That seems less like them decrypting encrypted archives and more like the zip format not encrypting filenames so they’re easily read from the zip’s metadata.
Which is still a privacy violation, to be clear, but not nearly on the same scale as somehow obtaining and using your passwords to decrypt data you yourself encrypted.
it depends on the type of zip encryption, the default doesn’t encrypt metadata
edit: upon looking into it further, the other commenter is right, the zip format itself doesn’t actually support encrypting metadata at all, you would need to use a different format such as 7z to obtain it.
They are visible, you can test this yourself. Open a password-protected zip with 7zip and it’ll show the file list even without entering the password. The “encrypt file names” checkbox doesn’t even appear when creating an archive if the zip format is selected, so I’m not sure the format supports it.
They not only look at your files but will decrypt any encrypted zip files to see what you have.
https://news.ycombinator.com/item?id=37086814
That seems less like them decrypting encrypted archives and more like the zip format not encrypting filenames so they’re easily read from the zip’s metadata.
Which is still a privacy violation, to be clear, but not nearly on the same scale as somehow obtaining and using your passwords to decrypt data you yourself encrypted.
That was what someone claimed but it isn’t true. Filenames are not accessible in an encrypted zip.
it depends on the type of zip encryption, the default doesn’t encrypt metadataedit: upon looking into it further, the other commenter is right, the zip format itself doesn’t actually support encrypting metadata at all, you would need to use a different format such as 7z to obtain it.
They are visible, you can test this yourself. Open a password-protected zip with 7zip and it’ll show the file list even without entering the password. The “encrypt file names” checkbox doesn’t even appear when creating an archive if the zip format is selected, so I’m not sure the format supports it.