'Re: [Quanta] Quanta 3.5.5 and number of simultaneous FTP connections'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       quanta
Subject:    Re: [Quanta] Quanta 3.5.5 and number of simultaneous FTP connections
From:       Eric Laffoon <sequitur () kde ! org>
Date:       2007-02-04 19:26:35
Message-ID: 200702041126.35608.sequitur () kde ! org
[Download RAW message or body]

On Thursday 01 February 2007 5:30 am, Jeffrey Sabarese wrote:
> We can rest assured that this is NOT a Quanta+ problem, but a problem with
> the way KDE accesses the network, right? If we do not FTP with Quanta+ (an
> easy workaround), then this problem is completely avoidable.

I've responded to this time and time again. KDE is in the position of 
being "dead right". As the saying goes, right or wrong dead is dead. The real 
problem is with sloppy admins and the entire industry here. The FTP protocol 
is designed to use handshaking. That means it's like pinging. It does some 
things and looks for a response from the server. For some time early in the 
existence of KIO this was a problem because it didn't wait long enough for a 
response from the server and timed out. Recognize that if you don't use 
handshaking you can throw packets our from your system blithely hoping they 
will get where there going and end up with missing data or a failed 
transmission on the other side. 

The problem is that everything written for Windows has a tendency to be 
written sloppy. By not writing the handshaking in and just stuffing the data 
it is easier to build your application. When they were all being built like 
this hosting companies tune for optimum performance where handshaking is a 
very low priority. It ends up arriving as an afterthought, depending on 
loads. As a result a properly written FTP program may get an indication that 
the server is not getting the data that's being sent.

This illustrates that the real problem is how poorly FTP is implemented by 
admins that don't really understand it to begin with. Of course there is also 
the fact that FTP is constantly sending the password for the site in clear 
text in the data stream and it's incredibly easy for a hacker to listen in on 
that data stream if they know your address and steal your passwords. I mean 
where do you see passwords in clear text and unencrypted anywhere else in 
computing? FTP was designed for sharing files between universities, not 
administering web sites that may be critical or hold financial data.

This is why we recommend finding responsible hosting that will offer ssh/scp 
which allows the use of the fish KIO slave, or one of the other secure 
protocols like sftp where they have an admin that has a clue about 
administering a protocol. It's really the same thing as people getting upset 
at a browser when the website Javacript is written wrong. It's easy to see 
the problem as being the guy who did the right thing. 

There are a lot of companies that survive because we accept their failures.

> (i wonder what would happen if Quanta+ were run on a Gnome system? does it
> adopt another connection method, or are the same KDE components installed
> any time Quanta+ is installed?)

GNOME does not have KIO or anything like it. Their FTP software seems to work 
where KIO doesn't suggesting they may not be using handshaking. It is also 
possible to alter the existing KIO slave or write another. Of course making 
hosting services figure out how to admin a server seems reasonable for what 
we pay them. ;-)
-- 
Eric Laffoon - Quanta+ Team Leader 
http://quanta.kdewebdev.org
_______________________________________________
Quanta mailing list
Quanta@mail.kde.org
https://mail.kde.org/mailman/listinfo/quanta
[prev in list] [next in list] [prev in thread] [next in thread] 