Windows 7 Users Warned Over Filename Security Risk

← Back to Stories (view on slashdot.org)

Windows 7 Users Warned Over Filename Security Risk

Posted by timothy on Thursday May 7, 2009 @07:54AM from the death's-too-good-for-some-people dept.

nandemoari writes "Would-be Windows 7 users have been warned to change a default setting which could leave them vulnerable to attack via bogus files. As a result, Microsoft is taking flak for failing to correct a problem found in previous editions of Windows. The issue involves the way Windows Explorer displays filenames. In all editions of Windows after Windows 98, the default setting hides the filename extension (which identifies what type of file it is). This means that a Word file titled 'partyinvite.doc' will show up in Windows Explorer as simply 'partyinvite'. The only exception to this rule is if Windows does not recognize the file type. The reason for this setting is that it makes for a less cluttered look and avoids filling the screen with redundant detail. However, a flaw in the way it works leaves it liable to exploitation by hackers. They can take an executable file (which can do much more damage to a computer when opened) and disguise it by calling it 'partyinvite.doc.exe.'"

41 of 613 comments (clear)

Min score:

Reason:

Sort:

How can this be? by Burkin · 2009-05-07 07:57 · Score: 5, Funny

How can this possibly be? I thought this was the most secure OS on the planet.
1. Re:How can this be? by Kadagan+AU · 2009-05-07 08:06 · Score: 5, Insightful
  
  I see your sarcasm, but honestly this isn't as much of a security flaw in the OS as it is a "feature" in the OS that makes stupid users even stupider. A maliciously named file does nothing on its own, only when a user double-clicks it does it turn bad. Stupid users will break things on any OS.
  
  --
  This space for rent, inquire within.
2. Re:How can this be? by pugugly · 2009-05-07 08:19 · Score: 4, Informative
  
  This is something I have instantly turned off in every version of Windows so far. Thank god for nLite - you can create your install disk with all this bs turned off to start with!
  
  --
  An Invisible Entity of Vast Power whose existence must be taken on faith alone: Liberal Media
3. Re:How can this be? by David+Gerard · 2009-05-07 08:25 · Score: 5, Funny
  
  Bah. Vista is far superior. Windows 7 is for Mac-wannabes who want to "do" things with their computer, not just admire its AWESOME MIGHT as your CPU fan starts lifting your house into the air.
  
  --
  http://rocknerd.co.uk
4. Re:How can this be? by cayenne8 · 2009-05-07 09:20 · Score: 4, Interesting
  
  I do the same thing.
  For the life of me, I've never understood why they turn off the extensions by default, and not only that,why do they keep burying the windows explorer further and further away? Don't people use that to find files? Start applications?
  Does no one still get into the tree structure to create their own folders to organize things?
  Or...do most people just put everything in My Documents?
  
  --
  Light travels faster than sound. This is why some people appear bright until you hear them speak.........
5. Re:How can this be? by snowraver1 · 2009-05-07 09:24 · Score: 4, Insightful
  
  Does no one still get into the tree structure to create their own folders to organize things?
  
  Or...do most people just put everything in My Documents?
  
  You forgot option 3: Whereever the default save path is.or option 4: I save my important files in (recycle bin|temp folder|ram drive)
  
  --
  Copyright 2010. All rights reserved. This comment may not be copied in any way including, but not limited to caching.
6. Re:How can this be? by Qzukk · 2009-05-07 09:30 · Score: 3, Funny
  
  How can this be?
  It is the Kwisatz Haderach?
  
  --
  If I have been able to see further than others, it is because I bought a pair of binoculars.
7. Re:How can this be? by dave562 · 2009-05-07 09:34 · Score: 4, Interesting
  
  Windows Explorer is always in the same place no matter what version of Windows you are using. WindowsKey+E.
  Standard best practice is to put everything in My Documents. My Documents can be redirected to a network file share. The network file share can be backed up. As long as data is stored in My Documents, it is safe. That approach presents a problem when users want to store gigs of music or photos in there, but for a typical work place environment, it works great. It sure beats the old method of having to manually adjust file storage locations for each individual program.
8. Re:How can this be? by commodore64_love · 2009-05-07 09:47 · Score: 5, Funny
  
  VISTA is a monument to everything that makes us the country we are!
  Fat, slow, and obsessed with superficialities like pretty shiny colors?
  
  --
  "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
9. Re:How can this be? by Vexorian · 2009-05-07 11:18 · Score: 4, Insightful
  
  It isn't exactly a 'feature' it is a design flaw. Specially because of the whole "double clicking something runs strange program" deal.
  By the way, the security problem is not that much with hiding the extensions (though it is certainly VERY annoying) The real issue comes with the fact that executable files can be anywhere and all that is needed to [a) display an icon determined by the executable and b) being executable by double click] is to just change the extension to .exe , that's rather bad for security.
  A similar misguidance was present in Linux, at least gnome and KDE desktops' support of the .desktop extension, if Linux had more users you can be sure that thing was going to have social engineered the heck of all people into installing rootkits in their systems. That's right, just like windows' .exe non-sense, just the .desktop file extension allowed you to have an icon that [ a)Had a bogus extension/name. b) Had a custom icon, in fact it was easier to use the system's icon for folder or doc file. and c) launched a script with double click. ] I personally was happily surprised to see that after my Jaunty Jackalope update, these .desktop monstrousities finally need an executable permission to work.
  For people noticing how lame these things are in both windows and Linux, I am tagging the story as "suddenoutbreakofcommonsense".
  
  --
  
  Copyright infringement is "piracy" in the same way DRM is "consumer rape"
umask 224 by ArsonSmith · 2009-05-07 07:57 · Score: 5, Funny

it shouldn't be made executable by the default umask though, so when you go to click on it it'll just try to associate an application with the .exe extension.

--
Paying taxes to buy civilization is like paying a hooker to buy love.
Bah by MyLongNickName · 2009-05-07 07:58 · Score: 5, Funny

This is a non-issue. With all of the vulnerabilities in applications that think they are a programming interface (like Acrobat), EXE's might actually be safer to open.

--
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
I never did like that feature by EvilBudMan · 2009-05-07 07:58 · Score: 3, Insightful

or any of the others that make you jump through hoops to get at something.
1. Partial menus (Office)
2. The Search Dog (Windows XP)
3. I don't what else but the way they have features turned off and on makes no sense at all.
The I'm done sig.
1. Re:I never did like that feature by TheBig1 · 2009-05-07 08:31 · Score: 4, Funny
  
  I don't what else ... makes no sense at all.
  Ahh.... Irony at its best... ;-)
Not really news, and a non-issue by lukas84 · 2009-05-07 08:01 · Score: 4, Insightful

Most people wouldn't change their behaviour even if the did see the file extension.
Email programs such as Outlook block .exe attachments, and Executables downloaded using IE display a stern warning before execution.
Changing this wouldn't have helped anyone.
And associating this with Windows 7 is mostly FUD, jumping on the bandwagon just because you don't like it.
1. Re:Not really news, and a non-issue by lukas84 · 2009-05-07 08:36 · Score: 3, Informative
  
  You mean it's just like in Windows?
Um by Man+On+Pink+Corner · 2009-05-07 08:02 · Score: 4, Insightful

Welcome to Windows 95?!
Filename extensions have been hidden by default for many years now, in all shipping versions of Windows. And they've been making it easy for malware authors to fool users for just as long.
It was an insanely stupid policy on MS's part, and it borders on negligence that they're still doing it.
Re:Extensions by lukas84 · 2009-05-07 08:02 · Score: 5, Insightful

You can easily add the Word icon to your malware, and this will fool users easily.
Not new, not unique to Windows by nine-times · 2009-05-07 08:03 · Score: 4, Informative

OSX hides extensions, too, and what's arguably worse, OSX allows you to arbitrarily replace the icon of any file, thereby allowing you to disguise files more easily. Don't some Linux DEs do the same thing?
It's sort of unfortunate that we rely on filename extensions to identify file type at all. Users have a tendency to accidentally remove extensions when they're renaming if you don't hide them. But then if you hide them, then users are missing the single most important cue as to what file-type a file is.
1. Re:Not new, not unique to Windows by StikyPad · 2009-05-07 08:23 · Score: 3, Informative
  
  Vista (and 7) decrease the likelihood of accidental file extension deletion by highlighting only the filename (sans extension) when renaming files through explorer. Personally, I'm usually renaming the extension, or adding ".old".
  
  --
  https://www.eff.org/https-everywhere
Re:Isn't this a dupe? by tepples · 2009-05-07 08:07 · Score: 3, Interesting

Now, I'll go make a quick patch and submit the .diff
I wonder if ReactOS, the project to make a free Windows XP clone, might take it.
kill the filename.extension paradigm by line-bundle · 2009-05-07 08:16 · Score: 5, Insightful

The filename should not contain any metadata. The date is not included in the filename, so why is the filetype in there?
1. Re:kill the filename.extension paradigm by thomasdn · 2009-05-07 08:53 · Score: 4, Informative
  
  The filename should not contain any metadata. The date is not included in the filename, so why is the filetype in there?
  No metadata in the filename? But isn't the filename metadata in itself? By giving the file a name -- a description of the content -- I provide some metadata that lets me know what the file contains. I don't think it is all that stupid to have a convention for file naming.
  
  --
  thomasdamgaard.dk.
Re:Extensions? No extensions? by taustin · 2009-05-07 08:17 · Score: 3, Insightful

ONE SHOULD NEVER SEE A FILE ENTITLED "partyinvite.doc",
That is true. However, an .exe can have it's own icon embedded in the file, so one could name it partyinvite.exe and give it the icon from a Word doc, and Joe Schmoe would have no clue. In fact, a lot of people would miss that.
How to rename files by tepples · 2009-05-07 08:19 · Score: 3, Interesting

Users have a tendency to accidentally remove extensions when they're renaming if you don't hide them.
That's why a good file manager, like the version of Nautilus that comes with Ubuntu Hardy, selects everything before the extension when the user chooses "Rename".
1. Re:How to rename files by jonbryce · 2009-05-07 08:33 · Score: 4, Informative
  
  The Vista file manager does that too.
Similar with OS X by Charles+Dodgeson · 2009-05-07 08:20 · Score: 3, Informative

As an Apple fan-boy, I am chagrined to have to point out that there is an analogue of this problem on OS X. Meta information about a file will contain information about its "Creator" (which is often used to determine what application it should be opened with) and also the file Icon.
This allows for a file to have, say a plain text icon but open as something else altogether. Apple has taken some mitigating steps (warnings before executing downloaded files for the first time), but has not changed the underlying problem which stems from concealing information from the user.

--
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
Re:This again? by twidarkling · 2009-05-07 08:25 · Score: 3, Insightful

Plus both have lower total cost of ownership.
[citation needed]
Seriously. It's not like I paid for my A/V software. It's not like I run scans when I'm using the system, so my work isn't being slowed.
Then, vs. just OSX, the hardware's cheaper, you can upgrade it and futureproof it, so you don't need to buy an entirely new $1.5k machine, and software's same price or cheaper, with more options. And as for security, may I point you to the Mac-only botnet that was recently discovered due to pirated copies of iLife, or iWork, or whatever it was? Stupid people will fuck up any system you give them, regardless of OS. Windows is not inherently superior or inferior, it's just the one that does what I need.

--
Canada: The US's more awesome sibling.
Re:Isn't this a dupe? by Hatta · 2009-05-07 08:26 · Score: 5, Insightful

You want a solution? How about this: Windows should only hide file extensions for files that don't use custom icons
How about we never hide the extension for any reason? If you're worried about clutter, and redundant information on screen, ditch the icons. The extension is all of 3 bytes, and it's far, far easier to read 3 letters than it is to squint at the icon and guess what it's supposed to be.

--
Give me Classic Slashdot or give me death!
Re:Um, Win7 is not yet a release by David+Gerard · 2009-05-07 08:27 · Score: 3, Insightful

Then this is the time to make a big fuss about it: so that it will be fixed for Win7.

--
http://rocknerd.co.uk
How can this be? sufixication by goombah99 · 2009-05-07 08:29 · Score: 4, Interesting

How can this possibly be?

Your question actually has a face value in excess of it's sarcasm content. How did we get here?
I'm stating common knowledge but it's worth reflection since it paints a large picture. In the begining there was the file and the file was just a marked off stretch of physically contiguous bytes on a tape or drum. it had no internal structure. Have a directory that associated names with files regions was something you had to implement yourself. The filesystems formalized this to having names, hierarchies, and even non-contiguous allocation tables for blocks.
Since that time every new file system has tried to codify the notion of metadata. And in this land of babble, the only common durable hiding place for meta data has turned out to be the filename itself.
Look at HFS for example as a valiant effort in defining meta data like "kind" and "creator", and defining different kinds of forks some of which had uniform storage protocols for resource, so that programs other than the creator could inspect and edit them. And boy what a snarl that has perpertually been. While these still exist, apple has punted and gone to just using file structures and a specially named file (plists) to hold meta data in a quasi XML format.
And so here we are 30 years later and were still putting suffixes on our files just like back in the days of DEC and Prime and even before.
And think about perhaps the biggest failure of the Longhorn Debacle. The promise of a revolutionary new filesystem that put meta data and it's inspection first. An entirely relational storage system underneath that only mimmiced the hierachical system for legacy purposes.
Deleted from Longhorn, promised again for vista, and then gone. Promised for windows 7 then gone.
It's bizzare. Everyone knows what the problem is. HFS was much maligned precisely because it was more complex than suffixes but it's what we really needed back in 1984. and all the others all made so much sense too.
Why are suffixes so enduring? How can this be?

--
Some drink at the fountain of knowledge. Others just gargle.
1. Re:How can this be? sufixication by colourmyeyes · 2009-05-07 08:39 · Score: 3, Insightful
  
  Why are suffixes so enduring?
  Because the human using the computer wants a quick way to determine what the file most likely contains.
  
  --
  My grandmother used anecdotal evidence all the time, and she lived to be 120 years old.
2. Re:How can this be? sufixication by coolsnowmen · 2009-05-07 08:59 · Score: 3, Interesting
  
  my "file" command seems to do a pretty good job. So there are some standards even if they are just because of common practices of using a so-called "magic number" in the file data itself.
3. Re:How can this be? sufixication by andi75 · 2009-05-07 09:33 · Score: 5, Informative
  
  > Metadata sufficient to render file extensions obsolete would leave us with http://example.com/file, with no way to tell what it contains.
  That's where MIME types come in to save you. While it is true that from the URL you can't tell the contents, the moment you do a "GET /file" the server will tell you the mime type (e.g. application/msword), and you can save that information in the file's meta data on your local filesystem (e.g. save it as file.doc).
4. Re:How can this be? sufixication by Phroggy · 2009-05-07 20:30 · Score: 4, Informative
  
  By reading the MIME type stored in filesystem metadata! In this example, when you save a document in Microsoft Word and name it "file", instead of appending a ".doc" extension to the filename, Word would leave the filename alone and add a MIME type. The OS's file browser would use this MIME type to determine which application to open the file in when double-clicked (instead of using extensions the way it does now), and a web server would read the MIME type and send that to the browser, instead of looking up a file extension in a table the way it does now.
  For backwards compatibility, users could choose to append an extension to the filename, but this would be completely ignored by newer operating systems. If you chose to name your Word document "file.jpg", you could, and your OS wouldn't care, but since this would cause significant confusion when sending it to users of legacy systems, you wouldn't do that.
  The Macintosh filesystem (MFS/HFS/HFS+) used 32-bit "type" and "creator" codes, normally rendered as a 4-character string. This was a good idea in 1984, but not nearly as specific as MIME types (on classic Mac OS, HTML and XHTML and CSS and JavaScript files would all have their "type" field set to "TEXT"). MIME types are definitely the way to go, if you want to construct something like this today.
  
  --
  $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
  $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
BULLSHIT FUD by sexconker · 2009-05-07 08:31 · Score: 3, Informative

Run virus.exe in XP (SP2), Vista, or (I presume) 7.
What's that box? A security warning about unsigned code?
Rename the file to virus.txt.exe and try again.
What's that box? A security warning about unsigned code?
Fuck off insecurity experts.
1. Re:BULLSHIT FUD by merreborn · 2009-05-07 09:30 · Score: 3, Insightful
  
  Run virus.exe in XP (SP2), Vista, or (I presume) 7.
  What's that box? A security warning about unsigned code?
  Rename the file to virus.txt.exe and try again.
  What's that box? A security warning about unsigned code?
  Fuck off insecurity experts.
  Too bad users don't read dialog boxes
Re:Ah, he(.conf) started(.d) (in)it... by nine-times · 2009-05-07 08:59 · Score: 3, Insightful

It doesn't seem to me that line-bundle was particularly blaming Bill Gates, Windows, or Microsoft. Using extensions in filename as the identifier of file-type is a common and long-standing practice, but it's also problematic.
The MacOS X approach by Midnight+Thunder · 2009-05-07 09:30 · Score: 4, Informative

Upon reading this, I wondered whether MacOS X suffered the same issue, so I decided to test. I disabled the showing of all extensions (Finder preferences), duplicated Text Edit, so it appeared as "TextEdit 2" and then edited the visible name to "TextEdit 2.doc". The result was displaying itself as "TextEdit 2.doc.app". For other file types, such as a PDF doing the same thing results in being asked if you are sure you want to change the filename extension, though renaming from the Terminal a PDF from "toto.pdf" to "toto.doc.pdf" resulted in the same visual behaviour as the one observed for the application. Its an interesting solution to the problem, since basically if the file has multiple extensions they are all shown.
The issue described in the post has already caused me issues in the past on Windows XP, on a developer's machine, where extensions were not shown by default. Imagine an Apache conf folder that contains:
http.conf
http.conf.bak
The first one appears as 'http' and the second one as 'httpd.conf'. I didn't hit me straight away that the wrong file was being edited.
Does anyone know how Linux handles this in the various GUI file managers?

--
Jumpstart the tartan drive.
PIF files by Repton · 2009-05-07 10:51 · Score: 4, Informative

F-Secure points out that .PIF files will have their extension hidden even if you change the display option.

Q: Will that make all file extensions visible?
A: Well, no. There are executable extensions that will STILL be hidden even if you turn the option off.

Q: What?
A: For example PIF. This file type was meant to be a shortcut to old MS-DOS programs. Problem is, you can rename any modern Windows Executable to .PIF and it will happily run when double-clicked.

Q: How do you I make PIF files visible then?
A: Via a registry key called "NeverShowExt". We'd link you to an article in the Microsoft Knowledgebase... except we couldn't find any. But here's a Web page on the topic, from GeoCities, made by some hobbyist a couple of years ago. Maybe it's the best source of information on the topic.

--
Repton.
They say that only an experienced wizard can do the tengu shuffle.
Sigh... by InsertCleverUsername · 2009-05-07 11:16 · Score: 3, Insightful

This has got to be one of the dumber anti-Windows trolls presented as news I've seen in a while. An evil hacker could also put a post-it note on an idiot's computer telling them to type "FORMAT C:" at a command prompt. People too dumb to recognize icons or use AV software just shouldn't be using computers.
That all said, I've always thought that extension hiding default was one of the more annoying things I have to kill every time I install Windoze. Seems like Redmond just keeps dumbing down the interface, forcing me to work harder at getting the details I need.

--
Ask me about my sig!