Sunday, October 03, 2004
Jpeg exploitation!
unless you follow computer/internet security matters, you probably haven't heard much about the interesting "jpeg explot" technique that has security companies very intrigued.
basically, here is how it works. Code is attached to jpeg images (no matter what kind of image it is..kittens, porn, or your favorite moviestar) and when you view the images in internet explorer, code is executed and a program is requested from another server, and then bad things could happen.
microsoft responded to this exploit earlier in september, however, not everyone is in a rush to patch. there haven't been many reports of malicious use of this trick, however, usenet is reporting that the exploit has been discovered in a sample of pornogrpahic pictures that have been distributed through usenet.
Why do I care about this? A long time ago someone once told me "no consumer electronics device has ever been successful without the promise of pornography in the privacy of your own home." think about it: the vcr, the camcorder, the internet, etc. The list goes on.
so if someone really wanted to wreak havoc on unprotected machines, porn would be a great distribution tool.
More info on this exploit can be found here.
basically, here is how it works. Code is attached to jpeg images (no matter what kind of image it is..kittens, porn, or your favorite moviestar) and when you view the images in internet explorer, code is executed and a program is requested from another server, and then bad things could happen.
microsoft responded to this exploit earlier in september, however, not everyone is in a rush to patch. there haven't been many reports of malicious use of this trick, however, usenet is reporting that the exploit has been discovered in a sample of pornogrpahic pictures that have been distributed through usenet.
Why do I care about this? A long time ago someone once told me "no consumer electronics device has ever been successful without the promise of pornography in the privacy of your own home." think about it: the vcr, the camcorder, the internet, etc. The list goes on.
so if someone really wanted to wreak havoc on unprotected machines, porn would be a great distribution tool.
More info on this exploit can be found here.
# posted by Chad Stoller @ 10:28 AM 
