What it is: The .xip file format is similar to the existing .zip file format for compression but with added digital security to verify the file contents have not been modified.
File compression is a seemingly trivial feature but an important one. At the very least, compressing files lets you combine multiple files into one while reducing overall file size at the same time. This lets you send multiple files easily.
The big problem with file compression is that it doesn’t verify its contents. Someone could easily open a compressed file, replace legitimate files with malware, and compress it back up again. That’s exactly what hackers did with a malware program dubbed XcodeGhost, which modified Xcode, Apple’s free development tool for creating apps.
XcodeGhost acted just like Xcode but every time someone compiled a program, XcodeGhost would boobytrap it with malware. Because developers thought they were downloading a legitimate copy of Xcode, they had no way of knowing they were actually downloading the malware version called XcodeGhost instead.
That’s why Apple has now shifted file compression to the .xip format, which allows verification of its file contents. Theoretically the .xip file format won’t let someone uncompress a file, boobytrap it, and compress it again to masquerade as a legitimate compressed file. This .xip file format is designed to protect against future hacker tricks like XcodeGhost, but could also be used to verify files sent by email.
Suppose you send a document by email. Someone could intercept that document, modify it, and send it on its way. Now the recipient has no idea the document was modified.
However if you sent the document in the .xip file format, then the recipient could be sure that the file contents were not modified en route. This seemingly simple file format can increase security and trust.
For now, Apple will likely use the .xip file format when distributing its own tools but the .xip file format could become more popular in the future. The key is getting more people familiar with the .xip file format and understanding how to securely compress files and validate them.
For most computer users, this will likely be a hassle, but for more tech-savvy users, this could provide additional security when using a computer. Now if Apple could make the .xip file format easy to use so even non-computer savvy users can use it effortlessly, then the .xip file format could take off. Until then, it will likely remain another tool for tech-savvy users while the vast majority of users simply ignore it altogether.