Saturday, August 1, 2009

Why you should NOT hide extensions for known extensions (Windows users)

Microsoft should just disable the feature in Explorer that hides known extensions. But in Windows 7, its still not and you should. By default it is turned on. This is bad. Here's why;

It is very easy to simply trick a user into thinking that a particular executable is actually an MP3 for instance. See my sample screen shot here.


Most people, including myself would believe enough that the file above is indeed an MP3 file and would wonder, hmm, cool, i've got an MP3 here perhaps its my collection and would try to open.

Now, lets see the actual file in shell terminal.

As you can see, in this simple example, we see that the file is actually an EXEcutable, making it possible to run by itself and do stuff to you/computer.

Well, in Windows 7, it is simple to turn on this folder view setting. Open any folder in Explorer. Go to Organize --> Folder and Search Option --> View --> Uncheck "Hide hxtensions for known file types". Make sure you click "Apply to folders" this will make it system wide.

Now, look at the file in Explorer view.


As seen above, .exe is now obvious which can prompt you to reconsider opening the file. With Vista and better yet Windows 7 UAC, a possible scamware will require intervention which you could then say "yes allow" to because you think it's just an MP3. So, try to avoid this scenario altogether and disable this feature.

No comments: