FTP, the “File Transfer Protocol” has been around almost since the inception of the Internet. As anyone with a web site knows, it permits files to be easily uploaded to and downloaded from servers. It is built into every kind of web site authoring software and even into most web browsers.
Unfortunately, FTP suffers from the same design flaw that pervades the basic usage of email services like POP, IMAP, and SMTP. If used in its default form, all data sent between your computer and the server is sent unencrypted, in “plain text”. This includes your username, your password, and all file data.
Essentially, if you are in a wifi hotspot, anyone there can likely get your username and password and read your files. Similar things can happen even though your direct or or office network connections …. connecting via FTP is like walking down the hall with your username and password taped to your forehead. Any one (or any hidden camera) can see it and use it.
Read the rest of this post »