Slashdot Mirror
Mining EXIF Data From Camera Phones
emeitner notes that folks at the Internet Storm Center wrote scripts that harvested 15,291 images from Twitpic and analyzed the EXIF information. This reader adds, "While mining EXIF data from images is nothing new, how many people would allow this data to leave their cell phone if they knew what it contained? The source code for the scripts is also available from the article." "399 images included the location of the camera at the time the image was taken, and 102 images included the name of the photographer. ... The iPhone is including the most EXIF information among the images we found. ... It not only includes the phone's location, but also accelerometer data showing if the phone was moved at the time the picture was taken and the readout from the [built-]in compass showing in which direction the phone was pointed at the time."
Someday soon a politician will post what appears to be a benign photo with an embarrassing long/lat location.
I wonder how many grow ops have been busted by the cops looking through twitpics/myspace photos metadata.
Now you mention it, the information from the iPhone could be useful for correctly placing a photo in an application such as Google Earth. You would know what angle the camera was in, what direction it was pointing and given the fact its a fixed zoom how line everything up. You could then even use a temporal guide to view evolution of the location over time, given multiple photos.
Jumpstart the tartan drive.
No picture leaves this computer before it has been subjected to "jhead -purejpg". Something else to look out for: Image data beyond the edge of the image after lossless resizing and orphaned preview images embedded in the JPG, showing the full uncropped picture. The latter is dealt with by the "jhead -purejpg" command, the former isn't.
I can't be bothered to set the clock on my camera, let alone enter personal data.
Not a problem on CELL PHONE cameras!
Exif is even viewable on OSX and Windows by just looking at the file's properties.
Most artists actually *rely* on EXIF (and carefully protect it) to establish things like Copyright - not to mention keeping track of settings. :)
If my phone *didn't* tag my photos with my name I'd be a bit miffed
An operating system should be like a light switch... simple, effective, easy to use, and designed for everyone.
If my phone *didn't* tag my photos with my name I'd be a bit miffed :)
Generally yes. Unless you want to anonymously submit a photo, and you had no idea this information was stored inside the picture.
x86, oh yes, I'm pro.
EXIFs can also contain thumbnails that can sometimes reveal more than needed after for example cropping the original.
http://no.spam.ee/~tonu/exif/
It not only includes the phone's location, but also accelerometer data showing if the phone was moved at the time the picture was taken and the readout from the [built-]in compass showing in which direction the phone was pointed at the time.
Not only that, the file exposes an image from the phone's camera. Won't someone think of the children!
Facebook is the new AOL
This is why I shoot film on an old manual camera.
And then drop off my film to get it processed.
And then wait for it to get processed.
And then scan it with my film scanner.
And then correct it in Photoshop.
And then go to Google Maps and try and remember just where I was when I took the shot.
And then extract the longitude & latitude from the Google Maps URL.
And then convert the longitude & latitude from decimal to radians.
And then tag my photo with appropriate tags.
Privacy for the fail.
Most RAW processing software preserves the tags embedded in the RAW file.
Presumably if you're doing RAW processing you're smart enough to know what EXIF is and make a conscious decision about which tags you want in your web-posted JPEG, but you never know.
Someone posted a picture of their girlfriend's rear end with a sharpie sticking out of it to a popular anonymous image-sharing web board.
Unfortunately, the image contained EXIF data, including latitude and longitude. It was quick work to come up with a name and address and all sorts of other information...
Good times.
399 images included the location of the camera at the time the image was taken, and 102 images included the name of the photographer. ...
Or, to summarize from the other point of view...
"97.4% of images did not include the location of the camera at the time the image was taken, and 99.3% of images did not include the name of the photographer. ... "
And, as you sort of pointed out, it's not even privacy unless the photographer develops his own film.
!#@%*)anks for hanging up the phone, dear.
Rule 1 when doing something stupid and / or illegal:
Know your tech. Remember - stupid criminals get caught.
Faster! Faster! Faster would be better!
Then maybe you should take a little more responsibility for what you are posting for the public to view.
Given the choice of convenience/cool features or privacy/security, users* will ALWAYS pick convenience/features. 100% of the time. To them, it's not "leaking a bunch of personal information", but enabling that "oh cool, it knows I took these pictures down by the waterfront and stuck them on the map for me" stuff.
* Normal users. Us paranoid slashdotters (and, in general, people that actually understand the necessity and implications of privacy and security) need not apply to that stat.
How are sites slashdotted when nobody reads TFAs?