Mea culpa: Viruses, worms and zipped files

Yes, zipped files now arrive with an ".exe" extension -- and the main reason we need compression utilities is Microsoft.


Scott Rosenberg
June 17, 1999 8:00PM (UTC)

Many readers wrote in to point out my error in Wednesday's Technology Log about the malicious Explore.zip worm -- which arrives as an e-mail attachment named "zipped_files.exe" accompanying a note that says, "Take a look at the attached zipped docs." I'd written, "A savvy user would know that real zipped (compressed) files end in '.zip,' not '.exe' -- the file-name extension for executable programs."

As many of you rightly noted, this is often not true: Zipped files that have been turned into "self-extracting archives" -- files that you double-click on to decompress, without needing to resort to a separate zip/unzip program -- do indeed end in the ".exe" suffix. So knowledge of this distinction wouldn't necessarily protect one from the ravages of this virus.

Advertisement:

I have already lashed myself for this oversight -- the result of having not actually used "zipped" files myself for ages. My own savvy in this area is dusty; since I have been doing nearly all my work in plain text for years now, I rarely use file attachments at all.

In fact, one big reason people still need to use file-compression utilities like zip and unzip is that Microsoft Word, the dominant file format for word-processing documents, is so bloated. The 4-kilobyte text file containing my article instantly grows to six times that size when saved in Microsoft Word's ".doc" format. As one e-mail correspondent observed, "At some companies I'm familiar with, the suits don't seem to understand the concept of plain text; everything is sent as a Word attachment, even 'Hey, let's do lunch!'"

The root problem that Explore.zip exploits is the ever-deepening complexity of the Microsoft software environment. In this case, unnecessarily large files demand compression tools that then can be automated to help novice users, creating an opening for malicious virus coders to push their mischief through.

I hope my original article's point remains on target: that a better understanding of one's computer systems is the best defense against virus attacks. Another reader's e-mail suggested another defense: Get to know your co-workers and their writing styles. Then, the next time a virus program tries to impersonate one of them with a bogus message -- like Explore.zip's "I received your email and I shall reply ASAP" -- you might detect the forgery.


Scott Rosenberg

Salon co-founder Scott Rosenberg is director of MediaBugs.org. He is the author of "Say Everything" and Dreaming in Code and blogs at Wordyard.com.

MORE FROM Scott Rosenberg


Related Topics ------------------------------------------

Microsoft

Fearless journalism
in your inbox every day

Sign up for our free newsletter

• • •