PuTTY has a new website

Original Article ↗ Hacker News Discussion ↗

Trust in the New Domain

  • Many readers initially found putty.software suspicious, especially in light of recent supply-chain incidents in other projects.
  • Trust is largely anchored in the original chiark.greenend.org.uk site explicitly announcing the new domain.
  • Some argue that if an attacker can alter the original site to add such an announcement, the project is already compromised, so this level of verification is about as good as it gets.

Mastodon and Identity Verification

  • The author’s Mastodon post is used as additional confirmation, with discussion of the Fediverse rel="me" cross-linking mechanism.
  • One side: rel="me" plus a verified link from the original homepage “proves” that the same entity controls both accounts/sites and is sufficiently strong for this context.
  • Other side: it only proves that a link exists; if the site is hacked, it’s indistinguishable from a malicious edit and is too weak for software-supply-chain trust.

putty.org Controversy as Context

  • Broad agreement that the move is driven by the long-running issue with putty.org, a domain not controlled by the PuTTY project.
  • Historically, putty.org promoted a competing SSH client while leveraging PuTTY’s name; now it mainly hosts anti-vaccine content while still linking to the real PuTTY site.
  • Some see this as classic domain squatting potentially addressable via (registered or unregistered) trademark; others note there is no registered mark.

New TLD and Perceived Legitimacy

  • Several commenters find .software and other “new” TLDs inherently spammy, preferring .com/.net/.org or even “download/getputty”-style domains (though those also feel scammy to others).
  • Concerns that nuTLD pricing or policy changes could later pressure the project.
  • Debate over TLS certificates: DV certs from Let’s Encrypt are now standard; some lament that they offer little identity assurance, others note EV-style identity checks were weak in practice anyway.

Design, UX, and Nostalgia

  • The old chiark site is widely described as charmingly spartan/1990s; some want that aesthetic preserved.
  • The new page is seen as a minimal, slightly clumsy landing page (tiny blurry screenshots, extra click) but still simple and fast.
  • Some suggest clearer “future home” wording and stronger, less confusing download cues.

Is PuTTY Still Needed?

  • Many Windows users now rely on built-in OpenSSH and Windows Terminal (or WSL) and rarely need PuTTY for SSH.
  • Nonetheless, PuTTY remains valued for serial connections, legacy systems, SSH tunneling, and features like CLI password passing.
  • There’s some light joking about its perpetual pre-1.0 versioning and about the dated default font/UI, balanced by strong nostalgia from people for whom PuTTY was their first serious SSH tool.