DNSstuff.com
Mar
8th

Avoid FileZilla Like The Plague

Filed under Webmasters | Leave a Comment

If you are using the free FileZilla FTP program you should remove it immediately and remove any files it leaves behind. There are a number of viruses that read some FileZilla files that expose your FTP details in plain text and then these viruses will alter EVERY index file (i.e. index.php,index.html etc) on your website.

The author has publicly stated that it isn’t his problem and he has no plans to encrypt the plain text data that FileZilla stores. You can find out about these files (which you also need to remove) at:

http://unsharptech.com/2008/05/20/filezilla-ftp-passwords-stored-in-plaintext/

The author’s attitude is totally irresponsible. Granted, all computer users should keep their anti-virus up to date but I also think it is the responsibility of software developers to ensure that any private and/or confidential data is encrypted. I’ve been a developer myself for 30 years and there is no way I would ever store passwords in plain text.

Most open source / free software is high quality. The unfortunate fact is that if it’s free then the author has no level of responsibility as there is no customer relationship. It’s worth considering this when deciding which FTP client you are going to use.