New OpenSSL bug: Syncplify customers are still 100% safe!

After only a couple months from the discovery of the “Heartbleed” bug that affected the popular open-source library OpenSSL, a new bug has been found that could potentially expose user’s data.

And once again, all Syncplify customers are 100% safe, because none of our product uses (or has ever used) any version of the OpenSSL library.

Working on Syncplify.me Server! v3.0 (teaser)

One of the most common trade-offs when aiming at maximum security is usually performance. It is pretty obvious that a secure SSL/TLS file transfer session must necessarily be slower than an insecure/unencrypted session. But security is not the only aspect that can affect performance, and during the design phase of the upcoming new version Syncplify.me Server! we did our best to eliminate all possible bottlenecks that weren’t related to security features.

But we actually did much more than that. Here’s an outline of some of the new features that you will see in Syncplify.me Server! v3.0 (although the following list is not comprehensive, more new features will be announced in another post that will follow this one in few days): Continue reading

Press release: Syncplify.me software products are immune from the “heartbleed” OpenSSL bug

Media contacts:

Helga Kessler
Syncplify, Inc.
helga@syncplify.me

Syncplify.me Server!, FTP!, and FTP Script! implement a proprietary SSL/TLS stack that does not rely on OpenSSL, therefore they are not affected by the “heartbleed” OpenSSL bug; once again, Syncplify customers’ security and peace of mind are safeguarded.

WILMINGTON, DE – April 8, 2014 – Syncplify, Inc., a young yet award-winning software development company that delivers enterprise-grade secure file transfer solutions (FTPS/SFTP client and server), following the breaking news regarding the recently discovered OpenSSL bug named “heartbleed”, today announced that none of its products is or has ever been based on any version of such library. Therefore, all Syncplify products are immune from the published exploits.

Continue reading

OpenSSL bug: our customers are safe (cause we don’t use it)!

heartbleedBreaking news: a terrifying (to say the least) bug in OpenSSL has been discovered and publicly disclosed. This serious security flaw affects OpenSSL’s heartbeat feature, and it’s therefore been named “heartbleed”.

We, at Syncplify, want to reassure all of our users and customers: none of our products uses or has ever used OpenSSL or any of its components.

Syncplify.me Server!, FTP!, and FTP Scrip!, all include a SSL/TLS stack that is not based on OpenSSL, and therefore is not affected by the recently discovered bug.

Once again, users of Syncplify software products are safe.

New release: Syncplify.me Notepad! v1.0.12.52

New release of our award-winning Notepad! today. Here’s what’s new in the latest version:

  • Improved ability to open “in-use” files (e.g. live web server log files and the like)
  • Fixed a bug that prevented Notepad! to memorize manual overrides to syntax coloring scheme by file type

As usual you can download the new version from our web site, or take advantage of this direct download link.

Cisco UCM: backup to SFTP server

When you install Syncplify.me Server!, the installer deploys a very secure (PCI compliant) configuration. Such strong configuration, though, is not compatible with Cisco UCM backups, as Cisco UCM has a very outdated support for the SFTP protocol.

Setting all the protocol options and tweaks by hand, to properly support Cisco UCM, may be painful, as there are so many! But Syncplify.me Server! makes it easy by providing a handy drop-down list of ready-made configuration scenarios, including one that is ideal as a Cisco UCM backup target. Continue reading

SSH Server: we need your opinion…

As of today, by design, Syncplify.me Server! doesn’t send back “echo” characters when the user connects over SSH and opens a Shell. This allows us to perform some additional checks on protocol violations that would be harder (although not impossible) to perform if “echo” was active. Yet, few of our customers have requested “echo” to be enabled. What so you think about it?

[yop_poll id=”1″]