The namespace for filenames and DNS names has overlapped since the introduction of DNS in 1985: \texttt{.com} was the original binary format used for DOS and CP/M systems. Recently the introduction of gTLDs such as \texttt{.zip} and \texttt{.mov}, coupled with the growing prevalence of web resources, has ignited new concerns about potential issues related to DNS and filename confusion. Thus far, the discourse on DNS/filename confusion has been piecemeal and hypothetical, making it unclear what, if any, security concerns credibly exist. To address this gap, we provide the first enumeration of how DNS/filename confusion can be abused. We then perform the first empirical case studies of DNS/filename confusion in the wild, which highlights suspected confusion across a wide range of software. Finally, based on our preliminary findings, we provide suggestions and guidance for future research on this topic.

翻译：自1985年DNS引入以来，文件名与DNS名称的命名空间始终存在重叠：\texttt{.com}原是DOS和CP/M系统使用的原始二进制格式。近年来，随着\texttt{.zip}和\texttt{.mov》等通用顶级域（gTLD）的推出，加之网络资源的日益普及，DNS与文件名混淆相关的潜在问题引发了新的担忧。迄今为止，关于DNS/文件名混淆的讨论仍零散且停留在假设层面，尚未明确是否存在可信的安全隐患。为填补这一空白，我们首次系统梳理了DNS/文件名混淆可能被滥用的方式，并开展了首个针对现实环境中DNS/文件名混淆的实证案例研究，揭示了多种软件中疑似存在的混淆现象。最后，基于初步发现，我们为未来该领域的研究提出了建议与指导方向。