Fun fact but I only found out the noreply in mail addresses stood for no reply when I was like 16
wait until you realize todo means To Do.
Although its better than people who still dont know what readme means
My work had this code for certain files: todelete. I always read it as a name for a female version of Toad from Mario. But it’s to delete. I’m really slow with stuff like that lmao
haha, dont worry, some coders really use some weird names for stuff anyways
The programmers naming dilemma: should a variable or function name be short yet inscrutable to everyone but you, or should you go with a long and descriptive name that anyone can understand yet is torture to read or write.
autofill IDEs: I got you homie
But it doesn’t avoid long lines.
I have a long display screen
Give me another advert? I never open those files because I hate adverts!
txt files cant do anything, theyre plain text. No hyperlinks, no javascript insertion, no internet access
That is reassuring. I was making a joke, suggesting that I thought ‘read me’ meant ‘re ad me’.
But now that you’ve mentioned it, I wouldn’t mind asking: so are .txt files about as ‘safe’ as files can get? I knew pdfs can send tracking info and data from other opened pdfs back to the creator. (And that even sandboxed readers can be evaded.) And I knew word files could include scripts that are executed when opened. But I did not know that txt files couldn’t do anything.
Are there other files that can’t really do anything? And do you know what the most dangerous file type is? (Other than an e.g. an exe or dmg file.)
I’ve heard that epubs are generally safe because they’re essentially just txt files in a package. But I’m not confident as epubs can clearly include internal and external links and possible JavaScripts.
I mean, they are basically just text (the standard used for encoding and the raw data). You can copy it and execute its code or links, but its about as simple as it gets, and simple enough that there’s no easy exploit for .txt files that doesnt require the user actively doing something wrong.
I dont know enough about epubs to be honest, but I would guess basic images and videos with no link or script insertion possible on execution are relatively safe, so basically the simplest common file types, since they should just read data, pass it through the decoding needed, and display it.
Videos may be trickier since they include more information on how to be run, compression tricks used and a lot more stuff, as well as the data, but simple images should not have anything, just basic information on the co-dec standard used, info on the width and length, and the raw data.
It may be possible to build a SQL insertion program for any file depending on the system and how that file is opened in it (a malicious driver for some file type could run some hidden code in images of that type, its been investigated as a possible cyberattack), but I would hope such obvious stuff would be figured out for simple programs and sensible OS distributions (if unexpected input: break and return “unreadable file”).
Thanks for replying. This is useful to know.
Its honestly a bit complicated since I am not a cybersecurity expert, so please ask professionals and dont rely on this alone if big money relies on this kind of security.
TLDR: I dont like videos, and SQL insertion and malitious drivers are the main issue for a smart user in terms of malitious image/text files, but also mostly outside their control
most dangerous file type? by ratio of damage some weird types that are created on purpose to store malicious code to be executed by a custom driver or program.
by total? likely malitious .exe programs if executed by the user on accident, or javascript .js files if autorun ones, associated to some file/page to be executed without user knowing (data insertion, email hidden javascript, or a miriad of other attacks using this files that are supposed to run on background on web pages - those damned cookies are mostly javascript).
ranking the bad is hard.
I think I’d be happy with a device that only displayed text and only let me type text. For everything else worth doing, a VHS and a good old cathode ray would be fine. Modern tech seems far too vulnerable.
To be honest, I do like the visual perks of javascript, but having it literally everywhere is just inefficient. HTML+CSS had the advantage of running on a fucking potato with less risks, but you could do just blogs, difficult user interaction (done by email back in the day iirc).
