Can compressing a file reduce the chances of having it be corrupted by
viruses or a zombie?
In this excerpt from
Answercast #74, I look at the extra security that comes from compressing
files with compression software: it’s small!
Become a Patron of Ask Leo! and go ad-free!
Compressing files for security
It depends on how you compress it.
A quick rule of thumb: if the file still looks like the file to you
when you look at it (it’s still foo.doc) then it hasn’t helped anything. That’s
Windows file compression.
Windows file compression changes how things are written to the disk – but it
doesn’t change how the file looks to you or to other software on your system.
Most importantly it doesn’t change how it looks to the malware.
On the other hand, if you’re compressing it using other programs (such as
maybe WinZip, or 7Zip, or AxCrypt or something like that) where the original
file, “foo.doc,” isn’t there anymore; and it’s replaced with something like
“foo.zip” or “foo.crypt” (or whatever you want to call it); then it’s no longer
a .doc file. Malware and other processes typically don’t act on it the same way
– and typically don’t see it as something that can be infected.
Compression type matters
So bottom line is: if the file looks like it’s still there after
you “compressed” it… it’s still there. It is just as likely to be attacked by
malware.
If, on the other hand, the files have been changed (removed and replaced by
a different file that is the encrypted file with a different name),
then chances are that that actually has protected you just a little
bit.
I really don’t consider this a huge, huge win.
I certainly would not run around compressing my files in order to prevent
malware from attacking. I would focus more on having good anti-malware
solutions in place overall. This really doesn’t add a lot of security to your
overall setup.
(Transcript lightly edited for readability.)
Next from Answercast 74- Did we
learn anything from the recent email scandal?
