Security threats Toolkit
Story: Experts: Windows 7 at risk from legacy flaw
Your missing the point
-----
"This sort of proves my point, you saw the whole extension."
So the point I've really demonstrated is that seeing the whole file name is a really Good Idea and that hiding the extension is a Bad Thing. (GNU/Linux boxes don't hide file extensions, of course.) I only mentioned this at all because it was a genuine piece of malware that I had received recently that was actively trying to leverage this odious feature of Windows.
----
What you've demenstrated is that someone who is techincally savy spotted the extension and understood it's meaning, I'm not saying that's not the case.
-----
"There are are a heck of a lot of users out there who understand a little bit about extensions, spot pdf and think "oh thats alright it's a pdf" and don't understand the significance of the following extension."
Rubbish. Have you ever seen a malware file named xxxpdf.exe, pdf.xxx.exe or xxxpdfxxx.exe? These files are consistently named xxx.pdf.exe in order to leverage Windows "extension hiding" capabilities.
-----
Chris, this is not rubbish, it's a fact that I have experience of. I don't appreciate being called a liar. If you want to have a debate we can, but only if you can maintain it sensibly. My point is that many users understand that an extension is a dot followed by something else, they don't really have a good understanding of it though, hence my point about phishing.
Full Talkback thread
Story: Experts: Windows 7 at risk from legacy flaw
-
Not really that serious knapper -
But as Adrian Kingsley-Hughes pointed out in... Chris Rankin -
Bit of a weak argument knapper -
I saw the whole extension because I... Chris Rankin -
Your missing the point knapper -
Actually, you've missed t... Chris Rankin
-
Not really that serious ator1940
-
So, what else is new? thinkfeeldo
-
Hidden Filename Extensions and Assumed Idiot Users Xwindowsjunkie
