Re: Web based email issues

From: Colonel Flagg (colonel_flagg_at_NOSOUPFORJ00internetwarzone.org)
Date: 09/16/03 

Date: Mon, 15 Sep 2003 20:09:09 -0400

In article <MPG.19d0121635a0d501989c9a@news-server.columbus.rr.com>,
void@nowhere.com says...
> In article <G6CcnT2u9Oz_2_uiXTWJjw@brightview.com>, null@void.net
> says...
> > Colonel Flagg" <colonel_flagg@NOSOUPFORJ00internetwarzone.org> wrote in
> > message news:MPG.19d005a396f0cc70989af8@news.charter.net...
> > > In article <MPG.19cff946db1dc912989c94@news-server.columbus.rr.com>,
> > > .jpg's and .gif's, once thought to be safe, haven't been for a number of
> > > years.
> >
> > Im with the coloenl, i have an executable jpg on my xp box.
>
> Unless it was a renamed exe/com/etc... it is not an executable JPG -
> they don't execute ANY code on the platforms. You could have something
> like somefile.jpg.exe, but that would not be an IMAGE would it.
>
>
>

this is FUD.

jpg's and gif's may contain malicious and executable code. it's "how
they're handled" that matters.

true, a jpg or gif cannot be executed on their own, of course, neither
can an .exe, it needs an Operating System that understands it, in order
to run. the fact that a jpg or gif needs yet another application to
execute it's code is but another step to infecting yourself with a
virus.

no, i am not stating the sky-is-falling and that everyone *should* quite
viewing jpg's and gif's, however, the blanket statement that jpg's and
gif's are safe is crazy talk. 

-- 
Colonel Flagg
http://www.internetwarzone.org/
Privacy at a click:
http://www.cotse.net 
Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."
"...I see stupid people."

Relevant Pages

  • RE: [Full-Disclosure] 2 vulnerabilities combine to auto execute received files in Nokia series 60 OS
    ... Wouldn't the phone try to open the jpg file as a picture, and not execute ... if you rename a .exe to ... extension such as jpg or an unknown extension, ...
    (Full-Disclosure)
  • Re: Web based email issues
    ... > a GIF or JPG to executable on ANY platform, ... > around and renamed an executable file and faking it as a JPG. ... you should know it's possible to execute a jpg. ... TECHNICALLY get executed, HOWEVER, IE can mishandle the data within the ...
    (alt.computer.security)
  • Re: Web based email issues
    ... >> a GIF or JPG to executable on ANY platform, ... >> around and renamed an executable file and faking it as a JPG. ... it's the fact that you covered it in such broad terms. ... you should know it's possible to execute a jpg. ...
    (alt.computer.security)
  • Re: S.O.S. Error resizing image in linux. i dont known how solve it
    ... > Using the bello code i am trying to resize one image. ... > this class is using into one web apllication for resizing jpg images. ... > in windows it runs well but into my linux i doesn't work. ... > if i try to execute into linux from the main, ...
    (comp.lang.java.programmer)
  • Re: Web based email issues
    ... > they don't execute ANY code on the platforms. ... from what i understand MSIE executes the code within the JPG ... and right now i dont have time to check. ... "Without Knowledge you have fear, With fear you create your own nightmares." ...
    (alt.computer.security)