Sign in with
Sign up | Sign in
Your question

Security and file types

Last response: in Business Computing
Share
April 5, 2012 9:16:52 AM

Is there any sort of file (and file extension) that is more-or-less guaranteed to be free of viruses and other malware? i.e., ASCII text files?

More about : security file types

April 5, 2012 9:30:34 AM

Well a virus can hide in any file type. However if its inside a text file like you mentioned it won't do any damage (in theory) as it will not execute and will be opened with a program like notepad.

But consider the case where a hacker has uploaded a file to a target disguised as a txt file, and then remotely executes the file. In this case it doesn't matter which file type it is.

So apart from the 'manual' execution, text files will be almost free from malware unless there is a second file that can run it.
a b 8 Security
April 6, 2012 6:57:16 PM

What exactly do you mean here? Are you asking if there is a file type that will never be replaced with a virus? Probably not. You can't make a virus in a text file like you can with something that allows macros or other programs to be run like a Word document. But a text file can easily be a virus itself if it hides the extension and is actually a .bat or a .cmd or .vbs or some other program file that can do damage when run.
Related resources
April 6, 2012 8:06:26 PM

the only one i know of is .txt or text document
i am pretty sure macro virus can attach to most every thing else
April 6, 2012 8:16:18 PM

A file is just a bunch of bytes. Numbers if you will. These numbers can represent many things: you can use a character table, which will tell, which number means which character, and voilá, you've got text. You can give these numbers to a processor, and tell it to "execute" them. The processor will know, which number means what, and you've got an executable binary file.

Now, what a virus is? A virus is a program which distributes itself, to other files, and to other computers. When a virus "infects" a binary file, that simply means, that it writes some numbers into that file, into very specific places, which results, that the processor will pick them up, and execute them, when the file itself is getting executed.

So... I think it's safe to say that anything a processor executes, can be harmful if it was compromitted, be it an executable binary file, or a script, or a macro inside a document file.
a b 8 Security
April 6, 2012 10:30:12 PM

Hi :) 

No...

All the best Brett :) 
April 7, 2012 4:47:42 AM

Thanks for all the replies.

In the scenario I was imagining, there would be no bogus file extensions, and the recipient would open the file with the correct (for that file extension) tool.

i.e., someone who gets a *.txt file opens it with EditPad or TextPad or MS's Notepad, someone who gets a *.pdf opens it with adobe acrobat reader, etc.,

Text and PDF files are my principle interest in this case.
a b 8 Security
April 9, 2012 3:28:30 PM

beingbobbyorr said:
Thanks for all the replies.

In the scenario I was imagining, there would be no bogus file extensions, and the recipient would open the file with the correct (for that file extension) tool.

i.e., someone who gets a *.txt file opens it with EditPad or TextPad or MS's Notepad, someone who gets a *.pdf opens it with adobe acrobat reader, etc.,

Text and PDF files are my principle interest in this case.


PDFs are a bit dangerous. txt files a lot less so. Adobe products are actually a big security hole and are used in many attacks on computers, not just Acrobat but Flash.

For a real txt file to be dangerous, someone would have to change the binary code on the file to not only have it be txt but also execute something else. Just a plain txt will not be able to do anything. It would have to be a txt file but written in a programming language to do any harm, but then you'd have to run it using the proper program (command.com, cscript, etc...) and not a text editor.
!