Chrome 88 Released, Removing Adobe Flash -- and FTP (pcworld.com) 125
Google released Chrome 88 this week — and besides improving its dark mode support, they removed support for both Adobe Flash and FTP.
PC World calls it "the end of two eras." The most noteworthy change in this update is what's not included. Chrome 88 lays Adobe Flash and the FTP protocol to rest. RIP circa-2000 Internet.
Neither comes as a surprise, though it's poetic that they're being buried together. Adobe halted Flash Player downloads at the end of 2020, making good on a promise made years before, and began blocking Flash content altogether a couple weeks later. Removing Flash from Chrome 88 is just Google's way of flushing the toilet.
On the other hand, FTP isn't dead, but it is now for Chrome users. The File Transport Protocol has helped users send files across the Internet for decades, but in an era of prolific cloud storage services and other sharing methods, its use has waned. Google started slowly disabling FTP support in Chrome 86, per ZDNet, and now you'll no longer be able to access FTP links in the browser. Look for standalone FTP software instead if you need it, such as FileZilla.
That's not all. Mac users should be aware that Chrome 88 drops support for OS X 10.10 (OS X Yosemite). Yosemite released in 2014 and received its last update in 2017...
But Google killing Flash and FTP might be the footnotes that hit old-school web users in the feels.
Chrome 88 will also block non-encrypted downloads originating from an encrypted page, the article reports. And the Verge notes Chrome also offers less intrusive website permission requests (as an experimental feature enabled from chrome://flags/#permission-chip ), while Bleeping Computer describes Chrome 88's new experimental feature for searching through all your open tabs.
And Chrome's blog points out some additional features under the hood: Chrome 88 will heavily throttle chained JavaScript timers for hidden pages in particular conditions. This will reduce CPU usage, which will also reduce battery usage. There are some edge cases where this will change behavior, but timers are often used where a different API would be more efficient, and more reliable.
PC World calls it "the end of two eras." The most noteworthy change in this update is what's not included. Chrome 88 lays Adobe Flash and the FTP protocol to rest. RIP circa-2000 Internet.
Neither comes as a surprise, though it's poetic that they're being buried together. Adobe halted Flash Player downloads at the end of 2020, making good on a promise made years before, and began blocking Flash content altogether a couple weeks later. Removing Flash from Chrome 88 is just Google's way of flushing the toilet.
On the other hand, FTP isn't dead, but it is now for Chrome users. The File Transport Protocol has helped users send files across the Internet for decades, but in an era of prolific cloud storage services and other sharing methods, its use has waned. Google started slowly disabling FTP support in Chrome 86, per ZDNet, and now you'll no longer be able to access FTP links in the browser. Look for standalone FTP software instead if you need it, such as FileZilla.
That's not all. Mac users should be aware that Chrome 88 drops support for OS X 10.10 (OS X Yosemite). Yosemite released in 2014 and received its last update in 2017...
But Google killing Flash and FTP might be the footnotes that hit old-school web users in the feels.
Chrome 88 will also block non-encrypted downloads originating from an encrypted page, the article reports. And the Verge notes Chrome also offers less intrusive website permission requests (as an experimental feature enabled from chrome://flags/#permission-chip ), while Bleeping Computer describes Chrome 88's new experimental feature for searching through all your open tabs.
And Chrome's blog points out some additional features under the hood: Chrome 88 will heavily throttle chained JavaScript timers for hidden pages in particular conditions. This will reduce CPU usage, which will also reduce battery usage. There are some edge cases where this will change behavior, but timers are often used where a different API would be more efficient, and more reliable.
Non-Encrypted Downloads (Score:1)
Re: (Score:2, Insightful)
Yes the user can choose to write their own vulnerable browser instead of forcing others to support their poor internet hygiene.
Re: (Score:2)
I agree. The browser's function is to access links and act accordingly. As long as there are links using the "ftp" method, then the browser should access those links and download the file. Anything less is a failure on the part of the browser.
Pages that have links with "ftp" methods are constructed by people who know that the download isn't going to be "secure". They are unlikely to have put materials that need to be "secure" on such links. I don't personally use Chrome, but I would be disappointed if
Re: (Score:2)
Give the choice to the user, or even stay out of the user's way!
Exactly. It is not up to a browser to decide what to allow or not allow. The one and only job of a browser is to display, or in this case fetch, what the user requests. I don't care that Google thinks the page might be insecure, that is not its decision. I want to go to that page, you take me there.
For all those whining about FB and Twitter deciding what people get to see, here you go. Start whining to Google.
Re: (Score:3)
Besides -- and I'm sure being the neckbeard that you are you realize this -- Chrome isn't stopping you from doing anything. You can visit the shady site with two clicks. Or because you're so smart, you could fork a browser and write your own! Amazing!
Do you think it's still a good idea to run unpatched vulnerable garbage on the
Re: (Score:2)
Browsers are more than tools for nerds in basements. When you have to manage non-technical people within an IT infrastructure, you'll start to appreciate built-in security tools.
Non Technical people have an alomst magical ability to discover new ways to screw things up.
And the closer we get to a foolproof Browser/email OS system the closer we get to making them unusable. We're making strong headway toward that right now.
Windows defender classes legitimate files as Trojans, and in some cases, I've had to remove all AV and firewall and go on the intertoobz bareback and download a program, isolate it from Defender, than install, reboot, run the program, then restart firewall and
Re: (Score:2)
If you use a toy operating system like modern Windows has become, that's the sort of shit you'll have to suck up. Use a real OS and *you* are in control.
You aren't wrong. For my own work, I use Unixy/Unix based systems - Linux or MacOS. But in a world where people will willingly give away their passwords, https://www.youtube.com/watch?... [youtube.com] and corporations handing over their customer data every day, there isn't much protection. And seemingly no defense.
Re: (Score:2)
So I have to go out of my way to do something I already told the browser to do?
Really now?
Re: (Score:2)
So I have to go out of my way to do something I already told the browser to do? Why not just get to me where I said I wanted to go?
Do you have the same objection to the "Would you like to save this file?" popup that you get when you try to close a document that has unsaved changes? There's such thing as a reasonable guardrail.
plain old ftp?? Unencrypted? (Score:2)
It allowed ftp? Did they mean sftp? Unencrypted FTP should have been disabled decades ago. Why would anyone use unencrypted FTP? Good god. Are you fucking crazy?
Re: (Score:2)
> Why would anyone use unencrypted FTP?
Lots of reasons? If you're say downloading the latest Filezilla or other binary why the hell do you need to use SFTP for that? 99% of the binary downloads used to direct to an ftp:// link because it worked and didn't place additional encrypt/decrypt load on the endpoints so why NOT use it?
If you're moving something sensitive it makes sense to encrypt but encrypting everything just because is as stupid as never encrypting.
Re: (Score:3)
Wow, you know nothing about security. Downloading executables is EXACTLY the most important place to use encryption. There is hardware/software that can sit on the network and intercept the executable file and inject vulnerable code into the stream during transit. There's very easy tools to do that if you can plug into your targets network (which does happen, believe it or not).
Re: plain old ftp?? Unencrypted? (Score:2)
And you and I didn't stop using regular HTTP "decades ago!!" either, so get off your high horse.
And there is nothing wrong with downloading Linux update packages unencrypted, at least with any modern system, where package signing is the norm. ;)
Unless you fear that somebody might find out you're downloading pterodactil-hentai-vore-0.95b.deb.
Re: plain old ftp?? Unencrypted? (Score:2)
Maybe, but within corp intranets where ftp is used a lot in automated batch processing that's irrelevant. If theyre inside your network ftp man in the middle is the least of your worries.
Re: (Score:3)
With the advent of Let's Encrypt, practically anyone can get an encryption certificate.
It doesn't help in the case where a questionable company hijacked Shareaza's domain, and replaced the downloads with their own. The new site would be "encrypted", but not detected as a problem by the computer.
At least it prevents injection attacks, but does nothing otherwise. That's why major open source distros used to show their MD5 or SHA1 ha
Re: (Score:2)
Let's encrypt won't give you a certificate if you don't own the domain. You have to prove you already have rights to the domain at least tempoarily before they will issue a cert. That makes it hard for someone to get a certificate saying they are google.com or reputable download place.
Re: (Score:2)
Re:plain old ftp?? Unencrypted? (Score:5, Insightful)
There are plenty of places for doing ftp where sftp or https is not going to make you any more secure. Besides... you are checking the hashes on the binaries anyway, right?
That said, not quite sure why you would use a web browser for it today, and curl has become much more common for the old applications for FTP.
Re: (Score:2)
How do you know the hash is correct if you were told the hash over HTTP?
Re: (Score:2)
And that's why you compare MD5 hashes after download, Mr. Security....
Re: (Score:2)
How do you find out the hash value to compare it with? via http? how's that going to work, Mr. Malwaredownloader? Also, you oughta be using SHA256.
Re: (Score:2)
How do you find out what the actual hash is supposed to be if you've retrieved that unencrypted? An attacker on your network can modify traffic from the website that has the hash.
Re: (Score:2)
but encrypting everything just because is as stupid as never encrypting.
Except you're making an assumption on behalf of the user. It's not up to you to decide what another person is persecuted for unless you're the one persecuting them. Encryption should be a sane default. It's not 1998 anymore, we don't need to stack hardware AES cards in our servers to support the ability to encrypt.
Re: (Score:2)
Why would anyone use unencrypted FTP?
— backslashdot (95548)
“Backups are for wimps. Real men upload their data to an FTP site and have everyone else mirror it.”
— Linus Torvalds
Re: (Score:2)
Haha, what year was that quote from? I bet you he uses encryption today. If not (which is highly highly unlikely) .. well .. he is being an idiot and wrong.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
On the other hand, a basic FTP client is easily written in a few lines, but a SFTP client is far more complicated and needs huge libraries. This still matters for embedded.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The main reason they got rid of it is because there is no business case for supporting it. Very few users, large attack surface for exploits.
I hear Edge just added FTP support... Seriously, no joke.
Re: (Score:2)
Because it's an established protocol and most of them time nobody cares about the kinds of stuff you'd use FTP over. Ooooh you're darting over to AmiNet to download the latest PageStream 2.2 demo? I seriously doubt anyone's going to either log you and put you on a blacklist, or intercept your copy of PageStream and hack your Amiga.
Oh my, that invoked some nostalgia. There was also wustl, and hut.fi, if I remember correctly. Good times.
Re: (Score:2)
Really? (Score:2)
FTP can have its uses (Score:5, Informative)
If security doesn't matter, it's a more efficient file transfer protocol than http, at least. But security usually does matter at least a little.
A number of our faculty work with people in industry, and it always saddened me when industry partners would insist that we allow regular old FTP to one of our servers for some exchange of data where they'd also tell us how important it was that the data not be accessible to anyone but the particular research group they were working with. We'd suggest alternatives, but they consistently refused to consider it.
Fortunately that did finally stop... but only a couple of years ago.
Re: (Score:2)
If security doesn't matter, it's a more efficient file transfer protocol than http, at least.
In what way? FTP is a broken protocol that requires two sockets to transfer files and even file listings. Historically, one was opened from the client to the server and one from the server to the client, but firewalls and NAT stopped that, so "passive mode" was invented. But beyond that, the transfer of data is not any more "efficient" with FTP compared to HTTP - they both shovel bits down a TCP socket as fast as the TCP stacks and network will handle them.
Re: FTP can have its uses (Score:2)
Uum, the problem here is that we ruined port listening with nonsense like NAT, instead of upgrading to a less limited IP version*.
In any case, what we do now, merely emulates a listening port anyway, if you actually look closely. Receiving a packet is receiving a packet. It's not like IP headers could guarantee to be from the source IP adress they claim to be from. (You can even abuse a client that way, to DOS (or port scan?) its server, if you know the server's IP. Without the server ever seeing your IP ad
Re: (Score:3, Informative)
No browser uses active FTP. Passive FTP works on just one port and is what browsers use, and is NAT friendly.
Re: (Score:3)
Passive FTP still requires an additional port range for the data connection(s). It only requires connections in one direction, but it still requires multiple ports.
Re: (Score:2)
Re: (Score:2)
If security doesn't matter, it's a more efficient file transfer protocol than http
No it's not. For many small files the amount of back and forth communication required to download over FTP its larger than a simple HTTP GET request. That said with most of the web being encrypted now if you add in the SSL handshake and compare it to classic FTP then FTP wins.
Re: (Score:2)
Re: (Score:2)
FTP doesn't have any uses anymore. It needs to die.
I had to use it about 6 months ago to fix a weird problem on a website while dealing with some form software.
Re: (Score:2)
But it just works for uploading on a shitty consumer connection, unlike HTTPS. Spent too much time trying to upload stuff over HTTPS and having it fail after an hour or whatever, being scared to touch the browser the whole time. Even tried doing it with curl with about the same results besides not being scared of using the browser. I'm talking about 50 MB or so files.
Downloading hasn't been much better either though it does succeed more often and wget almost always works.
So it's a release that strips out stuff (Score:2)
A new version whose "enhancement" is that you can no longer do a bunch of stuff.
Sounds like a fantastic update!
Re: So it's a release that strips out stuff (Score:3)
It's the iWay!
Minimalism is a real mental illness, dear boys and girls. This is not an offense, but a PSA. It is the next baddest thing to suicide: Reducing the footprint of your existence in this world. "Ideally" down to zero, aka "nirvana" aka effectively death, or at least the delusion of it.
Re: (Score:2)
Yep, that's it. They made entire release just to remove 2 features. Absolutely nothing else changed. Certainly they didn't have over 100 commits for bug fixes or tweaks in the past week alone, nosirreee. The devs are just out to shit all over you for the lulz. /sarcasm.
Re: (Score:2)
A new version whose "enhancement" is that you can no longer do a bunch of stuff.
Sounds like a fantastic update!
It strips out bad stuff that should have died a decade ago.
That's a huge improvement.
Re: (Score:2)
Any fool can make something complicated. It takes a genius to make it simple.
- Albert Einstein
- Michael Scott
Joke-y quote aside, sometimes the best enhancements are those that streamline and remove complexity (which in the context of a web browser is usually correlated with attack surface).
FTP Surfing (Score:2, Interesting)
I don't use ftp much anymore (Score:2)
but why hasn't any major browser built in scp or sftp?
Re: I don't use ftp much anymore (Score:2)
Opera had both BitTorrent and some form of file sharing server, so you could just use it like a local DropBox and send people links to pull a file from you. It was real nice.
So obviously, it got dropped. Beause bad is good and good is bad nowadays. --.--
Re: (Score:2)
Because if you need to use scp or sftp you really should have a functional tool that can make use of its features properly. FTP for the browser was always an incredibly nasty hack, one that didn't support most of the features of the protocol, and FTP linking from webpages was likewise a hack to get around HTTP's lack of resume functionality and generally poor reliability of HTTP file transfers in the 90s.
Re: (Score:2)
Well we have moved on to HTTPS's poor handling of file transfers. Don't see an improvement, either way the download/upload breaks whereas FTP just works.
Might be different if you have a nice connection but some of us don't.
Re: (Score:2)
Don't see an improvement
Then take your rose coloured glasses off. I think I can count on one hand the number of times in the last ten years that I've had a download fail midway. Compared to say in 1998 when that one hand would barely get you through the week.
HTTPS and HTTP are many orders of magnitude more reliable than they were in the 90s when FTP sort of made sense.
Re: (Score:2)
Yea, since I went from dial up to a crappy LTE connection 2 years back, downloads in the browser usually work. Uploads break if the file is over maybe 10MBs consistently, unlike FTP.
As I said, flaky connections. We don't all live in town with a fibre connection.
Great. Now kill browsers. (Score:2)
Bad virtual machines for a OS that only runs very limited languages that failed ar giving semantic structure to information and is now merely an inferior copy of the OS underneath.
Could somebody please extend VirtualBox or qemu with a url bar and a few OS images that reside in RAM, and are pre-booted and frozen in a state right before executing software on a mount, so that opening the URL will clone the VM with copy-on-write in RAM, mount the downloaded image on the mount point and un-freeze the virtualized
Re: (Score:2)
Don't give them any ideas.
they always show google.com in the address bar now (Score:2)
they always show google.com in the address bar now, yet?
Re: they always show google.com in the address bar (Score:3)
Adress bar? You don't need that pesky detail.
Look at us. We are AOL/Compuserve now!
Re: (Score:2)
Adress bar? You don't need that pesky detail.
Look at us. We are AOL/Compuserve now!
Well played sir - well played indeed!
FTP can not serve advertisements. (Score:5, Insightful)
Yes I do remember that ftp could post a login notice, but most everyone now uses/used anonymous direct ftp downloads.
Re: (Score:2)
That is why it is now dead. They would rather you use a 'cloud' download service that may serve up ads, malware, and viruses which usually use more bandwidth than what you just wanted to actually download. Yes I do remember that ftp could post a login notice, but most everyone now uses/used anonymous direct ftp downloads.
FTP doesn't belong in a browser. If you want people downloading files from some folder, then enable indexes for that folder and nobody will know the difference.
Re: (Score:3)
That is why it is now dead.
Horseshit. FTP is dead because it had no purpose in a browser. It was added (in a minimum functional way purely for single file downloads) as a way to combat the poor reliability of non-resumable HTTP downloads back when non-resumable and unreliable were actually words used to describe the internet.
I.e. FTP hasn't been relevant as a tool to serve files to a browser since the Y2K bug came and passed. If you want to use FTP then use an FTP client. If you want to serve a file for download, put it on a HTTP con
Re: (Score:2)
An FTP client, e.g. Filezilla. I mean if you've been "browsing" and FTP site then I'm genuinely sorry.
But if the goal is to provide a browser based file list, then just throw the files in a folder and enable file listing for that folder.
Unless your users are handling folders (not individual files) and uploading / downloading. Then there hasn't been a use case for FTP in about 20 years. And even if they do need those then there hasn't been a use case for about 10 years.
Re: (Score:2)
Our lucky week! (Score:3, Funny)
Man, rid of Trump and Flash within a few days of each other. Fortune smiles!
Re: Our lucky week! (Score:2)
Re: (Score:2)
Re: (Score:2)
Stop using Chrome (Score:2)
Re: (Score:2)
Except that Firefox just wants to be Chrome for all intents and purposes, except with their own rendering engine that sadly isn't as well supported as blink by web sites.
Look at their new refresh they are working on. It's identical to Chrome. And Firefox devs love to take away features too. It's a real disease that seems to be affecting everyone, open or closed source. It's sad to see Firefox slowly dying like this.
Re: (Score:2)
Sorry I pick my browsers based on how they meet my user requirements not based on altruism.
Re: Stop using Chrome (Score:2)
Re: (Score:2)
So did you ask them if they care, or are you one of those IT people who doesn't give a shit about user requirements and think you know best?
The world has overwhelmingly voted, users prefer surveillance and exploitation. Users actively moved from a popular privacy focused browser to Chrome. Let that sink in next time you think you know best.
If you want or need to still use flash... (Score:2)
... because, let's say, some piece of equipment needs it to be administered, or say, there is this one flash game you want to play one more time...
Try to get an emulator (like ruffle) working.
But, if an emulator does not work for you, this tip can give you 6 months (or more) of flash usage while the emulator polishes all rough edges:
1.) Get firefox ESR 78. It still has support for the Flash NPAPI plugin. And this browser (not the plug-in) will receive security patches until about sept 2021. Install it.
2.) G
Re: (Score:3)
https://www.reddit.com/r/Rever... [reddit.com]
TLDR: Hex edit a float value from the Flash DLL files, change it to Infinity. No more time bomb.
The hard part is actually modifying the files, you have to deal with all that TrustedInstaller permissions junk.
Re: If you want or need to still use flash... (Score:2)
You can also use the latest PPAPI plugin, the one with the timebomb, and edit mms.cfg to allow access for any domains you want flash on (Adobe has a document on how to do that). You may want to download an older Chromium build to go with that, so you can turn off the out of date plugin warnings with commandline switches and, if you like, even enable flash for all sites with wildcards.
I ended up writing a python script that monitors the Chromium console log for messages that flash was blocked on a site (you
FTP is still there. (Score:2)
Re:Flash (Score:4, Insightful)
FTP on the other hand is still widely used.
Re: (Score:2)
FTP on the other hand is still widely used.
According to TFA [bleepingcomputer.com] in TFS , not so much within Chrome:
Since 2014, Google has wanted to remove support for the FTP protocol in Chrome as it was determined to only be used by ".1-.2%" of the browser's users.
Re: (Score:2)
FTP is widely used for uploading, or for cases where you're both uploading and downloading, but almost never in download-only scenarios. Browsers only ever supported the downloading part, thus everybody has been using separate FTP clients.
Re: (Score:3)
I've used FTP since the 80s, but thanks. The article is about FTP in Chrome and so was my reply ... according to Google, FTP is *not* widely used within Chrome.
Re: (Score:2)
I've used FTP since the 80s, but thanks. The article is about FTP in Chrome and so was my reply ... according to Google, FTP is *not* widely used within Chrome.
And according to Microsoft, hardly anyone used the windows start menu so Windows 8 removed it.
They backpaddled with windows 10 after win8 turned into the most-hated OS of all time. They found out the hard way that making fundamental decisions based on the usage patterns of the handful of elderly people who didn't uncheck the "share everything I do with the mothership" option isn't always the smartest move -- pretty much all power users get ignored.
Re: (Score:2)
Netscape Navigator v2 (actually a cross between v2 and v3) on OS/2 supported uploading with FTP with simple drag'n'drop. It was nice, for anonymous uploads you just hit enter on the dialog that popped up, otherwise filled in your credentials.
Re: (Score:2)
FTP on the other hand is still widely used.
FTP is not used widely for any scenario other than
a) scenarios where the FTP support in a browser was insufficient requiring users to switch to an actual FTP client.
b) scenarios where FTP was serving a HTTP download, a feature which should have been depreciated before even your desire to get rid of Flash.
FTP support in a browser was always a nasty hack. It never supported most of the FTP protocol (or even basic file handling such as downloading a directory) and it only existed because HTTP transfers were ga
Re: (Score:2)
There's no excuse in 2020 (or at any time the past 2 decades) to serve a single file as a download from some website via FTP.
Sure there is, say you have a workplace where management have declared they want no real infrastructure in the company, pushing microsoft teams/onedrive or some equivalent. But you're all on a local gigabit network together and you want to share a sizeable file, being slashdot assume you're technically saavy but co-workers may not necessarily be.
Just install filezilla server if on windows, or fire up ftpd if on linux point to share a folder anonymously and then send the lan/vpn ftp file link to them in micr
Re: (Score:2)
Holy crap. Look just because you don't know how to send a file via Teams does not mean you should setup an entire parallel infrastructure. Click and drag it into the messaging window and call it a day. FTP won't be any faster. Since you're a microsoft shop and you're clearly centralised since you're using an FTP server with a dedicated client you could also just dump it on a file share managed by AD and send people that link. Also I'm not sure why you think syncing is some requirement. Open up onedrive, dra
Re: (Score:2)
FTP won't be any faster.
If your work internet connection is is fast enough to give each user 1000mbit of dedicated bandwidth, I'd say you're in the minority of workplaces.
with a dedicated client
No dedicated client, the people who are being sent links are opening them in chrome/firefox. Filezilla server is a server, not a client.
Also I'm not sure why you think syncing is some requirement.
Because of people doing exactly as you describe, and the files not being available until the next day?
You'll be limited by download and upload speed
So slower than local ftp transfer? Right. Running your own local ftp server it's a literal copy/paste in your local filesystem
Re: (Score:2)
It has a nice gui to launch a small http server and hand your file out that way, it's much easier.
Re: (Score:3)
FTP support in a browser was always a nasty hack. It never supported most of the FTP protocol (or even basic file handling such as downloading a directory) and it only existed because HTTP transfers were garbage back in the 90s.
No, it existed because FTP servers have been around forever and have both better security and user/group-level access restrictions. HTTP has caught up in many aspects, but FTP's access is both simple and easy to administrate.
There's no excuse in 2020 (or at any time the past 2 decades) to serve a single file as a download from some website via FTP.
Except for the fact that you can point to an already extant FTP server rather than migrating all the files over to a web server and having to reset up logins, passwords, or whatever other access controls (if any) you feel you need.
Additionally, you're ignoring the fact that a lot of pla
Re: (Score:2)
You just reminded me of the top story on Slashdot right now: A Chinese railroad going down because Flash stopped working. Easy is just using pointless obsolete tech that doesn't exist, that doesn't make it right or sane.
Automated scripts is one of those reasons.
Not an excuse. You're clinging to legacy. There's no reason to serve that script via FTP instead of HTTP unless you also want to upload something in which case browser support can't do that anyway.
Legacy applications and infrastructure often use a "if it's not broke, don't fix it" concept - and while sometimes that can be bad, in this case it typically comes down to a KISS reasoning, which is completely justified if you just need something to serve files.
Also, the big question is: What reasons are there for removing the functionality?
I like how you invoked KISS and in the very next sentence questioned why you wouldn't run separ
Re: (Score:2)
Re: (Score:2)
Easier and more secure than what?
I'd wager HTTPS is easier and more secure to setup than HTTPS + SFTP. You can replace one with the other but not the other way around unless you want to cease having an internet presence. It's never easier or more secure to have to setup an additional service with additional code, additional configuration, additional attack surface, and additional ports open in your firewall.
Re: Flash (Score:2)
Re: (Score:2)
Flash needed to be gone by 2010 when "HTML 5" technologies gained most of flash's functionality in ECMA script and extended tags (like audio and video) and expanded css natively in browser....
No, generally you should wait at least a couple of years. People can't just instantly rewrite everything, and even if they could, they won't.
FTP on the other hand is still widely used.
Also no. FTP has been crap for at least a decade now. It needs to go away. If you're thinking of simple lists of download files, then HTTPS will work fine for that.
If you're thinking of something else, then SFTP.
Re: (Score:2)
Would you rather have your data stolen by Google, or by Google and everyone else ?
Re: (Score:2)
Would you rather have your data stolen by Google, or by Google and everyone else ?
Yes, having it stolen by Google, then sold by Google is *much* better -- for Google anyway.
Re: (Score:2)
Google doesn't sell the data, just ads based on the data. Ask them if you can buy a list of people who use FTP and they'll say no. Ask them if they can target FTP users and they'll say yes. That user data is their bread and butter.
Re: (Score:2)
Are you supposed to skip numbers with bad associations? Okay, 88 is bad. What about with superstitions? 13? 17? 4? 14? 666?
(The four thing is in Chinese, Japanese and Korean, where it happens that words for 'four' and 'death' are pronounced similarly [wikipedia.org].)