WinZip: Bug found in version 10.0, New features (and more backward incompatibility, and a controversy) in 11.0
Posted by Sachin Garg on 23rd November 2006 | Permanent Link
WinZip Computing has released version 11.0 of its flagship WinZip compression utility. It adds thumbnail images users can browse before extracting digital photos and support for the RAR file format.
They have touted new compression formats, including RAR, BZ2, and a “special” lossless technique to squeeze .wav-formatted audio files as reasons to upgrade.
The interesting discovery that this “special” technique was infact WavPack by David Bryant and that WinZip is not acknowledging their use of WavPack as required by WavPack’s license made quite a bit noise. Very interesting indeed.
This was a slight disappointment as this came from a company which has usually been very forthcoming regarding acknowledging use of third party stuff (like when they added Dmitry Shkarin’s ppmd method). Anyway, the acknowledgement issue has been fixed in the released version, now both the pages on their website and the installed help file acknowledge their use of WavPack (use of ’special’ in press releases still hurts a bit).
In all fairness, as WinZip says that they are using their own implementation of WavPack algorithm, IMHO they were not ‘required’ to acknowledge anything as the license applies only to copyrights and if it is their own implementation their is no copyright infringement (I could be wrong here and I am not a lawyer).
And how this (and other moves by WinZip and PKWare) break backward compatibility of now 18+ years old ZIP format and can cause headaches for the users, unable to figure why their friends can’t extract the files they sent, is a discussion better left for another day. Without the only unique advantage ZIP has compared to other formats (ubiquitous support and guarantee that user will be able to extract the file) it will be interesting to see how fast users switch to something inherently better.
And in other news, WinZip 10 contains a critical bug that could allow attackers to hijack a Windows PC running the utility. (The “highly critical” flaw is within the FileView ActiveX control that WinZip calls up. A malicious website exploiting the vulnerability could compromise the computer and let a hacker install malware such as a backdoor trojan or spyware on the PC. A new build of version 10 (build 7245) patches the vulnerability, so upgrade now.)
November 27th, 2006 at 6:27 pm
One clarification on the backward compatibility of ZIP files. The ZIP format has always supported the addition of new algorithms and a number of new compression methods and features have been introduced over the 18+ years ZIP has been in use. These features have been added, and continue to be added, to meet the changing needs of users over time while still ensuring they can extract data they compressed many years earlier. It does not guarantee they can continue to use the same program purchased 18 years ago and expect it to fully meet their current needs.
User headaches typically result from using applications not written to properly recognize and inform a user that a newer feature was used in creating a file they received from a friend that is using a newer software program than they may have. With proper notice from a well written application, the user should be informed of the reason the file cannot be extracted. This notice should give them sufficient information to decide whether to ask their friend to resend the file compressed using features supported by their older ZIP program, or update to a newer version of the program that supports the new features. Further, a good application may also inform the person creating the file that features they have chosen to use may not be supported by users of older applications.
November 28th, 2006 at 1:28 am
But that still requires users to upgrade. Giving more options to users is a good thing but it shouldn’t lead to confusion.
I don’t see myself as an expert, but what I would have liked to see is that the updates to original ZIP format be recognized by some other extension (like maybe .zip2?)
With an unwritten code saying that those who want portability and backward compatibility can stick to zip and those using zip2 will need to make sure they use the latest versions of tools supporting zip2.
ZIP’s only advantage is its popularity which is *because* anyone can send it to anyone without worrying about explaining which version of which tool they will need to open it. Why else could something so technically obsolete still hold ground all these years?
With this USP gone, it puts ZIP on a level (and crowded) playing field with all the other formats.
November 28th, 2006 at 12:12 pm
To add to my comments above, IMHO maintaining a patent-free-open-standard and making money from it are two very conflicting tasks, none of them is evil but striking the right balance is inherently tough.
For example, a once-every-few-years major democratic overhaul of ZIP format deciding which new algorithms to add to it after an open community discussion would help everyone, but well, it conflicts with the dollar goals.
Also, even if the company decides to do spec updates by itself, they shouldn’t be too frequent and updates to specs should be published a few months before the tool starts creating the new format files, so that other standard compliant tools get a chance to update themselves, thus reducing user agony.
Nothing evil in trying to make money, but it does conflicts with other goals ;-)
November 29th, 2006 at 1:29 pm
Mr. Peterson, from pkware how can you blame competetion ?
The problem, in my point of view, is that your company, the original inventor of ZIP, this pkware, now so called ‘professionals in data compresison’ has been unable to come up with anything good for the last 20 years after ZIP inventor died.
Leaving the standard alone, what other big step in compression your company did in the late DECADE?
Your products are only newer compilations of horroble old assembly code that no one in the company was able to read. When working with 1024 KB compression how can you achieve such powerful compression ration like the competition?
No one at this company knows what compression is therefore i think the name “data compression experts” should be left to professionals not to so called programers.