Re: Filezilla a security risk

To: debian-user@lists.debian.org
Subject: Re: Filezilla a security risk
From: Steve Dowe <sd@warpuniversal.co.uk>
Date: Fri, 29 Jun 2012 16:38:06 +0100
Message-id: <[🔎] 4FEDCBDE.8010109@warpuniversal.co.uk>
In-reply-to: <[🔎] 4FEDC8FC.8000808@concepts-and-training.de>
References: <[🔎] CA+AKB6E1FfRCNbV6PimAvdvUfoBKuo7rgLsbaCR_7tgtuZdw5A@mail.gmail.com> <[🔎] jshqlo$no$5@dough.gmane.org> <[🔎] 4FECA6FB.7090606@eisenbits.com> <[🔎] jsie79$no$18@dough.gmane.org> <[🔎] 4FECE810.4030101@concepts-and-training.de> <[🔎] jskc6a$68h$4@dough.gmane.org> <[🔎] 4FEDB501.1080805@queernet.org> <[🔎] jskdhm$68h$7@dough.gmane.org> <[🔎] 92FD3E54-D65F-4D68-8D7B-793E6008C676@queernet.org> <[🔎] 4FEDC60E.8080903@warpuniversal.co.uk> <[🔎] 4FEDC8FC.8000808@concepts-and-training.de>

On 29/06/12 16:25, Denis Witt wrote:

> This might not be bulletproof but it gave you some time to detect that
> your machine was compromised and change your passwords.

Maybe not, but what is? :)

At the same time, with all this talk of passwords stored as plain text
etc, it's not a great hurdle to set up a local, encrypted loopback
device that mounts in your local file system.  You could even mount it
at ~/.filezilla, and then run up FZ for the first time.

Such a device would require a password to unlock/mount, so the "window"
where unencrypted data is vulnerable could be minimised...

http://www.howtoforge.com/encrypt-your-data-with-encfs-debian-squeeze-ubuntu-11.10

-- 
Steve Dowe

Warp Universal Limited
http://warp2.me/sd

Reply to:

Follow-Ups:
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>

References:
- Filezilla a security risk
  - From: francis picabia <fpicabia@gmail.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Stanisław Findeisen <stf.list.debian.user@eisenbits.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: "Roger B.A. Klorese" <rogerk@queernet.org>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: "Roger B.A. Klorese" <rogerk@queernet.org>
- Re: Filezilla a security risk
  - From: Steve Dowe <sd@warpuniversal.co.uk>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>

Prev by Date: Re: Filezilla a security risk
Next by Date: Re: Where does Debian define/specify "standard bundles"?
Previous by thread: Re: Filezilla a security risk
Next by thread: Re: Filezilla a security risk
Index(es):
- Date
- Thread