257
submitted 7 months ago* (last edited 7 months ago) by cyclohexane@lemmy.ml to c/linux@lemmy.ml

Whether you're really passionate about RPC, MQTT, Matrix or wayland, tell us more about the protocols or open standards you have strong opinions on!

you are viewing a single comment's thread
view the rest of the comments
[-] Badabinski@kbin.social 7 points 6 months ago* (last edited 6 months ago)

PART 4.

You expect a file transfer program to reliably and faithfully transfer your files, byte-for-byte, from one system to another. FTP spits in your face and shits on your chest. You know how Linux uses LF (i.e. \n) for newlines and Windows uses CRLF (i.e. \r\n) for newlines? Pretty annoying, right? Well, FTP's ASCII mode will automatically rip off those \r characters for you! Sounds pretty sweet, right? Fuck no it's not. All of the sudden, your file checksums have changed. If you pass the same file back to a Windows user with a different and more sane file transfer system, then they get a broken file because FTP didn't mind its own fucking business. If you have a CRLF file and need an LF file, just explicitly use dos2unix. Wanna go the other way? unix2dos. The tool has been around since 1989 and it's great.

Now, what if you're not transferring text, but instead are transferring a picture of a cute cat? What if your binary data happens to have 0x0D0x0A somewhere in it? Well, ASCII mode will happily translate that to 0x0A and fucking ruin your adorable cat picture that you were going to share with your depressed significant other in an attempt to cheer them up. Now the ruined JPEG will remind them of the futility of their situation and they'll slide even deeper into cold emptiness. Thanks, FTP.

You can tell your client to use binary mode and this problem goes away! In fact, modern clients do this automatically so your SO gets to see the adorable fuzzy cat picture. But let's just stop and think about this. Why use a protocol that is dangerous by default? Why use a protocol that supports no form of security (unless you're using fucking godawful FTPS or FTP over SSH)? Why use a protocol that is so broken by design that small business hardware has been designed to try to unfuck it? Is it faster? I mean, not really. SFTP has encryption/decryption overhead, but your CPU is so fast that you'd need to transfer at 25+ Gb/s to notice it. Is it easier? Fuck no it's not easier, look at all of the stupid footguns I've just mentioned. Is it simpler? The line protocol is simple, but so is HTTP, and HTTP has a much simpler control flow path (merging the data and control planes is objectively the right thing to do in this context). And shit, you want a simple protocol for cases where you don't have a lot of CPU power? Use fucking TFTP. It's dogshit, but it was intentionally designed to be dogshit so that a fucking potato could receive data with it.

There is no task that is currently being done with FTP that couldn't be done more easily, more securely, and more quickly with some other protocol (like fucking SSH and SFTP, which is now built into fucking Windows for god's sake). Fuck FTP.

[-] aksdb@lemmy.world 2 points 6 months ago

Have you considered publishing that as a book? (/s)

You are insane... in a good way. I love it. Fantastic read and I had to chuckle a few times.

[-] Badabinski@kbin.social 1 points 6 months ago

I'm glad that my grumpy migraine ramblings brought someone some joy!

[-] Mango@lemmy.world 1 points 6 months ago

I read the first two and kinda gave up my dude. Here's my deal. I get that it's bad under the hood. What else can I use that lets me and a friend pretend we just have folders in each other's computers with just a port forward, IP, and a password?

[-] kevincox@lemmy.ml 1 points 6 months ago

You can set up SFTP with a password.

Or WebDAV isn't that awful.

[-] Natanael@slrpnk.net 1 points 6 months ago

That's not even the type of setup you should use. Use a VPN of the type designed for games and IoT stuff, like ZeroTier, n2n, and more. Then you set up a local file share using something like Samba, only accessible by the people who can connect to your local network via the VPN.

The public facing VPN code will be MUCH more hardened against attack than your typical sharing tool with port forwarding.

[-] Mango@lemmy.world 1 points 6 months ago

I'm less worried about attack than barriers to sharing.

[-] Natanael@slrpnk.net 1 points 6 months ago

If you set up port forwarding for file shares you must keep setting it up again for every new service.

If you set up a VPN once then you're simply done. Every new service you set up is available directly.

[-] Mango@lemmy.world 1 points 6 months ago
[-] Natanael@slrpnk.net 1 points 6 months ago

ZeroTier can be a fully self hosted VPN. You set up a server locally, port forward only the VPN service, and then everything else you run is accessible through it for the people you give access to.

[-] Mango@lemmy.world 0 points 6 months ago

Who knows what else it does with that secret code.

[-] Natanael@slrpnk.net 2 points 6 months ago

They're are multiple open source options like n2n

[-] BaldProphet@kbin.social 0 points 6 months ago

ZeroTier is pretty easy to set up, but at the point where you're worrying about "barriers to sharing" you should probably using a cloud service anyway.

[-] Mango@lemmy.world 1 points 6 months ago

Ahhh but that's the thing. A middleman being necessary is very against my values. I don't want there being someone else or there limiting or telling me no. I'm not letting someone else's DMCA compliance tell me what I can have. I'm also not really interested in non FLOSS.

[-] Badabinski@kbin.social 1 points 6 months ago* (last edited 6 months ago)

You should be able to just use ssh/sftp. There are lots of great clients, and you can absolutely still use usernames and passwords, no public/private key stuff required. You can even use ssh and scp right from powershell on Windows boxen if you're so inclined. There's winscp, and if you want filesystem mounting, there's this: https://github.com/winfsp/sshfs-win
For macos and Linux, the options are far more plentiful.

Edit: there's also file pizza, which is a file transfer thingy with no middle man that's open source, although it's not copyleft AFAICT: https://github.com/kern/filepizza
and similar tools. Not really what you're after, I just think it's neat.

[-] Mango@lemmy.world 1 points 6 months ago

It's probably been 15 years since I used ssh. I'm gonna guess there's better UI for it now, or at least a UI at all.

[-] Badabinski@kbin.social 1 points 6 months ago* (last edited 6 months ago)

There are definitely a lot of good options out there. What are you using right now for regular old FTP? The odds are actually pretty good that it already supports SFTP. A lot of file management applications do both and lump them together, even though they're completely different protocols (sftp is from the late nineties).

If it doesn't, then I don't know what OS you're using, so I'll just recommend options for the big 3. For Windows, there's WinSCP. For MacOS there's Cyberduck. Most file managers on Linux distros let you just type sftp://me@wherever in the navigation bar, meaning you get a totally seamless experience with the rest of your FS.

EDIT: or, you can use sshfs-win on Windows and have your remote filesystem show up as a regular ol' drive, just like SMB. MacOS and Linux have sshfs, and I know there are GUIs wrapping sshfs on those platforms. I personally use sshfs at home and it's great (although no GUI wrapper, I'm a weirdo who doesn't use a graphical file manager at all).

[-] Mango@lemmy.world 1 points 6 months ago

Oh I don't have a computer right now. I got reamed by the law over a lie from a road rager and lost everything.

[-] Badabinski@kbin.social 1 points 6 months ago

:( I'm sorry to hear that. Well, for Android there's MaterialFiles, which is fully FLOSS and supports FTP, SFTP, and SMB. Not sure about iOS, but I imagine there are options there.

I hope that your journey through life becomes a little less rocky.

[-] Mango@lemmy.world 1 points 6 months ago

Thanks for talking to me about all this.

this post was submitted on 19 Apr 2024
257 points (98.1% liked)

Linux

48199 readers
989 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS