Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Photo That Can Steal Your Online Credentials?

Posted by ScuttleMonkey on from the free-fear-mongering dept.

TedSamsonIW writes "InfoWorld reports on a new potential ploy for stealing Web user's private information: Researcher has found that by placing a new type of hybrid file on Web sites that let users upload their own images, they can circumvent security systems and take over Web surfers' accounts. 'They call this type of file a GIFAR, a contraction of GIF (graphics interchange format) and JAR (Java Archive), the two file-types that are mixed. At Black Hat, researchers will show attendees how to create the GIFAR while omitting a few key details to prevent it from being used immediately in any widespread attack.'"

16 of 235 comments (clear)

  1. I can haz ur eebay de-tails? by Channard · · Score: 5, Funny

    Just imagine - something as innocent as lolcats could be a potential minefield. God only knows what goatse would do.

    1. Re:I can haz ur eebay de-tails? by Anonymous Coward · · Score: 4, Funny

      4chan is fucked, /b/ is going to spend all day trying to hack eachother.

    2. Re:I can haz ur eebay de-tails? by Anonymous Coward · · Score: 1, Funny

      What's this "between faps" time you speak of?
      No, this will allow them to add hacking eachother to their fapping, doubling their troll productivity.

    3. Re:I can haz ur eebay de-tails? by odiroot · · Score: 4, Funny

      You broke rules 1 & 2.

    4. Re:I can haz ur eebay de-tails? by Anonymous Coward · · Score: 1, Funny

      Fuck you, fuck your rules, fuck /b/, fuck 4chan, and fuck all the losers that are too pathetic to see how goddamn useless that place is.

    5. Re:I can haz ur eebay de-tails? by The+Ultimate+Fartkno · · Score: 4, Funny

      God only knows what goatse would do.

      Talk about a gaping security hole...

    6. Re:I can haz ur eebay de-tails? by sexconker · · Score: 2, Funny

      Big fat java loading icon might tip some people off.

  2. Re:GIFAR by Anonymous Coward · · Score: 1, Funny

    I'll pirate your account with my Gif-Yarr!

  3. At last, after all my years of searching... by Paradigm_Complex · · Score: 5, Funny

    I warned you all! I've known for years the bad guy from Aladdin would eventually tire of stealing stuff from mysterious caves and start breaking into computers!

    --
    "A witty saying proves nothing." - Voltaire
    1. Re:At last, after all my years of searching... by An+ominous+Cow+art · · Score: 4, Funny

      I'll be disappointed if the command to begin the attack isn't:

      GIFAR, kree!

    2. Re:At last, after all my years of searching... by Anonymous Coward · · Score: 1, Funny

      If I had a parrot that sounded like gilbert gottfried, I'd probably be as bitter and sociopathic as GIFAR.

  4. please... by pohl · · Score: 4, Funny

    ...won't someone think of the PORN!?

    --

    The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...

  5. Oh no by fortyonejb · · Score: 4, Funny

    As if tub girl wasn't insidious enough... Now she's going to steal my accounts?

  6. Advert on hacker message board by hivebrain · · Score: 2, Funny

    "Upgrade to a hybrid today and get 20% more mileage on your phishing messages"

  7. Linux by Darkness404 · · Score: 5, Funny

    Well, this proves it again, by making Java so hard to install, Linux avoided yet another threat.

    --
    Taxation is legalized theft, no more, no less.
  8. Re:GIFAR by Anonymous Coward · · Score: 1, Funny

    Jafar?

    No... Jew?