Disable Hidden File Extensions, Or Not?

imageIn the world of technology, the accelerating rate of change is so fast, the environmental changes so rapid, that looking back just 3 years, for example, is akin to looking back into ancient history.

Even so, there are some characteristics of computing where the old truism “the more things change the more they stay the same”, are entirely relevant – and, the fundamentals of system security is a singular example.

One of the principals of system security – one which is rarely referred to is – the need to understand file extensions – and, more particularly – why it is file extensions should NOT be hidden.

Dave Brooks, a highly competent computer pro, and a popular guest writer here, addressed this issue in a guest post (ahem), 3 years ago. This article is every bit as important today, as it was when it was first posted. Perhaps, even more so.

Here’s what Dave had to say:

One of Bill’s security recommendations (among the many that he tries to pound into the heads of his readers), is to disable the hiding of file extensions for known file types.

I will explain why this is important and how it can protect you. This can get a bit complicated for the novice user, so I’ll try to make it easy to understand.

Firsts things first. What is a file extension? File extensions tell the operating system what type of file it is dealing with, which in turn determines what application is opened when you double click the file.

Adobe PDF documents have a PDF extension, MP3 audio files have the MP3 extension, video files use a number of extensions such as AVI, MPE, MPEG, WMV, and so on. Windows keeps track of what file extensions should be opened with which application, if you rename a file and delete its extension, Windows no longer knows what type of file it is and will not be able to open it.

When working with Windows, almost all files have an extension, this is the 3 or 4 characters after the LAST “.” (dot or period) in the file name. Why is the word LAST in upper case? Because file names can have more than one “.” in them, and this is where your ability to see these extensions can save you.

For example, consider this file named “Invoice.doc”. For many people they would immediately know this is a standard Microsoft Word document. If your PC is set to hide known file extensions then your computer would display the file in a Windows Explorer window, or email attachment, as “Invoice”, hiding the 3 digit extension.

The problem here is, a Trojan can come in as an email attachment as a compressed file, or an executable called Invoice.doc.exe. Remember, only the digits after the LAST “.” are important to the file type, so even though you see Invoice.doc, the file actually has an exe extension, making it an exe or program.

If you have your PC set to hide extension, you would see the file name as “Invoice.doc”, even though the actual extension (which is hidden by Windows) is exe. Another trick is to give the file an icon that makes it look like it’s a Word document to fool unsuspecting users even more.

So you can see, if you disable hidden extensions, you will be able to see the actual file extension, not the one the Trojan wants you to see, and you will be able to better determine if the file is in fact what it is claiming to be.

To unhide these hidden extensions;

1. Go to start>Control Panel

2. Click on >Folder Options

3. Now go to >View tab> Then uncheck the box “Hide extensions for known file types” >click Apply>then OK. That’s it done.

Now you can see the file extensions on all file types.

What's in a file name

 

Note: If you come across a file type (extension) that you don’t recognize, the website FILExt will tell you. Simply enter the “.abc” and FILExt will tell you the program that created it and, recommend how to open it.

Bio: Dave Brooks is a professional Computer Technician from New Hampshire, USA. Dave has now become a regular guest writer who’s last article “Let’s Talk About Backups” was a huge hit.

Drop by Dave’s site at Tech-N-Go, and checkout the Security Alerts.

12 Comments

Filed under Don't Get Hacked, File Management, Guest Writers, Windows Tips and Tools

12 responses to “Disable Hidden File Extensions, Or Not?

  1. Darryl

    I make this change on every computer I touch. I’m utterly at a loss as to why Microsoft hides extensions by default on every OS since Windows 3.1.

    Nonetheless, it’s a good reminder.

    • Hey Darryl,

      You and I, have both run into the “expert” who has absolutely insisted that hiding file extensions is “Right and Proper”. That Microsoft is only “protecting us from ourselves.”

      What a load of bull crap.

      Like you, I wouldn’t consider setting up a machine with hidden file extensions.

      Once again – a no nonsense comment (I’m getting used to that from you). 🙂

      Best,

      Bill

  2. delenn13

    How many times have you asked a person what type of file it is..and they say…It’s a picture. You say jpeg? I don’t know..What does it say AFTER the Picture name? There should be a dot..then a 3 or 4 lettered extension. Nope, nothing there.GRRRRRRRRRRRR!

    Microsoft at their best. Nothing like keeping the masses uneducated. They don’t know what an exe is or the difference between a doc and txt or even WHAT they are.

    • Hey Delenn13,

      It is such a simple thing to understand and yet, your observation rings true. But hey, there’s no need to understand file extensions to get on Facebook, YouTube…. Just one of the many reasons cyber criminals find it so easy to screw over the “tech savvy generation”. A misnomer, if ever there was one.

      Best,

      Bill

  3. Mal

    Hey Bill,
    Good advice and something I hadn’t thought about in a while. So I checked, and alas, I had “Hide exensions for known file types” checked. Fixed that straight way.
    Cheers

    • Hey Mal,

      It’s an easy one to forget to change, for sure. Microsoft should have recognized the value in this from the start. It’s not something we should need to worry about – but, here we are decades later, worrying about it. Makes you just want to shake your head.

      Best,

      Bill

  4. pmshah

    I personally don’t like the idea of hiding file extension. I Do not like tie icon mode either. I always UNHIDE the extension and have my directories displayed in list mode. I like full details when I am exploring which in itself is rare since I prefer Total Commander for file management.

    However in any mode the icon displayed DOES give a very clear indication of the file type. So even with the extensions hidden invoice.doc.exe should not display the standard Word icon! Unless of course the virus creator includes it within the virus exe ! Then you are royally s*****d.

    • Hi Pmshah,

      Agreed – list mode is the most appropriate display method.

      As for the second part of your comment – Dave Brooks made no reference to what you suggest. What he did say is this – “Another trick is to give the file an icon that makes it look like it’s a Word document to fool unsuspecting users even more.” That seems pretty clear.

      Bill

  5. Grr

    I am a bit different on this case.
    I find it irritating to type the file name+extension when I do a new>File. So i always have hide file extension ON.

    Coming to the exe in email as an attachment, as far as I know exe’s are not allowed by most mail service providers, or at least those known to me.

    my 2 cents.

    Thanks,
    Grr

  6. John Bent

    Hi Bill,

    Checked my laptop and “hide known file extensions” was already unchecked. Don’t remember doing it (that doesn’t mean I didn’t ;)) but if Windows 7 ships with it checked, I suppose I must have. Off to check (or uncheck) the PC now.

    Kind regards
    John