Helping people with computers... one answer at a time.

Compressing files for security can give you just a little bit of gain if done with proper compression software. A better strategy is to have a good security process in place.

Can compressing a file reduce the chances of having it be corrupted by viruses or a zombie?

In this excerpt from Answercast #74, I look at the extra security that comes from compressing files with compression software: it's small!

Compressing files for security

It depends on how you compress it.

A quick rule of thumb: if the file still looks like the file to you when you look at it (it's still foo.doc) then it hasn't helped anything. That's Windows file compression.

Windows file compression changes how things are written to the disk - but it doesn't change how the file looks to you or to other software on your system. Most importantly it doesn't change how it looks to the malware.

On the other hand, if you're compressing it using other programs (such as maybe WinZip, or 7Zip, or AxCrypt or something like that) where the original file, "foo.doc," isn't there anymore; and it's replaced with something like "foo.zip" or "foo.crypt" (or whatever you want to call it); then it's no longer a .doc file. Malware and other processes typically don't act on it the same way - and typically don't see it as something that can be infected.

Compression type matters

So bottom line is: if the file looks like it's still there after you "compressed" it... it's still there. It is just as likely to be attacked by malware.

If, on the other hand, the files have been changed (removed and replaced by a different file that is the encrypted file with a different name), then chances are that that actually has protected you just a little bit.

I really don't consider this a huge, huge win.

I certainly would not run around compressing my files in order to prevent malware from attacking. I would focus more on having good anti-malware solutions in place overall. This really doesn't add a lot of security to your overall setup.

(Transcript lightly edited for readability.)

Article C6084 - November 29, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.