Hello Jonathan, On Tuesday, June 11, 2002 at 5:39:26 PM you wrote in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] (at least in part):
>> This is wrong belief to my knowledge. You do not go executing >> images. You read them and try to display them. If format is not >> right then component for reading the image will report it and you >> will skip the image. Images must have a valid header and data >> format. JA> Then how would you explain viruses spreading via the .jpg and .gif JA> formats? Because the wide spread usage of Outlook and Outlook Express?!?!?!?!!!!! JA> They have 'code' in the headers that the viewer (in most JA> cases IE) reads and 'executes'... which causes infection. Plainly WRONG! A JPG or GIF _IMAGE_ CAN'T have any code that is executed. It's quite IMPOSSIBLE. Read about the binary data formats and see: absolutely NO place for executable code there. What happens is: this object is announced as an 'image' by a 'Content-Type: image/jpg' or something similar. This is no problem, but in fact the extension is e.g. '.pif' or '.bat' or '.com'. This is no problem too ... except ... except the '<what ever tries to handle the object>' does not enforce the object _trying to be rendered as an image_ but executes a system call to 'start' the object, WHICH FINALLY executes the '.pif' or whatever. So the problem ain't there's a '.jpg' _in name_, and the problem ain't wrong rendering, but a wrong executed system call on an _executable_ file. Disable the 'Hide file extensions for known file types' in your explorer settings (not Internet Explorer!!! Explorer ... the file manager!) and you'll see: none of these 'soooo dangerous' image files _is_ an image file. JA> Same issue occurs, although if you have a virus scanner, they should JA> be caught ;) Of course :-) If it's up-to-date it should catch them ... -- Regards Peter Palmreuther mailto:[EMAIL PROTECTED] (The Bat! v1.60q on Windows 2000 5.0 Build 2195 Service Pack 2) Click ... click ... click ... damn, out of taglines! ________________________________________________________ Current Ver: 1.60q FAQ : http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://bt.ritlabs.com
