this post was submitted on 11 Nov 2023
491 points (79.0% liked)
memes
10334 readers
2251 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to [email protected]
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
Sister communities
- [email protected] : Star Trek memes, chat and shitposts
- [email protected] : Lemmy Shitposts, anything and everything goes.
- [email protected] : Linux themed memes
- [email protected] : for those who love comic stories.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
webp isn't fine, it has a ton of vulnerabilities because it's not a safe file format. It gets to do too much and it's insecure for that reason. That's why you can't upload your own webp but conversion to it is fine
The format is fine. The rate of bugs in image parsing code in general is alarming but that is true of just about all the formats.
Its a high compression image file, ffs. If someone sends you a 10 mb .webp file, that should be setting off alarm bells right off the bat. Even then, I have to ask what the hell your Windows Viewer app thinks it should be allowed to do with the file shy of rendering it into pixels on the screen.
I mean, it sounds like you're saying, "I don't know how it can be dangerous, therefore it's not dangerous."
All I'm hearing is that "its not safe" without further details. And given the utility relative to .jpeg, I'd like more on the table than just "Don't do it! Unsafe!"
I agree the claim requires more evidence and it would be foolish to just take it at face value, but even if my intuition told me it was intrinsically safe I wouldn't place any degree of trust in my own logical conclusions, or discount someone else's warnings, however spurious.
The burden of proof should never be on the accuser when it comes to safety, in my opinion, or anything else of public concern. And the standard of proof should be higher to show that everything's ok than to show that it's not. At least in an ideal world.
Okay, but then why use .jpeg?
How does the .webp protocol demonstrate itself at least as safe as any other standard format? There's no established safety standard for image protocols that I'm aware of.