Slashdot Mirror

← Back to Stories (view on slashdot.org)

User Forks FileZilla FTP Client After Getting Hacked (filezillasecure.com)

Posted by EditorDavid on from the transfer-complete dept.

Slashdot reader Entropy98 writes: A frustrated FileZilla user took matters into his own hands after getting hacked due to the fact that his saved passwords were being saved in plain text files. Despite years of numerous requests over almost 10 years the FileZilla devs refused to add a Master Password option to encrypt the stored passwords. Finally fed up one user forked FileZilla and created FileZilla Secure with the Master Password option.

6 of 166 comments (clear)

  1. This stuff drives me nuts by Anonymous Coward · · Score: 5, Insightful

    When devs act like asshats and refuse to consider that just because you can still get at encrypted passwords doesn't mean it's not helpful to make the bar a little higher than reading plain fucking text.

  2. Good deal by JustAnotherOldGuy · · Score: 5, Insightful

    Now as long as those lazy bastards at FileZilla don't sue him, maybe this will be a nice step forward.

    As for you fucking clowns at FileZilla storing passwords in plain text files, what the fuck? Did you just teleport in from 1992 or something??

    --
    Just cruising through this digital world at 33 1/3 rpm...
    1. Re:Good deal by Megane · · Score: 5, Funny

      They're just upholding the proud decades-long tradition of FTP putting everything in the clear.

      --
      #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
  3. OSS working as it should. by 0100010001010011 · · Score: 5, Insightful

    How many OSS projects would benefit from:

    User demands feature.
    Devs refuse feature.
    User forks and adds feature.

  4. Re:Not "Secure" by Dwedit · · Score: 5, Informative

    Filezilla is a client for FTP, SFTP (SSH File Transfer Protocol), and FTP over TLS. Only one of those three uses cleartext passwords over the network.

  5. IIS Server resume bug by cjellibebi · · Score: 5, Interesting

    Apparently, there's a bug in Microsoft's IIS server that causes corruption when attempting to resume large downloads. FileZilla does not take this into account, and as a result, the download is corrupted. Clearly, this is Microsoft's fault, but the situation is that there are many buggy IIS servers out there, and Filezilla, by not having a workaround for this (other FTP clients do have a workaround), ends up corrupting the download. After looking at this ticket, it shows that the developer clearly does not live in the real world.

    Personally, this issue hasn't affected me, but the exchange I linked to tells me a lot about the attitude of the developer. I only even discovered this issue when reading about FileZilla.

    So is this fork going to address this issue?