Windows Screenshot Tools may also leak cropped image content
Microsoft's Windows operating system includes screen capturing tools, which users may use to take screenshots and do light image editing. While not as sophisticated as other screenshot tools, it is the daily helper app of millions of Windows users when it comes to capturing screen content.
David Buchanan, one of the researchers who discovered a screenshot-related privacy issue on Google Pixel devices, now discovered that the screenshot tools on Windows are also affected by a similar issue.
Buchanan discovered that cropped or redacted Google Pixel screenshots might contain the original unredacted or uncropped image. The restored originals could reveal private information, such as addresses, credit card numbers or other details that users would not want to be availably publicly.
The Windows screenshot tools issue
The Windows screenshot tools are affected by the same underlying issue, but it requires an additional step, which reduces its impact.
According to the researcher, the following steps are required:
- Capture a screenshot on Windows using the default screen capturing tool of the operating system.
- Save the screenshot.
- Crop it.
- Save it again to the same filename.
If those steps are followed, the contents of the original image may be recovered using a similar technique as the Google Pixel screenshot recovery technique.
The Windows Snipping Tool and Snip & Sketch are affected by the issue. Windows users can do a quick test to verify that screenshots are affected on their systems: compare the file size of the original screenshot saved to disk with the file size of its cropped version. Even if the cropped screenshot is much smaller than the original, it should have the same size on disk; this indicates that the original image data is still stored in the file and that it may be recovered.
Bleeping Computer provides a bit of technical background on the issue. According to the site, Microsoft's screenshot tools do not truncate PNG images correctly. PNG is the default file format that the screenshot tools use on Windows when images are saved.
Closing Words
Windows users who have used the default screen capturing tools in the past may be affected by the issue. Whether that is a problem or not depends on the individual case. Screenshots may contain all sorts of information that their creators may not want to become public knowledge. Cropping images is one of the options to remove information from screenshots, and this could lead to the issue.
There is little that affected users may do, especially if affected images were uploaded to the Internet or shared. Some may have control over the uploads or shares, and may delete them.
Now You: what is your take on this?
I am now quite worried about Snapseed, a popular minimalist photo-editing app for Android and iOS, and developed by no less than Google itself.
Snapseed can both Save AND Export the cropped picture, but how would we know what is passing with it??
PS. I have always wondered why Snapseed have been missing a blurring/mosaic-ing function when a cropping is too restricting when all it can is cut out a rectangular piece, while blur/mosaic makes it possible to select just some parts in the picture that would be too embarrassing or what not to put out in public, does anyone know an could recommend an app that can do it?
so it’s safe if saved as jpg?