Follow Slashdot stories on Twitter


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:What about the race of the escapee? (Score 1) 231

by arth1 (#49182101) Attached to: Racial Discrimination Affects Virtual Reality Characters Too

Um, no. First of all, there is no indications that they excluded anyone. The study was done with volunteers, and presumably with the students they had available at the Italian university.

Secondly, it's not clearly "black vs white" - the situation was "white vs anything else". Black was not in a special situation, vs. brown, red, green, blue or anything else not white.

From what I can tell, the study notes a racial bias. That does not prove or preclude racism. The bias can have other causes, but this study does not tell us.

Comment: Re:Missing the problem by a mile (Score 1) 553

by arth1 (#49174109) Attached to: Why We Should Stop Hiding File-Name Extensions

If you put an infected executable on my machine and gave it a TXT file extension it's totally harmless. So it tries to open the file in harm there.

But how do you know that it will open it in notepad? Do you examine the registry?

How do you know that an app you tried a year ago and quickly uninstalled didn't change the extension association for .txt to run a small wrapper that examines the file, and if it's an executable, executes it, and otherwise opens it with Notepad?
It doesn't have to be a trojan you ran either - it could have been done through an IE/Flash exploit a long time ago too.

Comment: Re:Missing the problem by a mile (Score 1) 553

by arth1 (#49173977) Attached to: Why We Should Stop Hiding File-Name Extensions

You cannot tryst the extension to be what the file actually is. But you CAN trust the extension to determine what Windows will do with it. That .jpg might not actually be an image, but Windows will try to load it like one.

No, this is what I have tried to tell here, and keep getting modded down for. You cannot trust that. Really. You can trust that Windows will treat it as a .jpg file, but you cannot trust that Windows will treat .jpg files as images .
What Windows treats .jpg files as depends on registry values that are changeable by the user (and apps). An app can change .jpg files to be treated as executables, without you knowing it.

All that's needed is to modify HKEY_CURRENT_USER\Software\Classes\.jpg and it will override the system defaults. It's in the user hive, and does not even require admin privileges.
Apps do this all the time, benignly to associate file types with themselves. That your .mp3 files suddenly open with WinAmp after installing WinAmp is because of this. But that's not all they can do - they can associate ANY file types with ANY programs, not just themselves. That includes making Windows execute the file as a binary, if they so choose.
So you cannot trust that Windows treats a .jpg file as an image. That is only the case if you (or an app) hasn't changed that.

Few people will check the registry before "running" a file. They trust that Windows will open the .jpg file with an image viewer (or editor), but they have no way of knowing if a boring game they installed and uninstalled a year ago changed that, and that .jpg files now get executed if containing executable content and otherwise shown in an image viewer.

Comment: Re:Good luck with that. (Score 1) 553

by arth1 (#49172777) Attached to: Why We Should Stop Hiding File-Name Extensions

And you want to try to get the average end user to understand the difference between ".XLS", ".XLSX", and ".XLSX.EXE"?

Or to trust that no one is ever clever and malicious enough to use one trojan to modifiy the default action for .XLSX to run the files, and then a few months later send people .XLSX files that contains executable content?

Seeing that it's named .XLSX does not tell you anything about what (a) the file contains, or (b) what the OS will do with it. You trust that no-one would ever be mean enough to put non-spreadsheet info in a file named .XLSX, and trust that nothing has changed the actions taken for that file extension.
That's too much trust.

Comment: Re:Missing the problem by a mile (Score 1) 553

by arth1 (#49172495) Attached to: Why We Should Stop Hiding File-Name Extensions

OK, and how is opening the jpg in notepad going to harm your computer?

It could just as easily be opening the .jpeg file containing executable content with with run.dll. The problem is that this mapping from file extension to action taken is not static, but can (and does) change on the fly. Which is why you may get irritated when you have two mp3 playing programs installed and your mp3 files open with the "wrong one". That means that one of the apps have taken over the file extensions. And it's not limited to taking over - it can point away too. Or it can open with a wrapper that runs malicious content and then passes the remainder to the viewer you expect, so you don't notice anything amiss.
You just don't know unless you go into the registry and check for yourself. Trusting the file extension is misplaced trust.

Comment: Re:Missing the point (Score 1) 553

by arth1 (#49172099) Attached to: Why We Should Stop Hiding File-Name Extensions

This is not about how your own application react to a file. this is how the operating system *does*. There is a convention in the operating system, particularly windows, that a .gif will be tried to be displayed as a picture and a .html as a web page. Your application may *chose* to interpret it as music for all we care, but the operating system will react by default as described.

But the defaults are mutable, and not to be trusted to stay consistent.
There is nothing that prevents an application from changing the default for .gif from opening in [gif viewer of choice] to executing them. If someone then sends you an executable with a .gif extension, and you double-click it, it will execute the executable.
Trusting that a .gif file is always a GIF picture is folly. It's the default, but it is very changeable, and a couple of trojans do indeed change the file name extension associations.

Comment: Re:Missing the problem by a mile (Score 4, Informative) 553

by arth1 (#49171787) Attached to: Why We Should Stop Hiding File-Name Extensions

On Windows, extensions are meaningful to the operating system. It doesn't identify all files by magic numbers. Files are typed by their extensions. If the file is "fishhead.jpeg" then it is not a Win32 executable binary (barring flaws in the JPEG rendering system that lead to arbitrary execution).

You miss that it isn't like that in Windows either. A file named fishhead.jpeg can indeed be a a Win32 executable binary that gets executed by the OS as a binary if called without a named program to open it. That depends on what the end user and the programs he (spit) trusts have set the .jpeg extension to signify. It is only a recommendation. Windows provides defaults, but it is silly to presume that no program would ever be mean enough to change any of that on you.
You cannot trust the extensions any more than you can trust the "From:" address in an e-mail. Not in Windows either.

Comment: Re:Missing the problem by a mile (Score 0) 553

by arth1 (#49171643) Attached to: Why We Should Stop Hiding File-Name Extensions

You must have missed my "except on very immature operating systems".
And it's not even the case in Windows. Windows is user configurable to let any extension map to any "action". There is nothing that says it cannot open files with a .txt file name extension in, say, Paint. It may default to Wordpad, but that's just a convention, not set in stone. As you install other programs, they may change that, so one day it opens in Slick|Edit, and there's nothing that prevents your music player from saying "hey, now, I want the default action for .txt files to be opened by me".

Again, the file name extensions are only advisory, not prescriptive, and that's why they should never be trusted.

Comment: Missing the problem by a mile (Score 1, Interesting) 553

by arth1 (#49171533) Attached to: Why We Should Stop Hiding File-Name Extensions

The problem isn't not looking at file name extension. It's trusting them.
File name extensions are just a convention, and are not prescriptive except on very immature operating systems. There is nothing that prevents a JPEG file from being saved with a .txt name extension. Looking at the name extension will tell you absolutely nothing.

I have a web server set up at home that serves html files with a .gif extension, and expects images to have a .html name extension. It works great, because the file name extensions are only advisory.

And then there's the Amiga, where you have prefixes, like mod.filename to signify a music score file with embedded samples. Again, it's just a convenience, and should never be trusted.

FORTUNE'S FUN FACTS TO KNOW AND TELL: A firefly is not a fly, but a beetle.