Re: Filezilla a security risk

To: debian-user@lists.debian.org
Subject: Re: Filezilla a security risk
From: Denis Witt <denis.witt@concepts-and-training.de>
Date: Sat, 30 Jun 2012 12:45:08 +0200
Message-id: <[🔎] 4FEED8B4.6000303@concepts-and-training.de>
In-reply-to: <[🔎] jsmga9$djv$3@dough.gmane.org>
References: <[🔎] CA+AKB6E1FfRCNbV6PimAvdvUfoBKuo7rgLsbaCR_7tgtuZdw5A@mail.gmail.com> <[🔎] jshqlo$no$5@dough.gmane.org> <[🔎] 4FECA6FB.7090606@eisenbits.com> <[🔎] jsie79$no$18@dough.gmane.org> <[🔎] 4FECE810.4030101@concepts-and-training.de> <[🔎] jskc6a$68h$4@dough.gmane.org> <[🔎] 4FEDBF4D.6040905@concepts-and-training.de> <[🔎] jskgm9$68h$11@dough.gmane.org> <[🔎] 4FEDD417.7070607@concepts-and-training.de> <[🔎] jskmhd$68h$16@dough.gmane.org> <[🔎] 4FEDFC1E.9080902@concepts-and-training.de> <[🔎] jsmga9$djv$3@dough.gmane.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Camaleón schrieb:

>>> and hey, it's open source! You can hire a programmer, make a
>>> fork ("FileZilla-S" for secure) and add all the enhancements you
>>> want ;-
>> Forking a program for a single little feature doesn't make a lot
>> of sense to me.

> If you value so much that feature and you really like the
> application, why not?

I didn't. It's more that I dislike the attitude of some developers (in
general) saying that they don't have to care about uninformed users who
misconfigure their systems or even don't know how to protect themselves.

At least they should inform the user that saving passwords is insecure.

> I wonder if a feasible approach to store credentials in clear text
> for FileZilla would be using something like the gnome-keyring or a
> similar implementation for the different OSes or linux boxes,
> although of course, this would add additional drawbacks.

I like how MacOS handle this, nearly every application designed for
MacOS is using the built in Keychain. Of course, if the keychain tool
isn't secure this is a big problem.

Bye.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJP7tiwAAoJEGqblLUjc3f4Hk8H/17B60KAn5m5f7kzAKPLKUBb
ke9h/lYtoxMtDOUlmebDGc/S2QMI0eX88fV/kI8cpSfqVJrVtM8B0iLikvCThkhe
aO0MWVSIxdZw0cDdNr4hEwqseBYrSTAN1msgDkPWp9CBAv8W4+9eL1/nQTlqipUA
GoD4fZ7a+IxMuJfSKujfKFVo/8huQSpW3XXDvxXg8W6sW6KsaSOaMfQrZIKRMs8K
/5ZWG9iqyjSbpo17ZhFVTsg9IkpPRVcijYEoAG1qZg17CbupieIEHDou2FzITA5M
pncWwIgwzdfoOL0nb9TuhJYXNjtGxMAdjDQBGRqPyQ3ogD1fMHnHThlcfF4CInQ=
=ZzgY
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>

References:
- Filezilla a security risk
  - From: francis picabia <fpicabia@gmail.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Stanisław Findeisen <stf.list.debian.user@eisenbits.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>

Prev by Date: Re: Debian GNU/Linux wheezy/sid - Howto setup bootlogd?
Next by Date: Re: Filezilla a security risk
Previous by thread: Re: Filezilla a security risk
Next by thread: Re: Filezilla a security risk
Index(es):
- Date
- Thread