Andrew GengJul 13, 2025
Simon Tatham

General reminder:

The domain name putty.org is *NOT* run by the #PuTTY developers. It is run by somebody not associated with us, who uses the domain to interpose advertising for their unrelated commercial products. We do not endorse those products in any way, and we have never given any kind of agreement for PuTTY's name to be used in promoting them.

Please do not perpetuate the claim that putty.org is the PuTTY website. If anyone is linking to it on that basis, please change the link. The PuTTY website is https://www.chiark.greenend.org.uk/~sgtatham/putty/ and it always has been.

You can check this by downloading the source code, which cites that URL in many places (the README, the documentation, some strings in the actual code), or by using the "Visit Web Site" menu options in the official Windows binaries (the ones signed with my personal Authenticode certificate). The true PuTTY website is the one that PuTTY itself says it is.

Many search engines list putty.org above chiark. I don't know if this is due to active SEO on the part of the domain owner, or a heuristic in the rankings. Either way, don't believe them. It's not our site.

PuTTY: a free SSH and Telnet client

Jul 13, 2025 at 12:52pmWeb
Show threadɹ uɐp Jul 13, 2025

@simontatham thanks for putty

it is essential software literally everywhere I've been

🤩

Show threadzipJul 13, 2025
@simontatham incidentally that's the longest URL I know by heart and also probably the one I've known by heart for the longest. must be 25 years now.
Show threadEric Stein �Jul 13, 2025
@zip @simontatham haha, same... I've had that memorized since I was a teen
Show threadXdejJul 14, 2025

@zip
I always used this google request to download putty: wikipedia putty

A few years ago, I found out ssh.exe and scp.exe are now always present on windows's cmd.exe prompt, hence I stopped downloading Putty.

Thanks for the work, @simontatham ; is there some way to give money to you?

Show threadArneBabJul 13, 2025
@simontatham did you already discuss registering a brand for PuTTY and then asking the domain owner nicely to hand over the domain?
Show threadDr. SobekJul 13, 2025

@ArneBab @simontatham At this point, it would be absolutely the right thing to get the domain back, one way or another.

(Probably register the trademark first if that isn't too expensive, then ask nicely, and then get out the lawyers)

Show threadSimon TathamJul 13, 2025

@Sobex @[email protected] I'd like nothing better, but I think I'd have to _start_ with a lawyer, just to get any idea at all of where to begin. I did try contacting one once, but they never replied to my query.

For example, I have no idea whether it _is_ the right strategy to start by registering the trademark, or how to do that, or even which country to do it in. (I'm guessing the USA, because it's .org and not .org.[country] – but _I'm_ not in the USA, so can I register a trademark there at all?)

Show threadDr. SobekJul 13, 2025
@simontatham I wonder if that's where all the free software ecosystem already has actors with a presence in the US and lawyers who might help. (What is the FSF job if not that one ?)
Show threadDemi Marie ObenourJul 13, 2025
@simontatham @Sobex A WIPO dispute can get the registrar to give you the name.
Show threadDemi Marie ObenourJul 13, 2025
@simontatham @Sobex and WIPO is worldwide, so jurisdiction doesn’t matter.
Show threadneel chauhanJul 13, 2025
@alwayscurious @simontatham @Sobex once pfSense devs bought OPNsense.com in order to defame OPNsense developers.

OPNsense got the domain, eventually.
OPNsense® Shop – Everything to secure your network and more

Show threadEugen RochkoJul 13, 2025
@simontatham @Sobex You absolutely can. There are online services that will facilitate this for you, though the process takes a long time (up to a year). I’ve used tramatm.com in the past.
Show threadZalasur 🐸🇺🇦Jul 13, 2025

@Gargron @simontatham @Sobex One potential obstacle I can see right away is that "putty" is something of a generic term which might make it untrademarkable. Also, "Silly Putty" is a registered trademark (owned by Crayola) and you very well might run into a roadblock there.

You might have to modify the name of the project to something that a Trademark office might consider unique enough to trademark.

But yeah as Gargron as noted, there are services available to help with this process.

Show threadZalasur 🐸🇺🇦Jul 13, 2025

@Gargron @simontatham @Sobex

FYI, there is a potential solution that might help solve your problem without having to resort to a trademark in the short term.

One reason why putty dot org outranks the official PuTTY site is that they host their page on a the root path of their domain. Search engines will *always* add more weight to those sites than one hosted under a personal user account directory.

I'd find another domain to register and host it there. That might solve 80% of the problem.

Show threadFish Id Wardrobe ⁂Jul 13, 2025

@simontatham @Sobex to be fair, it could be worse. they link to your site at the top and then also a couple other products which they make clear are not yours.

(unless I am missing a lot of ads because I block 'em.)

Show threadArneBabJul 13, 2025
@Sobex For the two important domains where I don’t hold effective rights-due-to-use I registered a brand as defense. I remember when Shareaza got the domain taken away by a malware peddler (via registering the brand and then telling the domain registrar), so to be safe, the actual maintainers of a tool should own the matching brand to be able to defend against such.
@simontatham
Show threadS T E L L A R  Jul 13, 2025
@simontatham henlo, thank you for making putty! every sysadmin i know has used or still use putty! ​​ very goob software we love you
Show threadStefan Baur 8 * 💉Jul 13, 2025

@simontatham I think you should absolutely lawyer up and file a WIPO Domain Name Dispute Resolution complaint. https://www.wipo.int/amc/en/domains/

"When your brand is misused to deceive consumers online (also known as “cybersquatting”), WIPO – the global leader in domain name dispute resolution – can help you reclaim the infringing domain name using an online enforcement tool called the UDRP or a national “ccTLD” variant."

Domain Name Disputes

Avoid court proceedings by using the WIPO Arbitration and Mediation Center's domain name dispute resolution services.

Show threadGytis RepečkaJul 13, 2025

@farbenstau @simontatham Typically if brand name is registered after domain, there is no chance getting a domain other than buying it from owner. Unless you can prove your unregistered trade mark is well known and that current domain owner is referencing to your brand and not some similar.

In short, always register domain and then registered trade mark/name afterwards before getting your brand public 

Show threadSimon TathamJul 13, 2025
@gytisrepecka @farbenstau in this case it does seem pretty clear that the current domain owner is referring to the same PuTTY I am, and isn't talking about some unrelated thing with the same name!
Show threadGytis RepečkaJul 13, 2025

@simontatham In that case it is more than possible to get the domain 

@farbenstau

Show threadEva MikkonenJul 13, 2025
@simontatham Doesn't sound like proper use case of .org, dispute it on that ground?
Show threadDan GetzJul 13, 2025
@evamik Anyone can register a .org, if that's what you mean. Some of the .org.countrycode domains might have restrictions on who can register, but not .org
Show threadKhleedrilJul 13, 2025

@simontatham The internet in particular, and the worldwide adoption of new technology in general, are well broken at this point. Yours is a perfect example of this.

Perhaps we need a TLD where you don't even have to apply for a name: you become automatically associated with an address by implication, and become free to use it as needed.

Show threadMajor Denis BloodnokJul 13, 2025

@simontatham There are a huge number of imitators (mostly malicious) of popular piracy site "fitgirl", and likewise everything you get from there has the right URL plastered over it in all possible places.

Clearly you should agree with her that she'll mention the PuTTY URL and you'll tell people where to yarr games. :-)

Show threadGothPandaJul 13, 2025

@simontatham I'm assuming this site also isn't you folks?

https://the.earth.li/~sgtatham/putty/0.83/

I've found them because they provide versions for older versions of Windows, but wasn't sure if it was related, because of the username.

Index of /~sgtatham/putty/0.83

Show threadColin WatsonJul 13, 2025
@gothpanda @simontatham The individual file download links on https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html point there. (IIRC this is a question of which friendly people can readily afford the bulk bandwidth costs.)
Download PuTTY: latest release (0.83)

Show threadJonathan McDowellJul 13, 2025
@cjwatson @gothpanda @simontatham https://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html#faq-the
PuTTY FAQ

Show threadGothPandaJul 13, 2025
@noodles @simontatham @cjwatson thank you very much for the info! I must have missed that in the faq
Show threadWraulJul 13, 2025

@simontatham

This makes it blatantly obvious that the software distribution model for Windows is fundamentally broken. In what world is it acceptable that the user is expected to access arbitrary websites, shady URL or not. Navigate through a sea of different download buttons and links, where the majority of them will give you spyware. Then run an installer where you have to make sure to deselect another set of spyware. And this is supposed to be the most used OS in the world.

Show threadJukka NiiranenJul 13, 2025

@Wraul @simontatham Users don't have to do that. They could use winget, for example:

https://winget.run/pkg/PuTTY/PuTTY

Or Microsoft Store for a GUI experience:

https://apps.microsoft.com/detail/xpfnzksklbp7rj?gl=US&hl=en-US&utm_source=chatgpt.com

Download and install PuTTY with winget

A free implementation of SSH and Telnet, along with an xterm terminal emulator.

Show threadQuinn9282 🖥️🌙✌️Jul 13, 2025
@simontatham Regarding the search engine rankings: The possible reason for putty.org ranking higher than the official URL, is likely (at least in part) due to people tending to prefer to click on domains that directly match the name of a software project rather than on a weird subdomain/directory host. Search engines might also intentionally derank websites hosted on a long chain of subdomains for being "spammy". Of course, that issue wasn't really a concern in the 90's, so not a fault of you.
Show threadQuinn9282 🖥️🌙✌️Jul 13, 2025

@simontatham And I'll admit, the 90's-style of the URL is charming. But unfortunately, it's become increasingly rare for people to host even marginally popular software downloads in that way. They'll often use either a separate domain, or perhaps something like GitHub Pages or similar.

We're well past the stage where a separate domain for hosting PuTTY downloads should be created.

Show threadneel chauhanJul 13, 2025
@simontatham once opnsense.com was taken over by pfSense devs in order to defame OPNsense.

It was eventually handed to OPNsense, and now pfSense is dying.
OPNsense® Shop – Everything to secure your network and more

Show threadshironekoJul 13, 2025
@simontatham could you submit a complaint to ICANN?
Show threadGarretSidzakaJul 14, 2025
@shironeko @simontatham
This!
Show threadStefan SchollJul 13, 2025

@simontatham The TLD .org once had rules that would have prevented this.

Now a local butcher has a .org address for his shop. 🙁

Show threadNetuxJul 13, 2025
@simontatham have you guys tried going through the domain name resolution dispute process with icann? Seems like a fairly straightforward case.
Show threadOS-SCIJul 13, 2025
@simontatham as putty was also a brand of Clay, I believe in my youth, it's difficult to protect.
Show threadGarretSidzakaJul 13, 2025
@simontatham @nixCraft I heard very recently that this putty site is sharing malware, not adware
Show threadSimon TathamJul 13, 2025
@GarretSidzaka @nixCraft _that_ I hadn't heard. Do you have any more details?
Show threadGarretSidzakaJul 13, 2025
@simontatham @nixCraft
I wish I did. It was an internal corporate email at my work warning specifically about putty and winscp fakers. They said like you did, the top SEO fake results. Except they said it was specifically malware, not advert junk
Show threadDaniel GibsonJul 13, 2025

@GarretSidzaka @simontatham @nixCraft
Was that about putty.org specifically or some other high-ranking site?

Because putty.org seems to link the original putty download page so while what they're doing (using a domain name of a product that's not theirs to advertise for their own stuff) is shady, they don't seem *that* bad.
They're also trying to sell legit software, serving malware would hurt their business

Show threadGarretSidzakaJul 14, 2025
@Doomed_Daniel @simontatham @nixCraft
They said to be very careful for both winscp and putty as well as indicated it was more than one site without directly referencing them. I chatted with the CSO a few times, he no dummy. If security emailed a whole company, it means we are likely seeing traces of infected endpoints
Show threadDeezy.exe stopped unexpectedlyJul 14, 2025
@simontatham @GarretSidzaka @nixCraft
https://cybersecuritynews.com/trojan-versions-of-putty-and-winscp/
This explicitly called out putty dot org in the screenshot, then has a separate list of suspicious domains. I'm not sure if the article is conflating them though.
Show threadBean Club Jul 13, 2025
@simontatham Thank you for posting this! I always assumed that bitvise bought putty, or that they were somehow related. Time to update my bookmarks!
Show thread/Ikram:F90/Jul 13, 2025
@simontatham Thanks! I probably wouldn't have realised if I hadn't seen this post.
Show threadSnowBlind2005Jul 13, 2025

@simontatham

This seems like a self inflicted issue. And it seriously points to the project and it's leaders in poor decision making. Especially after what, 26 years?

Not sure why you are even bothering with this at this point as it appears you will ignore all the sound advice of the community.

Show threadahillsJul 18, 2025

@SnowBlind2005 This issue is very obviously not self-inflicted, neither on its face nor upon inspection.

@simontatham

Show threadmikiJul 13, 2025

@simontatham It should be absolutely no surprise to anybody that <keyword>.tld ranks higher than some extremely deep URL nobody can remember.

I'd suggest buying putty.something and moving the website there instead, that should fix the problem.

Show threadLeelooJul 14, 2025

@miki @simontatham
Only because by this point everyone knows that search engines prioritize fraud and advertising over good results.

It used to be that Google (before they got taken over by doubleclick) were known for exceptionally good results. You could type putty and click "I'm feeling lucky" and be redirected directly to the correct website.

Jumping through their hoops is a futile project. Now it's domain names and certificates, a couple of years ago, it was AMP sites, next week it will be AI slop that gets your site at the top.

Show threadJeevi the GeniusJul 13, 2025
@simontatham btw, why release version is still 0.xx?
Show threadJdeBPJul 13, 2025

@simontatham

It's partly due to stuff like these:

https://superuser.com/a/1176834/38062

https://superuser.com/a/484804/38062

https://stackoverflow.com/a/31137173/340790

https://stackoverflow.com/a/33270560/340790

https://stackoverflow.com/a/57087567/340790

That's just some of the results from the 2 StackExchange sites that I checked. There are several other StackExchanges which are ripe candidates for people hyperlinking (or mentioning) putty.org and StackExchange does tend to carry weight with search engines.

#PuTTY #StackExchange

How do I transfer a file to my server using PuTTY?

when calling SCP in PuTTY on my Win7 box, it doesn't let me use C:/, but I also have no idea where on my local machine it will look for files by default. None of program directory or user directory

Super User
Show threadJdeBPJul 13, 2025

@simontatham

Then there is the threat researcher (@gothburz) who hyperlinks the word "putty" to the untrustworthy WWW site as the first word of an article. (-:

https://petergirnus.com/blog/how-to-download-install-putty-on-windows

#PuTTY #infosec

How to Download & Install PuTTY On Windows — Peter Girnus

PuTTY is an SSH and telnet client that has been widely used in the realm of remote connectivity and secure communication since it’s initial release in 1999. The PuTTY tool is available to download through the web, the Microsoft Windows App Store, as well as through the Windows Package Manager (WinGe

Peter Girnus
Show thread@[email protected]Jul 13, 2025

@simontatham @helioloureiroBR with all due respect, I never understood why don’t you just register something like puttyterminal.net and go with it, it would quickly surpass the bogus website on search engines

If a tutorial tells a user to download Putty and they google it, they will for sure think the official URL is a scam.

Show threadNegative12DollarBillJul 13, 2025
@simontatham Is there some way to contest their ownership of the .org domain itself, with the registry? It sounds like they aren't an "org" in the way that registration would require.
Show threadTóth Gábor BaltazárJul 13, 2025

@simontatham
"On July 13, 2025, Bitvise was contacted by a political interrogator posing as a journalist."

then links to an exchange for asking the domain to be transferred to the actual authorts of putty

lmao

Show threadPupRed Jul 14, 2025
@simontatham @tthbaltazar yeah, they doxxed me instead of answering my questions and called me an 🤪 https://mk.absturztau.be/notes/aa6ejdfudh6p00vy
PupRed (@pupred)

#BitVise CEO Denis B. doxxed me and called me an Idiot instead of answering my Questions about #PuTTY.org Domain they stole to advertise their own Product! Read more about it here: https://blog.pupred.com/blog/puttyvsbitvise/ #it #telnet #ssh #bitvise #putty #blog #news #itnews

ぷにすきー
Show threadRenézuCodeJul 13, 2025
@simontatham check notes: https://t2sde.org/packages/putty
T2 package - security/putty - A Telnet and SSH client