Hey Microsoft - Was this was the only way you could think of removing several hyperlinks in Excel?





  • nice find .. lol



  • I still like the German translation in the XP version of the text in the disk cleanup tab in Microsoft Management Console's options dialog. It took me a while to get it. They translated "Changes to the view" into "Wechselt zu der Ansicht", i.e. they interpreted "changes" as a verb while it's clearly used as a noun here. That makes the complete text plain weird. Further, the MMC is mostly used for Defrag, and most people won't get what console file they're talking about.

    Sadly, this classic got fixed in Vista.

    How does this relate to the OP? I don't know.



  • That's all? You clearly didn't read the Hotmail help then...




  • @Microsoft said:

    • Change the file name extension to .txt

    Well- thought-through advice for an OS that hides, and thus effectively disables editing of, file extensions by default!



  • I don't know what's worse; the fact that that works, or the fact that I know why it works and it almost makes sense to me.  In Excel-zarro World, it's only natural that the datatypes system should lead to the result that INTEGER * URL = STRING.

    Pass me the Kool-Aid!

     



  • @PSWorx said:

    That's all? You clearly didn't read the Hotmail help then...


    If you are attaching something to an e-mail, why does Hotmail have to "know" what type of file it is? Just attach the file and send it.


  • @El_Heffe said:

    If you are attaching something to an e-mail, why does Hotmail have to "know" what type of file it is? Just attach the file and send it.

    An attachment has a MIME type, which any MUA has to set. Changing the extension to .txt to force a text/* type is a semi-good approach, because text is converted to the platform's text format by the receiver's MUA and you don't want to have line ends or character set converted if you send binary data.



  • @strcmp said:

    An attachment has a MIME type, which any MUA has to set. Changing the extension to .txt to force a text/* type is a semi-good approach, because text is converted to the platform's text format by the receiver's MUA and you don't want to have line ends or character set converted if you send binary data.
    Wait, what? It’s good that your binary data may get corrupted if your receiver’s MUA decides to auto-convert line endings? This is what application/octet-stream is for. El_Heffe is right, but in response, I imagine the reason that they prevent any arbitrary types would be to stop “bad” data, like virus-loaded executables. I’m sure it works real real well. </sarcasm>



  • @snover said:

    I’m sure it works real real well. </sarcasm>

    Blocking executables is actually quite effective at isolating the spread of email viruses.



  • @morbiuswilters said:

    Blocking executables is actually quite effective at isolating the spread of email viruses.

    Define "executable".... I only know that on my GNU/Linux system anything can be executable. Should i block everything?!!!!!



  • @morbiuswilters said:

    Blocking executables is actually quite effective at isolating the spread of email viruses.
    That’s still the case? On occasion, my spam filters don’t catch a virus mail, and they all seem to be zipped exectuables now. Or Word documents. Or PDFs. Or, for a while, Windows Metafiles. The fact of the matter is that there are just too many vectors for stupid people to infect themselves these days, and they’re all largely equally effective since they all simply require somebody to open a file. (And honestly, if a spam said “important information about your bank account! rename .txt to .exe and run”, stupid people would still do it.)



  • @djmaze said:

    @morbiuswilters said:

    Blocking executables is actually quite effective at isolating the spread of email viruses.

    Define "executable".... I only know that on my GNU/Linux system anything can be executable. Should i block everything?!!!!!

    HURRR DE DURRRR!!



  • @snover said:

    @morbiuswilters said:

    Blocking executables is actually quite effective at isolating the spread of email viruses.
    That’s still the case? On occasion, my spam filters don’t catch a virus mail, and they all seem to be zipped exectuables now. Or Word documents. Or PDFs. Or, for a while, Windows Metafiles. The fact of the matter is that there are just too many vectors for stupid people to infect themselves these days, and they’re all largely equally effective since they all simply require somebody to open a file. (And honestly, if a spam said “important information about your bank account! rename .txt to .exe and run”, stupid people would still do it.)

     

    You seem to be missing the point of security in the first place.  We can't stop stupid people from doing stupid things, but we can make it more difficult and minimize the damage.  Fewer people are infected from malicious PDFs or Word documents than by exes or scripts.  Blocking the latter doesn't stop all email viruses, but it sure as hell stops a lot of them.  Anti-virus definitions don't catch all viruses, but you wouldn't argue that nobody should use anti-virus software, would you?



  • @morbiuswilters said:

    You seem to be missing the point of security in the first place.  We can't stop stupid people from doing stupid things, but we can make it more difficult and minimize the damage.  Fewer people are infected from malicious PDFs or Word documents than by exes or scripts.  Blocking the latter doesn't stop all email viruses, but it sure as hell stops a lot of them.  Anti-virus definitions don't catch all viruses, but you wouldn't argue that nobody should use anti-virus software, would you?

     

    The problem is that this approach turns the cost/benefit ratio upside down. I have nothing against extension checking, even though I think it's pretty much useless. I'd pe perfectly happy if the software showed me the extension in such a case, displayed a flashing red warning message or had me enter a 20-digit security code if it has to be. However what it does is to deny all access to it completely, based on a general suspicion. There is no "expert mode" or "I know what I'm doing" button in case you actually wanted to send .exe or .reg files (which could happen, e.g. if you're troubleshooting someone). You simply can't open the attachment, end of story. 

    So what this essentially does is to make it harder for viruses to spread, but also to make it impossible to perfom normal functionality. In my view, this is clearly a higher cost than benefit and hence should be replaced by a more sane approach.


    I think most people (even dumb secretaries) are trained nowadays that you don't click on files ending in .exe. It was in the press enough times. The real problem is that this won't help, because up to Win7 Windows hides file extensions by default. So the old "Name it virus.exe.jpg and give it a standard jpg icon" trick still works.

    IMO the real solution would be to change that stupid default setting - or at least define another list of critical extensions that are visible all the time. But is that what MS does? Nope, instead, the give Explorer a new "feature" that allows to spoof file names completely instead just the extension - and instead keep the idiotic restiction for attachments. Well done!

     @morbiuswilters said:

    </WorkedInEmailSecurityForYears>

    Weren't you, like, 24 at the beginning of the year? That's an impressive career I must say.

     



  • @PSWorx said:

    So what this essentially does is to make it harder for viruses to spread, but also to make it impossible to perfom normal functionality. In my view, this is clearly a higher cost than benefit and hence should be replaced by a more sane approach.

    In the rare case you need to send executable code, just rename the extension.

     

    @PSWorx said:

    @morbiuswilters said:

    </WorkedInEmailSecurityForYears>

    Weren't you, like, 24 at the beginning of the year? That's an impressive career I must say.

    Oh shit, I forgot that "years" means a minimum of a decade and that using it to mean a quantity of years more than one (such as three) is retarded.  My bad.



  • @morbiuswilters said:

    @PSWorx said:

    So what this essentially does is to make it harder for viruses to spread, but also to make it impossible to perfom normal functionality. In my view, this is clearly a higher cost than benefit and hence should be replaced by a more sane approach.

    In the rare case you need to send executable code, just rename the extension.

     

    @PSWorx said:

    @morbiuswilters said:

    </WorkedInEmailSecurityForYears>

    Weren't you, like, 24 at the beginning of the year? That's an impressive career I must say.

    Oh shit, I forgot that "years" means a minimum of a decade and that using it to mean a quantity of years more than one (such as three) is retarded.  My bad.

     

    Oh god, not this shit again.



  • @morbiuswilters said:

    You seem to be missing the point of security in the first place.  We can't stop stupid people from doing stupid things, but we can make it more difficult and minimize the damage.  Fewer people are infected from malicious PDFs or Word documents than by exes or scripts.  Blocking the latter doesn't stop all email viruses, but it sure as hell stops a lot of them.  Anti-virus definitions don't catch all viruses, but you wouldn't argue that nobody should use anti-virus software, would you?

    No, I just never bothered to read the actual Microsoft page to learn that this is a blacklist of extensions, not a whitelist. From El_Heffe and strcmp’s posts I was under the impression the opposite was the case. But, I still think that my original sarcastic comment was valid, given how rampant virus infections are nowadays.

    I used to work in retail computer repair. From the start of that career (2003) until the time I decided I didn’t want to peel MyWebP2PSearchBarSuperAntiSpywareEdition off computers every day for the rest of my life (2006), the workload basically shifted from equal parts broken hardware, Windows sucks, and virus infection to 0.2% broken hardware, 0.1% Windows sucks, and 99.7% virus infection*. Even computers that didn’t come in with software complaints were often full of viruses. I assume the proportion of stupid people relative to general humanity remained the same in those three years; the only thing that really changed was the method of attack. Instead of sending viruses through email, drive-by downloads are used instead. And, as is reflected in today’s ridiculous infection rates, they are more effective than email-based attack vectors ever were.

    TL;DR: Ultimately, I dunno. I guess I’m of two minds about it. It’s not that I think blocking exe-files isn’t a good policy (because there’s pretty much never any reason to send anything like that via email), I just think it’s woefully ineffective at stopping people from getting infected with viruses and find it hilarious that a company would go so far as to tell people to alter file extensions to get around such a trivial roadblock—especially when the company’s own OS doesn’t show file extensions by default (and when vulnerabilities in said company’s Web browser are responsible for probably 90%+ of virus infections).


    * Possibly a slight exaggeration, because people fucking love to break the DC jacks on their laptops too. Often over and over again. I don’t understand why nobody else has licensed Apple’s power connector, or created a non-patent-infringing clone.



  • @PSWorx said:

    @morbiuswilters said:
    </WorkedInEmailSecurityForYears>
    Weren't you, like, 24 at the beginning of the year? That's an impressive career I must say.
    Morb didn't go to college for long, so he could have started his IT career at 18 or 19.  You know, dusting email servers and such.



  • @tster said:

    Oh god, not this shit again.
    Hey, not my fault you're retarded and don't understand the English language.



  • @snover said:

    @morbiuswilters said:

    You seem to be missing the point of security in the first place.  We can't stop stupid people from doing stupid things, but we can make it more difficult and minimize the damage.  Fewer people are infected from malicious PDFs or Word documents than by exes or scripts.  Blocking the latter doesn't stop all email viruses, but it sure as hell stops a lot of them.  Anti-virus definitions don't catch all viruses, but you wouldn't argue that nobody should use anti-virus software, would you?

    No, I just never bothered to read the actual Microsoft page to learn that this is a blacklist of extensions, not a whitelist. From El_Heffe and strcmp’s posts I was under the impression the opposite was the case. But, I still think that my original sarcastic comment was valid, given how rampant virus infections are nowadays.

    I used to work in retail computer repair. From the start of that career (2003) until the time I decided I didn’t want to peel MyWebP2PSearchBarSuperAntiSpywareEdition off computers every day for the rest of my life (2006), the workload basically shifted from equal parts broken hardware, Windows sucks, and virus infection to 0.2% broken hardware, 0.1% Windows sucks, and 99.7% virus infection*. Even computers that didn’t come in with software complaints were often full of viruses. I assume the proportion of stupid people relative to general humanity remained the same in those three years; the only thing that really changed was the method of attack. Instead of sending viruses through email, drive-by downloads are used instead. And, as is reflected in today’s ridiculous infection rates, they are more effective than email-based attack vectors ever were.

    TL;DR: Ultimately, I dunno. I guess I’m of two minds about it. It’s not that I think blocking exe-files isn’t a good policy (because there’s pretty much never any reason to send anything like that via email), I just think it’s woefully ineffective at stopping people from getting infected with viruses and find it hilarious that a company would go so far as to tell people to alter file extensions to get around such a trivial roadblock—especially when the company’s own OS doesn’t show file extensions by default (and when vulnerabilities in said company’s Web browser are responsible for probably 90%+ of virus infections).


    * Possibly a slight exaggeration, because people fucking love to break the DC jacks on their laptops too. Often over and over again. I don’t understand why nobody else has licensed Apple’s power connector, or created a non-patent-infringing clone.

    Virus infections from email seem to be down quite a bit in the last 5 years.  I don't have any hard numbers, of course, so take it with a grain of salt, but blacklisting executables stops a lot of them from spreading.  The primary vectors now seem to be worms, infected media (USB drives, SD cards) or people seeing the "OMG UR COMPUTRAR IS VIRUS" banner ads on the web and downloading the malware helpfully proffered.



  • @morbiuswilters said:

    It’s not that I think blocking exe-files isn’t a good policy (because there’s pretty much never any reason to send anything like that via email),
    .  Many applications come as a single .exe file that you run to install the program.  In fact, my employer once instituted a "no exe files as attachments" policy, which was quickly eliminated when the IT department discovered that there really are legitimate reasons for emailing .exe files.

     



  • @belgariontheking said:

    @PSWorx said:

    @morbiuswilters said:
    </WorkedInEmailSecurityForYears>
    Weren't you, like, 24 at the beginning of the year? That's an impressive career I must say.
    Morb didn't go to college for long, so he could have started his IT career at 18 or 19.  You know, dusting email servers and such.

    I thought a victorian chimney sweep used to force him to climb up CPU heat pipes and clean them from the inside out when he was a little child.

  • Discourse touched me in a no-no place

    @El_Heffe said:

    @morbiuswilters said:

    It’s not that I think blocking exe-files isn’t a good policy (because there’s pretty much never any reason to send anything like that via email),
    .  Many applications come as a single .exe file that you run to install the program.  In fact, my employer once instituted a "no exe files as attachments" policy, which was quickly eliminated when the IT department discovered that there really are legitimate reasons for emailing .exe files.

     

    Didn't they have access to an FTP server?



  • @El_Heffe said:

    Many applications come as a single .exe file that you run to install the program.

    No shit?  OMG.

     

    @El_Heffe said:

    In fact, my employer once instituted a "no exe files as attachments" policy, which was quickly eliminated when the IT department discovered that there really are legitimate reasons for emailing .exe files.

    So your IT department is so inept that they deploy applications by executable attachment?  No wonder they hired a dipshit like you.



  • @belgariontheking said:

    @PSWorx said:

    @morbiuswilters said:
    </WorkedInEmailSecurityForYears>
    Weren't you, like, 24 at the beginning of the year? That's an impressive career I must say.
    Morb didn't go to college for long, so he could have started his IT career at 18 or 19.  You know, dusting email servers and such.

    Pulling cables, actually.  They would tie one end of the cable to me, then prod me through crawlspaces with sharp sticks.  It sounds bad, but I made $500 a week when I worked full-time.

     

    That was one of the most rewarding jobs I ever had.



  • @belgariontheking said:

    @tster said:

    Oh god, not this shit again.
    Hey, not my fault you're retarded and don't understand the English language.

     

    What's next, your going to say that a couple of years isn't two?!!!?1



  • @stratos said:

    @belgariontheking said:

    @tster said:

    Oh god, not this shit again.
    Hey, not my fault you're retarded and don't understand the English language.

     

    What's next, your going to say that a couple of years isn't two?!!!?1

    A couple of years is two long!



  • @morbiuswilters said:

     

    Pulling cables, actually.  They would tie one end of the cable to me, then prod me through crawlspaces with sharp sticks.  It sounds bad, but I made $500 a week when I worked full-time.

     

    That was one of the most rewarding jobs I ever had.

    It was rewarding for the guys with the sharp sticks, too.


  • @bstorer said:

    @morbiuswilters said:

     

    Pulling cables, actually.  They would tie one end of the cable to me, then prod me through crawlspaces with sharp sticks.  It sounds bad, but I made $500 a week when I worked full-time.

     

    That was one of the most rewarding jobs I ever had.

    It was rewarding for the guys with the sharp sticks, too.
    It was The Worst Job He Ever Had.

Log in to reply