Security

Never understood why Windows' explorer hides extension by default. Does MS fear it would confuse their users?

Yes, they think their users will be confused by and accidentally remove extensions. To be fair that might happen sometimes but it's nowhere near worth it
- They already have a confirmation box when you try to change the extension. And could just as easily move it into another column where it's harder to change (explorer was like this once, a long time ago).
  And yet, they keep hiding the on the rationale that it confuses the users. The most common thing on explorer is some user being confused because they can't understand what clicking on a file is supposed to do, but that's not an argument for showing them...
  So, yeah, that's the surface-level explanation. But there's a deeper reason.
- Ah, right, in the context that Windows determines filetype only on extension.
  Btw, there's a bunch of mimeopen implementations for Linux. Is there something like that for Windows too?
- Iirc there's a massive warning popping up saying it might fuck the file
worry about users not being able to open files after renaming them since you can also edit those extensions via text, and people aren't taught about file association.

What do you mean? linkin_park_-_numb.mp3 clearly has an extension, it's all the other files that don't!

One time I struggled debugging a program on a clean Windows machine. For some reason it seemed like it couldn’t find a JSON file that’s obviously in the system. I could even open the file on my own and view its contents.

Turns out after much frustration that the file was actually a json.txt file. I didn’t notice because the extension was hidden, so I only saw .json and thought it was fine.

Step 5 in meme: add '.txt' to seemingly text files.
sounds like vscode.
helix or micro on windows to get away from that garbage.
- Notepad is the one that does things like that, because they want you to only use it for *.txt files. VSCode does not have issues like that.
- In this case I used notepad because it was a fresh Windows install on some VM.

The OS designed to prime the population into bad cyber security practices so they are more easily able to exploit and scam later on.

takes off tinfoil hat

You have a point though. Why hide file types by default unless you believe the users are too dumb to ever learn what a few letters mean.
- Hate to break it to you, but most users are that dumb.
Governments and banks love to do it too.

You can’t imagine how much I hate this setting. A couple of weeks ago I helped a guy install some specific software on a windows machine provided by the customer. It’s like one exe with a config file. Pretty basic. My instructions were:

Copy the exe to a specific path
Create a new text file in the same path and copy paste this provided text into the file
Rename file to abc.xml

The exe was throwing errors because of the missing config file. Of course the filename was abc.xml.txt 💩

This is part of what helped the I love you virus to spread. Not too many idiots would open a file titled ILoveYou.txt.vbs, but even some smarter people will turn their brains off if they get a file titled ILoveYou.txt, possibly even me, except the first thing I do with a new computer is unhide file extensions.
This gave me PTSD
Gotta remember to always use "". Such a pain
That setting is one of the first things I change on any Windows I get my hands on.
It is all around dumb.

It's not like I want to defend windows, but If it needs admin permission you usually can't start it without confirmation.

Here's the problem. So many legitimate things need elevation, and often multiple times in a single install. Guess what most Windows users do, when they see an elevation prompt. What do you reckon?
- Honestly I don't think it's that bad. I have to use sudo just as often on linux as I have to accept the elevation box on win. Win11 has some serious issues but UAC is harmless.
- if you give elevated permission to movie.mp4.exe, that's natural selection
- Often they don't. If more granular permissions were to be used. Hklm/programdata needing admin to do anything in it for example. Putting permissions on hklm/software/package to write is enough to make a lot of software work without opening up the whole system.
Everyone knows most people turn UAC completely off after it nags them for the 10th time and they get frustrated and dump it.
- I turn UAC off before it nags me for the 10th time.
  The only nag I want to see is the one right before it gets turned off.
  I hate things that just throw up nag screens that users get desensitized to and just click through anyway. It hasn't increased security at all.
  Looking at you "do you trust the authors of the code in this workspace folder" VSCode. Yes I effing do, that's why I opened it to begin with!
- Yeah maybe, but if that exact same people would use linux they would sudo or 777 everything which wouldn't be much better security wise
- I leave it on, only really need it for installing programs, even them a lot of them go into app data these days by default
I was going to say they didn't used to require that, but that's about 20 years ago, now...

Don't forget: Files have execute permissions by default!

Windows moment 🤗
That's what the meme says

where Linux?

50% of being a Linux user is hate towards Windows so I'd say it fits
- the other 50% is hate torwards nvidia
- You say that like it's a bad thing
- 80% of the reason to move to Linux is hating Windows, so yeah
You know a more fitting comminity to post it?
- Maybe we should make windowsmemes.
  This community may as well be hatewindowsmemes

Just hijacking a discussion about security. I would think that Linux users would be more security conscious. But I found in my buildings trash a bunch of HDDs, some 1TB and a 5TB, so I took them to see if they were ok (and recycle properly if not).

All ext4 formatted and with lots of personally identifiable information including emails and photos and stuff.

The previous owner was an early Linux dev, wrote stuff that is still in the kernel. Yet unencrypted drives just thrown in the trash.

I've cleared the drives and now use them for myself, after I searched for a wallet.dat file.

Maybe he knew none of the information could harm him if someone got hold of it?
- I could have brute forced his password, there were SSH keys to various servers, I probably could have done something to him.

At a conference recently, one person accidentally sent the organizer a pdf of their presentation with their notes underneath each slide, instead of the presentation itself, but it was super confusing because the file was "presentation.pptx.pdf" which of course got displayed by windows as "presentation.pptx". The person who decided to hide extensions by default must be so proud of pulling off such a wide reaching prank

I'm literally trying to get into Linux and one of the first things was installing software, which involves copying and running random bits of code from whatever website has the highest search result. I would say a lot of software is running code you have no idea what it does.

I ask this with full sincerity - are you unaware of the package manager?
- He has a point tho. The amount of copy pasting random shit from the internet into the console is way too comon if you go down the rabbit hole on some issues with the system and find a solution on some abandoned by god itself linux forum. To be fair its usualy just a comand that does shit for you in 5 seconds so you dont have to use gui buuut it does happen and i can tell what this stuff does but the average user likley dosent . Alghtough it might be less common today. Its been quite a long time since i last broke my system.
- In much the way I am aware of the Windows store: I avoid it and work to get the software directly from the source. I regularly run into the issue of software not being there or being of unknown version.
  Perhaps that is some bias from Windows following me over.
Installing software on Linux almost never involves "copying and running random bits of code" unless you have a need for some really obscure program. Learn how to use your distribution's package manager.
- Learn how to use your distribution's package manager.
  Also
  sudo apt update
  sudo apt upgrade
  covers what, about 60% of Linux desktops?
- if we’re being fair, it did involve a lot of that historically. Package managers weren’t always around and even after they became established, there was still a lot of fiddling with bad drivers and various distributions had policies which didn’t allow certain software with certain licenses to be setup through their package repository and so on and so forth. Sure nowadays this is less of an issue, but then windows security is also much better than it used to be. People here seem to want to compare the latest Ubuntu to windows 98
- I mean, bash is a code.
  Till next time
Those are just tutorials showing how to install something. Typing flatpak install firefox is one and the same as going into the app store, searching for Firefox and clicking "install". Tutorial websites would just show terminal as it's more universal.
\ If they ask you to actually download some file there is something very wrong.
I often see people overwhelmed by universality of some things. Instead of searching "How to install Firefox on Linux?" what should be learned is "How to install software on Linux?" and, unless met with something badly ported, never do the search again.
But what my meme is about is Windows-only style of having some file and by default having no idea if that's going to run in some program or be a program.
- While I totally agree with you about package managers, I still run into a lot of apps that the only install option is a .deb downloaded from a webpage. Which is comparable to running a .exe on windows.

Spoderman.mp4.exe

This sounds like Windows

Microsloth at work

Winget is their standard packaging solution

The rest is accurate but it’s user error

Winget wasn't a thing until 2020, and they at least partially stole it from an open-source project AppGet
- Are you saying the meme is no longer relevant?
Have yiubused Winget? It's a very flawed piece of software.
I thought winget was the Linux cli tool for downloading from http. What tool am I thinking of?
- Wget?
winget doesn't even work properly. I tried installing gcc with it and it installed some random chinese package.
- winget install -e --id libjpeg-turbo.libjpeg-turbo.GCC
  ?

Noob question: Could someone make e.g. an executable linkin park - numb.mp3 file on Linux by giving it execute permissions? Probably not by downloading, but by replacing the file with a duped one.

Also the .mp3.exe trick and the likes could be easily detected by any security software easily, like Windows Defender.

Yes, any file that is marked as executable can be "run". 9 times out of 10 the user has to do this explicitly.

Winget, get a popup when things request elevated rights,

winget is great, i wish it was oob tho.

Of all the reasons to be like "Windows bad, Linux good!" This one doesn't really hit.

Of all the actual differences, this is the one people think makes Linux superior? This is just a circle jerk lol.

You don't love heading to the terminal to add the executable flag and run it?
- I right click in nautilus to open the properties window and check the checkbox :)
Honestly: Yes. It's an example that perfectly encapsulates how windows "as a concept" actively babies and dumbs down its users. I the 00's, nobody had a problem with file extensions, but now that we're working with users that have grown up with computers we suddenly need to remove them because they're "too confusing"?

It's ok, they just started the "security first" initiative, we're all saved.

Also known as: Windows