Full Disclosure mailing list archives
Re: Security issue in Filezilla3.0.9.2:passwordsare stored in plain text (sitemanager.xml)
From: "Garrett M. Groff" <groffg () gmgdesign com>
Date: Tue, 22 Apr 2008 14:38:33 -0400
Sounds like your mind is made up. Good luck in your search for scholarly wisdom in this matter. - G ----- Original Message ----- From: "Joey Mengele" <joey.mengele () hushmail com> To: <full-disclosure () lists grok org uk>; <groffg () gmgdesign com> Sent: Tuesday, April 22, 2008 2:22 PM Subject: Re: [Full-disclosure] Security issue in Filezilla3.0.9.2:passwordsare stored in plain text (sitemanager.xml)
Groffg, On Tue, 22 Apr 2008 13:02:34 -0400 "Garrett M. Groff" <groffg () gmgdesign com> wrote:Joey, The topic write-ups for data compression and cryptography (go to that page in lieu of "encryption") are reasonably good. You can then branch to other sources for the sake of verification via cross referencing. That should help to elucidate the substantial difference between encrypting data and compressing data.Reasonably good? Says who? Chairman Mao?As far as Wikipedia being a scholarly source, I'd say that scholars will choose many sources, Wikipedia among them. Someone [citation needed!] once commented about Wikipedia that it has 10 times the information as an encyclopedia volume but with a 10% reduction in accuracy. Indeed, one would be wise to cross reference any information gleaned from Wikipedia that is to be used for anything more substantial than satisfying mere curiosity. But using Wikipedia as an initial resource doesn't seem like a bad idea to me.To you? What is your credibility?Coming back to the topic at hand, I hope that this will wrap up your concern over the perceived weakness in FileZilla (which, as it turns out, is simply an innate weakness of using FTP).I disagree. The flaw that I have discovered still lies in the FileZilla implementation of FTP. Until a SCHOLARLY source can contradict my findings, I do not anticipate anyone on this list or elsewhere swaying me. Thanks for your time but it is back to the grill for me.- GJ -- Click to see huge collection of discounted designer watches. http://tagline.hushmail.com/fc/Ioyw6h4dibSq5yrXbPCWd043cVzPPIKkKOV8oABuXVAfxcVSTooof1/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Security issue in Filezilla3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Joey Mengele (Apr 22)
- Re: Security issue in Filezilla3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Garrett M. Groff (Apr 22)
- <Possible follow-ups>
- Re: Security issue in Filezilla3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Joey Mengele (Apr 22)
- Re: Security issue in Filezilla3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Garrett M. Groff (Apr 22)