Oh god no

I was thinking the exact same thing. But why stop at that? We also need .txt, .rtf and .docx 😂

I haven't seen anyone mention .html as a top level domain name.

@@Mainyehc also .rar .7z .xls .xlsx .ppt .pptx

Let me suggest .html and .php as TLDs.

Must have been with a bunch of Yes men…

This is like a office building meme, where a CEO agrees with everyone except one person, that person states that they should make it secure as much as possible, otherwise it might not be a good idea, then they throw that person out of window.

Common sense goes out the window when money is to be made.

It is a known fact in psychology that meetings are, in general, not very usefull because people fear the dominant personality, usually the big boss in the room.

.secure is a better extension smh

@the box i do that a lot to find missing files or just to find out what a file is for 🙂

If you meant you can type a local file path into the browser address bar, that's exactly my first thought hearing that as well Edit: Actually I think you might have been talking about something else, but either way I think we both have good points

Did they EVER see a windows 10 search bar???

It’s concerning how out of touch with modern times ICANN is

literally old internet explorer would work as a file browser, who approved this shit

Sounds to me like their opinion is bought and paid for. Or their grandparents are all dead already idk

ICANN not understand how they are that dumb.

More like ICANNOT

Because THEYCANN

ICANN and the W3C for that matter are extremely out of touch.

Trolling is a art.

Forty two zip is a memetic hazard I literally struggled to not accidentally start typing it into the search bar, _as a search word_ while curious to read more about it Can't even Google about it or accidentally risk somehow navigating to the site

@@aogasd No joke, I'm security conscious and I was even fighting off the urge. Especially since I wasn't familiar with it before, so I wanted to see how old the malware was and what exactly it did/remediation options for an infected PC, first inclination was to just type it out in my browser search bar and it took me way too long to realize what I was about to do. Didn't start typing yet, but man was I close. This is almost more dangerous for the tech savvy as .zip is so ingrained in us as a file extension.

You would not say the same thing about someone leaving a vat of poison open in the market... Raise your standards, because that is chaotic EVIL, you dunce.

Right? It basically trained the less tech savvy to "click around and find out!".

Also allowing shit like "invoice.txt.exe"

You have to open it to find out what's inside!

Windows always hid it by default when did windows not default hide extension. XP was default so are you talking like 95 lol

@@monsterhunter445 Some of us remember when Windows was a new idea, and it was an overlay over DOS. Actually, some of us go further than that; my first graphical operating system was GEOS on a Commodore 64. Then I upgraded to an 8088, LOL.

They had a pile of foresight. They saw a bigger pile of money to be made.

obviously they want to control all the internet, so they need to start a lockdown here, like the last they did irl

One of the few times when they actually SHOULD have asked a bunch of boomers to make tech decisions.

@@williamdrum9899 they know what they are doing

Sales trumps engineering, development, and even security. They think they are going to sell these domains for money.

That's a Chromium thing. The Chromium devs love that "won't fix" option.

I'm inclined to believe its a directed attack by google to destroy the use of those file extensions.

​@@BeauZoe I had this same thought watching this video: when are we expecting Google's new patented archive file format?

As a pen tester I love "won't fix" issues. Gift that keeps on giving.

@@Lowraith Microsoft is about to integrate archiver in the OS. Maybe it is related

More like wants everyone to be infected with malware. This'll either drive sales of anti-virus programs up, or make most people jump ship to a Chromebook over a Windows machine. The latter would probably profit them most.

@@CnCDune exactly. from those fake sponsored "links" that are imitating real legit links, to malicious ads on KZbin and even google wanting to make Adblocking "forbidden". they WANT to make the internet more dangerous and they probably are making tons of money from this as well as data that was stolen from innocent users.

@@CnCDune can not argue with that logic honestly

google is an ad company. they dgaf bout anything but selling ad space at this point

​@@CnCDune or they could possibly making their own antivirus and bundle it with Google One, and bump up the subscription price to 3 times

.pdf domain coming soon I guess :P

@@Poldovico Don't give Google ideas 😂

when you do that you still have to write something like file:///C:/example.pdf and not just example.pdf in firefox at least (not sure if its different in Chrome). However it's obviously still a problem for the reasons explained in the video

Yeah what a stupid and shortsighted comment by them. When I was making websites I would often type filenames in a browser address bar. I mean how else are you going to quickly test links without going through the process of putting the link in a webpage and then clicking on it? And when you click on a link to a file you're technically entering a filename into the address bar, just not manually.

Why type it manually instead of drag-and-dropping the file from a file manager? Or directly open it with a double click? But sure, web browsers are good enough for reading PDFs. For adding comments to them (for reviews) I use the PDF/documents viewer that came with the system, being evince.

Yeah it's been that way for at least a decade now

Google removed "Don't be Evil" from their company a decade ago.

someone broke in, added a comma, now their slogan is "don't, be evil" and it's all been downhill since then.

Removing "don't " was a six-byte optimization. Performance-critical change.

Any kinds of file extensions as a domain is a huge problem when it's recognized automatically as hyperlink, I dunno why those people thought this was a good idea

They're not stopping with .zip?

@@karlrovey 🤣

@@karlrovey By their own logic they shouldn't

@@karlrovey .mp4 is also one I think

Seeing how Google still allows a long standing KZbin channel to suddenly be renamed to something like Tesla or (something giveaway), have all their videos deleted without confirmation, and then live stream a video (scam) I'm not surprised they don't care about .zip domains.

I didn't think it could get any worse. . 😂😂😂

Allow? They're the ones doing it!

Torvalds or Sebastian?

@@m4sterred853 great question

This will probably come eventually, but nobody applied for that string just yet.

You need to have your domains for your executives, come on!

​@@Mysdia yes, its time to virtual lockdown now, so every place will be controlled by few persons

crossed my mind. I looked to see if that domain existed on the exclusion list.

Or .pdf

That's not really the failure here. Anyone can petition for a new top level domain. If it wasn't google, it would have eventually been someone else. But like Joe said, ICANN is the regulatory committee here that should have INSTANTLY recognized this as a security vulnerability and denied it.

@@bitterrotten Don't worry as soon as a major company or government body gets compromised by this ICANN will 100% change its stance. And Google will most likely get sued over it like with COPPA.

For real, i never liked it

gets me banned on twitch by mistake on the regular

Especially when a lot of places that do it are very strict on posting links and sometimes just delete your post/comment if you link anything.

Extend this to "phone numbers" in some messaging apps (I'm looking at you, Telegram)

Pretty much all modern software is updates no one asked for, from operating systems to web browsers.

In hardware, we have Nvidia and AMD doing sketchy things to their GPU lineup In software, we have Google and Discord constantly screwing its users 2023 is such a chaotic year for a tech world

What did discord do? I don't really use it

@@ayden8901 Most recently theyʼre making everyone change their usernames, which a lot of people dislike for various reasons. Many of those are Change Bad but many are actual issues which will cause problems. Before that they added more Markdown support, including (relevant to this) the ability to make arbitrary text links; they reverted that, then added all but the links back in, and I *think* they also plan to add the links again but Iʼm not sure.

Although people don't like the discord change and the fact it has created problems. I still don't hate it. For us that constantly use discord it seems dumb but you have to remember that for new people it can be confusing. So I can see how theoretically just making it the same way that other platforms do it can decrease friction. To be clear I am not saying I like it, I am just saying I don't dislike it. Discord I feel like has a pretty good track record compared to other companies and I am of the belief that they will figure it out. I could be wrong though.

@@danielrhouck thanks for the reply :)

Do you simply block *.zip as a wildcard. Sounds like a good idea, will do that as well.

On your what?

@@danielm.595 pihole - google it if you're not familiar

Agreed. Google's not stupid. This was intentional.

"They get kickbacks from the virus authors"? Could you explain that one please?

@@justinsbeaver9010 Probably something along the line of virus creators purchasing ads -> google catching them uploading malicious adds -> breach of contract aka google pockets the money without having to provide the rest of the service. That is what my maximum cynicism is telling me could be the idea behind it.

@@justinsbeaver9010 Paid to "look the other way", in other words.

@@WackoMcGoose Could you be more specific? That's very intriguing!

*puts on tinfoil hat* why does this sound like something that google would do

Did they buy rar or 7zip? 🤔 These are the only alternatives to zip files that I know of.

Or they have a "new AI antivirus that can protect you from just this kind of thing", basically "that's a nice xyz, shame if something happened to it, maybe you should buy our product"

​@@Samu2010lolcats Definitely not 7zip, but can't speak for winrar

Too late. Windows 11 will add native RAR and 7Z support so even if ZIP dies, it will only strengthen the others instead of giving way to a newcomer.

I'm pretty sure the domain was *intended* to be named after the zip file type.

ICANN already had to consider this and conducted a "study" to cover their arse. Although I do suppose they have a form for reporting name collisions if a new second-level domain names's name is causing demonstrable harm; particularly if it's a threat to human life (otherwise they might ignore it), and that's for second-level domains only Not Top-level domains like Zip. I remember Blue Coat researchers raised concerns about the .Zip TLD calling it the shadiest of the new ones bc of the pings... findings were vigorously contested by large companies who had applied for the new TLDs.

They should have just called it "zyp" if they really liked the name that much

Same reason they made a floppy disk the same name as a compression format.

INB4 data breach on Google from their accountant getting pwned by .zip extension domain.

Groupthink is a hell of a drug. So is lack of age diversity. Willing to bet nobody over 50 had a say in this. Which for something like this is a bad thing.

At the end of the day it is ICANN who is to blame. They are the one's who are supposed to be the gatekeeper's for this sort of thing. Relying on multi-billion dollar corporations (like google) that are driven singularly by greed is obviously not a good idea or an acceptable solution.

gotcha!! since irl lockdown was a success, its time to virtual lockdown to take control over every single place of world

cOnTrOvErSy tHeOrY iNtEnSiFiEs

@@vinching926 google brazil only shows gov websites when searching by news. Its obvious that internet is not free anymore. They have too much control today

Google may currently be victims of corporate sabotage. As a public company; someone will greatly benefit from them going bankrupt. Period. Going bankrupt is the most profitable option for short sellers. They're not trying to destroy the internet, they're trying to destroy Google. No risk to the leadership if they're in on it, as they can take a golden parachute out straight from the shareholders. Basically, Google is in it's end of life phase. They chronically have neglected new products, technologies, etc that they have paid out the ass for, are burning any good will they had rapidly, and now are actively degrading their services. Next and soon in the playbook, we'll see massive lay offs, disruption to core google services from them becoming unmaintainable, followed by a massive exodus of users that will go to convenient alternatives that will "suddenly" pop up. This will lead to a massive rise in the stock price due to record profits from not having to pay anyone or run any services and being able to sell corporate assets. Just as planned, the bigger they fall, the better, as all the value in the stock and more can go to you if you short and naked short it. The layoffs and user exodus will indicate to other short sellers that it's time to pile on. The more exposure to the rest of the market the better, because then everyone is in on making them fail and it becomes basically certain to happen. Huge pre-death price pump. Right at the peak of the stock price: massive rug pull. Market makers let google die, the shorts make more than google was even worth via illegal short exposure; and all the remaining pieces of google get sold off. Followed by a giant wave of articles about how google deserved it, how hard it was failing, how outdated it is, with obvious undisclosed advertisements for those new alternatives, etc. Finally alphabet is delisted, and shorts no longer have an obligation to buy back GOOGL shares. All the user data was stolen or sold along the way. Everyone gets robbed and nobody wins, except for corrupt market makers and their buddies. And you'll read those mostly AI generated articles and go on thinking it was meant to happen, exactly as planned, and sign up for the next service in the playbook. Maybe you'll even get to see the same CEO and management team again!

The MIME type of the default file loaded was probably set to application/octet-stream instead of text/html

@@jamesphillips2285 yes, but why do chromium browsers download files without asking first. As a Firefox User that's just wrong.

It is _VERY_ easy to get around how Firefox is picking up on it, and to circumvent any warning to users. Obviously I'm not going to spell it out .. but believe me it doesn't take a genius, because I'm an idiot and I figured it out in roughly 3 seconds. Be assured that malicious actors are _already_ doing it.

@@tr7zw It's a user setting which is off by default.

You can disable that in chrome:// settings my guy.

Is it not set to _"off"_ (for auto-download) by default? Last time I used Chrome it was.

If you need to say it, it’s not obvious enough

​@@THE-X-ForceLast time I installed chrome, auto-download was the default. I forgot to turn it off, went to a sketchy site, and almost had a heart attack when it suddenly downloaded something. I now manually check every time.

Incompetence is not the word I would use for this. 😀

Deliberate incompetence is called malice.

@@dombo813 Bingo

Wow. This is like Y2k all over again.

Yeah, there are so many browsers that bypass your local DNS and use DOH (not a typo).

​@@AllAmericanGuyExpertDoh? What's doh?

​@@jmrumbleplay doh

@@Kitulous I knew it! xD

ICANN knows, but the organisation is in a rather strange situation, politically. To some extent it's all about the money, but there are a lot of other forces pressuring them.

@@vylbird8014 what forces?

$$$

Google needs forcefully broken up or dissolved.

money

Just block all .zip domains and problem solved

How about the non-Google DNS providers just refuse to resolve .zip URLs?

@@CaptainKremmen DNS resolvers can filter lookups technically, but it's Not within the normal scope of function for a DNS provider to intercept and deny queries based on 3rd policy criteria. The TLDs are in the root zone, and failing to resolve a whole TLD would potentially cause a whole lot of issue reports - as the DNS provider isn't giving the promised service anymore in that case but a limited/reduced view of the DNS.

_Famous last words_

Yum yum eat 'em up!

When you spend all day around people who understand computers you might start to forget there are people who don't

I worry for the internet's future...

Oh... Standard Markdown. You can probably use a Discord moderation bot to auto-purge anyone doing that if they're not an admin/operator. Or bot that can purge based on messages containing regex, something like \[[^\]]+\]\([^)]+\)

@@Mysdia True. I'd need to account for all the forward slash Unicode lookalikes too, since that's one of the issues mentioned in this and the previous video.

U first

I’m sure he loves you too

File:// is for local files, not Internet

Don't give them ideas!

7z or rar may do. …at least until Google f* with them too 🤷

@@GiovanniPerini Ya, I get rar sometimes. Good point.

and how would anyone share a bunch of docs to their friends if they don't know how to use 7zip or winrar but know how to extract zip files? people will still use zip files but the only thing that google will cause is confusion and chaos , that's for sure

@@fr34k09 this will cause a huge problem and risk to anyone that doesn't understand any file types, especially that people with 'show extension name' turned off

@@Saji_0 that already happens with youtubers that get hacked by fake advertisers on their email inbox, but did you actually read my previous comment? I already said that google will cause chaos because of their new domain while also I asked, how will people share bulk files to each other if they stopped using zip files and for some reason don't know about rar and 7z files.