Comment by lern_too_spel
3 hours ago
> Nothing will save you here except switching off showing pictures
Or having a trustable image decoder, which is what web browsers actually do. This is a basic requirement that you are proposing to do away with by instead not showing images at all.
> trustable image decoder
This may never exist, since all software have bugs. Instead, you can isolate opening your pictures into a different VM, keeping this VM safe.
> what web browsers actually do
Haven't we seen related vulnerabilities?