New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Suggestion: extension blacklist for security reasons (user-defined) #9657

Open
shula opened this Issue Oct 7, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@shula

shula commented Oct 7, 2018

(This is a totally different motivation for issue 3369.)

If a user downloads only known files (e.g. audio/video), it is wise to block pontentially dangerous extensions, e.g. EXE, COM, BAT, LNK, VBS, (PY?), on Windows, etc.

~Less savvy users can't easily spot a ponetial threat, e.g. Matrix.avi <> Matrix.avi.exe

Background: some multimedia content is bundeled with trojans, e.g. "codec.zip" or a malware executable disguised as multinmedia file. Attached screenshot is actual video file I downloaded today.

IF a user would never download an executable via torrent, this could be so blocked by a predefined or user-defined block list, (e.g.: EXE, COM, BAT, VBS, VBE, JS, CMD, PY, CPL, DLL, LNK, SCR).

In the screenshots below:
Windows hides LNK extension, a trojan disguised as AVI video, that can't be easily identified via Windows Explorer:

lnk-virus
virus2

Originally posted by @shula in #3369 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment