If you saw ChromeUpdate202506.zip, then what do you believe it is? A downloadable upload for Chrome or a website?
What if a malicious person has purchased that domain and filled the website with something malicious, a virus, an info stealer, etc?
I block the .zip TLD because the domains can be used maliciously. Within the first few days there were hundreds/thousands of domains registered with names to look like a zip files for updating some software.
I also block the .mov TLD for the exact same reason.
Sure on a good day you can spot the malicious intent from a mile away, but I like to protect for when I’m having a bad day. I also block the TLDs for the whole family as well because unfortunately they’re not as tech savvy or meticulous.
ProfessorProteus@lemmy.world 4 weeks ago
Just gonna pitch in here, but I’m no expert. I was reading people’s reactions when that TLD was introduced, and they raised concerns over the possibility that a bad actor could spoof an address that actually downloads a .zip file to your device when you click the link, even though you may assume it’s an address to a page. No idea what a hypothetical virus could do from a compressed environment, but thats what I remember reading.
Sorry to any experts if I’m muddying the waters with a dumb take!
lemmyingly@lemm.ee 4 weeks ago
Yeah that’s the exact reason why I dislike the .zip TLD, and the same goes for .mov. The TLDs can be easily abused to look like something they’re not to trick people into visiting their website that downloads something malicious.
hendrik@palaver.p3x.de 4 weeks ago
Wikipedia also offers some information: https://en.wikipedia.org/wiki/.zip_(top-level_domain)