Featured Image for How the complete works of Shakespeare were able to fit in this tiny pic
Tech

How the complete works of Shakespeare were able to fit in this tiny pic

What’s in a picture? Well, for security researcher David Buchanan, it’s the entire works of Shakespeare.

On Tuesday, Buchanan tweeted a tiny image of Shakespeare with the words UNZIP ME written on it. Turns out, he managed to supersede the 280-word limit by finding a way to store an entire ZIP file containing all of Shakespeare’s words within the image.

Buchanan discovered that although Twitter strips most metadata from images, he was able to upload an image as a polyglot file – meaning that it is written in multiple programming languages, allowing it to be valid as a .jpg, .rar, or .zip archive.

Buchanan then decided to write his own script (not the Romeo and Juliet kind), which allowed him to insert a “big blob of ICC metadata,” he said in a Twitter DM. Turns out this type of metadata can be up to 16MB in size.

“I was just testing to see how much raw data I could cram into a tweet and then a while later I had the idea to embed a ZIP file,” Buchanan added.

Twitter users went on to confirm that the experiment worked, and that by following Buchanan’s instructions on how to pull data from the file (see below), you do indeed end up with the bard’s complete works on your tech device.

This discovery opens up a world of possibilities for file sharing via Twitter, but of course with the good comes the bad. If files can contain over 884,000 words written by one of history’s greatest writers, then they can also contain malicious software, or malware.

Buchanan said that although this has already been possible through the use of other steganography techniques (steganography is the official term for embedding secret messages within ordinary messages), this new method “allows you to pack in way more data.”

He reported the technique to Twitter, but they weren’t particularly bothered by it. Let’s hope that the fiddly and lengthy process required to pull this off will deter those with nefarious intentions.

Leave a comment