Archived from groups: microsoft.public.windowsxp.general (
More info?)
On Fri, 5 Aug 2005 01:50:06 -0700, "AJ" <AJ@discussions.microsoft.com>
>It seems that every shortcut on my computer has changed. The little arrow
>from the bottom of each o f them has disappeared and when saving a file in
>word or anyother program the shortcuts don't show up in the "save as" dialog
>box. What do I do?
This sounds like using the wrong "tip" to "hide shortcut arrows".
Some folks think the arrows look "ugly", perhaps missing the point
that they are your only clue you may be dealing with powerful, hostile
file types that are able to set thier own icons and hide their true
extensions, such as .pif
So a way was found to hide these arrows, by deleting a registry
"IsShortcut" entry for those file types. The trouble was, this also
broke several other behaviors, such as what happens when you create a
shortcut to a shortcut, or what Properties you see, or whether they
are treated as a navigation "folder" or destination end-point.
So a cleaner way of hiding shortcuts was found, by pointing to
alternative icon overlay images within Shell32.dll I think it was.
The shell would still pain an "arrow" overlay over the icon if
directed to do so via IsShortcut, but what has now changed is that the
overlay is either blankly transparent, or has a fainter arrow.
TweakUI switched to this approach, and all was well and happy, until a
security patch changed Shell32.dll or whatever, and broke the process.
Now you get arrows whether you like it or not; perhaps this was by
design, in view of the safety concerns I raised earlier in this post.
So it wouldn't surprise me if some smart-ass re-invented the first
(and now discredited) fix and started waving it around again
Actually, .pif are far more dangerous than they need to be.
There's always a danger inherent in what a shortcut can do, which is
to not only run things, but pass parameters to them. So for example,
running Format accidentally would just give syntax help on how to use
the command, given that there's no drive letter parameter passed to
it. But a shortcut can pass that parameter, and more, so that it
would start formatting the target volume immediately.
That's bad enough, but a major lack of clue within MS has their
generic launcher looking for content cues hidden within the file -
that could never see, and thus which could not have been considered in
your risk assessment before running (sorry, "opening") the file - and
acting on that, instead of being bound by the risk expectations you'd
have had from the visible aspects of the file.
So, thanks to that stunning lack of clue, malware can hide raw code in
a README.TXT.pif, insert a Notepad icon within the file so that it
looks like README.TXT (the extension is never shown) and there you go;
a nice variance between the low expected risk of "reading a data file"
and the high risk of running raw code.
On such WYSIWYG risk failures are malware empires made.
>-- Risk Management is the clue that asks:
"Why do I keep open buckets of petrol next to all the
ashtrays in the lounge, when I don't even have a car?"
>----------------------- ------ ---- --- -- - - - -
Facebook
Twitter
Instagram