Like loads of other people, I fell foul of the trojan that steals the sitemanager.xml file. And all my sites were 'hacked'. My laptop is 'secured' by NOD32 and MalwareBytes - both of which are fully up-to-date paid versions, so I don't need a lecture on security.
I have now taken steps to try and make sure the theft of the xml files doesn't happen again. In doing so, I struck me that if these files were user-defined, ie not called the default filenames and stored in a user-definable place, then the kiddy-scripts used to thieve teh files will have a much harder time.
Forgive me if this has been discussed before, but it seems to me that FileZilla is more likely to keep it's user-base if simple steps like these are taken to put us more at ease over security issues.
Anyone have anything to add?
Thoughts on the sitemanager.xml file
Moderator: Project members
-
- 500 Command not understood
- Posts: 2
- Joined: 2013-08-20 14:02
- First name: Tim
- Last name: Browning
-
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2013-08-07 16:17
- First name: Frank
- Last name: Tanner
Re: Thoughts on the sitemanager.xml file
It would also help if they encrypted the file too, but they refuse to do that.TimBrowning wrote:Like loads of other people, I fell foul of the trojan that steals the sitemanager.xml file. And all my sites were 'hacked'. My laptop is 'secured' by NOD32 and MalwareBytes - both of which are fully up-to-date paid versions, so I don't need a lecture on security.
I have now taken steps to try and make sure the theft of the xml files doesn't happen again. In doing so, I struck me that if these files were user-defined, ie not called the default filenames and stored in a user-definable place, then the kiddy-scripts used to thieve teh files will have a much harder time.
Forgive me if this has been discussed before, but it seems to me that FileZilla is more likely to keep it's user-base if simple steps like these are taken to put us more at ease over security issues.
Anyone have anything to add?
Re: Thoughts on the sitemanager.xml file
You can disable saving of passwords in the settings dialog of FileZilla.
-
- 500 Command not understood
- Posts: 2
- Joined: 2013-08-26 14:59
- First name: Quentin
- Last name: Holmes
Re: Thoughts on the sitemanager.xml file
I dont think that was the point of this post. I believe they are looking for another better option for security so that they can safely use a feature they like... I am currently researching this exact thing right now.
Q
Q
-
- 500 Command not understood
- Posts: 2
- Joined: 2013-08-20 14:02
- First name: Tim
- Last name: Browning
Re: Thoughts on the sitemanager.xml file
Issue neatly avoided there, once again. Listening to users is obviously to be steadfastly ignored.
Re: Thoughts on the sitemanager.xml file
Nope, there simply are no plans for any type of ''encryption'' or obfuscation.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org