Tag Archives: PNG

PNG pulls ahead of JPEG

Posted on June 30, 2017 | Comments Off on PNG pulls ahead of JPEG

Every month. W3Techs records the percentage of websites using popular image file formats. For a long time, PNG was slowly creeping up on JPEG. In the latest numbers, PNG has pulled ahead, being used on 74.1% of websites, against JPEG’s 73.8%. GIF stands at a distant third with 36%, followed by SVG at 3.8%.

Keep in mind, this isn’t the same as saying more PNG images are on the Web than JPEG images. If pages which hold JPEGs contain more of them, there may be more JPEG images even if they aren’t on more sites. Since galleries of JPEG photographs are common, this is a plausible situation.

You can see the trend by looking at the RSS feed. Unfortunately, all links point to the same URL, but if you can view the RSS preview, you can get the old numbers on a monthly basis. The web page is updated daily, which is why the numbers quoted above don’t match the June numbers in the RSS feed.
Continue reading

Comments Off on PNG pulls ahead of JPEG

Posted in News

Tagged , ,

Malware in a PNG file (for real)

Posted on December 9, 2016 | Comments Off on Malware in a PNG file (for real)

Not every report of malware in an image file is spurious. A report of malware smuggled through a PNG file looks plausible to me. It claims that for two years, criminals got malware undetected onto respectable sites with this technique. Ironically, the ads included ones for a so-called “Browser Defence.”

Unlike Check Point’s “Imagegate,” this report doesn’t claim the image alone can do anything, and it describes the technique in considerable detail. Check Point said it would give specifics about “Imagegate,” like what format is affected, “only after the remediation of the vulnerability in the major affected websites.” It’s still waiting, apparently.

The PNG exploit is impressively sneaky. A script which doesn’t trigger alarms checks the host browser’s defenses. If it finds a vulnerable target, it loads a PNG file whose alpha channel encodes the malware script, then decodes the script and runs it. The actual malware takes advantage of — wouldn’t you know it? — Flash vulnerabilities. The user doesn’t have to do anything except view the page to be victimized.

This doesn’t mean any PNG file is dangerous in itself. An external script has to extract the JavaScript from the alpha channel and run it. So this counts as an exploit of a file format, but not as a vulnerability in it. Malicious code can be embedded in any format that has room for some noise in its data.

Attacks like this are why ad blockers have become so popular.

Comments Off on Malware in a PNG file (for real)

Posted in commentary, News

Tagged ,

JHOVE PNG module, progress report

Posted on March 3, 2016 | Comments Off on JHOVE PNG module, progress report

There’s now a JHOVE PNG module on my GitHub site. The relevant new classes are com.mcgath.jhove.module.PngModule and everything in the package com.mcgath.jhove.module.png. I could have continued from Lauri’s code as I mentioned in my previous post, but I like a more factored approach, so I continued with my own code, which has a separate class for each chunk type. Take a look at the top-level file FORKNOTES for what I’ve been doing.

It does a pretty decent job of validating files and extracting metadata now, but some chunk types are still ignored, and there are some design decisions on the extracted metadata that I’m not sure about yet. Also, JHOVE modules usually have a lot of metadata about themselves, and that’s not complete yet. If anyone wants to play with it, keeping in mind that it’s not stable code yet, please do and submit issue reports for bugs and suggestions.

Comments Off on JHOVE PNG module, progress report

Posted in Personal

Tagged , ,

JHOVE and PNG

Posted on February 29, 2016 | Comments Off on JHOVE and PNG

A few days ago, I started writing a PNG module for JHOVE, partly to keep my Java skills up, partly to help me understand the PNG format. After a while I noticed there already is code for a PNG module and has been for a long time. I must have added it to SourceForge. According to a note in the code, Gian Uberto Lauri at Engineering Ingengeria Informatica S.p.a. created it in 2006. A good amount of work clearly went into it, but it won’t compile. It’s located in a non-source code directory (extramodules/it/eng/jhove/module/png/PngModule.java), so I had to copy it to src/java to try it out.
Continue reading

Comments Off on JHOVE and PNG

Posted in commentary

Tagged , ,