Is Zip The Way To Thwart Viruses?

I like this idea from a Slashdot poster: Eliminate most viruses by zipping everything.

It works (I think) like this: Most viruses arrive as an attachment to an email. These are called executables in that if you click on them, something happens. (As opposed to a file attachment such as a Word document, or a web page, which just opens — although it may contain some malicious script.) Some email programs, like Microsoft Outlook, block these executables by default, but many other programs don’t, or else users change the default setting because they find they cannot access one or two attachments which are kosher. Result: virus mayhem like MyDoom.

The poster suggests that if all attachments are zipped. Zip files by definition have to be unzipped before they can be launched, opened or whatever. Most unzipping programs will open those files to a specific folder, during which time they’ll be checked for viruses. More importantly, this process gives the user a chance to view the contents of the file before clicking on it, and may perhaps give them pause for thought.

Of course a lot of people do this already, but they tend to be people who aren’t going to be send viruses around, and they’re also not the kind of people to open dodgy attachments. In short, the people who zip aren’t the people we’re worried about. Somehow, we’ve got to convince ordinary folk to zip up, preferably by making it an automatic part of the email program. Attach a file to an email? The thing is automatically zipped.

The poster then suggests that email systems are set to delete or quarantine any executable that’s not zipped. That should remove most virus threats (of course some viruses arrive as zipped files, and rely on some social engineering to persuade the unwitting user to open and execute them, but there’s not much you can do if someone is suicidal enough to do all that.) The last point he makes: Encourage zip program vendors to work closer with anti-virus companies “to provide better protection from viruses in zip archives”.

I can’t see much wrong with this. I think zip programs could be easier to use (ironically, Microsoft’s inbuilt zip viewer in Windows XP seems to work best), but if they can be persuaded to integrate seamlessly with email clients, we may go some way to stemming the virus flood.