this post was submitted on 10 Jul 2024
325 points (98.8% liked)

Technology

58964 readers
3892 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 months ago (3 children)

I don't think it would help. Even without the extension it would still say:

not-malicious.pdf (Application)

We are trained to see file extensions and understand them, but the masses aren't. There is a column that translates the hidden extension into its corresponding type already.

[–] [email protected] 8 points 3 months ago (1 children)

I'm suggesting an actual popup on double extensioned files that forces you to acknowledge that you know it's lying about the file type.

The only legitimate use for multiple extensions is compression, pretty much, and it's easy enough to distinguish those.

[–] [email protected] 5 points 3 months ago (1 children)

That would be annoying for people who work on files with a double extension for legitimate reasons, e.g. .tar.gz, and (this can't be stressed strongly enough) Windows users do not pay attention to warning popups, so it wouldn't actually help. Despite it being eighteen years since Windows Vista released, and therefore vanishing unlikely that any given software was written assuming that Windows didn't have a permissions system, it's still most people's first troubleshooting step to try and run things as admin, and you still get loads of people (including ones who should know better, e.g. ones who also use Linux and would never log in as root) who disable UAC as one of the first things they do when setting up a windows install, and end up running everything as the equivalent of root just to suppress the mildly annoying pop-up when something asks for elevated permissions.

So, your proposed popup:

  • would be annoying including for legitimate uses
  • wouldn't help as anyone who already ignores the smart screen popup that shows up when running a dodgy application will ignore the new popup, too
  • would be disabled by huge swathes of users anyway
[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (1 children)

I already addressed compression. It's as entirely trivial to whitelist those cases as it is to do in the first place.

Again, I said it's not magic. But most of these cases are inattention that would be reduced meaningfully if Windows made them actually pick what file type they were opening. There's a big gap between "advanced users" who will notice that it's the only file with an extension and morons who will just skip everything no matter what it says.

[–] [email protected] 0 points 3 months ago* (last edited 3 months ago)

Don't bother with teh MS apologists. They are the worst.

If the operating system doesn't know the file and the type of file, it's a bad operating system.

It should be trivial to have an OS determine the file type and display a warning if the extension doesn't match.

Posix has had file for decades.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (1 children)

We are trained to see file extensions and understand them, but the masses aren't.

My computer-iliterate dad is on Debian XFCE since 2 years now. The first year, he thought it was the new Windows. File extensions didn't bother him in the slightest.

[–] [email protected] 1 points 3 months ago

I don't think extensions are a "bother" at all. It's just a different way to show the info.

[–] [email protected] 1 points 3 months ago

Wouldn't it show not-malicious.pdf.exe?