- Oct 23, 2012
- 12,527
Say goodbye to your JavaScript attachments sent via Gmail! Google announced that it will no longer allow .js files sent as mail attachments due to security reasons.
According to the announcement, the blockade will start on February 13th, putting .js files right next to .exe, .msc and .bat, which have been blacklisted for a while. Trying to attach such a file will trigger a notification telling you that it has been blocked “because its content presents a potential security issue.”
Of course, JavaScript files aren’t all bad, but Google is taking precaution. This is because there have been numerous cases when hackers made them into downloaders for malware, including ransomware. Then, when people clicked them in their emails, the malware would get downloaded and infect the host, causing quite a bit of trouble for the users.
According to the announcement, the blockade will start on February 13th, putting .js files right next to .exe, .msc and .bat, which have been blacklisted for a while. Trying to attach such a file will trigger a notification telling you that it has been blocked “because its content presents a potential security issue.”
Of course, JavaScript files aren’t all bad, but Google is taking precaution. This is because there have been numerous cases when hackers made them into downloaders for malware, including ransomware. Then, when people clicked them in their emails, the malware would get downloaded and infect the host, causing quite a bit of trouble for the users.
Thankfully, Google has thought ahead, and Gmail will be able to detect not just .js files attached directly, but also when they’re archived and sent as .zip, .gz, .tgz, or .bz2.
Upload to the Cloud
There are, of course, cases when you really have to send someone such a file, and that still can be done in a workaround manner. You’ll have to upload it to Google Drive or Google Cloud Storage instead and send the link over to your friend.
This isn’t the end of the world for the users, and it’s, once more, a precaution. And that’s because Google Drive, as well as many other cloud-based storage services, scan files for viruses. If a virus is detected, then users won’t be able to share the file with others, send it via email or do any other kind of operations with it. Only the owner will be able to download the infected file, but only after acknowledging the risk.
Google Drive, for instance, only scans files smaller than 25 MB, with larger files being left aside. This, of course, is a bit of a problem, but hopefully, no one will want to download a possibly-infected file of such sizes in .js form anyway.