I understand computers plenty well, but I can't envision any scenario where not knowing the default program for a file type would bring disaster. No one should have to memorize what program opens every file, and there's no good way to even learn that information easily. I want to open a photo. Why would I care whether this system uses Shotwell or GNOME Photos or what have you? How would I even learn what's possible? Especially with Linux, there's so much fragmentation that just trying to open the file manager feels like a guessing game of going through all the ones I've heard of to see which works until I finally break down and Google what fork this distro uses.
That change would make computers completely unusable beyond Chrome and maybe Office for 99% of people.
I'm not the pen tester, I just hang out with him, but the particular disaster I'm thinking of has to do with samba file shares. I guess there's some file extension that will prompt windows to attempt to log in to the server at an address found in the file. So you email that file to your target and when they open it it sends you their password under the auspices that you're an internal samba file share.
As I understand it, a very large portion of the attacker's toolkit has to do with tricking users into running programs they've never heard of by clicking things they think are familiar.
But the real disaster is not the successful attacks, it's the culture that we're creating where users are taught to click things and trust the OS default behavior while simultaneously trained to never click things that seem out of the ordinary.
It creates a paralysis in the user when it comes to exploring their tooling and fails to create a learning gradient. This widens the gap between them and people like you and me.
That's a disaster for them because they get taken advantage of by people in the know, and it's a disaster for you and me because they end up blindly supporting bad behavior (drm, companies mishandling user data, etc) since it's bad in a dimension that they've been locked out of by our failure to pave a path towards competence.
You certainly will care if you double click a .png and suddenly WinRAR opens up, because that .png is actually an ACE archive (application/x-ace-compressed), and guess what ACE stands for - arbitrary code execution! Probably not, but they've had one for 20-ish years: [1]
I find that insane, and that's basically what happens on Linux today.
If it's a .png, it would open up in Microsoft Photos/eog/LXImage for me. Obviously some exploit could be found in there and any untrusted file is a risk, but it won't open WinRAR. That's the whole point of why file extensions are so much better than any alternative.
What happened to me today on Linux was `$ geeqie image.png`. It might be possible to trick geeqie into doing something bad, but it's a heck of a lot harder.
That change would make computers completely unusable beyond Chrome and maybe Office for 99% of people.