FTP not designed for the internet

Ever wondered how a file or email document is transferred from your local desktop to a remote ‘destination’. This ‘destination’ is known as a remote host, a server that can be accessed by a user directly or indirectly. For this communication of devices to occur a standard was enlisted to allow a small unit of computers to communicate locally.In 1971 a small group of developers came up with the File Transport Protocol standard(FTP) which defined  basic protocol commands that set-up how their small network of devices will communicate.

The concept of FTP transfer involves a client-server model, where a user through an FTP client must have a connection to an FTP server, where files will be sent and retrieved from the server side. For the process to be tenable for commercial usage during its inception, files had to be sent and retrieved with no data loss deeming them corrupted. A reliable Transmission Control Protocol was initiated to offer a logical connection on formatting rules when FTP commands are passed.

An establishing connection and authentication has to be made to execute the two basic commands needed for sending and receiving files. Hence with an interface between an FTP user and the Transport File Protocol, interaction can be enhanced. Recent improvements of the interface, allows transfer of files a mouse click away, an action previously done through memorizing commands.

The RFC standards for FTP

The year 1971 saw the development of the first mechanism to support file transfers. The RFC 114 was created to deal with the implementation of hosts on the server model. Slight improvements were then enhanced on the file transfer protocol allowing a client-level orientation, meaning host computers could transfer files to each other. A review was then made to introduce a ‘uniform style of data’ in the RFC 294 of 1982.But a significant touch of improvement that gave the FTP mechanism a way to transfer files efficiently and reliably among hosts was defined by the RFC 354 FTP standard. This improvement enhanced convenient capabilities of remote file storage. Subsequent reviews were undertaken and published in the RFC 414,RFC 430,RFC 454 FTP standards ,where an emphasis on errors, protocol additions and the working process of the server and user FTPs was highlighted.

Over the years FTP developers revised on comments made on prior publications, the subject between the old and new designs being a significant highlight to their discussions. But what made a mark in the FTP standard transitions was the stipulation of the RFC 765 standard which specified the use of FTP with the TCP protocol, a standard still in use to date.

FTP servers’ risk potential

FTP was initially designed for a selected group of trustees either from government or a learning institution such as a University. It was not invented for modern day internet since the data being transferred cannot be encrypted, leaving it vulnerable to cyber crime. Hackers can easily use packet sniffers to access user names and passwords in most insecure network configurations.FTP servers are also not secure and are often an access point to cyber crime activity.

Installation of FTP servers is a complex operation which requires special skill sets to install, manage error eventualities and most important configure the servers to the organization’s set-up. This sometimes has a negative drive to FTP developers who are reluctant to set-up FTP servers to non-technical enterprises that are incapable of performing complex trouble shooting and maintenance required.

An FTP delivery does not offer a guarantee of file delivery hence there is no mechanism to notify a successful delivery. Users have to communicate with the file recipient to confirm delivery or dictate a re-sending of the file. If a situation that warrants a retrieval of lost password or usernames, this complex application does not offer user management and a user has to result to data recovery process.