back to article Oh ... Fudge This Pandemic! Google walks back on decision to switch off FTP in Chrome 81

Google has switched File Transfer Protocol (FTP) back on in Chrome 81 in response to the COVID-19 situation. The change was made "via server-side configuration." The Chocolate Factory has been keen to kill off the venerable protocol for some time, and after a succession of prunings, disabled it by default in version 81 having …

  1. Dan 55 Silver badge
    Megaphone

    Obsession with JavaScript-driven trackable shiny

    There's no real reason to axe FTP support, and here's the proof.

    1. sabroni Silver badge

      Re: and here's the proof.

      If you're worried about Javascript driven trackable shiny why are you using a browser as an ftp client?

      1. Dan 55 Silver badge

        Re: and here's the proof.

        I'm happy to use a browser as an FTP client knowing that if I do there's no JavaScript-driven trackable shiny. Point your question to Google, why are they unhappy there's no JavaScript-driven trackable shiny?

        1. sabroni Silver badge

          Re: Point your question to Google

          No, they didn't pick your ftp client. Why use a browser if you want to avoid JavaScript? Other ftp clients are available with a massively reduced attack surface.

    2. Anonymous Coward
      Anonymous Coward

      Re: Obsession with JavaScript-driven trackable shiny

      Doesn't Google want to axe it for some nefarious reason to do with $$$ ?

    3. manrobertkir

      Re: Obsession with JavaScript-driven trackable shiny

      I completely agree with this!

  2. Dwarf Silver badge

    @Dan 55

    I agree that it doesn't have to be removed, but conversely, a browser should just browse (at least in my mind). I'm not looking for a single Swiss-army penknife that has the potential for more and more security bugs.

    I wonder if they will remove other protocols from Chrome that are a security risk - examples could include their PDF viewer, since PDF's have security issues too. Oh and JavaScript - that can be used for bad things too.

    I wonder what their real aim is ? Removal of insecure transfer protocols, even though much of what is FTP'ed is using the anonymous user anyhow and if people want to do secure FTP, then there is always SFTP and FTPS.

    Personally, I'd prefer if they left the choice to users who can determine whats right for them, rather than someone doing a nanny knows best approach.

    1. Amentheist

      It's a fair point about PDF but a balance should be struck somewhere, nowadays vast majority of users are not power users and if they have to have a separate piece of software installed as a PDF viewer that means it has to be kept up to date as well as the browser, and if they don't they'll be more succeptible to being offered malicious or dangerous viewers (*cough* like the adobe one *cough*), while a browser one could be sandboxed and would "just work" (hopefully (who am I kidding)) and would have more frequent updates.

    2. Anonymous Coward
      Anonymous Coward

      I personally think the browser itself also helps your browse FTP site and is arguably better for most users for just downloading.

      By presenting the FTP site an intuitive HTTP index for the strict purpose of helping users navigate and download data off the server, the browser eliminates pretty much all clutter and non-essential information not required for the average user for read only downloading.

  3. Anonymous Coward
    Anonymous Coward

    Don't GAS

    I deprecated Chrome years ago.

  4. fnusnu

    Bin it and focus on security. Just because people are working from home doesn't mean they can't find another way to transfer files insecurely.

    1. fnusnu

      Oh look! All five people who still use it have downvoted my comment.

      1. Francis Boyle Silver badge

        It looks like

        the FTP user base just about double in 20 hours. Must be making a comeback!

  5. Gene Cash Silver badge

    > The change was made "via server-side configuration."

    So does this mean Chrome phones home to check for configurations?

    Or does this just mean they changed their build config? If so, why would they state it in such a strange phrasing?

    1. Alumoi

      Just a slip of the tongue. I'm sure HR will soon have a nice, long talk with the poor sod.

      After all, Chrome is the most secure and privacy focused browser on Earth. We value your privacy and all that.

      Note to self: next time don't be lazy and use the joke icon, somebody will miss it.

  6. Nate Amsden

    they seem to say the old code is hard to maintain

    But I just keep thinking that generic plain text ftp which is probably 99% of ftp sites out there hasn't changed much at all in probably 20+ years so there shouldn't really be much of anything to maintain.

    I don't use ftp too often, and generally when I do I use ncftp.

    Checking ncftp's changelog they released version 3.0.0 in March 2000, now they are at 3.2.6(from late 2016), for a dedicated ftp client just a point as to how little ftp has changed over the past 20 years.

  7. Sandtitz Silver badge

    My FTP usage

    My Firefox browser history on this home computer goes back about 3 years. I looked up for the 'ftp://' string it and there's not a lot that I would miss:

    F-Secure uninstall tool, HP Softpaqs, Axis camera firmware, Windows NT4 SP4, Info-Zip binaries, C/H/S information for old HDDs, Firmware for some old unsupported D-Link shit.

    Most of the aforementioned stuff is available on HTTP, but not all was. (or my search skills failed me)

    It's the very old stuff that's getting harder and harder to find. After a few more years all the FTP mirrors for Simtelnet, Sunsite, Hobbes etc. are going to disappear. All those moments will be lost in time, like tears in rain. Time to die.

  8. Claverhouse Silver badge
    Meh

    I take caveat with the description of Mozilla as a 'rival' to Google

    More a wholly owned subsidiary surely ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020