Sta.sh
As many of you know, archive file types represent a means to collect together a number of computer files and package them together for the purpose of backup, to transport them to some other location, or simply to compress them so that they take up less space. Many of you here in the deviantART community who offer stock resources, applications, themes and other desktop customization options are all very familiar with them and use them extensively, whether your file type of choice be .zip, .rar, or any one of another dozen options.
Depending on how regularly you submit and what sort of file type you use when you do so you may or may not have noticed a change- that change being that submissions with file types ending with .exe are no longer being accepted during the the submission process and if you've attempted to submit an archive file which was password protected you've noticed that those protected files are also being rejected during submission (although 'normal' archive files without a password are accepted just as always).
Both of these changes are relatively recent and both are related to a brief mention in the Site Update posted on May 31st. The mention was brief at the time and lacked detail, which was a deliberate choice due to the circumstances, mentioning only that, "We have made some changes to the allowed file types in categories where members generally upload downloadable files, such as skins and themes categories."
The lack of the customary detail in this particular portion of the site update was due to the fact that it referred directly to profiles being used to deliberately submit .exe files or .exe files contained in archive files which would be presented as a theme or desktop customization but which in fact were malware; files which would install viruses, worms or other malicious software which could damage or disrupt the operation of your computer.
The submission of these infected file types had been occurring for a period of months and we had been attempting to address the problem using various methods and means while watching how the individuals responded to our efforts. Ultimately in May of this year, after watching the individuals responsible adapt their tactics and continue to place infected files on the site, it became obvious that we could no longer avoid the one defense which we had been trying to avoid- namely disallowing any file type ending in .exe as well as a few other related file extensions.
The act of disallowing .exe files did successfully what none of our efforts was able to do; it blocked the vast majority of the infected files which had been steadily flowing into the customization galleries. We are certainly aware that disallowing new submissions of .exe files has inconvenienced artists who are trying to offer legitimate desktop customization resources and we are just as upset about this as the artists affected but under the circumstances we were left with no other effective choice and we encourage those artists affected to do their best to work around or within this new restriction.
Another unintended casualty in this particular battle has been stock resource providers. For years some stock resource providers are submitted their resources in archive files protected by password which they made available for sale or under specific conditions under which they would give you the password for access. Unfortunately archives which are protected under password cannot be checked to see what sort of files are inside and that means that not only can our systems not check for the restricted file types it also cannot subject the password protected archive to any virus scanning.
Because the password protection blocks our efforts to check the archive for malware we were forced to disallow the submission of any archive file type which was under password protection. We understand that this is a great inconvenience and this disrupts a system that many artists have had in place for years and this truly does represent a situation where the few have caused a disruption for the many but it was something which could not be avoided as we moved forward with protecting all members from these sorts of infected deviations.
While we are currently rejecting the submission of .exe and password protected archive files we will not be automatically removing any of these files which were submitted previously. While individual files which have an issue or a problem could be removed by our staff there is no reason to report any existing deviation simply because it is an executable or simply because it is password protected.
I'd like to reassure all artists that as we move forward and as we continue to maximize security and the safety of downloadable files that we always try our best to make certain our efforts cause as little impact to you, the artist, as possible.
