my take: get real, we've been adding TLDs for many years already so of course we will get new ones that happen to look like file extensions. That's not a problem with domains, that's a problem with whatever stupid system that can't separate files names from domain names. We've had ".com" work as both for decades already.
@bagder I mean this sincerely fucks with the idiotic decision of at least firefox (and I believe chrome as well) to link the search bar to the address bar. I hope this inclines the browser developers to reverse this decision, since .zip files are infinitely more common to be searched than .com files if you think about it :-D
@bagder I've ... I've dealt with many reasonably technical people that ... basically don't really know what file extensions are or how they work (e.g. that you can rename things, of forcibly open a foo.baz file in Excel and it'll work, assuming it's a legitimate file supported by Excel). I think a lot of this is due to most people having never used a command line or command line tools, or file formats simple enough to actually view with less/more. And don't even try to explain to people that https://example.org/foo.php can actually be a python script, or a static HTML document, or whatever, it'll result in tears for everyone.
@bagder I think the problem is with mail or chat clients that make the plain words financialstatment.zip clickable as an HTTP URL. If clients were not doing this, an attack in the form of a message such as "please look at the attached notavirus.zip file" wouldn't work.
@bagder Yes, yes, but let’s not add unnecessary confusion, huh? It’s like saying “not my fault you can’t tell Unicode homographs apart in your domains”.
Add comment