That's silly: SFTP has problems of its own. There's no perfect solution, but most regular FTP servers can support SSL or TLS encryption, making them secure.

Many of his other complaints are legitimate issues from his point of view as someone who writes an FTP client. But from a hosting provider's point of view:

• SFTP requires you to use real accounts for each user.
• Whereas, regular FTP servers support "virtual" users who do not need an actual Unix account.
• SFTP requires each account to have an actual shell, since some of its functionality is accomplished by remotely executing commands. Usually that means the user can actually log in and get a shell prompt on your server using SSH -- not a good thing if all you want to do is enable file transfers for your customers.
• Regular FTP servers do not require users to have a shell, or even a Unix account on the server.
• With regular FTP servers, adding a new virtual account can be as simple as adding a row to a database table. The users are restricted to their own directory (which can also be specified in the database).

To mitigate these problems, you can use various "fake" shells that provide just enough functionality to support SFTP. But that's kind of dodgy and not nearly as simple as the virtual users approach.

For small-scale use (i.e., a few users whom you trust with a shell account), SFTP is great.

For commercial users, FTP-TLS can be a better choice, especially if you only want to enable file transfers and aren't looking to give every user a shell account.

With that said, if your hosting provider doesn't provide SFTP or FTP-TLS, then yes, dump them!