They called me mad when I used GIMP for cropping all my images!! Well now who's the crazy one?! Ahaha AHAHAHAHA

All you have to do is crop the image, take a screenshot of the cropped image, crop the screenshot, and then send the original cropped image because you couldn't remember which was which.

6:31 in addition to removing metadata to protect the user privacy, another reason to re-encode images that are uploaded is to ensure that they are actually images, as well as constraining image sizes, protecting website itself from harm.

There's a very similar issue in biology. The mechanisms that reads genes can miss its equivalent of an iEnd, a stop codon, and keep on reading until it reaches another stop codon. Some viruses actually use this as a way of compressing their genome by having a protein whose full-length version and "cropped" version do different things.

I'm loving the editing on this one. The sequence at 3:20 is particularly cool

Funny part is that about 20 years ago i had a website for images online, and I had a problem with people hiding rar files inside their pictures, so I implemented the re-encoding part that is needed. So my service fixed this issue 20 years ago, to be fair it died maybe 2 years later but still!

Great dynamic in this video with Steve and Mike! Good format

Going to Nottingham for a masters in CompSci in September. This channel has always been on my recommendation list. Will be great to learn from you guys in real life.

It's almost as funny as when Microsoft thought it would be a good idea to save a Word document's edit history in its file. It was not.

I wonder why this hasn‘t been found earlier since the cropped image has the same filesize?

This is sort of reminiscent of the situation with people using social media-supported "stickers" to cover up information on pictures uploaded to those platforms. So you'd upload a picture to the site, and place a sticker over the bit you don't want to be visible, but it turns out those stickers were implemented as extra bits outside of the actual pixel data, so all the original pixel data is just there. Same with putting black boxes over text in a PDF editor or something. It really does play with the definition of "bug" in that something could totally be following the spec, but it's not reasonable to expect people to know those details of the spec and factor that in when doing normal things like editing a picture on their phone.

Ok but that text message conversation at 5:42 is actually kind of hilarious ngl

best video since a time. those 2 rock together

Props to the editor for the diagram at 3:25

The banter from these two is gold.

11:35 The chunk headers in PNG contains the data size for that chunk. Each chunk is SIZE: 4 bytes, TYPE: 4 bytes DATA: (SIZE) bytes CHECKSUM: 4 bytes. So you'd just start at the beginning, check the first chunk, skip the data and the checksum, and you're now at chunk 2. Do the same for this and the remaining chunks. When you reach IEND, you can be sure it's the real one. Any data after this isn't part of the image.

Two of my favourite Computerphile presenters presenting together. Yay! 🎉 Thank you!

I suspect the switch of the crop/overwrite behaviour may have either come through accomodating SSDs or no longer worrying about accomodating HDDs. In the case of truncate and replace, either it was beneficial for HDDs because it made it more likely to find contiguous blocks (for read/write performance) and the code was deleted/changed to be simpler, or it resulted more blocks changing on SSDs and thus would wear down the drive faster and so was changed, but they forgot to truncate the data after the end. Another possibility, unrelated to SSDs is that the library handling the image and/or cropping did so by mapping the file into memory, and simply manipulating it in-place there, forgetting to shrink the mapping at the end of the crop. This would save memory because at any time the OS can drop unchanged parts of the file from memory for free if it needs memory, and write the changed parts back to the file at the end or if it needs that memory too. Also, on load thanks to IEND, it would never need to page-in the data after the end of the image because it's never accessed so the large output file would not cause ram usage to increase. I would still classify it as a bug, since the previous behaviour didn't result in extra large files and the change didn't replicate that.

This collaboration between the professors is fantastic, more please!!

I'd love to see more videos like this one where there are two experts discussing a topic in a conversational tone while presenting it to the camera. Probably depends on the people involved whether that kind of setup is going to work but at least in this case it worked great.

I love the play on words. One of my favorite films and a great piece here to educate us. I just did a few tests and made sure my file sizes dropped way down when I cropped with the software(s) I use with any regularity.

As to the question: "Is this really a bug?": When the programmers wrote the code, they wrote it with the intention that the output file would be truncated (as that was the default), but now the program doesn't follow their this intention any more (as the default has changed). I.e. while the program generates a valid PNG file, it does not generate the PNG file the programmers intended for it to generate. And therefore, we can classify this as a bug.

I love the smell of exploits in the morning

Two of my favourite, these are the collabs we need!

Nice to see you both again

Wow, i was just reading few days ago an article about this exact problem. You did such a great job on explaining in simple terms some of the more complicated details.

Fascinating video! Superb explanation and great editing, too.

Loved this tag-team combo. Do more!!! Also, brilliant editing by the video editor.

I love listening to Mike and Robert

Something similiar happened years ago, when a TV show host used a headshot from some artsy nudes, and the upload system didn't strip the EXIF data and people were able to extract the original image.

So, a lesser aspect of this bug is that your cropped images are all unnecessarily large?

On some phones, you can adjust the crop and even increase the portion shown after the fact.. In that sense it is a "feature", but then it should have to be damn guaranteed to not include any extra bits when you send the image! Also a side note, I do not know how many times people have told me that I am paranoid only to have the truth to be revealed years later. 😅 I think we need a word for that!

gotta miss this duo, best duo in computerphile

Actually I would like to have some EXIF data embedded into my photos on Facebook. For example the copyright notice and maybe keywords. Even my camera settings, because that helps other people take photos. It is a problem that Facebook decides to delete all that data without asking the creator. A lot of photos are shared and copied from Facebook and a copyright notice in the EXIF files could make it easier for other people to find the original creator and ask him for permission or even buy a license from him.

Superb video. Immensely entertaining and very knowledge-dense.

Sounds like a feature to me. A joy to see.

I don't know if whoever came up with “acropalypse” is aware, but that name is absolutely perfect because it's the first correct usage of the word “apocalypse” I've seen in years! The word “apocalypse” literally means “revelation,” it's only associated with catastrophic events because of the Bible where the revelation _coincides_ with the end of the world. But here, it's correct, because something previously hidden is actually being revealed!

The example editing is perfect

What goes round comes round. I remember this from some 30 years ago. The data on disk between files is often a remnant of previous files and potentially of interest - but normally totally meaningless without context. I implemented a file access program that could skip to part way through a file and then give a plausible guess as to how the data should be presented - those were fun times.

You would think the crop tool would rewrite the entire file rather then appending starting from the end of the metadata. Even ancient image editing tools like paint do a full file rewrite when you save.

when you see steve and mike in the thumbnail you know somethings rumbling

3:28 edition showing what is happening with file is a great adition, tks for that :)

These animations are amazing

"The default changed" And this is exactly why I am always explicit with my parameters when making certain types of function calls.

Very interesting. Makes me want to learn more about file formats.

Absolutely SMASHING breakdown. Well done. You know what else? In the 90's, I remember being concerned over the fact that data headers would merely "ignore" old data and NOT zero it out. Sure, it was "faster" back in the day, but obviously... it leads to HUGE issues. Null data should be overwritten at the end of each 'X' hour period. Or, some systems should zero-out unused bit space upon EVERY instance a file is saved. Again, yes, this is "slow". But obviously... the alternative consequences are far, far more detrimental. 🐲✨🐲✨🐲✨

Funny enough I've known about this bug for years, sometimes PNGs exported from photoshop will show masked data when used as a material map in 3ds max. It's distorted with blocks of colour and other artifacts in the "transparent" areas but enough to tell what was there. It's nice to finally have an answer for this bug. Cheers

I love the smell of non-re-encoded data in the morning.

That's so weird anyways. I didn't know any phones did that. For Samsung I know for example that it crops, makes an entirely new file called like "originalnamehereTEMP" to send that off through Share and loads of other phone just straight up save the full screenshot regardless and then you cropping it just makes another file.

I remember coming across this issue on Windows photo apps, Android photo apps, and iPad cloud based photo apps. It was nothing critical but the size of image file will either not change or blow up after cropping. It didn’t happen with all photo apps at any given time, but this has been going on for 10 years I think in some of the apps. Anyway, I usually check file size after cropping, after noticing this bug years ago, but only when I am sending it by email or backing up externally. Word to PDF exporter and some free PDF writer apps have a similar problem. In most cases, writing to a new file and deleting the original fixes the issue.

Funnily enough, when you mention the text document at 8:00, this is exactly how microsoft word worked (with I assume the same kind of end header) until 2003 when they realised what trouble having data you don't want inside a file could cause.

The Carmageddon 2 reference is very much appreciated

Love your channel

What a time to be alive

That thumbnail is a masterpiece

Name a more iconic duo

The bug reminds me of the old photoshop exif thumbnail problems in the early 2000s. That whole mess drove home how important crossing a file re-encode barrier is for anything requiring redactions.

Interesting topic and great job with the title ;)

Screenshot-> Crop -> Screenshot-> Send

You'd think, privacy issues aside, you'd want to truncate the file just to save file size, if you were going to upload or text the file. Though maybe that's why it only changed recently. Image files, even at full resolution are not considered large... at least for a phone's screenshot I guess. I think my phone still downsamples files taken by the camera before sending over text message...

The "text" files in MS Word format often have this same sort of issue. If you run the "strings" command on the file, you will see stuff that was not supposed to still be there.

Love the hair!!❤❤❤

This same cropping/redacting issue was happening in PDF files. When you redact a PDF file, the file is not actually modified permanently, and the redaction is "reversible"

11:48 - Sure, but the bug isn't that iend appears in the compression. The PNG file itself will contain the data necessary to detect how large the file *should* be, and if it's larger than it needs to be then you *should* be able to just truncate the file down to the proper size. Any data found *after* the proper iend shouldn't exist, so it can clearly be omitted from the file.

Love you sir❤❤❤

I might be losing my mind, but I swear a similar issue once existed (or maybe still exists?) with iOS-cropped images, but where it seemed to be done on purpose, perhaps with the original image appended wholly to the end of the cropped one, because you were able to go into the Photos app and uncrop images after-the-fact.

On the bright side, it's not that difficult to detect the presence of extra data past the end. No need for a deep understanding. Just parse it at a high level. Since each chunk specifies its size, you can skip that far, and then you should be at the next chunk (I'm simplifying slightly, but only very slightly). Repeat until you find the IEND chunk, and then see if its end is the end of the file.

This problem exists for all file types not just image files because of increasing file block sizes. The resolution to this problem is not only with the applications but also the operating systems. Specifically, the OS needs to perform secure deletes with blank data overwrites whenever possible - not just marking file blocks and clusters as available for use. MS Word and Excel files had this problem in the past which exposed data previous from file iterations decades ago. This has yet to be sufficiently resolved.

Mmh on Samsung phones you can actually revert cropping. I don't know if they do that through additional metadata (like, original image + stack of post-processing settings), or using a sepatate backup copy. But I thought that the bug was related to that, sharing the image with the "cropped info" instead (which I used to be scared by).

This type of problem was actually known very early in the png life cycle... I remember a method for appending file data to a png that would allow you to read it as a png, but also to read it as only the appended data (I can't remember the second file format, but it had some variable length header and looked for a flag to find the readable part, similar to how mp3 tagging works)

"maybe stand in the back and be a bit blurred" A+

Terrific. Have you considered doing a video on JPEG XL?

I remember about 20 years ago, I downloaded a cropped image from the internet. In Windows I set it to show thumbnails. When I looked at the thumbnail I noticed it was the original uncropped image

amazing!

That's not bug in PNG format to be designed to allow additional information at the end of the file. Many file formats allow that and it's often to allow future and/or proprietary extensions of the format. That's bug in the phone software leaving information that was never intended to be left there. Saving new data over the old file and not cropping the result to appropriate length is sign of programmer's incompetence. Wha't the most funny is, it doesn't even help anything with the phone's flash memory. Even in the best case it means worse wear of the flash memory than if the file was cropped.

7:36 very cleverly timed ad break

When the video starts and you see Steve and Mike sitting together, you know sh*t has happened.

I had a similar problem with image rotation. Many years ago i made an app that can cange background and some users had problems with rotated images. It took me a while to figure it out that windows doesn't rotate the image fiscally but only changes metadata. Don't remember the format (maybe jpeg)

Could Mike do a video about NISTs post quantum ciphers?

yeah i noticed this a few months ago. it’s why i always screenshot my screenshots and delete the first

Upvote if you paused and read the messages that got uncropped? Lol.

Would that be possible for videos too🤔 Like cropping videos to send on social media... because thinking about it, it's probably happing when it comes to cropping a video frame but the video itself would be something even scarier

How is it possible that this a new discovery, I’ve been dealing this “bug” for years because the iPhone X takes screenshots that are larger than discord’s file size limit and cropping them doesn’t do anything. There’s literally forums full of people asking why this is the case because it’s annoying, how did that somehow never make its way back to the people who make these systems if this is such a big problem??

It's hard to say it's a bug. Since the beginning this was often case of file systems. You delete file... in fact you only delete header of file (and even that not completely), data still sits on your disk and can be retrieved. Is it reasonable to assume, when you delete file, you actually don't delete it? I actually noticed similar behavior in word files. When I deleted half the file, I noted size didn't change... What happened, word was tracking all the changes in document within the file and only showing me "latest version after all changes applied". E.g. deleting half the file changed file with little memo at the end saying "this half is invisible now". I could go on and on... In a way it feels this "cropping" has been always happening everywhere, only we kind of ignore "what's behind the technology" :)

I particularly love exploits where the software works as intended, but the intended behaviour still leads to a bad outcome. The best example I can think of is using the visited pseudo-class to make visited or non-visited links transparent, and using mix-blend-mode to build a boolean truth table in CSS that results in 2^n letters being displayed on top of each other, with exactly one letter not being transparent. After rotation, translation, and overlay, this looks exactly like a captcha. The browser correctly blocks the malicious JS from probing the pixels of the captcha, which would leak whether each of the n websites are in your browsing history. But you don't need malicious JS, since when a human sees a captcha, the human solves the captcha, performing the attack for us. The JavaScript safeguards work properly, but if the human is tricked into copying a random-looking code into a text box, we don't care about finding a JS exploit or even if JS is entirely disabled. A bug-free browser can't prevent social engineering tricks like this, and it can't be fixed without breaking CSS/HTML5 compliance.

Saw them two in a same picture . Instant like.

Now I'm sort of glad that my phone only does the "save a new copy" as opposed to overwrite

guess we have a new winner of the "underhanded c contest"

new to me that the old extra data isn't lost on the save

I found something similar to be true on iPad/iPhone screen captured video when it’s cropped, even when you create a new file. The new cropped and trimmed video can be reverted back to its original size, at least on the same device. I’m not sure if it’s a copy it reverts back to, or if the cropping is simply done by markers over the full video. Does this new cropped and trimmed video file contain the uncropped data (not the trimmed ones) when it’s sent to another device over iMessage for example?

My general treatment of images I took on a phone is to import them into a computer for cropping, if I'm going to crop it at all. I can use the GIMP to take a section to the clipboard, open a new file with the contents of the clip and go from there. It's then up to me what I do with the original image-either leave it or delete it. Either way, my cropped image shouldn't contain any extraneous data outside the cropping area. However, I'm aware you don't always want to get back to a computer for that to do the "heavy lifting". It's just the way I've always edited images.

I remember years ago receiving images, censored images but the thumbnail was intact. I don't know which editing software the other person was using but it didn't bother to update the thumbnail data.

Instead of looking for duplicate iEND tags, one could just decode the image and see where the filestream is at after it thinks it's decoded everything. If the offset is less than EOF then there's more data in the PNG file to be looked at. It would take more time to do that for every png file, so only do it on files that actually have more than one iEND "tag" in them.

So the golden rule is always specify every parameter, even if the value happens to be the current default.

The irony. png is designed to reduced file sizes, such not to use unnecessary space, but you can add as much useless data to the end of the file making the file larger without using the data at all. (read the most waste of data you can have). Like if you want to compress data, step 1 should be remove the unused data. Then step 2 could be compressing the remaining data.

I noticed this some time ago personally just never paid it mind

Makes me wonder what else could be jammed in between those IEND footers and just be completely ignored by encoders and security tools...

This reminds me of the 2008 Underhanded C Contest

In an app I wrote a while back trying to learn Swift, I created this exact same type of bug! It kept breaking my app every now and again. I eventually worked out it was related to when a settings file was updated, but it was intermittent. Then one day it hit me that maybe I was just saving the bits of the updated file, and when the new file was smaller than the old file I'd have leftover data because I never flushed out the extra bits at the end of the file. When I reviewed the documentation I realized I called the wrong file save function. 😂🤷🏻‍♂

Wondering if phone makers are trying to keep the phones memory from wearing out (read writes?)