this post was submitted on 05 Feb 2024
8 points (64.3% liked)
Firefox
20384 readers
137 users here now
/c/firefox
A place to discuss the news and latest developments on the open-source browser Firefox.
Rules
1. Adhere to the instance rules
2. Be kind to one another
3. Communicate in a civil manner
Reporting
If you would like to bring an issue to the moderators attention, please use the "Create Report" feature on the offending comment or post and it will be reviewed as time allows.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
As an IT Engineer this concept frankly terrified me and feels like your opening yourself up to a potential zero click attack - such as https://threatpost.com/apple-mail-zero-click-security-vulnerability/165238/
So my initial answer is an emphatic "please do not the ZIP". It could be as mundane as a ZIP bomb, or it could explain a vulnerability in the operating system or automatic extraction program. Having a human required to open the ZIP prior to its expansion reduces its attack surface area somewhat (but not eliminates it) because it allows the human to go "huh this ZIP looks funny" if something is off, rather than just dispatching an automated task.
With that out of the way - what's your use case with this? There has to be a specific reason your interested in saving a few clips here on one highly specific archive format, but not others like the tar unix archive, 7z, or RAR.
I didn't read your response beyond the first sentence.
If Apple can do this, why can't we?
I do not have an answer for that. But if you only plan to read one part of my answer I would suggest reading the last sentence of my response instead of the first. Can't help you if you don't tell me what's wrong.
Why bother even answering in the first place if you didn't give an F lol, the dude tried to help you out