Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Bug Android Google

Google Pixel Bug Lets You 'Uncrop' the Last Four Years of Screenshots (arstechnica.com) 29

An anonymous reader quotes a report from Ars Technica: Back in 2018, Pixel phones gained a built-in screenshot editor called "Markup" with the release of Android 9.0 Pie. The tool pops up whenever you take a screenshot, and tapping the app's pen icon gives you access to tools like crop and a few colored drawing pens. That's very handy assuming Google's Markup tool actually does what it says, but a new vulnerability points out the edits made by this tool weren't actually destructive! It's possible to uncrop or unredact Pixel screenshots taken during the past four years.

The bug was discovered by Simon Aarons and is dubbed "Acropalypse," or more formally CVE-2023-21036. There's a proof-of-concept app that can unredact Pixel screenshots at acropalypse.app, and it works! There's also a good technical write-up here by Aarons' collaborator, David Buchanan. The basic gist of the problem is that Google's screenshot editor overwrites the original screenshot file with your new edited screenshot, but it does not truncate or recompress that file in any way. If your edited screenshot has a smaller file size than the original -- that's very easy to do with the crop tool -- you end up with a PNG with a bunch of hidden junk data at the end of it. That junk data is made up of the end bits of your original screenshot, and it's actually possible to recover that data.
While the bug was fixed in the March 2023 security update for Pixel devices, it doesn't solve the problem, notes Ars. "There's still the matter of the last four years of Pixel screenshots that are out there and possibly full of hidden data that people didn't realize they were sharing."
This discussion has been archived. No new comments can be posted.

Google Pixel Bug Lets You 'Uncrop' the Last Four Years of Screenshots

Comments Filter:
  • by Rosco P. Coltrane ( 209368 ) on Monday March 20, 2023 @05:09PM (#63386223)

    and instead it hid it? You don't say!

    If you can't trust Google to handle your data the way you really want your data to be handled, who can you trust eh...

    • by Anonymous Coward

      This is why I don't use "apps" for real work. Only use simple trusted open-source software that does what it is suppose to do.

    • by AmiMoJo ( 196126 )

      No, it's not Google keeping data they claimed to delete. This is about files stored locally on your phone.

      The screenshot feature on Android lets you edit screenshots, including redacting them. The file is saved locally, and by default it is not synced with your cloud storage. Also by default, if you do enable cloud sync then it gets re-encoded at lower quality anyway, which would remove the left-over data that is the issue here.

      It's a bug. After editing the screenshot, the app saves it over the old one in t

  • by test321 ( 8891681 ) on Monday March 20, 2023 @05:30PM (#63386259)

    Some people don't realize that the Crop tool in the MS office software does not actually crop the images, just the view. My colleague sent me a docx file that was really big for the content and I was trying to reduce the size. The file contained some small logotype that was screenshotted from a website and "cropped" by MS Office. But Office kept the entire screenshot of his 4K screen including the youtube video he was running at that moment (he uses youtube for music and lets it open while working), which made it a very heavy png. Nothing problematic was exposed in this case but he could have had a legal or patent document opened, or the picture of his kids.

    • by jbengt ( 874751 )
      Somewhat similar thing happened to me a long time ago with a .doc file. I was playing around with it, trying to figure out the best way to put photos into a Word .doc, and I inserted and deleted a bunch of photos, but saved it with only one photo inserted. The saved file was hundreds of megabytes. All I could figure was that the undo-redo data was kept in the file. After closing the file, it remained as large as if it had all the information to restore the photos with undo, but I was unable to use undo
      • by AmiMoJo ( 196126 )

        Saving undo data in Microsoft Word files is a classic that has tripped up many people. I seem to recall a press release that was distributed as a .docx, and journalists were able to simply CTRL-Z to see previous drafts that changed as more damaging information came to light.

        That's why I always distribute my stuff as a PDF generated from LibreOffice. For the really paranoid, use a software printer that saves as PDF.

        Not that PDFs are always safe. A very common mistake when redacting PDFs is to simply draw bla

    • That is how digital document editing works. The soft crop is by design because the whole point of digital desktop publishing software is that you don't want to limit yourself to what you can do with scissors. A Word document is not intended to be an output file for desktop publishing purposes no matter how often it is used as such.

      Taking a 4K screenshot for a logo is just weird. There are better screen capture options built into Windows that don't grab the whole screen.

      • Re: (Score:1, Insightful)

        You're holding it wrong.

        Tech engineers telling their users that their reasonable expectations based on the interface presented are wrong. Some things never change.

      • by Askmum ( 1038780 )

        Taking a 4K screenshot for a logo is just weird. There are better screen capture options built into Windows that don't grab the whole screen.

        You are assuming #random desktop user knows how to handle #random desktop.

        Newsflash: they don't. To the point that they use backspace to go back 20 characters to correct one and then type the 20 characters they just deleted.

    • Worth noting is there's a single button in Office that opens a dialogue to give you option to both compress pictures as well as discard cropped areas.

      Also worth noting is your colleague should get smarter using cropping. Why was he screenshotting the whole screen? Win+S is a short cut to the cutting tool.

      People need to be taught the ways they can expose themselves.

      My other favourite is highlighting text black and then printing to PDF does not censor the text, it just changes its colour.

  • by evanh ( 627108 ) on Monday March 20, 2023 @05:34PM (#63386269)

    It's just the way it was designed.

    On the desktop it's easy to manage many editions of your creative files, keeping source material filed separately for yourself. That's tricky, on a phone without a decent file manager and drag'n'drop mouse ops. So they make the programs to manipulate the singular file instead.

    Just another reason to treat your phone as the gimmick it really is.

    • by AmiMoJo ( 196126 )

      It's definitely a bug. When saving the redacted version, they open the old file and write to it. They don't trim the length of the old file to the length of the new data, so part of the old data is left at the end of it.

      Classic noob coder mistake.

      • I don't know if I'd call it a classic noob mistake. They wrote the file out using the "w" mode, which on any POSIX system is supposed to truncate the file. On Android, it doesn't do that in current versions. The behavior changed in Android 10; previous versions did truncate the file.

        I think this is a pretty reasonable mistake to make, especially given that it wasn't a mistake at the time the code was written. The fault here really lies with bad APIs (mode strings seem to invite this sort of problem) and wit

        • by Anonymous Coward

          The fault here really lies with bad APIs (mode strings seem to invite this sort of problem) and with changing the API underneath people in a way that works incorrectly without complaint with previously-correct code.

          Yes, but I'd like to add that the API was also poorly documented. Worse, Google Drive crashes with "wt", so "rwt" was recommended and they aren't going to fix Android 10 or 11. This mess will be a problem for a decade.

        • by AmiMoJo ( 196126 )

          Thanks, I didn't know about that change.

  • Claim it as a feature!

    Don't like what you lost in the crop? Need that full picture back from 4 years ago? No problem, our proprietary crop implementation actually saves the original photo so you can uncrop it at any time...

    • In all seriousness, this is how most photo editors have worked - by design - for many years. If you want an honest-to-goodness new, cropped image, use "save as" or "export".

      Apple's Aperture and Adobe Lightroom were doing this from day one - so circa 2005. I don't know if they were the first to use the nondestructive editing paradigm.

  • by RitchCraft ( 6454710 ) on Monday March 20, 2023 @06:36PM (#63386387)
    The web site that explains this: https://www.da.vidbuchanan.co.... [vidbuchanan.co.uk]
  • All that self-pron with self blurred self faces!
  • by gweihir ( 88907 ) on Monday March 20, 2023 @09:19PM (#63386633)

    Were people put black bars over text in PDFs (and other documents), believing the text could then no longer be read. Of course, PDF has the excuse of being there a lot longer and actually having a reasonable reason for this not to work. For a fucking graphics editor to visually lie about what an operation really does to a picture is just abysmally bad design that breaks the "Principle of least surprise" save/secure tool design principle in an astonishingly insight-challenged way.

  • by Ksevio ( 865461 ) on Monday March 20, 2023 @09:34PM (#63386657) Homepage

    We finally have the amazing feature in that scene of Red Dwarf where they uncropped an image!

  • Is it a normal programming practice that when a buffer shrinks in size, you still save the original size of the buffer?

    So, the Rust people are going on and on about "solving" buffer overruns, while some programmers don't even know how to keep track of how large the buffer is? What on earth is really going on?

  • I wonder if this can or will be used as evidence. Imagine someone cropping someone problematic out of a picture and sending it, only to discover they effectively sent the original. Oops

  • Catherine Schwartz from Tech TV had cropped some nudes to use as public headshots -- only to discover Photoshop has the same behavior.

Your password is pitifully obvious.

Working...