I think the addition of a checkbox in the Defense+ settings stating something like: "Alert on file extension change" would be beneficial and could even stop some of those ransomware that encrypt user files and change/add an additional extension to the original one. It would be a great addition to CIS 6 when it comes out
Maybe Defense+ could know the difference between the user changing it or some program doing it, or use the whitelist to allow known programs such changes...I'm not familiar with the technical limitations/possibilities but I think you get the idea.
What do you guys think?
This can be great idea, but on the other side with lots of problems in It.
1) It will be annoying when manually changing extensions - maybe it can be solved by adding some sensor detecting that It's user modification and don't ask.
2) When some malware will change user extensions It will just spam user with tons of popups as It massively change every file extension on disk. - Will have to get checkbox 'Take selected action (Block/Allow) for every file extension modification in .... 20 minutes for example)
But with some improvements and smart make It can be great addition.