Why We Shouldn’t Use FTP Anymore
Steven Frank offers a few reasons why we should not be using FTP anymore.
Kind of odd considering what he does for a living!
- Unless tunneled over a secure socket, FTP is 100% insecure. Your password, and the contents of all of your files are sent in the clear, free to be examined or captured by any network hop between you and your server.
- The spec defines no way of setting the modification dates/times of files. A number of non-standard extensions have arisen to deal with this shortcoming. Some servers support one but not the others. Some support neither. Some claim to support one method but misinterpret the the arguments, treating the timestamps as local time rather than UTC. I’ve seen FTP servers simply drop the connection whenever asked to set a timestamp on a file. For such a simple and necessary operation, it’s chaos.
Leave a Reply
You must be logged in to post a comment.