"http://filezilla.sourceforge.net/forum/ ... php?t=4245"
"This topic has been locked"
What an arrogant attitude. You don't like the development suggestions of those posting, so you post "End of discussion" and lock the topic. Nice way to run an open source project.
Open Source? Not open to discussion, that's for sure
Moderator: Project members
A different viewpoint
botg:
First, thanks for a cool piece of software. I appreciate your work and FileZilla is a tool that I use and have recommended to other people. I am also a developer and I know that the "wish list" and the WIBNI comments can be really frustrating to hear at times.
However, I'd like you to re-think having passwords in clear text. I don't have an obvious suggestion on how to handle the encryption but I think it needs to be done.
Your position in a previous thread is that security for the configuration files is the job of the file system. In many business environments, especially SMB offices, it's not that simple. There are a number of "legacy" type apps that require enough permissions to run that users need to run as local admins. Computers are shared between part-time users or shift workers. Those users would have full access to other user's logins. Knowing that people tend to re-use passwords, this opens up vulnerabilities in other applications.
The same issue applies to network admins. Normally they would not know a user's password for their network login or for an application. They would have the ability to change it but that would be a big red flag that an account had been "compromised." In this case, a network admin could see any user's login information. It's the equivalent of writing the password on a sticky note under the mousepad (which happens all too often).
I don't think it's your job to solve every possible security issue but plain text passwords seem like an invitation for trouble.
Thanks again for your work on this project and for listening to another viewpoint.
First, thanks for a cool piece of software. I appreciate your work and FileZilla is a tool that I use and have recommended to other people. I am also a developer and I know that the "wish list" and the WIBNI comments can be really frustrating to hear at times.
However, I'd like you to re-think having passwords in clear text. I don't have an obvious suggestion on how to handle the encryption but I think it needs to be done.
Your position in a previous thread is that security for the configuration files is the job of the file system. In many business environments, especially SMB offices, it's not that simple. There are a number of "legacy" type apps that require enough permissions to run that users need to run as local admins. Computers are shared between part-time users or shift workers. Those users would have full access to other user's logins. Knowing that people tend to re-use passwords, this opens up vulnerabilities in other applications.
The same issue applies to network admins. Normally they would not know a user's password for their network login or for an application. They would have the ability to change it but that would be a big red flag that an account had been "compromised." In this case, a network admin could see any user's login information. It's the equivalent of writing the password on a sticky note under the mousepad (which happens all too often).
I don't think it's your job to solve every possible security issue but plain text passwords seem like an invitation for trouble.
Thanks again for your work on this project and for listening to another viewpoint.
Ok, for those asking for plain text passwords: obfuscation IS a bad practice, since it gives an unreal feeling of security. This point has been discussed to death in almost every other os project I know of.
Anyways, why not store sensitive information or whole sitemanager.xml using a master password (a la Mozilla or SmartFTP)? That way only a keylogger or a brute force attack can reach to your password, since everything would be stored in a non-reverse way.
Anyways, why not store sensitive information or whole sitemanager.xml using a master password (a la Mozilla or SmartFTP)? That way only a keylogger or a brute force attack can reach to your password, since everything would be stored in a non-reverse way.
but fz3 is multi-platform ftp client. and this approach only work for windows family which put other platform user at risk and this will hurt the multi-platform natural of fz3.CriSouza wrote:Could you install with options "use registry" and "Force registry even if XML. file exists" enabled to solve this security question? When the sites are stored in the registry they are cryptographed.
[ ]´s
Re: A different viewpoint
I take your point as if the OS can handle it very well, then there won't exist ton of internet security/antivirus software.jovball wrote:botg:
First, thanks for a cool piece of software. I appreciate your work and FileZilla is a tool that I use and have recommended to other people. I am also a developer and I know that the "wish list" and the WIBNI comments can be really frustrating to hear at times.
However, I'd like you to re-think having passwords in clear text. I don't have an obvious suggestion on how to handle the encryption but I think it needs to be done.
Your position in a previous thread is that security for the configuration files is the job of the file system. In many business environments, especially SMB offices, it's not that simple. There are a number of "legacy" type apps that require enough permissions to run that users need to run as local admins. Computers are shared between part-time users or shift workers. Those users would have full access to other user's logins. Knowing that people tend to re-use passwords, this opens up vulnerabilities in other applications.
The same issue applies to network admins. Normally they would not know a user's password for their network login or for an application. They would have the ability to change it but that would be a big red flag that an account had been "compromised." In this case, a network admin could see any user's login information. It's the equivalent of writing the password on a sticky note under the mousepad (which happens all too often).
I don't think it's your job to solve every possible security issue but plain text passwords seem like an invitation for trouble.
Thanks again for your work on this project and for listening to another viewpoint.
.-
FidelGonzales
- 500 Command not understood
- Posts: 2
- Joined: 2007-10-20 06:47
- Location: Hesperia, California, USA
At this stage in the game, if the developer says no, then either reconsider your personal policy or pack your bags.
From a somewhat layman's perspective, I can easily see the argument for encryption, but would definitely have to carry over that argument to such applications as Firefox, which seems to store passwords in the very same way.
Either way, it boils down to the aforementioned statement. Not only are you now beating a dead horse with an ax, but you're arguing with it thereafter.
Personally, I'll stick with Filezilla and protect the passwords with ZoneAlarm and the others.
From a somewhat layman's perspective, I can easily see the argument for encryption, but would definitely have to carry over that argument to such applications as Firefox, which seems to store passwords in the very same way.
Either way, it boils down to the aforementioned statement. Not only are you now beating a dead horse with an ax, but you're arguing with it thereafter.
Personally, I'll stick with Filezilla and protect the passwords with ZoneAlarm and the others.
-
FidelGonzales
- 500 Command not understood
- Posts: 2
- Joined: 2007-10-20 06:47
- Location: Hesperia, California, USA
Hmm. I just fired up my WINscp FTP client and attempted to store a password in it and was greeted with a pop up window warning me that storing a password is a breach of security, advising me not to do it.
To me, this says the FZ developers are not alone in that if you want the ultimately in security, keep it locked away in your head.
To me, this says the FZ developers are not alone in that if you want the ultimately in security, keep it locked away in your head.
There is always a trade-off between security and convenience. If remembering and typing passwords is a level of inconvenience that you can't handle, then you have to accept some compromise in your security. Simple as that.
If it's stored anywhere outside your brain, in any form, there is a potential risk. Moving it out of your brain is a compromise. Using regular ftp (over sftp) is a massive compromise (yet one that thousands of web masters make every day, with very few breaches).
"Believing you are secure" is worse than knowing you are insecure, because you will fail to take even the most rudimentary security precautions; creating unique user accounts, always logging-off your workstation when you leave it, and so on. It's not the responsibility of developers to teach good workplace security practices.
And if the only thing holding you back from practicing good security is "legacy apps", then it's time to stop being cheap and upgrade those apps! You never know; there may be modern, secure, open source equivalents
;o)
(or
If it's stored anywhere outside your brain, in any form, there is a potential risk. Moving it out of your brain is a compromise. Using regular ftp (over sftp) is a massive compromise (yet one that thousands of web masters make every day, with very few breaches).
"Believing you are secure" is worse than knowing you are insecure, because you will fail to take even the most rudimentary security precautions; creating unique user accounts, always logging-off your workstation when you leave it, and so on. It's not the responsibility of developers to teach good workplace security practices.
And if the only thing holding you back from practicing good security is "legacy apps", then it's time to stop being cheap and upgrade those apps! You never know; there may be modern, secure, open source equivalents
;o)
(or
nothing is foolproof to the sufficiently talented fool