post 53

By anders pearson 02 Aug 2000

… and another thing that bugs me about windows 2000…

it has this nice new integration of the file manager with an ftp client so you can more or less transparently drag and drop between your desktop and remote machines. of course there is no way to tell it if you want text or binary transfer (and it doesn’t even try to guess), so if you move text files back and forth from windows to a machine with an operating system that doesn’t distinguish between text and binary files (eg, unices), you get all those annoying ^M characters thrown in and breaking stuff. and it doesn’t really have any way of going up a directory on the remote machine so if your home directory is /home/users/staff/bob, and you want to get at files in /www/htdocs/, you have to type ‘ftp://ftpserver.com/../../../www/htdocs/’ into the location box. ick. so you have to go back to the regular commandline ftp client most of the time anyway.

but what really gets my goat is that by default, with no warnings, it remembers your ftp username and password. when you first log into a remote machine, a dialog box pops up for username and password (with the little ‘*‘s for your password so you think it’s being careful with it) and then it logs you in. then, next time you want connect to another ftp server, you start to type ‘ftp://’ in the location box and the little autocomplete stuff pops down. low and behold, there’s a line that has ‘ftp://anders:mypasswordinplaintext@ftpserver.com/’ right there for anyone to see. i don’t remember windows ever giving me any ‘WARNING: if you use this feature, i’m going to give your password out to anyone who happens to walk by’ messages. i’m sure there’s a way that you can tell it not to cache passwords but i haven’t found it yet and it strikes me as a tremendously stupid default setting.

so after i changed all my passwords on our servers, i went back to using the commandline client.