Can saved photos off the internet contain viruses?

Veni Vidi Vici

Distinguished Member
Joined
Jan 28, 2004
Messages
4,815
Reaction score
1,087
Points
1,418
I have googled this and there are various answers, most contradicting each other. Maybe someone with more computer security knowledge might know. I have saved many pics from google, mostly album artwork when iTunes doesn't find it. On the iPhone if you hold down on a photo the option to "save image" appears and it will copy it to your camera roll so again if I find a funny pic I sometimes do this so I can upload it to Facebook. Is it possible to infect your phone or computer by doing this?


Sent from my iPad using AVForums
 
basically no. if its a .jpg or a .gif, as far as i am aware you can't get a virus from saving a picture you have viewed.
 
i am sure they can actually. scripts etc
 
Any time that data that didn't originate with you comes into contact with a new function or program there's a chance that it's designed to exploit a vulnerability in that code.

So yes, anything can potentially compromise your computer. I would expect saving images to be low risk though - viewing the website in the first place is likely to be more dangerous.
 
Images contain raw data, while programs/virus' contain a set of instructions.
Somehow I doubt the google devs (OP is using google) would have built their system to "execute" raw image data, or "display" code.
If the search engine finds any kind of coding (and it will) it would filter it out as a program and not an image.
 
Last edited:
Well.of course an image can contain other code inside it. These is nothing to stop you from putting say a small computer virus code inside an image, but that's generally to hide some code, you would then need to use a program to get the code out to run it.
I don't think you could ever RUN an image.
 
I'm not sure if this is common nowadays, but I'm pretty sure buffer overrun used to be source of running malicious code. This exploits sloppy coding in programs. i.e. say a program loads in a picture that it thinks say is 10k (maybe the file format has a file size field in a header that says 10K), the malicious file is actually 15k, the program dynamically allocates 10k and then loads 15K (maybe relies some form of terminator within the file itself to determine when to stop loading). Bingo!, code gets trampled over with data and cleverly worked malicious code can then be run from that data.

:)
 
A bit like a politician. They appear to say and offer you one thing. You let them run, and they infect things before you know whats happened and do things that were not on their list when you decided to let them run ! :)
 
Well.of course an image can contain other code inside it. These is nothing to stop you from putting say a small computer virus code inside an image, but that's generally to hide some code, you would then need to use a program to get the code out to run it.
I don't think you could ever RUN an image.

o_O

I'm not sure that's very likely, or especially useful. There's plenty of encryption out there that's secure enough for transporting code around, so there's no need to resort to putting code inside images.

The only circumstance in which an image from the internet could contain viruses or whatever is if it's downloaded as part of an archive (e.g. a ZIP file) or if in downloading the image, a site manages to take advantage of a security vulnerability (in Flash or Java, for example) and gives you a little gift (spyware, keylogger, etc) at the same time.
 
Well.of course an image can contain other code inside it. These is nothing to stop you from putting say a small computer virus code inside an image, but that's generally to hide some code, you would then need to use a program to get the code out to run it.
I don't think you could ever RUN an image.

Yes, I was too hasty when I said no above.

Yes, a bitmap image (which I'm presuming this is, there's also vector images) could have computer code embedded in it in such a way that it won't show on the image itself, but the program that reads the image data to display it on the screen would have to be altered to run any code embedded within.

My experience of computer programming software to read and write bitmap image files is that such files always have a file type identifier, then a data header which contains information like X and Y pixel sizes and bit depth (16-bit, 24-bit or 32-bit colour) and so on to tell the computer how to display the image, and then to just load in the rest of the data in the file and put it on screen and that would be it. But I suppose malicious software would look for embedded code to run during that stage.
 
Just to echo what many are saying.

Hiding software inside an image is perfectly possible - it can be added to a part of the file which isn't displayed as an image. So if you opened the file in a picture editor or viewer it would simply show the expected picture.

The difficulty the hacker would have is getting the software to be executed. The programs associated with images do not run software in files - they read the file and try and interpret it as a picture. So even if an application did encounter the virus it would simply try to display it's '1's and '0's as an image - which would either show as a random mess or rejected as incorrect format.

Cheers,

Nigel
 
So is the general consensus is its possible but unlikely to work?
 
Last edited:
It is possible, but it's unlikely given the limited complexity of common image file formats and the use of common libraries that have been well-scrutinized over the years.

The complexity issue is this: complex file formats require complex programs to process them. The more complex a program, the more difficult to check that it will operate as intended and the more likely an exploitable flaw will exist. Fortunately, most types of image files are fairly simple.

Note that most modern operating systems have a degree of buffer overrun protection built in.
 
The difficulty the hacker would have is getting the software to be executed. The programs associated with images do not run software in files - they read the file and try and interpret it as a picture. So even if an application did encounter the virus it would simply try to display it's '1's and '0's as an image - which would either show as a random mess or rejected as incorrect format.

NHeather is correct. Have a look at this retro computer game image here:
http://upload.wikimedia.org/wikipedia/en/6/68/ElectronCitadel.png

See that garbled mess above and below the game area? That's not program corruption, that's actually the game's program code intruding into the Acorn Electron's screen memory, because of the way the system allocated limited resources. Most Electron games are like this, and it became an endearing quirk of the machine.

This is a perfect example of how program code would look if it were just dumped into an image file without any attempt at disguising it. Of course, this is the most basic and primitive of computer graphics from back in the 1980s, and programmers these days know all sorts of tricks in that area.
 
It is possible, but it's unlikely given the limited complexity of common image file formats and the use of common libraries that have been well-scrutinized over the years.
I would say it is impossible in windows because of the file extensions. Windows will never execute an image file extension (bmp, jpg, png).
Not only would a hacker have to hide code inside the image, they would have to make sure their victim has a program that knows what it is to execute it, and then make sure the file extension affiliation has changed to that program. And this is the type of thing antivirus is designed to look for.
So no I wouldn't think it was possible.

Linux however, yes it is definitely possible, yet highly unlikely.
You can right click>properties on any file in Linux and choose to execute it as a program, so yes the possibility is there, but for any program or virus to install itself or even make changes to your home folder it must be granted access by you by entering your password on demand. And it is highly unlikely anyone is going to grant home access to a image file.
 
It definitely can be a carrier to exploit vulnerabilities. However it wouldn't do that by itself the moment you've down loaded it. The exif metadata extensions incorporate lots of bits of information about the image, everything you do is reading that, like internet net browsers. If there is a vulnerability in any application reading that part you could tap into that, and let the code loose.
So for example you could put some php code in there get to the c prompt, run some commands and get in....you'd be amazed how much sloppy coding is still out there to not protect against those kind of simply vulnerabilities...
 
It definitely can be a carrier to exploit vulnerabilities. However it wouldn't do that by itself the moment you've down loaded it. The exif metadata extensions incorporate lots of bits of information about the image, everything you do is reading that, like internet net browsers. If there is a vulnerability in any application reading that part you could tap into that, and let the code loose.
So for example you could put some php code in there get to the c prompt, run some commands and get in....you'd be amazed how much sloppy coding is still out there to not protect against those kind of simply vulnerabilities...

Is an Apple Mac better against this type of vulnerabilities?
 
Is an Apple Mac better against this type of vulnerabilities?
No particular reason other than obscurity. Obvious php is installed by default so that increased the risk of injection code working. Yet calling a command prompt to get to the c drive won't do anything as it doesn't have one.

Ultimately it preys on vulnerabilities. And they are always there. We just don't know about them yet. Just take a look at what happened this week with bleeding heart. OpenSSL had that for a while.
 
Is an Apple Mac better against this type of vulnerabilities?
No not at all, the only OS closest to 100% protection is Linux due to the home folder encryption.

Why so much concern about it?
Anyone who would even try some thing like this would do it for a specific purpose. They wouldn't care about average users.
It is safe enough to say you will never get a virus while downloading from google images.
 
No not at all, the only OS closest to 100% protection is Linux due to the home folder encryption.

Why so much concern about it?
Anyone who would even try some thing like this would do it for a specific purpose. They wouldn't care about average users.
It is safe enough to say you will never get a virus while downloading from google images.
Why would ~ encryption protect against this or others?
 
No not at all, the only OS closest to 100% protection is Linux due to the home folder encryption.

Why so much concern about it?
Anyone who would even try some thing like this would do it for a specific purpose. They wouldn't care about average users.
It is safe enough to say you will never get a virus while downloading from google images.

Not overly concerned just curious and wondered if it was something I should stop doing
 
Why would ~ encryption protect against this or others?
Like I said above, programs need to be granted access to install or make changes to the home folder (program files), on demand. IIRC the other 2 don't offer this and are wide open to silent and automatic installs.
 

The latest video from AVForums

TV Buying Guide - Which TV Is Best For You?
Subscribe to our YouTube channel
Back
Top Bottom