> They are also trivial to get wrong, can be mangled when the files are moved around, and are easy to use as an attack vector.
On the contrary, they're the only kind of metadata that doesn't get mangled when files are moved around, and they're far less of an attack vector than other approaches. Of course you can set the wrong file type, but no approach avoids that problem.
They are not far better than the alternatives, it's just that no alternative reached a critical mass due to them not being how Windows works.