Viruses now in jpg files? Gif files?

[Frazer Jolly Goodfellow]

Can I join in?

Of course and welcome aboard.

It's encapsulated.

Correct.

Doh!

 

[Hoosier Daddy]

Just like Linux and Mac OS/X.

In Linux, all files are passed through the shell first. If the shell
determines it can be executed by a specific program, it opens it with
that program. This is why shell scripts have those famous shebang
lines and this is what is meant by magic.

http://en.wikipedia.org/wiki/Shebang

Nothing wrong with that, the problem is that Windows is inconsistant
with what it uses to associate files with programs. It gets users familiar
with trusting the name extension to do the association and then throws
in some OLE2 or WMF with an altered extension and associates it
with the correct application anyway even though the extension may be
one that indicates a trusted 'safe' filetype. Now the malware files can
assume a 'safe' sounding name ending in .gif, .jpg, or in the case of the
OLE2 an extensionless filename like "hosts" can be executed when
invoked.

 

[kurt wismer]

There was once a computer that (I think) ran some form of unix (back
in the late 80's or early 90's). It was called "Next". We had a few
of those in our lab.

Anyways, as I understand it, the graphic display was actually
implimented in postscript.

well, there's always going to be people trying to use things for
something they weren't intended for...

postscript was designed as a device independent language for describing
text and graphics to a *printer*, not a monitor... but you know how it
goes, when all you have is a hammer everything looks like a nail...

 

[kurt wismer]

I think we're disappearing down a rathole of semantic minutiae

i love it when people use the term 'semantics' disparagingly...
semantics is all about the meaning of words... most debates worth having
are ultimately about the meaning we place on words - it's an attempt to
reach a common understanding...

In its final-form representation, a document *is* a graphics image.

in the same way that ascii text (each character of which being a
rudimentary sprite) is a graphics image...

of course no one in their right mind would call a page of text a graphic
image, because it is not intended or used for graphics except perhaps in
a tiny minority of cases... likewise postscript is not intended or used
for graphics except perhaps in a tiny minority of cases...

if i create a bitmap, jpeg, or gif of the world "volcano", does that
word exist in ascii form within the graphics file? because i'll tell you
right now it definitely does with a postscript file... i know this
because i've had cause to try to read postscript files prior to having a
gui enabled OS and found hex editors quite capable of showing me the
text of those postscript documents... a postscript file is closer to a
word document or pdf file than it is to bitmap, jpeg, or gif...

WMF is a vector graphics representation language, as is Postscript.
The "Postcript" bit referred to its (at that time) innovative use
of vector graphics to represent characters and symbols - giving
stepless text scalability and output device independence.

Embedded Postscript (EPS) was in common use as graphics image
format e.g. for company logos etc.

just because people called them 'graphics' doesn't mean that it was a
graphics format... they were graphics embedded in a document... does the
ability to put pictures in a word document make doc files an image
format? no...

 

[Offbreed]

closest thing i could come up with in google was a corrupted font
connected to a symbian-os trojan... do you have anything more specific
to search on?

About '99, maybe? One of the more troublesome posters in acv discovered
that fonts were executable files and showed that Windows might be
vulnerable to an attack through them. Sorry, that's all I can remember.

(ahem) I have un-selected the "download font" option in IE on my work
computer.

 

[Offbreed]

I was on holiday so didn't bother keeping up to date on the wmf
exploit, but I did see one piece that said it went right back
to Windows3

The type of exploit could (and was used at least once before). This
exploit is more limited.

I was focused on whether it would work on Win98SE, and ignored which
ones it did hit. Win98SE is not vulnerable, so I quit worrying.

 

[Offbreed]

Virus Guy wrote:


well, there's always going to be people trying to use things for
something they weren't intended for...

Yeah, like using it for a virus.

PDF?

 

[Gabriele Neukam]

On that special day, Offbreed, ([email protected]) said...

About '99, maybe? One of the more troublesome posters in acv discovered
that fonts were executable files and showed that Windows might be
vulnerable to an attack through them. Sorry, that's all I can remember.

That sounds suspiciously like the acav guy with the picture sigs (a
sword or some weird guy sitting on the ground, holding up a sign). No,
I won't name him, or he'll turn up in a minute. I am really glad that
he has stopped ranting here.

Heather knows, who I am talking about.


Gabriele Neukam

(e-mail address removed)

 

[Frazer Jolly Goodfellow]

i love it when people use the term 'semantics' disparagingly...
semantics is all about the meaning of words... most debates
worth having are ultimately about the meaning we place on words
- it's an attempt to reach a common understanding...

I was intending to be disparaging about semantics, I was
anticipating flak from others.

if i create a bitmap, jpeg, or gif of the world "volcano", does
that word exist in ascii form within the graphics file? because
i'll tell you right now it definitely does with a postscript
file... i know this because i've had cause to try to read
postscript files prior to having a gui enabled OS and found hex
editors quite capable of showing me the text of those postscript
documents... a postscript file is closer to a word document or
pdf file than it is to bitmap, jpeg, or gif...

Interesting: we instinctively think that a graphics or image format
file represents a rasterised version of an image. Yet we consider a
WMF file to be also graphics file. If you compare WMF and EPS file
formats, they are similar in concept: they describe an image at a
level higher than the rasterised version of the image. So that
suggests EPS is also an image file format.

Conversely if EPS is not an image file format, then nor is WMF - so
what are they?

<snip>

 

[kurt wismer]

About '99, maybe? One of the more troublesome posters in acv discovered
that fonts were executable files and showed that Windows might be
vulnerable to an attack through them. Sorry, that's all I can remember.

(ahem) I have un-selected the "download font" option in IE on my work
computer.

sorry, i got nothin'... nothing except a heaping pile of false hits
because of people posting in html (damn font tags/attributes)...

 

[Ant]

Interesting: we instinctively think that a graphics or image format
file represents a rasterised version of an image. Yet we consider a
WMF file to be also graphics file. If you compare WMF and EPS file
formats, they are similar in concept: they describe an image at a
level higher than the rasterised version of the image. So that
suggests EPS is also an image file format.

Conversely if EPS is not an image file format, then nor is WMF - so
what are they?

A WMF is a collection of binary records which represent Windows GDI
(graphics device interface) function calls to draw stuff, like move a
pen, draw a line, stretch a bitmap, etc. The GDI also has functions
specifically for playing back (i.e. calling) these records.

 

[kurt wismer]

Interesting: we instinctively think that a graphics or image format
file represents a rasterised version of an image. Yet we consider a
WMF file to be also graphics file. If you compare WMF and EPS file
formats,

that's because internally they're both 'code'...

they are similar in concept: they describe an image at a
level higher than the rasterised version of the image.

false - postscript does not describe an image... it describes a page...
that's why it's referred to as a page description language... unless
you're going to get pedantic on me and say 'yes but i was referring
specifically to EPS', at which point i would counter with 'but your
original claim was that *postscript* was an image format, not some
subset of postscript specific to holding the graphics portions of a
postscript document'....

So that
suggests EPS is also an image file format.

fair enough... and that does put my statement about wmf being the first
image format to contain code into question, but it's not what you
originally countered with...

so when, during the continual evolution of postscript, did EPS come out?
i ask this because apparently EPS files can contain a wmf preview of the
EPS files' contents... that seems to suggest that at the very least wmf
was around when EPS was being developed...

 

[Befunge Sudoku]

Interesting: we instinctively think that a graphics or image format
file represents a rasterised version of an image. Yet we consider a

I don't, but that's coz I'm old enough to remember when vector
graphics was the norm, and raster scan devices were quite rare
- the default output was on a lineprinter.

 

[Offbreed]

Heather knows, who I am talking about.

Yeah, I think it was one of her playmates.

 

[Frazer Jolly Goodfellow]

...your original claim was that *postscript* was an image format
...

OK, I accept that I should have said EPS not PS.

fair enough... and that does put my statement about wmf being
the first image format to contain code into question, but it's
not what you originally countered with...

Accepted, see above.

so when, during the continual evolution of postscript, did EPS
come out?

Difficult to pin down. Postscript was first released in 1984, but
no information so far on EPS.

BTW: AFAICT WMF first appeared with Windows 3.0 in mid-1990 - far
earlier than I believed to be the case.

i ask this because apparently EPS files can contain a
wmf preview of the EPS files' contents... that seems to suggest
that at the very least wmf was around when EPS was being
developed...

Not necessarily, that functionality could've been added later.