Oh ... Fudge This Pandemic! Google walks back on decision to switch off FTP in Chrome 81 Google has switched File Transfer Protocol (FTP) back on in Chrome 81 in response to the COVID-19 situation. The change was made "via server-side configuration." The Chocolate Factory has been keen to kill off the venerable protocol for some time, and after a succession of prunings, disabled it by default in version 81 having …
@Dan 55
I agree that it doesn't have to be removed, but conversely, a browser should just browse (at least in my mind). I'm not looking for a single Swiss-army penknife that has the potential for more and more security bugs.
I wonder if they will remove other protocols from Chrome that are a security risk - examples could include their PDF viewer, since PDF's have security issues too. Oh and JavaScript - that can be used for bad things too.
I wonder what their real aim is ? Removal of insecure transfer protocols, even though much of what is FTP'ed is using the anonymous user anyhow and if people want to do secure FTP, then there is always SFTP and FTPS.
Personally, I'd prefer if they left the choice to users who can determine whats right for them, rather than someone doing a nanny knows best approach.
It's a fair point about PDF but a balance should be struck somewhere, nowadays vast majority of users are not power users and if they have to have a separate piece of software installed as a PDF viewer that means it has to be kept up to date as well as the browser, and if they don't they'll be more succeptible to being offered malicious or dangerous viewers (*cough* like the adobe one *cough*), while a browser one could be sandboxed and would "just work" (hopefully (who am I kidding)) and would have more frequent updates.
I personally think the browser itself also helps your browse FTP site and is arguably better for most users for just downloading.
By presenting the FTP site an intuitive HTTP index for the strict purpose of helping users navigate and download data off the server, the browser eliminates pretty much all clutter and non-essential information not required for the average user for read only downloading.
But I just keep thinking that generic plain text ftp which is probably 99% of ftp sites out there hasn't changed much at all in probably 20+ years so there shouldn't really be much of anything to maintain.
I don't use ftp too often, and generally when I do I use ncftp.
Checking ncftp's changelog they released version 3.0.0 in March 2000, now they are at 3.2.6(from late 2016), for a dedicated ftp client just a point as to how little ftp has changed over the past 20 years.
My Firefox browser history on this home computer goes back about 3 years. I looked up for the 'ftp://' string it and there's not a lot that I would miss:
F-Secure uninstall tool, HP Softpaqs, Axis camera firmware, Windows NT4 SP4, Info-Zip binaries, C/H/S information for old HDDs, Firmware for some old unsupported D-Link shit.
Most of the aforementioned stuff is available on HTTP, but not all was. (or my search skills failed me)
It's the very old stuff that's getting harder and harder to find. After a few more years all the FTP mirrors for Simtelnet, Sunsite, Hobbes etc. are going to disappear. All those moments will be lost in time, like tears in rain. Time to die.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
