CVE-2023-21036 / acropalypse is absolutely bonkers.
Apparently for 5+ years the cropping / editing tools for screenshots on Google Pixel phones was only overwriting the start of the screenshot PNG file, but not truncating.
All screenshots shared for the past 5+ years might have data recoverable from them. Demo available at https://acropalypse.app/
Google still hasn't communicated anything on this.
(h/t ItsSimonTime on Musk's site)
@delroth Wow... that's incredible level of bad.
I'm now sitting here wondering if it's really Pixel specific or not... and if other screenshot solutions suffer from a similar problem, or Google did something very silly...
At least it seems like it has been fixed in the 2023 March update.... for future screenshots (presumably)...
@simonlbn "future" indeed, since the 2023 March update isn't available publicly for Pixel 6 / 6 Pro at this point.
Yes, despite the fact that Project Zero dropped 5 remotely exploitable vulns for those devices yesterday.
@flameeyes @simonlbn at least your data mostly gets leaked to various companies and gov orgs in China, not your stalkers and random people online :-)
(But really, having worked on projects close to Android security in the past - Huawei devices have had some absolutely bonkers backdoors.)
Pierre Bourdon
S Nielsen
Diego Elio Pettenò