Moderator: Project members
Since updating to 2.26.0-rc1, I have to enter passwords two times - once when connecting and a second time when starting transfers. Is that intended or a side effect?
Still in kiosk mode 1, like always.
Still in kiosk mode 1, like always.
When connecting to the server from the Site Manager, there is no "Remember" checkbox.
Why the snide comment?botg wrote:I'm glad you like a feature that doesn't even increase security.
You said yourself that
To me this sounds like the feature will at least increase usability without compromising security.botg wrote:Incidentally, this functionality is indistinguishable from not storing passwords at all from a security perspective.
If you didn't value usability then why create FileZilla Client in the first place?
Also it helps to look at how people are using software. Assuming many are storing their passwords in plaintext then you can say that is lazy and not responsible behavior. And you would be correct -- but still not helping the issue. But giving the option to make stored passwords "indistinguishable from not storing passwords at all from a security perspective" to me sounds much like "a feature that does [...] increase security".
Thank you for that and have a nice weekend!
But it does. It is much easier for malware to just wait until some date in the future, and silently read the password file. This could be hidden in any kind of program, it doesn't even have to be continuously active or run in the background or do anything. And it doesn't depend on FileZilla running or the user doing anything FTP related. A program can just wait until whenever it's being run after some date in the future, and steal the passwords.botg wrote:I'm glad you like a feature that doesn't even increase security.
Now with this new security feature, malware would have to run continuously in the background, access FileZilla's program memory (which isn't always possible), or run a keylogger, or intercept traffic (which still only works in case of plain FTP), etc.
It's just like you say: attacker category A and B. There is a HUGE difference between those two. Category A doesn't have to be active, or keep running in the background. It can attack at just one random moment, and FileZilla doesn't have to be open at the same time.
Category B on the other hand requires to be actively running in the background, constantly monitoring or intercepting stuff. And it requires FileZilla to open connections during that time. You mention two kinds of "passive" attackers in category B, but they're not passive at all. Not actively running = no attack vector.
1. harder to implement
and more importantly
2. MUCH harder to do unnoticed
So thank you! Thanks a LOT for finally adding this much beloved feature! ♥ Can I donate somewhere to express my gratitude? Do you accept bitcoins?
A master password does not offer any additional security. It is no more secure than not saving passwords at all, functionality that has already been in FileZilla for many years.kazimir_ wrote:But it does.botg wrote:I'm glad you like a feature that doesn't even increase security.
Technically using a master password isn't even as secure. If not saving passwords, keylogging malware can only intercept those passwords that are entered while the malware is running. With master passwords, it immediately gets access to all encrypted passwords as soon a the master password is entered.
I spoke of this before, and finally the day has come: In the next version of FileZilla, it will be much more difficult to use insecure plain FTP, it will require explicit confirmation.