The Filezilla forum admin in that thread obstinately blames users for "accidentally" accepting a bundeled "offer", when users are clearly warning project admins that the installer is infected with malware.
Does sourceforge share revenue from bundeled installs with projects?
so yeah, it seems like there's kind of a conflict of interest here. if there's no way for a user to know whether the project opted in to revenue sharing, then how can they trust the project?
in other words, in my view, a project that opts in to revenue sharing with crapware bundlers who are known to sometimes distrubute malware, is behaving unethically.
so now i don't trust filezilla dev's in general, even if i get an package signed by my distro or whatever. very dissapointing. worse still, it makes projects that didn't opt in suspect in my view, simply because they are on sourceforge; if i can't find out whether they opted in, how can i know any project isn't taking kickbacks?
For your information, currently sourceforge "usually" only bundles the crapware with projects where either the person opted in, or where sourceforge has "seized" the repo.
If it bundles crapware, and the maintainer listed on sourceforge.net is sourceforge itself, they didn’t opt in.
Does sourceforge share revenue from bundeled installs with projects?