Direkt zum Hauptinhalt

Dangerous-Files

Note: For a better browsing experience we give the "answer" here at the beginning. See below for mor explanation on the problem here.

What file types can be dangerous

Although none of the listed file types are dangerous per se, some of them are especially vulnerable to attacks of this kind. For example

  • LibreOffice:
    • .odt: Text documents (Writer)
    • .ods: Spreadsheets (Calc)
    • .odp: Presentations (Impress)
    • .odg: Drawings (Draw)
    • .odb: Databases (Base)
  • Microsoft Office:
    • .docx: Word documents
    • .xlsx: Excel spreadsheets
    • .pptx: PowerPoint presentations
  • .pdf: PDF's
  • even image formats like .gif have reportedly been exploited, also on mobile devices.

[!tip]

It is recommended to avoid unnecessary complex file types if they are not necessary. If you still have to open such a file from an untrusted source, we recommend useing Dangerzone

Use text files and markup languages like markdown if possible instead.

Why this matters

[!note] It is a matter of security culture to think, whether it is necessary to put your invitation text inside a PDF or a draft of a press release inside a LibreOffice or Microsoft Word document. If it is enough to use the possibilities, that safe markup languages like markdown give you, them use just them.

Markdown is even compatible to collaborative tools like e.g. Nextcloud.

In many contexts we see, that people are kind of ashamed of sending e.g. plain text invitations. They feel that they own their friends some more effort than just text. While this shows a pretty nice property of friendship, we also have to talk about the problems that this brings along and that it might be worth it to break this behavior down toward a more conscious approach.

What is a file type

Different programs expect their files to have a specific format. They expect the files to follow a pattern that the program know and recognize to function correctly.

Each file type is typically identified by a specific extension (such as .odf, .pdf, .jpg), which signals to the operating system what program should open it and how it should behave. For example, if you click on a file that ends with .pdf, the operating system knows that is has to open the file with a PDF reader and not with you music player.

How can files be dangerous

Consider a simple text file (not a word document, but a simple plain text file!). A normal text file contains, no surprise, text, which is nothing else than characters, like "A", "a", ";", "/" and so on. Those text file can be read and displayed from simple programs like Ubuntus "gedit", Windows notepad, aso. Simple as they are, they are not capable of advanced features like e.g. calculating tables, like Excel, or LibreCalc.

More advanced programs like e.g. mentioned Excel, PowerPoint, or modern PDF viewers are capable of much more advanced features. PDF viewers for example can display interactive forms, that you can fill out right inside the PDF viewer. The can have drop-down menus and more.

[!caution] This means, that this PDF viewer is able to execute additional code, that is delivered inside the PDF it is processing.

While this is necessary to use to full feature set of the program, this capability to execute additional code can expose severe security risks.

You probably all heard about viruses being distributed through PDFs. This is exactly what is exploited here:

An attacker smuggles some malicious code inside the PDF. You open the PDF with your PDF viewer. The PDF viewer detects some code and thinks: "Ah, I have to execute this, so that the user has the full functionality of this file" and executes the code. Then the code itself could infect the machine.

nach oben