Published in News

Mozilla dismisses FTP

by on26 July 2021

Huge security risk

Big cheeses at the Mozzarella foundation have decided to pull FTP access abilities from its browser.  

post on Mozilla's security blog calls FTP "by now one of the oldest protocols still in use" — and it's suffering from "a number of serious security issues".

The biggest security risk is that FTP transfers data in cleartext, allowing attackers to steal, spoof and even modify the data transmitted. To date, many malware distribution campaigns launch their attacks by compromising FTP servers and downloading malware on an end user's device using the FTP protocol.

The blog said that Mozilla wanted to get away from insecure HTTP  and increase the percentage of secure connections, so like other major web browsers, decided to discontinue support of the FTP protocol.

“Removing FTP brings us closer to a fully-secure web which is on a path to becoming HTTPS only and any modern automated upgrading mechanisms such as HSTS or also Firefox's HTTPS-Only Mode, which automatically upgrades any connection to become secure and encrypted do not apply to FTP”, the blog said.

The FTP protocol itself has been disabled by default since version 88 and now the time has come to end an era and discontinue the support for this outdated and insecure protocol — Firefox 90 will no longer support the FTP protocol, said  Mozilla.

Last modified on 26 July 2021
Rate this item
(2 votes)

Read more about: