Login

MC680x0 · 07-10-14, 09:28 PM

Was reading this today
http://foc-u.co.uk/index.php/topic,13239.0.html

Not true that images are not harmful... I work for an MoD contractor working in Defence Information and Intelligence (cyber security).
PC based images are complex formats and contain meta data and other parts that are not directly visible when painted onto the display — it is possible to conceal "stuff" within without affecting how the image is displayed on the screen , even when hyperlinked. Venomous data can reside within the image that exploits "back doors" in poor quality image rendering programs - including doors like stacks, buffers, data segment larger than the stated image format type and exception handlers and alike. With skill, a virus writer :b can utilise these flaws to infect your machine when you open the image with a certain program. Granted this wont work just displaying the image as Mickvp said, but if one were to click on the image and open it in a certain app, then Bang!! you're infected.
Just thought I'd clear that up for the Admins

**mickvp** · (This post was last modified: 07-10-14, 10:30 PM by mickvp.)

so in short - not harmful in the format it is being displayed in.

I appreciate what you are saying, and you are right of course - someone could insert malicious information if they were that way motivated. The image in question on that thread had no malicious data on it though (and I know, because I checked the meta data and also the HTML code in which it is embedded).

The truth is, some guys one here have a hard enough time figuring out how to login and post anything (im looking at you Red98 :lol ) so rathen than explain anything technical with regards to the interwebz, its best to use small words and just say everything will be OK :rollin

The site which had been marked as malicious (memegenerator) has since been moved into the clear list, so that warning does not come up for the very same image now.

Thanks for the heads up though, we will as ever continue to check out these reports as they come in Big Grin

red98 · 08-10-14, 06:54 AM

(07-10-14, 10:29 PM)mickvp link Wrote: so in short - not harmful in the format it is being displayed in.

I appreciate what you are saying, and you are right of course - someone could insert malicious information if they were that way motivated. The image in question on that thread had no malicious data on it though (and I know, because I checked the meta data and also the HTML code in which it is embedded).

The truth is, some guys one here have a hard enough time figuring out how to login and post anything (im looking at you Red98 :lol ) so rathen than explain anything technical with regards to the interwebz, its best to use small words and just say everything will be OK :rollin

The site which had been marked as malicious (memegenerator) has since been moved into the clear list, so that warning does not come up for the very same image now.

Thanks for the heads up though, we will as ever continue to check out these reports as they come in

mmmmmmmmmmmm Sad

...and there was silly old me thinking this was a motorcycle forum :rolleyes ... :lol

MC680x0 · 08-10-14, 06:56 AM

Oh the internet is a place of skulldugerry and cutlesses :lol

ChristoT · 08-10-14, 12:47 PM

(08-10-14, 06:54 AM)red98 link Wrote: mmmmmmmmmmmm ...and there was silly old me thinking this was a motorcycle forum :rolleyes ... :lol

You mean this ISN'T flower arranging? Aww shit! :lol :lol

darrsi · 30-11-14, 11:21 AM

(07-10-14, 09:28 PM)tweetytek link Wrote: Was reading this today
http://foc-u.co.uk/index.php/topic,13239.0.html

Not true that images are not harmful... I work for an MoD contractor working in Defence Information and Intelligence (cyber security).
PC based images are complex formats and contain meta data and other parts that are not directly visible when painted onto the display — it is possible to conceal "stuff" within without affecting how the image is displayed on the screen , even when hyperlinked. Venomous data can reside within the image that exploits "back doors" in poor quality image rendering programs - including doors like stacks, buffers, data segment larger than the stated image format type and exception handlers and alike. With skill, a virus writer :b can utilise these flaws to infect your machine when you open the image with a certain program. Granted this wont work just displaying the image as Mickvp said, but if one were to click on the image and open it in a certain app, then Bang!! you're infected.
Just thought I'd clear that up for the Admins

I lost the way after "Not true....." :z

MC680x0 · 30-11-14, 02:24 PM

Why bother posting then? Suppose your post count is +1 up and another for the doubtless response to this.

Jeeeez :z

Login
Username:
Password:	Lost Password?
	Remember me