Webp Virus, fears, nightmares, suggestions, or exodus from the internet?

[D.Draker]

18 hours ago, dmiranda said:

Well, time for those sites to change their practices, period. I ceased to use flash, webgl almost decades ago. I don't think I missed anything of importance. As any M.D (even more if s/he has a PhD) would say: if drinking wine makes you ill, don't drink it.

PS: but if you have to, the suggested ublock fix allows you to satisfy your thirst, anyway. Just allow the glass to reach your lips temporarily or permanently. Hic!

 

I don't know what's all this talk about doctors, the fix doesn't prevent webp from getting into your system, at least for me. You may check it yourself.

Go here, don't worry, it's a legit site.

https://www.greenmatters.com/news/super-natural-disney-plus

Then right click on the picture with ‘Super/Natural’ Animals (Exclusive). The name is super-natural-disney-plus-1663705823978.webp.

It saves the pic in WEBP format. Still don't believe? Look at the screenshot below.

 

 

 

 

[D.Draker]

That said, I don't know if the served format depends on the browser/user agent used, I'm on a laptop with Chrome 109 (with the official webp fix) at the moment, if anyone wonders.

[Sampei.Nihira]

Edited December 6, 2023 by Sampei.Nihira

[D.Draker]

3 hours ago, Sampei.Nihira said:

No, I'm talking about the first picture, the one that has ‘Super/Natural’ text in it, this screenshot shows the second one, you need to right click on it, choose save, it will save as WEBP.

[Sampei.Nihira]

Also the one in my screen is saved in webp (but this has nothing to do with it...do a test) but the website is in jpeg, so there is no vulnerability because the browser does not interest LibWebp.
The patch has been applied to LibWebp.

 

P.S.

You can see the fundamental difference:

Edited December 6, 2023 by Sampei.Nihira

[D.Draker]

3 hours ago, Sampei.Nihira said:

Also the one in my screen is saved in webp (but this has nothing to do with it...do a test) but the website is in jpeg, so there is no vulnerability because the browser does not interest LibWebp.
The patch has been applied to LibWebp.

 

P.S.

You can see the fundamental difference:

I'm sorry to repeat myself again, it's not the picture I was talking about.

Here's the one, in webp format, it says it's jpeg, when if fact it is NOT, I don't know how else to explain it to you, ask the website supervisor to check it then!

It only pretends to be jpeg, it's NOT jpeg, it's WEBP, are you familiar with WinHex, open the file in it, you will see it's WEBP, (link to my screenshot)

here the link to the picture with FAKE jpeg, click on it to save, you will get WEBP (not jpeg!)

https://media.greenmatters.com/brand-img/A9FOjrk4U/2160x1130/super-natural-disney-plus-1663705823978.jpeg?position=top

 

[Dixel]

On 12/4/2023 at 8:20 AM, Sampei.Nihira said:

||*.webp^$script,document,important

As you well know the parameter "important" prevents any exception, if for you it is too restrictive can be eliminated.

 

So, it's not a fix at all, I'd say it's even more dangerous than without it. (feeling of fake safety)

If I considered that to be a fix. I'd placed it on the first page of this topic, right after I created it.

[Dixel]

More detailed explanations:

Basically, every website can fool that "fix" into the wrong thinking by simply changing the extension of WebP to jpeg or something else (mp4, for example).

Besides, plenty of websites use extension-less WebP,  when WebP is there, but without extension or with any other extension to mask the real evil, that's what @D.Draker tries to explain to you.

[Sampei.Nihira]

But what does downloading an image with a webp extension (extension that can be changed) have to do with HD/SSD?

The vulnerability, discovered by researchers from Apple Security Engineering and Architecture (SEAR) and the Citizen Lab of the University of Toronto, is present in the libwebp library that allows the rendering (visualization) of webp images. The buffer overflow in the memory area called heap is caused when the user opens an ad hoc created webp image. An attacker can then access the computer and execute infected code.

 

 

Edited December 6, 2023 by Sampei.Nihira

[Dixel]

3 hours ago, Sampei.Nihira said:

But what does downloading an image with a webp extension (extension that can be changed) have to do with HD/SSD?

The vulnerability, discovered by researchers from Apple Security Engineering and Architecture (SEAR) and the Citizen Lab of the University of Toronto, is present in the libwebp library that allows the rendering (visualization) of webp images. The buffer overflow in the memory area called heap is caused when the user opens an ad hoc created webp image. An attacker can then access the computer and execute infected code.

 

 

You don't even have to download it, it's already in the page (but with another extension). D.Draker suggested you to download it to see it's WebP, not jpeg, like it announces itself!

Please enough with the screaming in CAPSLOCK and the red arrows, we are here for a dialogue, please respect the others. It's inappropriate behaviour, it's against the rules.

[Dixel]

3 hours ago, Sampei.Nihira said:

The vulnerability

 

 

You set the uBlock rules to filter out files with the WebP extension, but they still go right through it because the fake extension is jpeg, but it's not jpeg, it's WebP, now you understand?

[Sampei.Nihira]

Do what you want.
Do you consider yourself vulnerable?
Too bad for you.

I had in mind to advise the members of the forum at least 2 solutions to increase the security of the browser.
But I don’t think about your complaints.
 

Period.

[Dixel]

4 hours ago, Sampei.Nihira said:

Do what you want.
Do you consider yourself vulnerable?
Too bad for you.
But I don’t think about your complaints.
 

Period.

I'll make sure to follow the advice.

No, I don't.

Why?

I don't complain, I make scientifically proven observations, which is expected on a forum like this.

 

Period.

[dmiranda]

13 hours ago, D.Draker said:

I don't know what's all this talk about doctors, the fix doesn't prevent webp from getting into your system, at least for me. You may check it yourself.

I've got plenty of webp files in my system. That's not the issue. I also got lots of flash, doc(x), html, and what have you type of files (millions!), all of them (files of that type, that is) at one time or another making non-savy surfers suffer some sort of issue, masked under some other extension, blah blah blah. But I thought we weren't talking anymore. I'm so glad you (guys) decided to break the ice.  

[dmiranda]

8 hours ago, Dixel said:

I make scientifically proven observations

Which ones were those? I may have miss'em.

Look: webp is an issue, and there are a million monkeys working 'round the clock to get into the systems of persons of import (the CitizenLab tries to deal with that sort of stuff). Bottom line, though, unless a state-sponsored team directly targets you, it is carelessness and curiosity that kills the cat. Go on looking for sites with webp images, download or watch stuff from shaddy sites, use software that has not been vetted by people of real, practical (not youtube) knowledge, and you'll get scientific proof that they're out to get you. I know you need your fix, and that you need it now. In the meanwhile... well, you get the picture.  

Edited December 7, 2023 by dmiranda