

Filezilla bug that exposes cached plaintext username and password - Garbage
http://www.google.com/#sclient=psy&hl=en&site=&source=hp&q=inurl:recentservers.xml&oq=inurl:recentservers.xml

======
bradleyland
Why would someone leave this file out in the open on the internet to begin
with? The Filezilla team doesn't consider this a bug:

<http://trac.filezilla-project.org/ticket/4507>

It's a design decision to store passwords in plain text in a file that is
never intended to be shared openly.

It's not like Filezilla is alone here. Any application that stores passwords
either in plain text or with reversible encryption can be attacked by local
system processes.

