will_shake

Advice please.

Is the Exif data, especially location, visible when I attach a phone photo to my posts? Can metadata be extracted by a cunning hacker?

Does Mastodon do anything to strip the data or make it invisible to prying eyes?

If not, suggestions for how I can preserve privacy please.

#photos #pictures #photography #geolocation #mastodon

Nov 26, 2022 at 10:02amWeb
Show threadGWNov 26, 2022
@will_shake Most likely your phone is sharing location in pics, usually you can choose in your phone settings to share location or not for photos. There are apps that can remove this sort of data on a computer as well.
Show threadwill_shakeNov 26, 2022

@GW true, I only recently turned location on as I'm going to start using it to sort my photos.

I can strip the data on my phone, export it to a different folder and use it, but it's a barrier to easy posting of pictures.

Show threadGWNov 26, 2022
@will_shake there may be an app for that....
Show threadfedops 💙💛Nov 26, 2022
@GW @will_shake I'd recommend imageipe which does exactly that.
Show threadwill_shakeNov 26, 2022
@fedops @GW my instance admin says mastodon software strips out Exif and resizes photos automatically.
Show threadfedops 💙💛Nov 26, 2022
@will_shake that's nice, but I think it's generally good opsec to strip any sort of metadata you don't want to give up control over.
@GW
Show threadwill_shakeNov 26, 2022
@fedops @GW true
Show threadricardo Nov 26, 2022

@will_shake not sure if it depends on the instance, but it seems to remove exif metadata if you edit/resize the picture at the very least.

For those interested, here's two great #FOSS tools to remove exif metadata:

👉 Scrambled Exif
 https://play.google.com/store/apps/details?id=com.jarsilio.android.scrambledeggsif&hl=en&gl=US
 https://f-droid.org/packages/com.jarsilio.android.scrambledeggsif/

👉 Metadata Cleaner
 https://metadatacleaner.romainvigier.fr

Scrambled Exif - Apps on Google Play

Remove the metadata from your pictures before sharing them

Show threadwill_shakeNov 26, 2022
@governa I'll try the resizing
Show threadwill_shakeNov 26, 2022
@governa I've heard from our instance admins. #mastodon software strips out data.
#EXIF
Show threadricardo Nov 26, 2022
@will_shake superb, thanks for the update 👍 
Show threadDavid HerzogNov 26, 2022

@will_shake If you are worried about your privacy: Each sensor(camera) has its own fingerprint. To get this fingerprint, a sufficient number of different images is required. I did some basic research on this subject. It took about 20 images from one camera to calculate recognizable PRNU noise pattern from daily life images. There are crop/translation and rotation invariant pattern matching algorithms to identify that sensors. https://en.wikipedia.org/wiki/Photo_response_non-uniformity

#photos #pictures #photography #privacy #prnu

Photo response non-uniformity - Wikipedia

Show threadwill_shakeNov 26, 2022

@DavidH interesting - could be useful for people to know it's 'me' who took the picture. Could it be used to validate ownership or online identity with the phone?

It bothers me less than broadcasting when and where I'm located.

Show threadDavid HerzogNov 26, 2022
@will_shake It's mainly used for fake detection and in forensics in general, so yes. It's hard to forge an image fingerprint if there aren't enough samples....