Email has always been an effective way to spread malware because people often click on the attachments they receive without taking any additional protections. Those extra protections would include opening the attachments in a better sandboxed environment (Sandboxie, as or a virtual machine, are two examples). It’s understandable why most do not, because it’s often too inconvenient to take such measures to read your email. Therefore, it’s up to email service providers to try and limit this type of malware risk as much as possible.
Where applicable, the browser’s sandboxing should also help. However, chances are the malware makers already take browser sandboxes into account and include ways to bypass them.
The new restriction is a part of Google's continuous efforts to improve Gmail security. However, we're still waiting for the end-to-end encryption feature that Google promised back in 2014 but has yet to deliver.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
Although this is good for the average user. Google should provide the option for a user to manually override the security for a specific e-mail for any file extension or file. Just let them know the risks. They can then decide to override it if they so choose.Reply
I can understand trying to protect the average ignorant user. Just don't alienate advanced users in the process. Those who know how to judge whether or not an attachment is reasonably safe and don't blindly open attachments. Such as, you don't open an attachment you weren't expecting.
Software devs who can't zip their attachments probably have bigger problems than Gmail's new .js block.Reply
I wont say where I go to uni at but we have year 2 and 3 students that do not know how to zip a project folder for their programming classes. It is pretty sad.Reply
19212359 said:Software devs who can't zip their attachments probably have bigger problems than Gmail's new .js block.
Last I tried GMail looks inside zipped archives. Unless they encrypt it GMail still blocks it. Although they should encrypt it.