As you can see from my screenshot, extensive security checks are indeed turned off, and they always have been. I don't know what you're talking about with "make sure that the call to checkImageContents() respects the $modSetting entry for extensive checks" - if extensive checks are disabled, this seems irrelevant. Maybe you can tell me how to gut the "security checks" code? I'm pretty annoyed, and I don't care if it prevents some hypothetical attack. Making the forum unusable is unacceptable, and it has to go, as quickly as possible.