Extreme photo-bombing: Bad ImageMagick bug puts countless websites at risk of hijacking A wildly popular software tool used by websites to process people's photos can be exploited to execute malicious code on servers and leak server-side files. Security bugs in the software are apparently being exploited in the wild right now to compromise at-risk systems. Patches to address the vulnerabilities are available in …
The ‘magic’ part of ImageMagick is the problem here. One of its main selling points is that it just works and does something at least kind-of-useful with almost any file type you might want to convert to an image and process so. Which is very nice when you need it.
But it is also exactly the wrong approach for untrusted input.
Does a web image gallery really need converters from PoV-Ray, manual pages and HTTPS (sic)?
The way to do that is one process reads the input but does nothing with it and hands it off to another with reduced privileges which processes it. It means stack smashing programs are confined to relatively harmless processes. If combined with BSD's pledge() then even better.
ImageMagick got forked quite a while back, and the result was GraphicsMagick which purports to be more efficient. No news there yet of any updates - maybe they dodged this one..
I have never understood selfies. If one is in front of a wonderful view then take that view but don't ruin it.
I saw my first Selfie Stick in the wild the other day and I had to resist all temptation to shove it up the owner's arse. Taking a selfie is narcissism one step too far but going out to buy a tool in which to do it is somewhat frightening.
Perhaps this bitterness is born from the fact that I have the face for (silent) radio...
" If one is in front of a wonderful view then take that view but don't ruin it."
Well one could take two pictures. One of the wonderful view and one of oneself with the wonderful view in the background..
The funny thing is, most people like looking at images of other people. Yes, silly isn't it. There they are sitting in front of the Taj Mahal and all anyone wants to look at is the happy couple.
Another funny thing, most great painters thought nothing of painting a self-portrait.
https://en.wikipedia.org/wiki/Self-portrait#Rembrandt_and_the_17th_century_in_Northern_Europe
On the other hand what's the point in taking the same photo that literally millions of others have taken before you. Unless you're a professional photographer, you're taking pictures to make a record of the (hopefully) happy moments of your life. Maybe that's narcissistic but it's also very human and as far as I can see harmless.
It's a "social media" thing: Billions of miserable pathetic wretches desperately vying to convince their "friends" that their own miserable and pathetic existences are less miserable and pathetic than those " friends' " miserable and pathetic existences.
Post a snap of the M25 flyover and it's just a snap of the M25 flyover... but... post a snap of *yourself* at the M25 flyover and suddenly it's a different thing entirely: Look! I've "been to" the M25 flyover! OMG! Who's livin it now!!! Suckers!!!!! Don't you SOOOO wish you were me?!!!!!!one
An M25 flyover selfie would be pretty underwhelming, but the photo used in the article features Wat Rong Khun, a temple in Northern Thailand. There's lots of strange and beautiful stuff in that corner of the world that justifies snapping a memento.
I'm unsure why people get so upset about selfies. Compare them to the bad medical tips, ropey politics, phrases that might pertain to football and the mild-to-moderate racism that spews up on most people's facebook walls. Self-portrait photos are among the least-offensive items on social media.
Is it the selfie stick that irks people? The last time I was at Heathrow I was walking just behind a group of lads filming themselves on a go-pro-on-a-stick as they walked to their gate. It seemed silly but is that really worth getting annoyed about?
I have never understood selfies. If one is in front of a wonderful view then take that view but don't ruin it.
Neither have I. Fortunately I normally tend to carry a slightly better camera around (nothing too fancy, just a Lumix FZ200 which madly conditional menu structure makes me suspect Panasonic employs a Microsoft UI engineer), and that weighs just too much for any selfie stick temptation :).
I take an image because I want to preserve a memory or a sight. I see my own face fairly regularly when shaving, and most of my friends also know what I look like..
Instead of asking a stranger to take a picture of you (and whomever else) in front of whichever attraction (or personage) using your camera, you do it yourself. The problem is that people have taken it to extremes and do it inappropriately, causing damage to surroundings, obstructing others and posing as a general safety hazard.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
