Putting the zing back in sting …
Recently, I’ve been running across a supposedly new compression format over and over again. The format? WinZix or rather, .ZIX files. The name and the extension seems to indicate that they are trying to capitalize on WinZip’s popularity and market share. Their website claims that they have the "ultimate compression". The truth? Now that’s a bit more tricky :p
When I first heard about WinZix, being the software junkie that I am, I was tempted to download it and try it out. However, the name and the way it was branded made me hesitate. I decided to check it out first. There wasn’t much online about WinZix though. There were people claiming that it contained trojans and that it messed up their systems. There were others claiming that it didn’t compress any files at all and in fact, it increased the size of a file that was compressed with it. However, these were all claims made on the Net and you know how that goes :p
So, I downloaded a .ZIX file myself – not the program but a file supposedly compressed with WinZix. I then opened the file in a hex editor and noticed that it had a file header which identified it as a WinZix file. But what was more interesting was to see a ZIP file header a few bytes further in from the WinZix file header 🙂
Now, most files contain a file header (or a signature) which identifies the file type and allows the corresponding program to determine whether it’s a file format that the program works with. I knew the ZIP signature since I’d worked with ZIP files before. Being paranoid by nature, a thought flashed into my mind at this point – what if the WinZix folks weren’t actually compressing files but taking standard Zip files and wrapping it with a new header so that WinZip (or any other program working with Zip files) will not see it as a Zip file?
I decided to test out this theory. I deleted the first six or seven bytes from the WinZix file, removing the WinZix header but leaving the ZIP header/signature intact. I then tried to open the file in WinRAR (which supports ZIP format) and it opened up fine and I was able to extract the contents of the ZIP file.
So there you have it 🙂 WinZix is really a phoney. It doesn’t actually compress any files and certainly might have trojans or backdoor programs or viruses embedded in. Or it might simply be a way to cash in on people’s gullibility and make some cash since apparently they do say that they include adware in their EULA. Whatever else it might be, a compression program it is not :p