Your Image Processing System is How Hackers Will Attack Your Company.
Almost every website on the web does some sort of image processing – either someone uploads images to your site, you grab them from social media accounts, or your customers send them to you. To process these images most websites just creates their own simple image processing micro-service that will scale/rotate/massage these images in some way. Every site is vulnerable to attack because of this.
Image processing libraries have been around for a long time. They allow us to handle all sorts of image types, from old school .bmps, to .tiffs, to modern formats like .heif. These were built and shared out of a common need. Unfortunately, these libraries need security updates – sometimes they get them, sometimes they don't. If you take a moment to look at a CVE database you will find ALL kinds of critical vulnerabilities from zero-day code execution, to DoS, to plain old private data leaking.
Many system maintainers work diligently to keep your computers safe from these kinds of vulnerabilities. In fact, just recently, Ubuntu just issued a patch the libTiff as recently as March 12th, 2019, in which processing a malicious tiff could lead to, "A remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges."
Here are some examples: (for only 3 standard libraries). Now multiply that times ALL the libraries your image processing uses.
These are the big 3 file types only and doesn't include the myriad of other common filetypes such as PDF, or vector handling libraries.
That's not really something I would want to happen in my automated processing systems. Have you updated all your systems with this new patch? You get my point.
As a long time developer, I also know the 'standard operating procedure' for image processing on custom-built apps:
- Get it working
- Never touch it again
Image processing, once it is working for your app, you simply forget about it. If it's working, why mess with it? Maybe you will automate the OS level security patches, but that's about all the maintenance that goes into it once it's built. Are you watching your image libraries?
Using Blitline to increase your security
That’s where third-party image processors come in. You can simply abstract yourself away from these security headaches.
Blitline, for example, provides all you need when it comes to processing images. Blitline allows you to manipulate images, as well as rasterize non-web-native formats such as PDFs, Office Documents, SVGs, and many 3rd party output file-types. Blitline also offers many additional services related to images, such as object recognition, face recognition, smart cropping, AI background removal, locating similar images on the web, image deduping, and website screenshots, all through a single simple API.
Blitline has been building secure image processing for years. Not only can you sleep well at night and not worry about image security problems, but you will probably save money in the process. We believe we can provide you image processing for cheaper than you can do it yourself, with the added advantage of automatic security, extended functionality (like rasterizing vector or Adobe files), and high availability.