ACE FAQ

What does ACE cost? Could this change in the future?
ACE is a free extension to your Virtual Server. Anyone who has a Virtual Server may use ACE free of charge. There will never be a charge to use ACE with a Virtual Server. It is considered a part of the virtual server package.

What platforms does ACE support?
ACE is a 100% pure Java application. This means that it can run on any platform that has a Java virtual machine. This includes Windows, Macintosh, and most UNIX platforms. ACE has been tested on Windows 95, 98, and NT, MacOS 8.5, Mac OS X Server, and Free BSD. It should, however, work fine on any Java based platform.

What end-user support is available for ACE?
We have tried to provide solutions on this web site to the problems that you may encounter with ACE. Start by reading the manual to learn exactly what ACE can and cannot do. The manual also has a troubleshooting section which lists the most commonly encountered problems and how to fix them. If none of these resources solves your problem, then you should contact Support and ask for help.

How secure is ACE?
ACE has been designed with security in mind. Unfortunately, US law prohibits the export of even relatively weak encryption software. Because of this, ACE is not able to encrypt the communications between the client and the server.

Your server administrative password, however, is safe because ACE never transmits the password--encrypted or not--over the network. Instead, it uses a secure challenge and response mechanism. Both the client and the server must know the password in order to actually communicate but they never actually pass the password over the network. Instead one offers a challenge and the other offers a response. It is nearly impossible to produce the correct response without knowing the actual password. A hacker would not be able to intercept the response and use that information to start their own session, since it depends upon the challenge, which changes every time a session is begun. They would need to have the actual password in order to do anything.

You should be aware, however, that if you attempt to copy files between two Virtual Servers, then the password for the remote Virtual Server will be sent to the ACE server. This is insecure and could potentially be intercepted. If this is a problem, you should use ACE to retrieve a file from one Virtual Server and then use ACE to copy it from the local computer to the other Virtual Server. (Optionally, you could set up a .netrc entry on the Virtual Servers so they can log in to each other. Doing so is non-trivial, however, and requires some UNIX expertise. If you're brave, SSH or Telnet to your Virtual Server and type "man ftp" and read the section on .netrc files.)

As things stand right now, you are more likely to have your password captured when you use an insecure protocol such as FTP than by using ACE. Just the same, in the future we hope to find and develop new ways to make ACE even more secure than it already is.