It seems to be a general thing with "cropping" tools. I had the task of turning some Word documents of books into PDFs. The files turned out to be much bigger than expected, largely because the supposedly cropped images weren't. In one case several different faces had been "cropped" out of a larger image. The entire image was embedded several times. I think there must be a misconception amongst devs that "crop" really means "frame" as that's what seems to be happening. Fortunately Gwenview did a proper cropping job for me (other FOSS image editing tools are available).
Microsoft scrambles to fix Windows 11 'aCropalypse' privacy-battering bug
Microsoft is said to be preparing to fix the high-profile "aCropalypse" privacy bug in its Snipping Tool for Windows 11. Users can remove sensitive information or some other parts of photos, screenshots, and other images by cropping them using the Snipping Tool app. The problem is that for the Windows 11 app – as well as …
COMMENTS
-
-
-
Saturday 25th March 2023 12:02 GMT that one in the corner
> thus foot gunning all the clients.
WRT the Android bug, I've been a bit weirded out that (so far) everyone I've seen discussing it is *only* talking about how that can affect images, when it can clearly affect *any* data where the new data is shorter than the old. Just as long as there is an EOF mark or "chunk size" field which tells the normal file loader/parser/displayer to stop. Even down to plain text, if the EOF character(s) are being correctly honoured.
-
-
Saturday 25th March 2023 11:49 GMT that one in the corner
Why expect the PDF converter to do more than Word did?
> I think there must be a misconception amongst devs that "crop" really means "frame"
Programs like Word will clearly only set a view onto any image that you drop into a document, keeping the entirety of the original image within the document. Otherwise, you would not be able to go back into the document and still be able to change your mind about how to present the image in document (e.g. decide you want to alter the crop to match some change in the text).
When converting the document to a PDF, the simplest (as in, least likely to go wrong) option is just to do the dame as Word: set up a view onto the original data. And not attempt to scan the document to see if it contains multiple copies of the same image and try to perform any extra optimisations that Word hasn't bothered to do.
Unless there an explicit claim somewhere within the documentation (or sales blurb) that the PDF converter is going to space-optimise the result (as some products do) then the PDF converter has done exactly what it promised to do, no more and no less.
-
Sunday 26th March 2023 23:00 GMT Sorry that handle is already taken.
It should be reasonable to expect that your edits get "solidified" when you save or print to PDF and the hidden parts of images do get deleted...
I recall that an Australian police unit once made this same mistake in a terrible way by embedding cropped images of child abuse material in reports that they had produced: https://www.theregister.com/2004/11/26/oz_police_abuse_pics_mistake/
-
-
-
Saturday 25th March 2023 06:56 GMT Anonymous Coward
Re: I don't mean to sound snippy, but...
I can't vouch for Windows, but the screenshot tools on Mint & MX Linux did it properly for me.
The only sensible approach is to always save explicitly to a new file when cropping.
Mind you this sort of idiocy makes me wonder if even that is guaranteed to work in the long run.
-
-
Friday 24th March 2023 23:15 GMT John Brown (no body)
It beggers belief...
It beggars belief that devs could get something as simple as image cropping so badly wrong. What the fuck were they thinking? Did not ONE of them notice the file sizes not changing or not reducing enough?
It's bad enough when users embed huge images into Word documents and then scale them using Word and the entire huge image is still there instead of being actually scaled to the size the user chose. But this is a whole other level of shitty programming!
I'm left speechless!
-
Saturday 25th March 2023 09:26 GMT sgp
Re: It beggers belief...
In Word (and PowerPoint) you are supposed to use the compress pictures tool to remove cropped parts and size them down. I actually find this useful in a text editor because it allows you to revert the crop or resize the images before finalizing the document. You can always use an image editor of course.
With respect to the first part of your comment, 100% agree.
-
Saturday 25th March 2023 11:36 GMT John Brown (no body)
Re: It beggers belief...
I can see why it's not finalised during the editing stage, I can also sort of see why it may not be finalised just because you save it since you may not actually be finished editing it, so maybe it needs to be made clearer to the users when and how to use the "compress image" tools. Maybe Yet Another Pop-Up(tm) reminding the user every time they same?
Ta for the info :-)
-
Saturday 25th March 2023 19:10 GMT Doctor Syntax
Re: It beggers belief...
The problem here is not with what's done and why. It's with the term "crop". If that's what's offered to the user then it's reasonable to expect the user to think that that's what will happen. What's actually happening would be better described as "frame".
LibreOffice Writer acts in the same way and the compress option only affects the image's resolution, not its boundaries.
-
-
Saturday 25th March 2023 10:57 GMT Anonymous Coward
Re: Win11 TPM and Secure boot, makes zero difference to poorly written signed code.
This is a great example of how poorly written, signed Microsoft code, creates significant data security issues (and complacency), where TPM and Secure Boot won't save you. Reliance on TPM and Secure Boot make zero difference, in these cases, if the code is signed and poorly written, you're f'ck'ed.
Poorly written (clearly) untested code in terms of quality assurance, seems to be the staple diet of Microsoft's programming teams, it's now all about 'throwing jelly out the door' and see what sticks.
Anyone with half a brain can see where Nadella/Panay are taking the Windows product line, and it's not anywhere good.
The main question, for those that roll out this MS shite day in, day out, is how - as an order of magnitude better, does the Linux desktop have to be, before finally we all say enough is enough, and ditch Windows for good.
Linux Desktop is good enough to do the drudge. Its biggest problem (that isn't a problem of the product in itself), is it doesn't have the marketing power of Windows, that is its only problem in all of this.
The key probably lies with Nvidia. If Nvidia were to get behind Linux fully, in terms of its drivers, and become the graphics card of choice for Linux, open and friendly, Windows could start to have a real battle on their hands, in terms of those jumping ship.
-
-
Saturday 25th March 2023 00:07 GMT aerogems
I wonder
Given Google had an almost identical issue with Android, and how common it is for employees to move between the likes of Microsoft, Google, Apple, and Amazon... if maybe a single person was responsible for this. The code all seems to take the exact same shortcut, just stuffing an end code in the middle of the file and not actually trimming off the rest, which sounds like it might be the "handiwork" of a single person.
-
-
-
Monday 27th March 2023 00:45 GMT Jou (Mxyzptlk)
Re: I always use paint.
I only the the prt-scr way when I have to. Two reasons:
1. Homeoffice is 1920x1080 Laptop + 3840x2160 indecent large 4k screen (zoom set to 100%).
2. Work office is 1920x1080 Laptop + 2*2560x1440 27" screens (zoom set to 100%)
Hitting prt-scr gives me either 3840x3240 or 7040x1440, not so good to handle in paint for pre-crop - you have to use the zoom 50% or 25% else you can't. On top I have so much desktop space I rarely use any window in full screen or in the "ordered corners", so a full screen screens-shot would be useless anyway. And I need way too many windows open, ordered + cascaded around.
-
Monday 27th March 2023 04:36 GMT Sorry that handle is already taken.
Re: I always use paint.
Fair enough! You might already be aware of this, but Alt+PrtScr takes a screenshot of the active window only. This is the mode I use the vast majority of the time (and what IME most people who use the snipping would be better off doing anyway). It obviously doesn't help if you want a shot of more than one of your open windows, though.
-
Monday 27th March 2023 14:50 GMT Jou (Mxyzptlk)
Re: I always use paint.
I know and use that at home more than at work. At work: Most of the time no.
It does not work as expected if you have windowed RDP session, and quite often, due to security separation reasons, several nested RDP-Citrix-RDP sessions.
Or try a alt+prt-scr on a vmware web console when you want only the VM, and not the rest.
Or even worse: Try capturing something that acts on "alt", like a context menu or something similar going away wen pressing alt.
Yes, all that sh* is real life experience. Shows my age, my first own computer was a C16.
-
-
-
-
-
Saturday 25th March 2023 11:26 GMT AndrueC
What's wrong with loading the image into Paint, select an area then copying and pasting it? That's all we had in my day :)
Although MS have managed to bugger up Paint as well on Win 11. They've failed to implement accelerator keys (what happened to accessibility rules, eh?) and it has other daft quirks that make it less pleasant.
I use Paint quite a lot. Am an artist? Nope. Programmer. I use Paint because it has proved the quickest and easiest way to grab a screen shot of a Visual Studio window so if I want to keep some information for review I launch it, [Alt][Prt Scr] then paste into Paint. It's kinda sad that there isn't a better way built into VS but then VS never was very user friendly. Powerful, yes. But in terms of usability pretty shite really.
Still it does you good to laugh and MS sure is a great source of humour. If you can get past the irritation.
-
Saturday 25th March 2023 18:21 GMT Rich 2
WTF????
“the file of the cropped image still includes the cropped out portions”
I’m trying to comprehend how brain-dead moronic you need to be to code something like this. I’m struggling
Unless this behaviour was the spec given to the softie, in which case I’m struggling to comprehend how brain-dead moronic you need to be to spec this
-
-
-
Sunday 26th March 2023 02:50 GMT Gene Cash
Re: See also Metadata
Because it's part of using a camera?
But then I guess they just go "it's magic!!" when Photoshop displays the aperture, time, flash mode, etc on an image.
I'm getting real tired of "oh the computer just knows!" from people that are actually rather smart and should know better if they spent 1/10th of a second on it.
Edit: and it's had real world consequences when someone advertises something expensive for sale and people get the location from the image to steal it. Or people finding a scammer and coming to beat him up.
-
-
Sunday 26th March 2023 23:51 GMT captain veg
Re: See also Metadata
I don't use social media sites, but I'm sometimes asked by people who do to explain why what they posted is not what their friends see. And it's always because the site doesn't merely insert the uploaded media files verbatim, but "optimises" them by stripping out metadata and resizing/resampling images.
Quite often this means that the images are displayed portrait instead of landscape or vice versa. Which is annoying. To the poster.
-A.
-
-
Sunday 26th March 2023 17:56 GMT Ideasource
User negligence
If you don't vet the behavior go to software tools you use, you are the equivalent of someone who buys a car on Craigslist without checking the mechanics that then proceeds to try and drive it from California to New York.
"I don't know why I got stranded in the middle of nowhere I close my eyes and made sure not to look at anything.
-
Sunday 26th March 2023 23:05 GMT Jellied Eel
Re: User negligence
If you don't vet the behavior go to software tools you use, you are the equivalent of someone who buys a car on Craigslist without checking the mechanics that then proceeds to try and drive it from California to New York.
Most apps (or even operating systems) don't really let you peek under the hood. So how would you check, other than maybe looking at the file size? Sometimes systems are too smart for their own good. I saw another strange MS feature this morning. I have a desk clock that was still showing GMT/UTC. Windows fired up and told me the time was GMT+2. Clock settings were set to London, auto DST on, and for whatever reason it decided to tack on another hour.
-
Sunday 26th March 2023 23:51 GMT captain veg
Re: User negligence
I know not this "Craigslist", but car manufacturers and their lackeys in the media have been feeding us for years the idea that "modern" motors just work. And, to be fair, mostly they do.
Since you mention California and New York, the often cited "reason" for American cars to have massively over-capacity and under-efficient engines was always for reliability. Surely you are not suggesting that it isn't so?
-A.
-