• DankZedong
    link
    fedilink
    111 year ago

    Fun fact but I only found out the noreply in mail addresses stood for no reply when I was like 16

      • DankZedong
        link
        fedilink
        81 year ago

        My work had this code for certain files: todelete. I always read it as a name for a female version of Toad from Mario. But it’s to delete. I’m really slow with stuff like that lmao

          • @redtea@lemmygrad.ml
            link
            fedilink
            41 year ago

            That is reassuring. I was making a joke, suggesting that I thought ‘read me’ meant ‘re ad me’.

            But now that you’ve mentioned it, I wouldn’t mind asking: so are .txt files about as ‘safe’ as files can get? I knew pdfs can send tracking info and data from other opened pdfs back to the creator. (And that even sandboxed readers can be evaded.) And I knew word files could include scripts that are executed when opened. But I did not know that txt files couldn’t do anything.

            Are there other files that can’t really do anything? And do you know what the most dangerous file type is? (Other than an e.g. an exe or dmg file.)

            I’ve heard that epubs are generally safe because they’re essentially just txt files in a package. But I’m not confident as epubs can clearly include internal and external links and possible JavaScripts.

            • @Franfran2424@lemmygrad.ml
              link
              fedilink
              31 year ago

              most dangerous file type? by ratio of damage some weird types that are created on purpose to store malicious code to be executed by a custom driver or program.

              by total? likely malitious .exe programs if executed by the user on accident, or javascript .js files if autorun ones, associated to some file/page to be executed without user knowing (data insertion, email hidden javascript, or a miriad of other attacks using this files that are supposed to run on background on web pages - those damned cookies are mostly javascript).

              ranking the bad is hard.

              • @redtea@lemmygrad.ml
                link
                fedilink
                21 year ago

                I think I’d be happy with a device that only displayed text and only let me type text. For everything else worth doing, a VHS and a good old cathode ray would be fine. Modern tech seems far too vulnerable.

                • @Franfran2424@lemmygrad.ml
                  link
                  fedilink
                  21 year ago

                  To be honest, I do like the visual perks of javascript, but having it literally everywhere is just inefficient. HTML+CSS had the advantage of running on a fucking potato with less risks, but you could do just blogs, difficult user interaction (done by email back in the day iirc).

            • @Franfran2424@lemmygrad.ml
              link
              fedilink
              3
              edit-2
              1 year ago

              I mean, they are basically just text (the standard used for encoding and the raw data). You can copy it and execute its code or links, but its about as simple as it gets, and simple enough that there’s no easy exploit for .txt files that doesnt require the user actively doing something wrong.

              I dont know enough about epubs to be honest, but I would guess basic images and videos with no link or script insertion possible on execution are relatively safe, so basically the simplest common file types, since they should just read data, pass it through the decoding needed, and display it.

              Videos may be trickier since they include more information on how to be run, compression tricks used and a lot more stuff, as well as the data, but simple images should not have anything, just basic information on the co-dec standard used, info on the width and length, and the raw data.

              It may be possible to build a SQL insertion program for any file depending on the system and how that file is opened in it (a malicious driver for some file type could run some hidden code in images of that type, its been investigated as a possible cyberattack), but I would hope such obvious stuff would be figured out for simple programs and sensible OS distributions (if unexpected input: break and return “unreadable file”).

                • @Franfran2424@lemmygrad.ml
                  link
                  fedilink
                  3
                  edit-2
                  1 year ago

                  Its honestly a bit complicated since I am not a cybersecurity expert, so please ask professionals and dont rely on this alone if big money relies on this kind of security.

                  TLDR: I dont like videos, and SQL insertion and malitious drivers are the main issue for a smart user in terms of malitious image/text files, but also mostly outside their control