Is Zip Coming Undone?
from the pointless-standards-battles dept
The ever popular “zip” format for compressing files may be coming apart. I remember using zip years ago to try to fit large files onto a series of floppy disks. These days, with high speed connections, huge hard drives, burnable CD-ROMs and DVDs there’s much less of a need for the compression aspect of zip files. Now, the only time I use them is to make it easier to bundle a bunch of files together into a single file. The creators of the zip format, PKWare, realizing that times are changing decided to update the format by adding “security” extensions. They figure if no one is using zip for compression any more, they might want to use it for its security features. However, in adding proprietary extensions, the zip format using those extensions is no longer compatible with other programs that offer to zip and unzip files. In fact, to compete, the more popular WinZip program decided to add their own security extensions, and now the whole zip world is getting confused. Because they all use the .zip name, no one has any idea what kind of zip file it is until they try to open it – and discover it doesn’t work with their unzipping utility of choice. This seems like a good way to shoot yourself in the foot. The reason people use zip is that it’s a standard that everyone uses. You don’t have to think about it, you just open the file. Breaking the standard makes it less valuable and opens up the opportunity for alternatives.
Comments on “Is Zip Coming Undone?”
the UNIX way
That’s what you get for having one tool (and file extension) do (mean) more than one thing. Vs the UNIX way of doing things, a bunch of files are put into an archive (cpio, tar, etc) and then compressed (bz2, gz, Z). Perhaps you have some encryption in there too, with a .pgp extension to signify it, perhaps. Oops, want to change the compression method or the archiving method and not confuse people? No problem.
No Subject Given
Honestly, how many people even attempt to “protect” the contents of a zip file?
The password features have always been poorly documented, and those who knew that zip even supported encryption also knew it was weak. Even if it’s replaced by a few different flavors of not-so-weak protection, the perception is there.
Anyone wanting to armor archived data probably should layer on a different (and more standard) solution outside the zip file, such as with an OpenPGP solution.
No Subject Given
If you want just plain zip with no doodads, get the version from http://www.info-zip.org/ (unless you hate free software so much that you won’t use anything you don’t have to pay for).
No Subject Given
I prefer 7-zip myself.
http://www.7-zip.org/
It’s a better format. On max compression, it’s always smaller and more secure than zipping. And the encryption is a lot more secure. Oh, and did I mention that it is standards based and completely open source?