In the world of technology, the accelerating rate of change is so fast, the environmental changes so rapid, that looking back just 3 years, for example, is akin to looking back into ancient history.
Even so, there are some characteristics of computing where the old truism “the more things change the more they stay the same”, are entirely relevant – and, the fundamentals of system security is a singular example.
One of the principals of system security – one which is rarely referred to is – the need to understand file extensions – and, more particularly – why it is file extensions should NOT be hidden.
Dave Brooks, a highly competent computer pro, and a popular guest writer here, addressed this issue in a guest post (ahem), 3 years ago. This article is every bit as important today, as it was when it was first posted. Perhaps, even more so.
Here’s what Dave had to say:
One of Bill’s security recommendations (among the many that he tries to pound into the heads of his readers), is to disable the hiding of file extensions for known file types.
I will explain why this is important and how it can protect you. This can get a bit complicated for the novice user, so I’ll try to make it easy to understand.
Firsts things first. What is a file extension? File extensions tell the operating system what type of file it is dealing with, which in turn determines what application is opened when you double click the file.
Adobe PDF documents have a PDF extension, MP3 audio files have the MP3 extension, video files use a number of extensions such as AVI, MPE, MPEG, WMV, and so on. Windows keeps track of what file extensions should be opened with which application, if you rename a file and delete its extension, Windows no longer knows what type of file it is and will not be able to open it.
When working with Windows, almost all files have an extension, this is the 3 or 4 characters after the LAST “.” (dot or period) in the file name. Why is the word LAST in upper case? Because file names can have more than one “.” in them, and this is where your ability to see these extensions can save you.
For example, consider this file named “Invoice.doc”. For many people they would immediately know this is a standard Microsoft Word document. If your PC is set to hide known file extensions then your computer would display the file in a Windows Explorer window, or email attachment, as “Invoice”, hiding the 3 digit extension.
The problem here is, a Trojan can come in as an email attachment as a compressed file, or an executable called Invoice.doc.exe. Remember, only the digits after the LAST “.” are important to the file type, so even though you see Invoice.doc, the file actually has an exe extension, making it an exe or program.
If you have your PC set to hide extension, you would see the file name as “Invoice.doc”, even though the actual extension (which is hidden by Windows) is exe. Another trick is to give the file an icon that makes it look like it’s a Word document to fool unsuspecting users even more.
So you can see, if you disable hidden extensions, you will be able to see the actual file extension, not the one the Trojan wants you to see, and you will be able to better determine if the file is in fact what it is claiming to be.
To unhide these hidden extensions;
1. Go to start>Control Panel
2. Click on >Folder Options
3. Now go to >View tab> Then uncheck the box “Hide extensions for known file types” >click Apply>then OK. That’s it done.
Now you can see the file extensions on all file types.
Note: If you come across a file type (extension) that you don’t recognize, the website FILExt will tell you. Simply enter the “.abc” and FILExt will tell you the program that created it and, recommend how to open it.
Bio: Dave Brooks is a professional Computer Technician from New Hampshire, USA. Dave has now become a regular guest writer who’s last article “Let’s Talk About Backups” was a huge hit.
Drop by Dave’s site at Tech-N-Go, and checkout the Security Alerts.