Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Google Keeps Support for FTP in Chrome

Google has decided to keep support for the File Transfer Protocol (FTP) in Chrome a bit longer, after initially saying it would completely remove it in Chrome 82.

Google has decided to keep support for the File Transfer Protocol (FTP) in Chrome a bit longer, after initially saying it would completely remove it in Chrome 82.

Due to the lack of support for secure connections or proxies, the implementation of FTP in Chrome creates security risks for users. Moreover, usage of the protocol is low, and removing it from the browser will not impact a large number of users.

Chrome 80, which arrived in the stable channel in early February, deprecated support for FTP. At the time, Google said the protocol would be disabled in Chrome 81 and completely removed in Chrome 82.

Although it has been considering removing FTP support for a couple of years, Google has decided to keep the protocol untouched for a bit longer, due to the current COVID-19 pandemic.

“Alright folks. In light of the current crisis, we are going to ‘undeprecate’ FTP on the Chrome stable channel. I.e. FTP will start working again,” Asanka Herath, software engineer at Google, posted on the dedicated Chromium bug topic.

The deprecation will resume once organizations potentially impacted by the change will be better positioned to deal with any emerging outages and migrations.

The coronavirus crisis has forced the Internet giant to delay stable Chrome releases and even completely skip Chrome 82, and also to roll back the enforcement of SameSite cookie labeling, a cross-site request forgery (CSRF) protection introduced in Chrome 80.

What’s more, the crisis has forced Google, Microsoft and Mozilla to delay the removal of the older Transport Layer Security (TLS) 1.0 and 1.1 protocols in Chrome, Edge, Internet Explorer, and Firefox, after initially planning on removing it this spring.

Advertisement. Scroll to continue reading.

Mozilla too is planning on removing FTP support from its browser. It would initially turn it off by default in Firefox 77, but wants to completely remove it from the browser at the beginning of 2021.

Related: Google Rolls Back Recently Introduced Chrome CSRF Protection

Related: Browser Makers Delay Removal of TLS 1.0 and 1.1 Support

Related: Serious Vulnerabilities Patched in Chrome, Firefox

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights