Request for Information
(Updated)
I’m not the most proficient technological person. That is, I can use a computer, and often better than some of my associates who have “certificates” for using Microsoft Office and the like. But no, I’m not by any stretch a network technician, programmer, or anything like that.
So I have a question.
It is unusual behavior for my computer to have its security safeguards penetrated. So unusual, in fact, that the appearance of new files on my desktop after simply visiting a web page is completely foreign to me. Not that I’ve never experienced an unauthorized download, but before I always had to click a link to trigger the download. I’m capable of perusing user communities to find out how big an issue this is with the operating system, and what I need to do about it. That part is all good; with a little more diligence, I will know if this is a security update bug, or whether someone has found a way through the gates. And then I’ll know what I need to do.
The question at hand seems comparatively benign, or even banal. But, you know, I also know how to do simple things like look up a file extension I’m unfamiliar with. And, you know, in some cases I end up feeling stupid because I’m left wondering why I didn’t know, say, what an .ogg file was. Life goes on.
But this time, I’m striking out completely.
AlterNet managed to place a file on my desktop under the name ad.timp. I simply linked in from The Rumpus, following a health care story, and my download window popped up showing a zero kb file by that name. File information says it came from AlterNet, and not The Rumpus.
So I excommunicated the file and then set about what I expected would be a simple but enlightening search to determine what the hell a .timp file is. Unfortunately, I’m coming up with tumbleweeds. Silence. Nothing. I may not be a brilliant (or even halfway-decent) computer scientist, but this is an unusual result even for me.
Anyone? Anyone? I’m curious. If you happen to know, and are willing to share a minute of your time, could you please fill me in on what a .timp file is, what it is for, what it is supposed to do, and so forth? Mostly, I’m curious because in looking up various file extensions, I can also learn how hostile and dangerous a given file can be. And, well, since my computer is displaying new behavior despite the most recent virus and spyware checks coming up blank, I figure it’s a good idea to find out just what AlterNet is sending users without asking or advising them.
I would greatly appreciate whatever insight anyone might be willing to share about this mysterious (to me) file extension.
Update (Oct. 31) — In addition to noting the links Marcus provided in the comments below (Sciforums, Apple), and thanking him thanking him kindly for doing so, I thought it worth mentioning a couple of things. First, this issue has been going on longer than I was aware, with discussions at Apple ranging back to August, which puts a dent in my intended solution. Like many Apple users, I am accustomed to the expectation that little things will be patched up quickly. Indeed, no sooner did I complain about a couple of glitches from a recent update than Apple fixed them. Not that they were responding to me, of course, but that’s sort of the way things go. Yet this has been going on for a couple of months, now. Either a simple patch isn’t possible, or else Apple intends to show us the back of a finger on this one.
It does not appear this is a problem connected specifically with Safari. While that browser, obviously, is the focus of the Apple discussion, the Sciforums thread notes that unauthorized downloads can occur through Camino, as well. There’s no guarantee other browsers aren’t behaving similarly; I just haven’t seen the reports if they are.
But, of course, if an alpha geek tells me that they’re different processes—the Camino download was known malware targeting Acrobat Reader—I’ll believe it.
In the meantime, I’ve never believed a browser itself is the only line of defense against unauthorized downloads. Alpha geeks are welcome to correct me on that point, too.
Oh, and I finally did run into the “Desktop-#-1” file that kicks off the Apple discussion.
B.D.'s Last Refuge 
I’m also finding that ad.timp files are being downloaded from various sites when I go through them… this just started recently (Macintosh, Safari browser)
That’s the thing that worries me, Marcus. This is new behavior. Of course, we’re used to expecting Apple to ride to the rescue, so they’ll probably fix whatever is allowing this in the next security update. But I asked some tech friends of mine and they’re all befuddled about what a .timp file is supposed to be.
Many thanks, though I’m unsure if I’m comforted or unsettled by the idea that I’m not the only one experiencing this. If you happen to pick up any useful details, be sure to let people know. I certainly will.
There’s a discussion here: http://www.sciforums.com/showthread.php?p=2395501
And a related problem (which I noticed a few weeks ago, but then disappeared) with downloading Desktop-# folders discussed here: http://discussions.apple.com/thread.jspa?threadID=2114731&start=0&tstart=105
The general consensus seems to be “don’t worry”, its an interaction with the latest Safari update and certain html calls, but… until I see something from Apple itself, I agree that it is disturbing.