The Evening Post and Mail

Share this post

A zippy name, and a big unforced error

issues.eveningpostandmail.com

Discover more from The Evening Post and Mail

A nightly note in the tradition of the evening newspaper editorial. Committed to being thought-provoking, not mindlessly provocative.
Continue reading
Sign in

A zippy name, and a big unforced error

On digital movies, trusted experts, and Google's really bad decision to offer unnecessary domains

Brian Gongol
May 13, 2023
Share this post

A zippy name, and a big unforced error

issues.eveningpostandmail.com
Share

Google has proudly announced the opening of eight new top-level domains (the part of a website address that comes last, like ".com" or ".gov"). Among them are ".zip" and ".mov", which are already well-established filename extensions (as in, ".doc" or ".txt"), for compressed files and for movies, respectively.

■ Making .zip and .mov into top-level domains is an extremely bad idea. And someone at Google should have known better and put a stop to it. Files that absolutely, positively should not be opened are going to get clicked as a result of this decision. Good cybersecurity practice says never to open a file ending in ".zip" without clear knowledge of its contents ahead of time. The same goes for most other files, including ".mov".

■ That advice is important to follow. People are often the easiest way to hack into networks. But how will cybersecurity practitioners be able to convincingly advise the people they're trying to protect not to click on things that say ".zip" if there are websites with exactly that extension in their names? That's really the only purpose of a domain name -- to be clicked!

■ Trust is vital, and so are the guardrails around trusted interactions. Top-level domains that share their letters with filename extensions only invite people with bad intentions to take advantage of their fellow human beings. And they will, certainly without delay. Blurring the lines between "things you should never click without extreme care" and "things you are being asked to click because that's exactly what they're for" is a terrible decision on the part of people who should know better.

■ If you want to hold on to an advanced civilization, you can't let unforced errors like this go through, whether you're Google or any other trustworthy institution in the world. There's no urgent need for new top-level domains -- we could have stuck with nothing but ".com" forever, and it would have been enough. People would have adapted around that arbitrary limitation. That we created many more -- including geography-based extensions like ".ly" for Libya that now find second lives as clever domain-name workarounds -- has only ever been a matter of increased convenience.

■ Everyone who likes living in a functioning society has a part to play in protecting themselves and others. Most of the time, that takes place by following the expert advice of others. But sometimes, it requires applying one's own expertise in order to put the brakes on bad ideas that could put others at undue risk.

■ Someone -- anyone -- at Google should have known enough to call this out as a bad idea. Nobody is going to die if they don't get to name their domain "mylovelywebsite.zip". But eroding good cybersecurity hygiene practices in a time when almost everything is connected? That really could get someone hurt. Don’t be evil.

So much power

Share this post

A zippy name, and a big unforced error

issues.eveningpostandmail.com
Share
Previous
Next
Comments
Top
New
Community

No posts

Ready for more?

© 2023 Brian Gongol
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing