Drupal 7, taking a clue from WordPress, now includes a way to update your modules using FTP. The problem is that FTP is an unencrypted protocol (Drupal itself will warn you about this) and is therefore insecure. Because of that, all the machines at Stanford run with FTP disabled so that your SUNetID and password can't be sniffed (which can be done very easily if sent unencrypted). This also means that the Drupal 7 Update Manager will not work at this time. Core does provide the ability to use SSH but it doesn't appear to be supported by our web servers.
If you manage a site and would like your administrators not to be confused by this, add the following to settings.php as described in http://drupal.org/handbook/modules/update :
$conf['allow_authorize_operations'] = FALSE;
