Google Chrome will start marking insecure FTP sites

Another security feature will be added to Google Chrome 63 version that is planned for release in December 2017. The feature will label file transfer protocol (FTP) services as “not secure”.

This move is part of Google’s continuous attempt to carefully communicate the transport security status of a given page.

Mike West from Google said:
“As part of our ongoing effort to accurately communicate the transport security status of a given page, we’re planning to label resources delivered over the FTP protocol as “Not secure”, beginning in Chrome 63 (sometime around December, 2017).”

“We didn’t include FTP in our original plan, but unfortunately its security properties are actually marginally worse than HTTP (delivered in plaintext without the potential of an HSTS-like upgrade). Given that FTP’s usage is hovering around 0.0026% of top-level navigations over the last month, and the real risk to users presented by non-secure transport, labelling it as such seems appropriate,”

The File Transfer Protocol (FTP) is a basic network protocol used for the transfer of computer files between a client and server on a computer network.

It has been around since the 1980s. Both SSL and TLS protocols can be added via the FTP Secure (FTPS) extension, but they are not supported by web browsers.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil