And they are digitally signed with a Verisign cert, so one could always check that before using them.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Kurt Buff Sent: Thursday, June 9, 2016 3:54 PM To: ntsysadm <[email protected]> Subject: Re: [NTSysADM] Enterprise backupi client only via ftp? unencrypted! Right. If all they put on the ftp site are regular downloads, and they have hashes for those downloads securely available elsewhere, it shouldn't be any kind of deal. Kurt On Thu, Jun 9, 2016 at 12:01 PM, Charles F Sullivan <[email protected]> wrote: > I needed to download a couple of the most recent clients about 6 weeks > ago, but I didn't need to authenticate so it wasn't a big deal to me. > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] > On Behalf Of Klaus Hartnegg > Sent: Thursday, June 9, 2016 1:50 PM > To: [email protected] > Subject: [NTSysADM] Enterprise backupi client only via ftp? unencrypted! > > Hi, > > Many large enterprises do their backup with TSM alias Tivoli from IBM. > > This week I noticed that the client for this system appears to be > available only via ftp. But ftp is neither encrypted nor signed. > > Shouldn't all downloads go through https for various security reasons? > Ever heared the name Snowden? Anybody here from IBM who could change this? > > Klaus > >
