Home ยป Is goat safe to use?

Is goat safe to use?

Answer

After months of beta testing, GOAT is now ready to offer a thorough authentication process for its buyers. Any sneaker sale over $300 will include an inspection by GOAT’s team that includes everything from the stitching to the colors and any other identifiers necessary in a very specific order which has been shown as effective in keeping customers satisfied.

Goat is in fact a completely safe tool for both the end users and the destination host. We make every effort to make it as user friendly as possible and you will find that using goat is just like using any other file transfer tool out there — with an added emphasis on security.

What are the risks of not having something like this?

I hear that if you move files over plain FTP, they can be cached or otherwise misused even after being deleted from your computer by someone else! Like:

A) What I mean is, what if somebody were to sniff my traffic on the same network and grab files off it when I’m trying to delete them from my hard drive?

1) While it is true that if you are using plain FTP to move files, they can be misused after being deleted from your hard drive by somebody else (or even yourself), we can not stress enough the importance of proper computer security practices. This only happens when you fail at keeping your local machine clean and secure which should be common sense and nothing more than a minor annoyance. If this is all getting too complicated for you, then goat might be a good way for you to keep things simple but still secure.

2) Because of the nature of goat’s design, compromised hosts are unable to use their access privileges on your computer. More specifically, goat will never transfer files from your computer to a host it presents you with. It is not possible for other hosts or users of the internet to sniff files off your computer because they are only ever going from one place to another on the same host. The only way for others to steal anything would be by compromising your machine and stealing them that way and/or tampering with a file server (if you’re using one). So no, plain FTP does not pose any more risks than goat.

3) It’s important to realize that Wireshark can be used against you regardless of what method you use. If an attacker has access to your network or somehow cracks into your local machine, then there is nothing you can do to stop them from monitoring your traffic. We highly advise you take steps towards security so that you don’t become a victim of this and spend time worrying about the tools when there is more important things for which to be concerned.

B) So say I use Windows, mostly — what if someone were to set up something like Wireshark or one of those on my local network?

1) Once again, it’s important that you keep yourself secure. There are many ways an attacker may be able to steal files: through exploiting bugs in software (which goat doesn’t have, being 100% open source), or by bringing something into your network, etc. Goat is not immune to this and should only be used within a secure environment.

2) Wireshark will not be able to look at the data transfers from all of your computers (windows/linux/mac) just because the destination host has goat installed as if somebody were to set up an FTP server locally. The information needed for such visibility requires more access than what is given when using goat, which we would consider as administrator level access. This means that files are still secure on each local machine even if they’re being accessed across a connected network.

C) Say I’m concerned about my filesystem integrity: How do I make sure that nobody has tampered with files?

1) You can turn on integrity checking for the file system. Go to Configuration/Settings and open up the Security tab. Once there, set Enable FS check to “Yes” and enter a hash function. There are several supported (MD5, SHA256, SHA512). It is also possible to use two different hashes at once so that secondary level of protection can be added. If you don’t know what any of this means or how it works then leave it as default but do consider using something other than MD5 which is easily brute-forced by today’s computers. This type of functionality might not work properly on all platforms or not in all situations (eg if your hard drive has been replaced).

2) We would not depend on this alone — even if you had a supercomputer crunching away at your files for years, it’s still possible that some small change could be made to the file and go unnoticed. Instead, we use integrity checking as an additional security feature or last line of defense. If anything looks suspicious (eg other signs of compromise in your system), then you must immediately suspect goat to be capable of compromising you and investigate. Since using goat does not give anybody access to your machine than what is normal user privilege, no file should ever be modified by any means which are beyond standard permissions.

D) Will goat eat my bandwidth?

1) Nope! Goats won’t eat any bandwidth unless you’ve got some kind of really bad goat issues.

E) Why use FTP at all? It’s so old and outdated, isn’t it?

1) It is definitely not out of date in regards to being secure or efficient (file transfers). In fact, many modern protocols were derived from FTP! eg HTTP, SFTP, etc. To put it simply: if a protocol that has been used by the US military for sending information classified as secret (not public information) can be considered effective then what more do you need? A lot of people seem to have problems with copyright laws but nobody says anything about the effectiveness of the TCP/IP internet protocols or whether they are secure! They sure do the job well!

2) This is not designed to replace SFTP but instead provide a simple and easy-to-use solution. SFTP can eat up some bandwidth at times when a lot of files are being transferred (and if your connection is slow) whereas goat will only use as much bandwidth as the base FTP needs for downloading/uploading files. It’s still advisable to keep an eye on one’s usage however since it does continue to transfer metadata which usually doesn’t take that long although this depends on how many files you have stored in goat.

F) But I never heard of anyone using plain FTP so what makes you think we’ll trust it?

1) You’ve probably never heard of goat but because it makes use of FTP, a protocol that is considered to be secure and used everywhere, then you’re using it on your computer right now! You don’t need to trust anyone except for yourself (and if you think that’s not enough than feel free not to use it).

G) I heard FTP isn’t encrypted… Why have you even bothered?

1) This was true back in the day but only because SSL/TLS wasn’t available. Newer versions of FTP (which we’ve made sure is included with goat) support either anonymous or authenticated encryption (eg ssl ftp://[email protected]/whatever). In fact, all transfers are done in clear text so that all activity is able to be seen by anyone listening for data on the network (eg someone who has my IP, Goat’s IP, or the destination/source server). However because of this you should only use goat if the need arises or in those rare situations where one might consider using FTP. It’s also a good idea to avoid entering sensitive information into it like your password but then again there is not one single piece of software out there that can escape every possible attack completely so take care anyway.

H) Is this just some kind of joke?

1) Not at all! Well there will probably be additional goats coming up on github soon but we’re serious about goat being secure and effective (and open source!). We know many people will want to use this for fun but we also hope that goat can be used by those who might need FTP for some reason (which is why it was originally created).

2) However, we will never get tired of talking about goats! If you have any other questions or comments regarding anything goat related then leave a comment on github.

Disclaimer: This program is not meant to replace SFTP, SSH, HTTP, HTTPS, etc. There are still better solutions at your disposal such as using one of these other protocols should security and encryption be required. So please don’t try to use goat in place of any server-side software and do keep in mind that each protocol has its own strengths and weaknesses.

Also, since we use clear text transfer the file you’re downloading could be seen by anyone on your network (eg someone with the same IP as you). This is a design flaw in FTP so do not trust that anything encrypted will actually stay that way while being transferred over a network. However, if this doesn’t put you off and goat has been found useful than feel free to donate Bitcoins.

Is goat safe to use?

After months of beta testing, GOAT is now ready to offer a thorough authentication process for its buyers. Any sneaker sale over $300 will include an inspection by GOAT’s team that includes everything from the stitching to the colors and any other identifiers necessary in a very specific order which has been shown as effective in keeping customers satisfied.

Does goat sell fake shoes?

GOAT is a large resale platform that employs nicely staged and professionally shot photos of shoes on sale. But even though sellers know they won’t get paid until their items are authenticated, a stunning number try to sell counterfeits through the platform.

Is goat a reliable site?

One of the most popular and trusted platforms by sneaker fans is GOAT. … With more than $100 million in funding, 12 million users, a large inventory of over 400 000 pairs up for sale, and 600+ employees that now stretches across eight offices around the globe (with two new openings at Air Presto and China), GOAT has become a go-to destination for anyone looking to buy/sell their favorite pair of shoes.

Does goat steal your information?

GOAT may combine your information with data from other GOAT users to provide an improved experience, as well as analyze and understand how the service is used.

Scroll to Top