Today FileZilla saved my life by storing all site connection passwords in base64
Without it we'd have lost access to an old production server 👌

@ramen its how I found out a colleague's pw when he hooked me up with an xml file of connections 👀

FZ does indeed save it by base64, they didn't obfuscate it for a long time.. and now, they're even stating the obfuscator in the file itself...

This is a huge security hole, when dealing with RATs etc. Even with base64 encoding.

Backdoor or exit door 🚪?

@African it's already the Suicide Window ;)

@xewl
There's a fork exactly for that, fzs.
And it doesn't bother you to update when you're opening the damn thing to use it.

@nbamaral worth looking into, cheers! (I only use it for quick uploads though)