[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: wget2 | Add FTP & FTPS support (#3)

From: Richard (@nyuszika7h)
Subject: Re: wget2 | Add FTP & FTPS support (#3)
Date: Mon, 05 Jul 2021 10:38:02 +0000

Richard commented:

> Slightly OT, but please consider any download via FTP (or any other 
> non-secure protocol) as tainted, even when downloading within your faculty. 
> Since no one ever checks the file integrity (this is tedious manual work), 
> everybody should use a secure channel for downloading. Or the other way 
> round, you upload your data via FTP - how do you make sure the server 
> received the correct data ? (Data-internal checksums do not help against 
> malicious intent.)

For one, FTPS exists. Also I'm pretty sure the vast majority of people who use 
wget2 and find their way to this issue tracker are fully aware of the security 
risks. I'm generally a proponent of using secure things like HTTPS and SFTP 
(not to be confused with FTPS), but in some cases FTP is just an acceptable 
trade-off. I have a Windows server where setting up a FileZilla FTP server is 
much more convenient, and I'm just transferring media files. It has a strong 
password and realistically nobody is going to MITM it, and even if they did, 
they would have to find some obscure MP4 code execution exploit that would be 

Reply to this email directly or view it on GitLab: 
You're receiving this email because of your account on gitlab.com.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]