• conciselyverbose@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    81
    ·
    4 months ago

    The fact that Windows hasn’t solved the “fake extension” scam is wild. You can’t make people not click stuff, obviously. But you absolutely could identify double extensions clearly intended to confuse people and give some kind of “this isn’t a PDF” warning.

    • 𝕸𝖔𝖘𝖘@infosec.pub
      link
      fedilink
      English
      arrow-up
      46
      ·
      edit-2
      4 months ago

      They’re too busy finding new ways to inject telemetry and ads into your os, and degrade your experience. It takes a lot of resources to do this.

      Edit: ‘to’ to ‘too’. I blame fatigue.

    • mememuseum@lemmy.world
      link
      fedilink
      English
      arrow-up
      44
      ·
      4 months ago

      It’s so dumb that Windows hides file extensions by default. They could just flip a toggle.

      • Plopp@lemmy.world
        link
        fedilink
        English
        arrow-up
        32
        ·
        4 months ago

        But don’t you understand how confusing and scary those cryptic three letter strings are to normal people?? 😱

        • Cort@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          4 months ago

          Administrator Plopp, what do I do if it has a 4 letter extension? That .jpeg is a virus right?

          -sincerely, The dumbest user you know

          • Plopp@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            4 months ago

            Oh shit. Yes. I need you to press Ctrl+Alt+Del while pulling the power cord or else the virus will steal your RAM and upload your printer to a criminal server in the cloud!

        • GreenBottles@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          4 months ago

          It’s not the 90’s anymore. There’s no excuse for not having basic understanding of the tools you use in life.

          • Plopp@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            4 months ago

            Where have you been for the past decade? The trend is the exact opposite. Dumb everything down until there’s nothing left to understand, in the name of “usability”.

    • TimeSquirrel@kbin.melroy.org
      link
      fedilink
      arrow-up
      27
      ·
      edit-2
      4 months ago

      Shit, I remember having to wipe my boss’s computer back in '03 because he clicked on an attachment called something along the lines of “bigtiddies.mpeg.exe” or some shit.

      • Fizz@lemmy.nz
        link
        fedilink
        English
        arrow-up
        25
        ·
        edit-2
        4 months ago

        Me getting a virus on my computer after running sex.exe from limewire. Luckily it was only mildly annoying (as far as I know). A picture of a golfer would pop up and he would swing then the computer would shutdown. Happened once every few days and I kept using the PC for years with that on it.

          • Fizz@lemmy.nz
            link
            fedilink
            English
            arrow-up
            5
            ·
            4 months ago

            Back then there was eo much less to gain. The most important thing on the family computer was my Runescape account. I doubt whoever made the virus could even hack my runescape account because I lost access to it almost every week due to a very weak password and me telling all the kids at school my username and password.

      • demonsword@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        4 months ago

        Shit, I remember having to wipe my boss’s computer back in '03 because he clicked on an attachment called something along the lines of “bigtiddies.mpeg.exe” or some shit.

        I could almost hear The Office theme song playing while I was reading that

    • GreenBottles@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      4 months ago

      When MS chose to hide file extensions by default I fucking lost my mind because of the malware\virus implications… idiots.

    • lazynooblet@lazysoci.al
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      4 months ago

      I don’t think it would help. Even without the extension it would still say:

      not-malicious.pdf (Application)

      We are trained to see file extensions and understand them, but the masses aren’t. There is a column that translates the hidden extension into its corresponding type already.

      • conciselyverbose@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        8
        ·
        4 months ago

        I’m suggesting an actual popup on double extensioned files that forces you to acknowledge that you know it’s lying about the file type.

        The only legitimate use for multiple extensions is compression, pretty much, and it’s easy enough to distinguish those.

        • AnyOldName3@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          4 months ago

          That would be annoying for people who work on files with a double extension for legitimate reasons, e.g. .tar.gz, and (this can’t be stressed strongly enough) Windows users do not pay attention to warning popups, so it wouldn’t actually help. Despite it being eighteen years since Windows Vista released, and therefore vanishing unlikely that any given software was written assuming that Windows didn’t have a permissions system, it’s still most people’s first troubleshooting step to try and run things as admin, and you still get loads of people (including ones who should know better, e.g. ones who also use Linux and would never log in as root) who disable UAC as one of the first things they do when setting up a windows install, and end up running everything as the equivalent of root just to suppress the mildly annoying pop-up when something asks for elevated permissions.

          So, your proposed popup:

          • would be annoying including for legitimate uses
          • wouldn’t help as anyone who already ignores the smart screen popup that shows up when running a dodgy application will ignore the new popup, too
          • would be disabled by huge swathes of users anyway
          • conciselyverbose@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            4 months ago

            I already addressed compression. It’s as entirely trivial to whitelist those cases as it is to do in the first place.

            Again, I said it’s not magic. But most of these cases are inattention that would be reduced meaningfully if Windows made them actually pick what file type they were opening. There’s a big gap between “advanced users” who will notice that it’s the only file with an extension and morons who will just skip everything no matter what it says.

            • Aniki 🌱🌿@lemmy.zip
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              2
              ·
              edit-2
              4 months ago

              Don’t bother with teh MS apologists. They are the worst.

              If the operating system doesn’t know the file and the type of file, it’s a bad operating system.

              It should be trivial to have an OS determine the file type and display a warning if the extension doesn’t match.

              Posix has had file for decades.

      • MonkderDritte@feddit.de
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        4 months ago

        We are trained to see file extensions and understand them, but the masses aren’t.

        My computer-iliterate dad is on Debian XFCE since 2 years now. The first year, he thought it was the new Windows. File extensions didn’t bother him in the slightest.

        • lazynooblet@lazysoci.al
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          4 months ago

          I don’t think extensions are a “bother” at all. It’s just a different way to show the info.