Windows 7 Users Warned Over Filename Security Risk

nandemoari writes "Would-be Windows 7 users have been warned to change a default setting which could leave them vulnerable to attack via bogus files. As a result, Microsoft is taking flak for failing to correct a problem found in previous editions of Windows. The issue involves the way Windows Explorer displays filenames. In all editions of Windows after Windows 98, the default setting hides the filename extension (which identifies what type of file it is). This means that a Word file titled 'partyinvite.doc' will show up in Windows Explorer as simply 'partyinvite'. The only exception to this rule is if Windows does not recognize the file type. The reason for this setting is that it makes for a less cluttered look and avoids filling the screen with redundant detail. However, a flaw in the way it works leaves it liable to exploitation by hackers. They can take an executable file (which can do much more damage to a computer when opened) and disguise it by calling it 'partyinvite.doc.exe.'"

I never did like that feature

[EvilBudMan]

or any of the others that make you jump through hoops to get at something.

1. Partial menus (Office)
2. The Search Dog (Windows XP)
3. I don't what else but the way they have features turned off and on makes no sense at all.

The I'm done sig.

Not really news, and a non-issue

[lukas84]

Most people wouldn't change their behaviour even if the did see the file extension.

Email programs such as Outlook block .exe attachments, and Executables downloaded using IE display a stern warning before execution.

Changing this wouldn't have helped anyone.

And associating this with Windows 7 is mostly FUD, jumping on the bandwagon just because you don't like it.

Um

[Man On Pink Corner]

Welcome to Windows 95?!

Filename extensions have been hidden by default for many years now, in all shipping versions of Windows. And they've been making it easy for malware authors to fool users for just as long.

It was an insanely stupid policy on MS's part, and it borders on negligence that they're still doing it.

Re:Extensions

[lukas84]

You can easily add the Word icon to your malware, and this will fool users easily.

Re:Extensions

[Anonymous Coward]

Only if the creator is stupid. All it takes is to get an icon from a doc and use that icon as the default icon resource within the exe file, and voilà - not only it seems to be named .doc, it looks like a word file, too.

The only correct solution is stop trying to hide information from users: showing extensions should be the only acceptable alternative. Hiding them could make sense before, but since Vista even the UI is correct: you click on a filename to edit it and only the non-extension part is selected by default.

Re:umask 224

[tilandal]

Less clutter? How about showing file information in a list by default instead of as 1000 little icons without any useful information? Really, who in the world though that was a good way to display file information?

Re:How can this be?

[Kadagan AU]

I see your sarcasm, but honestly this isn't as much of a security flaw in the OS as it is a "feature" in the OS that makes stupid users even stupider. A maliciously named file does nothing on its own, only when a user double-clicks it does it turn bad. Stupid users will break things on any OS.

Re:How can this be?

[Foofoobar]

but honestly this isn't as much of a security flaw in the OS as it is a "feature" in the OS that makes stupid users even stupider.

Wow. What an amazing feature. Looks like the development team at Microsoft has been hard at work on the new OS as per usual.

Extensions? No extensions?

[clone53421]

Do we really think that it's going to make a difference to Joe Schmoe? If it has a Word document icon, our hapless friend is going to be duped regardless of whether it ends in ".doc" or ".doc.exe".

May I remind you that, with file extensions hidden by default, ONE SHOULD NEVER SEE A FILE ENTITLED "partyinvite.doc", because that extension should be hidden. The fact that it isn't hidden is already a glaring red flag — which Joe Schmoe is obviously oblivious to.

I turn extensions on by default, but I really don't think that would help Mr. Clueless. Somebody needs to sit him down and explain to him what's going on, and nothing is going to save him from the trouble of paying the proper attention to the files he opens.

kill the filename.extension paradigm

[line-bundle]

The filename should not contain any metadata. The date is not included in the filename, so why is the filetype in there?

Re:Extensions? No extensions?

[taustin]

ONE SHOULD NEVER SEE A FILE ENTITLED "partyinvite.doc",

That is true. However, an .exe can have it's own icon embedded in the file, so one could name it partyinvite.exe and give it the icon from a Word doc, and Joe Schmoe would have no clue. In fact, a lot of people would miss that.

Re:Not really news, and a non-issue

[lukas84]

The metadata-thing is what Apple did and it has the same security issues - there's no way to tell from the icon or filename if something is an application or a document.

Think of the file-extension as filename embedded meta-data, and it starts to make more sense.

Re:Not really news, and a non-issue

[clone53421]

Because an extension is far easier to change when I actually want to change it than the meta-data would be.

There are already the "Open with" and "Send to" options if you want a choice of applications to open the file with.

Re:This again?

[twidarkling]

Plus both have lower total cost of ownership.

[citation needed]
Seriously. It's not like I paid for my A/V software. It's not like I run scans when I'm using the system, so my work isn't being slowed.

Then, vs. just OSX, the hardware's cheaper, you can upgrade it and futureproof it, so you don't need to buy an entirely new $1.5k machine, and software's same price or cheaper, with more options. And as for security, may I point you to the Mac-only botnet that was recently discovered due to pirated copies of iLife, or iWork, or whatever it was? Stupid people will fuck up any system you give them, regardless of OS. Windows is not inherently superior or inferior, it's just the one that does what I need.

Re:Isn't this a dupe?

[Hatta]

You want a solution? How about this: Windows should only hide file extensions for files that don't use custom icons

How about we never hide the extension for any reason? If you're worried about clutter, and redundant information on screen, ditch the icons. The extension is all of 3 bytes, and it's far, far easier to read 3 letters than it is to squint at the icon and guess what it's supposed to be.

Re:Um, Win7 is not yet a release

[David Gerard]

Then this is the time to make a big fuss about it: so that it will be fixed for Win7.

Re:How can this be? sufixication

[colourmyeyes]

Why are suffixes so enduring?

Because the human using the computer wants a quick way to determine what the file most likely contains.

Re:How can this be? sufixication

[D Ninja]

And, I don't remember it ever being promised for Windows 7. In fact, Microsoft didn't really promise a whole lot for 7 (presumably) after learning their lesson from Vista.

Re:How can this be? sufixication

[clone53421]

And changing it. You have any idea how many files are plain text, if you actually want to look at them?

Let's see... txt bat cmd htm(l) hta js vbs url scf php asp ...well, you get the picture.

Re:Ah, he(.conf) started(.d) (in)it...

[nine-times]

It doesn't seem to me that line-bundle was particularly blaming Bill Gates, Windows, or Microsoft. Using extensions in filename as the identifier of file-type is a common and long-standing practice, but it's also problematic.

Re:kill the filename.extension paradigm

[BikeHelmet]

Perhaps for speed?

I'd like to see files without an extension auto-resolved to whatever they were - but I do find extensions handy.

On Windows I can open a folder with say... 200 ~350MB files, and they show up instantly - but on Linux (with its wonderful libmagic), it takes dozens of seconds.

I feel it should go like this:

1) No extension -> Resolve extension
2) Extension -> Check if file compatible with programs registered to handle that file type

Extensions are handy for searching, too. The more specific you can get, the easier it is to find something - and .jpg is very specific, as opposed to just searching all images or heck, all files.

Re:How can this be? sufixication

[colourmyeyes]

You're right about implementation with respect to my "human-readable" comment - in practice it wouldn't be much different if there were a standard and ls could tell me the file type as well (kind of an integration of file and ls... which wouldn't be hard to hack together just to see what it would look like, but I digress).

But I still think there are situations in which there is no way to get that info - e.g. a list of links on a page, each to a file of a different type. If it says http://example.com/file.doc [example.com], you know what to expect. Metadata sufficient to render file extensions obsolete would leave us with http://example.com/file [example.com], with no way to tell what it contains.

There may be a quick fix to this situation that I'm overlooking, but my point remains - there are some times when it's just good to know from the filename what you'll be dealing with.

Re:How can this be?

[snowraver1]

Does no one still get into the tree structure to create their own folders to organize things?

Or...do most people just put everything in My Documents?

You forgot option 3: Whereever the default save path is.or option 4: I save my important files in (recycle bin|temp folder|ram drive)

Re:BULLSHIT FUD

[merreborn]

Run virus.exe in XP (SP2), Vista, or (I presume) 7.

What's that box? A security warning about unsigned code?

Rename the file to virus.txt.exe and try again.
What's that box? A security warning about unsigned code?

Fuck off insecurity experts.

Too bad users don't read dialog boxes [joelonsoftware.com]

Re:How can this be? sufixication

[vux984]

Well yes. But how hard would it be to have a colum in the either the gui or the command line file list that provided that info right beside the file name. indeed that's what OS9 and all it's predecessors did.

That's great if you only look at files in detail view. In the file explorer.

Sorry, but in the real world, files are all over the place. I've got a bunch of them sitting as icons on my desktop. There's another one as an attachment to an email I've got up on the screen. And links to download a few more on the website I was just at. Then I open up photoshop and decide to open a recent file via the "Open Recent" menu item... something.pdf, somethingelse.psd, anotherfile.eps...

By embedding the type into the name, its ALWAYS there.

Re:How can this be?

[RabidOverYou]

> For the life of me, I've never understood why they turn off the extensions by default

The 'feature' was born, oh so many years ago, because some Windows Program Manager had Macintosh Envy. The Mac allowed you to have "Letter to Grandma", not "Letter to Grandma.doc". What this dork PM failed to recognize is that extensions, a very simple concept, is really quite useful, and easy to use. C'mon MS, turn them back on (by default) in Win7.

Re:How can this be?

[supernova_hq]

WHAT command prompt?

Re:How can this be? sufixication

[TrixX]

To solve this security issue (malicious execution), you don't need separate forks, complex metadata, or anything like that. You just need a single bit of metadata, telling you if the file is executable or not. In other words (Henry Spencer's, not mine): Those who do not understand UNIX, are comdemned to reinvent it, poorly. With that metadata, the worst that somebody can do is name a file foo.txt.jpg to trick you into opening an image making you think it's a text file, but nothing that makes a security risk.

Re:How can this be?

[hellwig]

Where do you work? I have worked at a few major companies (former/current DJIA companies) and IT won't do anything they don't want to, and manager buy in doesn't mean squat cause they don't work for your manager. However, at those same companies, most of them provide a private users area to store files, and then the groups themselves have public shared folders, both on the network.

Sigh...

[InsertCleverUsername]

This has got to be one of the dumber anti-Windows trolls presented as news I've seen in a while. An evil hacker could also put a post-it note on an idiot's computer telling them to type "FORMAT C:" at a command prompt. People too dumb to recognize icons or use AV software just shouldn't be using computers.

That all said, I've always thought that extension hiding default was one of the more annoying things I have to kill every time I install Windoze. Seems like Redmond just keeps dumbing down the interface, forcing me to work harder at getting the details I need.

Re:How can this be?

[Vexorian]

It isn't exactly a 'feature' it is a design flaw. Specially because of the whole "double clicking something runs strange program" deal.

By the way, the security problem is not that much with hiding the extensions (though it is certainly VERY annoying) The real issue comes with the fact that executable files can be anywhere and all that is needed to [a) display an icon determined by the executable and b) being executable by double click] is to just change the extension to .exe , that's rather bad for security.

A similar misguidance was present in Linux, at least gnome and KDE desktops' support of the .desktop extension, if Linux had more users you can be sure that thing was going to have social engineered the heck of all people into installing rootkits in their systems. That's right, just like windows' .exe non-sense, just the .desktop file extension allowed you to have an icon that [ a)Had a bogus extension/name. b) Had a custom icon, in fact it was easier to use the system's icon for folder or doc file. and c) launched a script with double click. ] I personally was happily surprised to see that after my Jaunty Jackalope update, these .desktop monstrousities finally need an executable permission to work.

For people noticing how lame these things are in both windows and Linux, I am tagging the story as "suddenoutbreakofcommonsense".

Re:I never did like that feature

[colourmyeyes]

The Search Dog was one thing that whenever I installed XP and had to sit through it before being able to turn it off had me asking myself "and this is 'enterprise' software?" Why have a cartoon built into your operating system?

Re:How can this be?

[dave562]

My understanding of how Time Machine works is akin to the Volume Shadow Copy service in Windows. Basically certain volumes will retain a pre-determined number of snap-shot backups of any particular file. If the user then accidentally erases a file or saves over it, they can revert to one of the previous copies. It isn't exactly the same functionality of being able to save anywhere in user space, but it is close. There are also third party backup utilities that will backup the entire workstation, or any subset of directories and/or files. To me those seem like a band-aid for bad administration, rather than a solution that you want to rely on. Why take a remote copy of a workstation if you can just put the files on the server, or SAN in the first place?

Re:How can this be?

[shutdown -p now]

Or...do most people just put everything in My Documents?

No. Most people just put everything on the desktop. And some actually put everything into Recycle Bin (yes, I've seen this IRL).