software" in the installer, and the fact that some of that is malware doesn't seem to faze them. Thankfully the one I got was easy enough to remove.

As a recent victim of FileZilla, I must point out that FileZilla has actually agreed to have "bundled software" in the installer, and the fact that some of that is malware doesn't seem to faze them. Thankfully the one I got was easy enough to remove.

they've been doing stuff like this since 2013. I remember telling it to everyone back then, but was only met with dismissal. Why is everyone so outraged now?

Because back then they were doing it only for projects whose maintainers consented to it. (as a kind of twisted revenue-sharing program)

Now they are hijacking the installers of so-called "abandoned" projects, and locking out the owners too.

2) I call bullshit on SourceForge's assertion that their adware only comes with projects that aren't actively maintained. There have been a lot of complaints about FileZilla downloads

FileZilla developers actually opted-in to this though.

That is not the case with GIMP.

For the record, the FileZilla developers actually opted-in to this, several years ago, in some kind of revenue-sharing program with Sourceforge.

What is new is that SF now does it with "abandoned" projects without the owners' consent too.

This one is voluntary though. I even got the crapwere when I denied the install.

https://forum.filezilla-projec...

2) I call bullshit on SourceForge's assertion that their adware only comes with projects that aren't actively maintained. There have been a lot of complaints about FileZilla downloads (see, for example, https://forum.filezilla-projec...), and it is definitely a very active project.

Why won't slashdot cover the sourceforge malware scandal? Oh, yeah, that's why. SHAME ON YOU DICE!

You've been spamming every single article today with a completely off topic comment. You're doing way more harm to your story's reputation than you are helping it - this belongs on a blog or something, not in the comments section of another story.

I wish I was professional ... no one wants to pay me. Certainly not Dice.


Why did Dice buy Slashdot?

So they could suppress discussions about their own scandals!

SHAME ON YOU DICE!

Why did Dice buy Slashdot? So they could suppress discussions about their own scandals! SHAME ON YOU DICE!

Are you trolling?

No, he is not trolling, he is merely pointing out the power of propaganda as mentioned by the OP. I believe it should be more considered irony given the context off this story

I know my friend...

Why did Dice buy Slashdot?
So they could suppress discussions about their own scandals!
SHAME ON YOU DICE!

Are you trolling?

No, he is not trolling, he is merely pointing out the power of propaganda as mentioned by the OP. I believe it should be more considered irony given the context off this story

Why did Dice buy Slashdot? So they could suppress discussions about their own scandals! SHAME ON YOU DICE!

Are you trolling?

Why did Dice buy Slashdot?

So they could suppress discussions about their own scandals!

SHAME ON YOU DICE!

Why did Dice buy Slashdot?

So they could suppress discussions about their own scandals!

SHAME ON YOU DICE!

Why did Dice buy Slashdot?

So they could suppress discussions about their own scandals!

SHAME ON YOU DICE!

Why did Dice buy Slashdot?

So they could suppress discussions about their own scandals!

SHAME ON YOU DICE!

Why did Dice buy Slashdot?

So they could suppress discussions about their own scandals!

SHAME ON YOU DICE!

Why did Dice buy Slashdot?

So they could suppress discussions about their own scandals!

SHAME ON YOU DICE!

Why won't slashdot cover the sourceforge malware scandal?

Oh, yeah, that's why.

SHAME ON YOU DICE!

Why won't slashdot cover the sourceforge malware scandal?

Oh, yeah, that's why.

SHAME ON YOU DICE!

Denial is right. What a sell out and complete disrespect for the users.

For now, at least we can bypass this shit.

http://download.filezilla-proj...

Here's something more recent, and the creator is still in denial.

Download.com is crap.

Sadly open source isn't immune to this crap with SourceForge now doing this stupid shit of bundling malware, adware, toolbar hijacks, etc. Especially when you have yahoo's like FileZilla's admin approving(!) of this irresponsibility !?

At least Git hasn't been effected (yet)

The internet needs to return to its wild west days of open file storage

Sure, you first! In true wild west fashion, set up an FTP:
https://filezilla-project.org/
Post IP when you're done (port 21, anon login, optionally disable file deletion/overwrite to keep out the griefers)

Note: Patch for FileZilla is already available. Update to 3.8.1 which uses GnuTLS 3.2.15.

1. package manager of your distro (ie. trust someone trustworthy to curate)
2. git clone; make (ie. get it from the developers directly)

Anything else is basically eating candy you found on the street.

git clone; make is an absurdly fallacious "solution". It would be just as easy for the malware distributors to offer up infected git repositories as it is for them to offer up infected binaries. There's no way for the end user to know if the git repository is any less infected than the binary distribution.

Any claims that the end user can "just" look at the source are even more absurd. Even seasoned programmers would largely fail to identify malicious code from real code and most end users are not programmers at all.

The only solution, that I can see is for there to be a single trusted source for the binaries and the source code. It's still not perfect as an intrusion at the source could infect everything, but getting your software directly from the developer(group) versus all sorts of SEO pushed crap sites is the end user's only/best chance.

Unfortunately Googling for Filezilla gives the end user lots of choices including CNet, Source Forge, File Hippo...

What they really need is Filezilla This sadly redirect to source Forge.

https://forum.filezilla-projec...
https://forum.filezilla-projec...
https://forum.filezilla-projec...

Anyone using Source Forge should walk the fuck away right now and never go back. They are the ones responsible for this.

https://forum.filezilla-projec...
https://forum.filezilla-projec...
https://forum.filezilla-projec...

Anyone using Source Forge should walk the fuck away right now and never go back. They are the ones responsible for this.

https://forum.filezilla-projec...
https://forum.filezilla-projec...
https://forum.filezilla-projec...

Anyone using Source Forge should walk the fuck away right now and never go back. They are the ones responsible for this.

No? There are a lot of free open-source blog systems around. With very short descriptions of how to install it:
1. Just get a cheap hosting solution (preferably outside Mafia territory),
2. upload the decompressed archive using a FTP program,
3. point your browser to your domain,
4. set the few settings it asks you,
5. make the config file read-only on the server,
and you're done!

Takes just a couple of minutes, and neither effort nor skill. Plus, the hosting price is what you pay for the added feature of a bit more independence.

May I suggest that you test Filezilla http://filezilla-project.org/ Filezilla supports a download limit in transfer settings

1. Download a VM like Virtalbox.
2. Download Puppy Linux .iso
3. Install Puppy Linux in Virtalbox. 4 gig dynamic drive with 128 megs of RAM will suffice.
4. Inside puppy download and install the pet package Hiawatha
5. Setup FTP inside your home directory (I think it's called setup file sharing)
6. Set your network in Puppy to a static IP and set Virtualbox to use a bridged adapter for the puppy install.
7. Use Notepad++, Filezilla in windows to FTP into your virtual box to update files.

That's close to a LAMP server. I don't think technically using Puppy/Hiawatha would be LAMP. But I believe Hiawatha serves the same function as Apache and I think would suit your purpose. if you're just interested in the PHP part you can also just install XAMPP.

The thing I like about the Virtualbox (or any VM) is you can wipe it out easily. You can move it to different computers. It's easy to play around with FTP and SSH settings.
There are tons of ways to do this without getting a host if you're just looking to learn. If you really want a host most have LAMP options. For many it is even the default. For tutorials I think W3 Schools is good starting point and has examples.

*All suggestions are debatable. When making these suggestions I considered using low resources and ease of use. Given more resources to give to the Virtual box you have tons and tons of choices.

So all of the following are now illegal in Brazil, since they can be used to assist copyright infringement: Firefox, Internet Explorer, Opera, Safari, Windows, Mac OS X, Linux, Filezilla, the cp Unix command, etc.

Conficker racked up $9 billion in damages during its first quarter. That's far from the only worm out there. Old windows malware doesn't go away it's just added to the zoo.

Compare that to the estimated development costs for your average linux distro run about $1 billion.

So the savings of eradicating MSFT products for just three months would, using those numbers, give enough money to start linux from scratch 9 times over and still break out even. The more polished linux distros are now quite a few years ahead of Windows in most areas. In the areas they aren't $9 billion could buy a lot of improvement. Of that hypothetical $9 billion, it wouldn't cost but a fraction to make Filezilla as nice as Fugu or cyberduck.

Oh, but wait. There's the long tail of the worm. The windows worms run for years.

Microsoft products just aren't engineered for security. Xp, Vista and Vista 7 show us that nothing changes on that front. That's not a technical problem any more, that's an HR problem. Get rid of the MSFT boosters and you raise productivty.