A newly discovered vulnerability could reveal previously redacted screenshot details if the changes were made using a Pixel device.
A new vulnerability has been uncovered by researchers Simon Aarons and David Buchanan that allows previously redacted details to be reclaimed when the screenshots are taken and changes are made using the markup editing tool on Google Pixel devices. Although the issue was fixed in the latest March security patch, the issue persists in all the images and screenshots shared in the years leading up to this patch.
To demonstrate how this vulnerability works, Aarons created a website with a tool that you can use to test the issue. You simply feed it an edited PNG screenshot modified with Pixel’s markup tool and it will attempt to recover any additional data found in the image. What can be recovered varies, but this can range from removing obscured detail to providing more image content by restoring clipped portions.
As far as this has ever happened, it seems that some changes were made in Android 10 that resulted in the original data of edited images still remaining in the file. Because of this, this vulnerability can still scrape images to reveal things that were previously hidden or removed. This is of course a very basic explanation, but if you want to dive deep into the details of how it works, you can visit Buchanon’s website.
Of course, there is still the matter with all the affected images that have been broadcast over the last few years. For most there will really be no way to easily find and remove these files once they have been published on the internet. While Buchanon does mention a script he created for himself that would find these types of images on Discord, he hasn’t released the tool to the public. As a Pixel user, if you’ve updated to the latest security update, you’ve pretty much done all you can do. Unfortunately, if you’ve ever sent images out into the world with sensitive information blacked out, there’s still a high chance those images can leak their data, so be vigilant.
Source: Simon Aarons (twitter) David Buchanon (twitter)