This Is Ridiculous. I Get That If I Were To Reverse The Concept, Create A New File Type Called .com Or

This is ridiculous. I get that if I were to reverse the concept, create a new file type called .com or .net it'd still be a problem but I'm not so sure the new domains were necessary to the whole of the internet. It just means I'll probably never click on one of those links. Can we have the first go at removing a TLD? Seems to me more dangerous than valuable.

New Things to Beware on the Internet

On May 3rd, Google released 8 new top-level domains (TLDs) -- these are new values like .com, .org, .biz, domain names. These new TLDs were made available for public registration via any domain registrar on May 10th.

Usually, this should be a cool info, move on with your life and largely ignore it moment.

Except a couple of these new domain names are common file type extensions: ".zip" and ".mov".

May is also the month of Google I/O, our annual developer conference. Whether you’re learning to code, deploying a helpful tool, building your portfolio, or starting a new community, .foo, .zip, .mov and .nexus have you covered.

Here are some examples from our developer community:

gamers . nexus: Use gamers . nexus to review computer hardware and plan your next gaming PC.

helloworld . foo: Learn how to code “hello world” in each programming language.

url . zip: Create short, powerful and trackable links with url . zip

david . mov: Watch videos by David Imel in this liminal space.

Starting today, you can register all of these new extensions as part of our Early Access Program for an additional one-time fee. This fee decreases according to a daily schedule through the end of May 10. On May 10 at 16:00 UTC, all of these domains will be publicly available at a base annual price through your registrar of choice. To make it super easy for anyone to get their website live, we’ve worked with Google Sites to launch new templates for graduates, professors and parents.

This means typing out a file name could resolve into a link that takes you to one of these new URLs, whether it's in an email, on your tumblr blog post, a tweet, or in file explorer on your desktop.

What was previously plain text could now resolve as link and go to a malicious website where people are expecting to go to a file and therefore download malware without realizing it.

Folk monitoring these new domain registrations are already seeing some clearly malicious actors registering and setting this up. Some are squatting the domain names trying to point out what a bad idea this was. Some already trying to steal your login in credentials and personal info.

Screenshot of a tweet showing several newly registered .zip domains including:
chrome-installer
documents-backup
googledrivesetup
microsoftupdates
microsoftwindows
totallynotavirus
photshop-cracked
https://twitter.com/1ZRR4H/status/1657747300339384320

Screenshot of a tweet showing several newly registered .zip domains including:
microsoftedgesetup
office365installer
defender-update-kit
https://twitter.com/1ZRR4H/status/1657982434795716611

Screenshot of a tweet showing the newly registered latestupdate DOT zip.
The new .zip website is gradient purple background with large white text reading, "GOD DID NOT INTEND .ZIP TLDS"
https://twitter.com/1ZRR4H/status/1657809133704192001

Screenshot of a tweet reading ".zip top level domains were a colossal mistake."
The tweet's image shows the checkout cart price to register downloaded-file DOT zip at $16.99.
https://twitter.com/olafurw/status/1657116583238553617

Screenshot of a tweet showing the newly register microsoft-office DOT zip.
The new .zip website has a spoof of a Microsoift login page page asking for your usermname and password.
https://twitter.com/1ZRR4H/status/1657807143393689601

This is what we're seeing only 12 days into the domains being available. Only 5 days being publicly available.

What can you do? For now, be very careful where you type in .zip or .mov, watch what website URLs you're on, don't enable automatic downloads, be very careful when visiting any site on these new domains, and do not type in file names without spaces or other interrupters.

I'm seeing security officers for companies talking about wholesale blocking .zip and .mov domains from within the company's internet, and that's probably wise.

Be cautious out there.

Tags

internet fail fyi?

More Posts from Pikz3l and Others

pikz3l

7 months ago

@giftober 2024 | Day #20: Crowded

You are the lucky class chosen for this year's Battle Royale! Now I'm going to explain the rules. Listen carefully, then fight correctly and cheerfully.

Battle Royale (2000)

Tags

reblog battle royale

1K notes View Post

pikz3l

6 months ago

New-York Tribune, New York, November 25, 1920

Tags

reblog news

2K notes View Post

pikz3l

1 year ago

40 years ago ...

Happy New Year's Eve from Dick Clark

Tags

reblog new year’s eve

649 notes View Post

pikz3l

8 months ago

Tags

reblog

25K notes View Post

pikz3l

4 years ago

Bryn Jones on Instagram

Tags

original art-like

25K notes View Post

pikz3l

3 months ago

Tags

reblog the simpsons itchy and scratchy

11K notes View Post

pikz3l

2 years ago

I really wanted to try the HON next. It actually fits in my Liberty fabrics cover really well, even though you don't need the cover. I prefer to use it so that I can carry a pen and loose papers. Looking forward to using this as my daily journal. #hobonichi #hobonichihon #libertyfabric https://www.instagram.com/p/CmwjVsau4vq/?igshid=NGJjMDIxMWI=

Tags

hobonichi hobonichihon libertyfabric

0 notes View Post

pikz3l

1 year ago