Slashdot Mirror
What Your Photos Know About You (itworld.com)
itwbennett writes: Sandra Henry-Stocker became curious about how much more complex the jpg format had become since she first did a deep dive into it more than twenty years ago, so she dug into how much information is stored and where. "This information is quite extensive — depending on the digital camera you're using," says Henry-Stocker, "containing detailed information about the photo such as the make and model of the digital camera that was used, whether a flash was used, the focal length, light value, and the shutter speed that was used when it was taken. And, if your phone/camera has geotagging turned on, it will also include the altitude, longitude and latitude of the place where the photo was taken." Henry-Stocker used exiftool to extract and label the data so you can see what is collected, and how you can protect your privacy as well as your intellectual property.
Thanks, we know.
How is this News for Nerds? It is common knowledge.
Woke up..
I've been uploading photos to Wikimedia Commons for a decade, and they list all this metadata right there. Did anyone not already know about this?
iOS preferred.
If you have a link, please. Diving into the App Store is a vast time-consuming exercise.
It appears that itwbennett was, in fact, born yesterday.
Solving Unix problems since 1989...
"had become since I she first" - ???
For every problem, there is at least one solution that is simple, neat, and wrong.
Which is kinda great. Phones and cameras let you turn off the location tagging, but considering the lengths that people went to for location tagging when it was not a built-in function, why would you? You're not a terrist, are you?
Nevertheless, if you want all of that info removed, you can use jhead -purejpg *.jpg
That means I can actually use some sort of extra data, let's call it "meta" data from now on, to manage my photos! Imagine if in the future they could store extensive details like even the temperature of the sensor! I know I am making things up now, but perhaps it would be convenient for example on some sort of futuristic long exposure technique where you would need dark calibration frames.
Can't wait for tomorrows news for nerds, where Mandy George-Shelley after twenty years takes another look at the mouse and discovers a second button which can do so many things, but can be a privacy concern if you right-click the wrong things...
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
Breaking: Journalist discovers exif data, decides it's newsworthy, more at 11.
I actually love the geotagging feature for personal use - pictures of my holding up a fish can be traced to a particular spot on the lake.
Having said that, uploading a pic to a public website with geotag info intact is not desirable to me in most cases.
I blame Timothy for wanting to clog the main page. He isn't even a member of monkey.org. It's like we don't even know who we are anymore. Nothing but lies.
So much complexity in the jpg format... it also knows if you were in front of the camera or not, but you can fool it with a mirror.
light value ... that was used when it was taken
This is why I use neutral density filters on my camera... I like to keep private details, like the aperture, private!
That's what this news is all about! Great article!
Next up: Apple TV users can't play MKVs
I turn off the geotagging if I'm posting a picture to social media or going to use the picture in a for sale ad. I don't want everyone to know where I live, especially with the ads, and I don't trust the sites to remove it for me.
What does the picture have to do with the info? It's the camera that encodes it.
Wuddooeyeno? IITYWYBMAD? Like nuts? eclecticallyincorrect.com
In Soviet Amerika, photos look at you!
Jesus Christ, EXIF is not the latest anti-privacy tool used by the NSA to track you. It's a tool used to tell photo editing software more about the shot, so that it can make more intelligent processing decisions.
You can always delete the EXIF information from the photo before you upload it if you care so much about whether Facebook knows you used your flash.
FFS, calm down, people.
Looks like someone has just discovered EXIF / IPTC / XMP!
This is a known issue, most social sites, including Facebook, Twitter and Instagram, strip all data, though they may use the title and copyright fields for naming the photo.
And the more specialized photo sharing sites like Flickr and 500px give you various levels of control over the privacy of photo metadata.
OMG!!
Is that they're terrible photographers.
I'll be right back, I have to write a paper on how every internet browser has unique identifiers that can ID the exact computer that is being used to browse any website, no matter how Cowardly they are.
If your computer runs OS X, you can use ImageOptim to easily remove the metadata from your JPEG photos without re-compressing them.
Fight for your bitcoins!
This looks shooped.
I can tell from some of the pixels and seeing quite a few shoops in my time.
And the fact that someone's jiggery-pokeried around EXIF data so the geotag says 41.948333, -87.655556 .
Well if that shocks you, Sandy, then hold on to your hat...
Wow, EXIF has only been around for about 20 years. Good to see that they are doing some hard-hitting journalism over there at IT World from well credentialed writers who can boast about knowing Unix, English, and and how to buy groceries.
The old way: A notebook (the paper kind) with a pencil (this wooden thing with graphite in the center).
THe notebook would record that Roll #3 was Tri-x exposed as rated (400 ASA), that frame 1 was a grey card at f5.6 with a shutter speed of 1/400, and then on and on for each successive frame.. if you gave a rip about how a particular frame was shot.
I'll take exif any day, I just make sure the camera (or device) I'm using doesn't geotag.
The "Civilized World" jumped the shark ca. 1973.
Been using this for years. I wrote a script for my wife to use when she downloads photos from her iPhone to her computer before she stores them online in a private, encrypted folder.
I used to be an forensics network investigator responsible for going after child porn, cracking, the evil spammers, and others, and one of the primary tools stalkers and miscreants use when they comb the net for easily-viewed photos is the exif data to see where people may be located. Moreover, I disallow anyone, family or friend, to post photos of my family, adults or children, online where anyone can see them. We are derided for this, but I've seen what can happen. I left the aforementioned post when I started having trouble sleeping at night after seeing nothing but the dark underbelly of the Internet and WWW.
I'm on a mushrooming forum, and members (and more generally any mushroom pickers) are notoriously secretive about the location of their spots. I wrote a script to download images from the site, run them through exitools to check if there are geolocation data and find their spots. I did find some, but unfortunately none close to home.
Non-Linux Penguins ?
"...detailed information [cue ominous Jaws sountrack] about the photo such as the make and model of the digital camera that was used, whether a flash was used [, the focal length, light value, and the shutter speed that was used when it was taken. And, [emotional crescendo] if your phone/camera has geotagging turned on, it will also include the altitude, longitude and latitude of the place where the photo was taken."
How about one beginning at a more reasonable place. Like .doc/docx metadata usually disseminated without intention, often revealing, etc.
More to the point, a useful post would have been the WHAT & HOW to avoid unintentional disclosure (hate that meme). Parading the possibility is just a circus act.
The JPG format and EXIF information are separate - just to be sure that's understood - and the EXIF information is typically associated with any photograph file format (TIF, BMP, etc) taken from any modern digital camera.
In some cases - the EXIF information contains orientation information - which makes it possible to have technology like Microsoft Photosynth.
Photosynth stitches 2d images together to create realistic panoramics AND 3d views leveraging 2d imagery. Having the exif information to process makes it much easier for the stitching process to correlate position and orientation to the process, but isn't necessary.
Here's the link: http://www.microsoft.com/web/s...
What's neat about this technology is - as Oculus VR and other forms of immersive technology become more popular, you're going to see technology like Photosynth used to form fully immersive 3d scenes from real world locations based on 2d pictures people have taken the world over.
Now need for 'new 3d cameras or expensive gear. Cities are already mapped in their entirety based on existing photos.
Wht really cool is - geo and time tagging in photo imagery makes it possible not just to paint a picture of a physical location at a single physical period of time, but over a period of time.
What this means is - once the photosynth technology matures - not only can you see what a place looks like today. but you will be able to 'rewind it' to see a complete history .
Being honest with you, I am not really concerned about privacy at all. If you want to watch me and learn about why I do what I do, then feel free.
for a in *.jpg; do convert -strip "$a" "$a:r.clean.$a:e" ; done
So people on the internet can figure out what shutter speed I was using when I took a photo? I sure hope they can't find any other identifying information like the copyright note with my name that my camera is configured to add.
I'll never post a picture to facebook again! (Oh wait, facebook actually removes all the metadata, which I find rather annoying)
Somebody must have had the same idea. Have you thought of uploading your own, but with the location data frigged? Sewage farm, middle of an airport runway, army practice range ...
If I see it on the news I'll know it was you.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
I don't worry about most of that stuff. I either turn the Geotaging on or off depending on whether I want it for a particular photo. The camera SerialNumber is the real doozy though.
Oh look, that anonymous nude on gone wild was taken with the same camera as your latest selfie. What a weird coincidence...
I tried a couple of sites, including ebay and facebook.
As most sites do, these resizes the images uploaded, and in that process strips the exif data.
That would be a good joke, but I guess people would check on google maps before going and notice something is amiss. And it may backfire if you place them in the middle of a nuclear reactor, you may have some men in black knocking at your door with some questions about your recent whereabouts...
Non-Linux Penguins ?
Next in the series: your phone has your email, phone calls, and even text messages on it. And pictures! And it knows where you are, like a small spy who follows you around constantly.
I don't need my camera to tell me that!
Of course, you can rescue anything in post ;)
Give ma a break. It is very, very easy to strip the metadata out of media. Yawneriffic.
"APK doesn't think that DNS servers are worth running and seems to believe that somehow Microsoft Active Directory can run without DNS." - by Coren22 (1625475) on Tuesday October 27, 2015 @12:58PM (#50811615)
Where'd I say AD will run minus DNS Coren22? I've said AD = internal network DNS dependent as far back as 2007 http://forums.tweaktown.com/wi...
(Searching this in BOLD "To warn users who have ActiveDirectory/AD LAN-WAN setups to NOT use external DNS servers!" referring to OpenDNS suggestions for those using AD stupid in the POSTS BEFORE IT in my security guides for users (geared to stand alone single machines no less), & right there on that page proves it stupid - so even if you posted as myself someplace here on /. "impersonating me", I have your ass NOW, shithead!)
I've also stated MANY TIMES I use remote DNS in OpenDNS @ home (but not @ work on AD networks + exchange/outlook: Free OpenDNS model doesn't work with AD dependent Exchange + Outlook specifically you lying little imbecile).
I also don't hardcode in "every site there is under the sun" is why, so I have to use DNS, but OpenDNS & rarely.
I also RARELY MISS A LOOKUP since I put where I spend a good 95++% of my time online in my favorite sites into hosts @ the TOP of hosts for utmost LOCAL FASTER RESOLUTION SPEEDS and more reliability vs. Open DNS (not OpenDNS) resolvers being abused, Kaminsky redirect poisoned DNS servers (of which 99.999% of ISP DNS are not proofed against to this very day even though a patch exists which OpenDNS uses), rogue DNS servers, and yes ROUTERS with bushwhacked by malware DNS settings (happening a LOT lately).
Hardcodes in hosts are faster than remote DNS, waste less resources than local dns in power, cpu cycles, RAM, & other I/O by FAR considering ALL THE PARTS of such a setup in programs, data, I/O, & power (especially if setup as a separate machine).
APK
P.S.=> You're a disgusting liar... apk
"I guess we should avoid your crap, it looks like it is marked as malware. Good luck getting that removed." - by Coren22 (1625475) on Monday November 02, 2015 @03:52PM (#50850445)
False positive: I've wrote 'em long ago, no response vs. 60++ REPUTABLE sources (not nobodies) below that fries you Coren22!
Is that your fake site for more lies Coren22?
Lying about me LIKE YOU DID HERE punk? -> http://slashdot.org/comments.p... ??
---
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...
&
It's safe proven by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...
+
Its 32-bit model too https://www.virustotal.com/en/...
More "SALT IN YOUR WOUNDS" -> http://f.virscan.org/APKHostsF...
APK
P.S.=> /.'ers say my work is good too:
"his hosts program is actually pretty good" - by xenotransplant (4179011) on Monday August 10, 2015 @03:34PM (#50287195)
"I like your host file system." - by Karmashock (2415832) on Wednesday September 09, 2015 @03:57PM (#50489401)
"APK is kinda right... I've given up on JS based adblocking and gone to blackholing in /etc/hosts, just like it was back in the 90s. The computational load has gotten intolerable for any ad-blocking using JS. I've tried his hosts file generating software. It works." - by bmo (77928) on Thursday October 15, 2015 @11:30AM (#50736071)
"his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources" by alexgieg (948359) on Friday September 25, 2015 @09:57AM (#50596461)
YOU say "hosts=bad" (but they add security, speed, & reliability) & bitch on admin privelege to UPDATE vs. threats:
"So, have you figured out why privilege escalation is a bad thing yet?" - by Coren22 on Tuesday September 22, 2015 @05:15PM (#50577809)
Hypocrite - You use admin priv admitting it
&
How else can I programmatically update hosts minus it in Windows?
---
"Of course it requires elevation to write to the hosts file" - by Coren22 (1625475) on Wednesday September 23, 2015 @05:35PM (#50585879)
You FINALLY later admit there's no other way!
FACT:
Even MalwareBytes AntiMalware (best one) DEMANDS you use admin privelege (you saying it's "bad" too?) it can't do its job fully otherwise, like many security tools do!
---
Aryeh Goretsky NOD32/ESET says hosts = good security-> http://it.slashdot.org/comment...
Oliver Day (Symantec) does-> http://www.securityfocus.com/c...
MalwareBytes' hpHosts hosts & recommends my APK Hosts File Engine 9.0++ SR-2 32/64-bit-> http://hosts-file.net/?s=Downl...
---
* HOW MANY SECURITY PROS DO I NEED TO KNOCK THE CHOCOLATE OUTTA YOU?
---
Those security pros INCLUDE me: I work w/ guys from malwarebytes' hpHosts on a regular basis!
I've professionally worked for decades as a combined domain-wide network admin & software engineer since 1994 (Even showing you HOW to migrate a hosts across an enterprise-> http://slashdot.org/comments.p... )
I've also been securing computers + WRITING GUIDES using CIS Tool (who took fixes from me http://slashdot.org/comments.p... - bonus) http://www.bing.com/search?q=%...
You told me you learn from guides?
I write good ones that MILLIONS USE & was PAID FOR IT http://pcpitstop.com/news/winn...
+ WARES TO PROTECT USERS that are endorsed & hosted by security pros -> http://hosts-file.net/?s=Downl...
You did all that? No!
(& that's ONLY a SMALL part of what I could put out)
APK
P.S.=> You're all TALK -> http://slashdot.org/comments.p... & a "ne'er-do-well" in security... apk
So when you enable geotagging, it tags your photos with your geographic location? Good! That's why I turned it on.