Google’s latest privacy leak lets people undo redactions and crops in shared screenshots. The worst part is that this kind of thing is far from new.
Mr. Robot is worthless
If you’ve ever sent someone a cropped or redacted image from your Google Pixel phone, they may be able to uncrop and unsend that image, and see whatever you were trying to hide. Google just patched the vulnerability , but that won’t help protect the millions of images already out there. It’s a privacy nightmare, and it will likely happen again.
"While it is concerning that a glitch in the Google Pixel redaction tool allowed users to undo screenshot edits and redactions, it is important not to dismiss all redaction tools based on this isolated incident," attorney Min Hwan Ahn told Lifewire via email. "Redaction tools can be reliable, but like all software, they are susceptible to bugs and vulnerabilities. [By] taking precautions and staying informed about potential vulnerabilities in the digital landscape, you can significantly reduce the risks associated with using redaction tools or other privacy-sensitive software applications."
The exploit, called acropalypse, takes advantage of a flaw in the Pixel’s built-in Markup tool. When you crop, redact, and send an image, you’re essentially sending the original instead of a flattened copy. This means that anyone with the know-how can eventually see what you’re trying to hide.