On Wed, 27 Jun 2012 16:26:48 -0300, francis picabia wrote: > I've just learned Filezilla is a security risk. It stores saved > passwords and the last used password in a plain text file.
In Mutt, for instance, you can face the same situation. > Malware commonly scoops up this info and hacks web sites or shell > accounts. > > The developer refuses to incorporate a solution such as master password > and encryption into filezilla. Yes, it's a well-known "feature" of the Filezilla FTP client. > His responses in numerous bug reports and feature requests are: > > 1. encryption: that's the file system's job True. > 2. don't get the malware in the first place Also true. > In my opinion, people should avoid filezilla. I use it in my windows box (a plain FTP login sesion is transmitted in clear text but despite that, true is that it poses a risk if your computer gets infected and your login credentials are stored in clear text) but I don't use Filezilla in Debian. For windows there's another nice application (WinSCP) and for linux you're plenty of options :-) Greetings, -- Camaleón -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
