At 12:16 PM 11/28/2006 -0500, Malcolm Greene wrote: ... >But (there's always a but<g>), I disagree with you that FTP is a secure >protocol because FTP transmits login information UN-encrypted. Although, >if all your FTP access is via anonymous login, then I guess this is a >moot point<g>.
I'm not saying FTP is 'secure'. That is the whole point. In fact, I'm saying that "trusting" on any "transmission" protocol to 'secure' things for you is not a good idea. In the grand scheme of things, you have to assume your data being transmitted will be compromised at some point in time. From there you define your business risks etc. The problem is a lot of people simply 'assume' any implementation that uses FTP is insecure without going beyond a surface analysis. From my point of view, I like the approach of FTP because it 'forces' you to think about security issues on both sides of the 'communication channel'. Not trusting the communication protocol, whatever protocol that may be, will give you a more secure system in the end. -Charlie _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
