On 13 Apr 98 at 23:28, Jim Meagher wrote:
> What image format allows the embedding of executable or macro
> code inside the image file?
>
> Or are you just speculating on what __might__ be feasible?
It is very useful, in software engineering, to treat "code" and
"data" as distinct types of binary information. But the fact is
that it's all just BITS. Digital storage. Semantics don't lie in
the storage itself, but in the context in which it is being viewed.
Suppose that I have about a million bits, which happen, when
interpreted by a JPEG viewer program, to make a nice picture on my
screen. Suppose I set the CPU's "next instruction" pointer to point
into the middle of those bits. Does the CPU say "this isn't
executable, this is data!"? No, it proceeds to interpret those bits
as executable code -- and probably crashes fairly quickly as some
instruction violates a constraint of the system.
Writing your own bits into the middle of an image file is trivial
(unless you want it to still work as a displayable image...).
Getting some user's image viewer program -- unless you know of a bug
in a particular program (which would normally crash, as above) -- to
*execute* those bits is the part that a virus writer is unlikely to
accomplish. A working viewer program should never do that.
My conclusion was in fact that the risk of an image file infecting
a system with a virus is incredibly low. If you like, call my
remarks speculation about what it would take for the risk to be
anything more than zero.
David G
|