The Yowie wrote:
Many security exploits are using the EXIF data header in JPG files to insert Trojans in your computer messages. For that reason alone, Outlook Express’s ‘medium’ security setting prevents opening jpg attachments. Perhaps about 80% of people may probably still see your file but for responsible behaviour on the Internet, perhaps using the Portable Network Graphic (PNG) format may be more appropriate?
That strikes me as very silly. There’s nothing irresponsible about sending a jpeg.
It’s possible to send trigger information in a Jpeg, or any other file for that matter, but an executable or script cannot be meaningfully packaged in a jpeg. If you know differently I’m listening.
Meantime, jpeg embedded info would only potentially affect systems that are already infected with virusses that scan each incoming jpeg file. I would no more hesitate to send or open a jpeg than I would a text file, which could also contain trigger information in the form of a unique string.
JPG format is universally the format most photographers use over the Internet. This does not, in itself, make JPG format any better or worse for e-mail messages. PNG is prefered over GIG because of less artifacts and it’s open source so if ever there was an exploit using it, the open source community would be quick to fix it.
No. PNG came into existence when Compuserve started to charge big bucks for the GIF file format, which it had a rightful claim to.
Furthermore the open source aspect is not an issue for JPEG or GIF. There are open source implementations for all of these formats. JPEG was designed as an open and shared specification from the start. Though there was a scramble over the tail end of the patent rights to jpeg recently, that seems to have blown over.
—
Mike Russell
www.curvemeister.com
www.geigy.2y.net