Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Hidden Security Risk of Geotags

timothy posted more than 4 years ago | from the process-of-elimination dept.

Crime 175

pickens writes "The NY Times reports that security experts and privacy advocates have begun warning consumers about the potential dangers of geotags, which are embedded in photos and videos taken with GPS-equipped smartphones and digital cameras. By looking at geotags of uploaded photos, 'you can easily find out where people live, what kind of things they have in their house and also when they are going to be away,' says one security expert. Because the location data is not visible to the casual viewer, the concern is that many people may not realize it is there; and they could be compromising their privacy, if not their safety, when they post geotagged media online."

Sorry! There are no comments related to the filter you selected.

This is why... (5, Insightful)

Darkness404 (1287218) | more than 4 years ago | (#33257964)

This is why upload services should simply just strip out the un-needed info of the pictures. The original pictures still have the sometimes useful geolocation data, but your Facebook pictures won't.

Re:This is why... (5, Insightful)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#33257986)

After selling it to their advertising partners, of course...

Re:This is why... (4, Interesting)

farnsworth (558449) | more than 4 years ago | (#33258168)

After selling it to their advertising partners, of course...

Seems kinda pointless. I already get pretty damned accurate location-specific ads, presumably by just looking at my ip. When I connect to my employer's VPN, I get ads for things in the region that that data center is in...

Would knowing, say, that the majority of interior shots (probably my home) are on one particular city block vs another really be worth that much more to an advertiser?

Re:This is why... (3, Insightful)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#33258260)

Depending on how economically striated the city is, possibly, possibly not.

I'd assume that they are more interested in pictures taken out and about. Where do you vacation, dine out, meet up with friends, etc?

As you say, IP geolocation does a pretty decent job for wired connections(I don't know whether wireless carriers will sell out customer locations, and, if so, what the price is); but people take a lot of photos, possibly the majority, away from their primary wired ISP.

Re:This is why... (5, Insightful)

Jah-Wren Ryel (80510) | more than 4 years ago | (#33258280)

Would knowing, say, that the majority of interior shots (probably my home) are on one particular city block vs another really be worth that much more to an advertiser?

Yes. They can correlate it with property records and figure out who you are, what bank you have your mortgage with, how much you paid for your house, when you bought it, your likely income level, if you are married (more than one name on the mortgage) and that's just from the primary property records search in some states. Start cross-referencing it with other databases and my guess is that you'll have no secrets at all.

Re:This is why... (1)

farnsworth (558449) | more than 4 years ago | (#33258424)

Would knowing, say, that the majority of interior shots (probably my home) are on one particular city block vs another really be worth that much more to an advertiser?

Yes. They can correlate it with property records and figure out who you are, what bank you have your mortgage with, how much you paid for your house, when you bought it, your likely income level, if you are married (more than one name on the mortgage) and that's just from the primary property records search in some states. Start cross-referencing it with other databases and my guess is that you'll have no secrets at all.

How does having gps data in some photos impact this? All that data is already aggregated and used for less-than-wholesome purposes. Companies like google and flickr already know your identity (or can easily deduce it), so what more info does some exif data leak to advertisers? If I'm a backhanded ad firm, and I get Facebook to sell me the fact that facebookuser02 likely lives at 123 main. Who cares? Aren't there far easier ways to ascertain that?

Note, this is a separate question from "what does this data leak to jewel thiefs or stalkers". I agree that sites should strip this data by default, but I fail to see why sites having tacit access to that data makes anything worse for the user.

Re:This is why... (1)

Jah-Wren Ryel (80510) | more than 4 years ago | (#33258838)

Companies like google and flickr already know your identity (or can easily deduce it), so what more info does some exif data leak to advertisers?

Because people need to be aware of and be able to manage the trade-offs of disclosing information. Perhaps they have taken steps to deliberately obfuscate the info disclosed through other channels, but unknowingly disclosing information through geotags waters down the effectiveness of the other precautions they have taken.

Re:This is why... (2, Insightful)

Trailer Trash (60756) | more than 4 years ago | (#33258910)

I was recently alerted to a web site where people can post pics of themselves - with the url implying naked pics. There were women there with iphone pics that had enough exif info to get their street address. I would venture to guess that when they put their pics there they didn't think it would be possible to determine who they were or where they live.

Re:This is why... (2, Funny)

Anonymous Coward | more than 4 years ago | (#33259088)

I was recently alerted to a web site where people can post pics of themselves - with the url implying naked pics

Yeah, right. Man up and just post where you were surfing.

Re:This is why... (0)

Anonymous Coward | more than 4 years ago | (#33259306)

What could possibly be an easier way to find someone's address than a customer uploading a picture of their home, complete with geocoded coordinates?

Re:This is why... (1)

Sillygates (967271) | more than 4 years ago | (#33258288)

But, if they can better pinpoint your location to a few meters, they can start trying to send you spam in the mail, or, maybe even sell your information to those people search sites. More metrics always helps. It can even work to become a stronger confirmation of your location, if your IP and geotags all match.

Re:This is why... (5, Insightful)

Anonymous Coward | more than 4 years ago | (#33257990)

This is why people shouldn't be so casual about publishing every detail of their personal life for the world to see. These micro-celebrity wannabes should wake up and recognize that their lack of privacy makes them easy targets.

Re:This is why... (4, Interesting)

Ethanol-fueled (1125189) | more than 4 years ago | (#33258164)

While I agree with you, some metadata problems are much more subtle and insidious.

How many of you have ever written "my boss is an idiot" on a word document at work, as a joke, then erased it?

Better hope your boss isn't savvy. [addbalance.com]

Which is why I believe that any Joe-user program which processes documents or media should offer a checkbox and.or dialog explantion offering the user to strip the metadata from saved documents or media. Before any of you say, "stripping is already available", keep in mind how many co-workers don't even know what cookies are.

Re:This is why... (4, Insightful)

betterunixthanunix (980855) | more than 4 years ago | (#33258180)

Before any of you say, "stripping is already available", keep in mind how many co-workers don't even know what cookies are.

You insensitive clod! My coworkers are all CS grad students.

Seriously though, they don't take any steps to strip metadata, even though it is well within their technical ability to do so, and even though they are generally aware of the risks.

Re:This is why... (1)

sumdumass (711423) | more than 4 years ago | (#33258516)

Silly, everyone knows what cookies are. Grandma makes them every Christmas and sends them to the family.

It doesn't help that the name "Cookie" is something they already know about that sort of turns on the "I hear what you are saying but not paying attention because I already know" switch. Of course then you have the problem of unique words making a simple statement like "defragmenting or chkdsk'ing your root drive" sound like a foreign language.

This doesn't invalidate your point, it's meant to reinforce it by showing why coworkers do not know what a cookie is or what to do with them let alone purging meta data they can't see from a document.

Re:This is why... (2, Insightful)

bennomatic (691188) | more than 4 years ago | (#33258178)

Serious. With a combination of Blippy and FourSquare, you don't even need geotagged pictures. I mean, anyone following your Twitter stream could take advantage of this sequence of events:

- So-and-so checked into their house at 123 Main Street, Hometown USA! So-and-so is now the mayor of their house!
- So-and-so bought a new MacBook Pro for $3297 using Blippy at the Apple Store in Winston Niles Rumfoord Shopping Center!
- So-and-so checked into the Relax'em Spa.
- So-and-so bought a 1 hour massage and a 2 hours sauna using Blippy for $225.

Re:This is why... (0)

Anonymous Coward | more than 4 years ago | (#33258524)

- So-and-so spent $4500 on Homeowners insurance using Blipply!
- So-and-so is now too poor to bother advertising to!
- So-and-so Blippy account closed (reason unspecified)!
- So-and-so Foursquare account closed (reason unspecified)!
- So-and-so Twitter account closed (reason unspecified)!
- You are no longer following user So-and-so!

Re:This is why... (2, Informative)

Zerth (26112) | more than 4 years ago | (#33259004)

I see you've heard of PleaseRobMe.com

Re:This is why... (3, Informative)

BitterOak (537666) | more than 4 years ago | (#33258102)

This is why upload services should simply just strip out the un-needed info of the pictures. The original pictures still have the sometimes useful geolocation data, but your Facebook pictures won't.

But is it wise to be trusting your services (i.e. Facebook) to take these extra steps to protect your privacy? Wouldn't it make more sense to have an educated consumer base who can be careful what they upload in the first place? At the very least, the value of this information to marketers would make it unlikely that free, online services like Facebook would simply throw this valuable data away. It would make more sense for consumer electronic devices to do a better job of informing the user of what information is "hidden" in the media files they create, with a default off option for anything "hidden".

Re:This is why... (4, Informative)

odies (1869886) | more than 4 years ago | (#33258150)

I always use IrfanView [irfanview.com] to pre-process my pictures before uploading them anywhere. You need to do that anyway (original pictures are usually huge 4000+ pixels wide and forums usually limit you to less than 1280px). When you're saving the image, it shows check boxes to remove all extra information from the pictures (usually camera model and shooting options and so on). Easy. And yeah, it's an awesome and light image viewer and you can edit images too.

Re:This is why... (2, Informative)

mspohr (589790) | more than 4 years ago | (#33259026)

If you are looking for a tool to read and edit the exif (geolocation etc) information in files, exiftool http://www.sno.phy.queensu.ca/~phil/exiftool/ [queensu.ca] works on Windows, Mac and Linux and support many formats.

Re:This is why... (0, Offtopic)

zoloto (586738) | more than 4 years ago | (#33258442)

I don't believe companies or the government want an educated populace. If they did, we wouldn't be in debt this badly, we wouldn't be in a near-decade old occupation (I refuse to call it a war now) and our "policies" within the US borders wouldn't be so asinine.

Re:This is why... (2, Insightful)

BatGnat (1568391) | more than 4 years ago | (#33258234)

What crap, Why should it be the Hosting sites responsibility?

You sent them the file. It is your file. If you dont want geotags in the file, then clean the file first.

Shouldn't be the upload service's responsibility (1)

syousef (465911) | more than 4 years ago | (#33258256)

This is why upload services should simply just strip out the un-needed info of the pictures.

Why is it up to the upload service? Right now people have 100% control over their information and can strip whatever data they like. You might argue the upload service could provide a tool to help them do it more easily by setting preferences (which they could alter on a per upload basis). However I don't want a provider determining what information I can or can't attach to the photos. What if I'm actually trying to put together a map with photos attached. For instance I went to a lot of trouble to combine information from camera and GPS into geotags for my 2007 Honeymoon. The information a thief might gleam from this is to say the least minimal as it was a one off and I wouldn't appreciate my work being undone.

Re:Shouldn't be the upload service's responsibilit (1)

Darkness404 (1287218) | more than 4 years ago | (#33258764)

Because if you are uploading something to Facebook the geolocation info is not going to be any benefit to you, if you resize the pictures and the like, stripping the geolocation is just another step that doesn't harm the uploader. Now, I'd be against stripping geolocation data over something like e-mail, but over something like Facebook or something like Tinypic the geolocation information is not going to be beneficial. If your trying to put together a map with your photos, then use the originals, don't use the resized Facebook pictures.

Re:Shouldn't be the upload service's responsibilit (0)

Anonymous Coward | more than 4 years ago | (#33258766)

Right now people have 100% control over their information and can strip whatever data they like.

You make a lot of assumptions about the average person's intelligence regarding technology.* You're certainly correct that it's their responsibility, but if it isn't so hard to remove that data, why can't the upload service do it anyway? Think of it as offering extra service to one's customers.

*One might argue this period could be moved two words to the left.

Re:This is why... (1)

soliptic (665417) | more than 4 years ago | (#33258866)

This is why upload services should simply just strip out the un-needed info of the pictures.

Imgur does do that.

I was just wondering about that (1, Interesting)

Anonymous Coward | more than 4 years ago | (#33257968)

I currently have a small project going to make a program in java that removes (and maybe later, spoofs) the tags in jpegs so they can be posted safely. I'll let your guys know if/when I finish it.

Re:I was just wondering about that (4, Informative)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#33258020)

Might want to take a look at jhead. jhead -purejpg will, as the name suggests, strip everything that isn't actually the image.

Re:I was just wondering about that (0)

Anonymous Coward | more than 4 years ago | (#33258048)

thanks for the info

Re:I was just wondering about that (2, Informative)

Jon Abbott (723) | more than 4 years ago | (#33258080)

Yes, I was going to recommend jhead [sentex.ca] as well. I haven't used it for deleting EXIF headers, but I have used it to get a list of what focal lengths I've used for all of my photos. It's a handy free utility, and I wish it worked on RAW photos as well.

Re:I was just wondering about that (1, Informative)

Anonymous Coward | more than 4 years ago | (#33258182)

or using imagemagick: mogrify -strip [filename]

Re:I was just wondering about that (4, Informative)

betterunixthanunix (980855) | more than 4 years ago | (#33258190)

Or, you can just use ImageMagick:

$ mogrify -strip image.jpg

General problem (1)

2.7182 (819680) | more than 4 years ago | (#33257980)

Even if I create a pdf now, I have to wonder what sort of hidden meta data crap it contains.

Re:General problem (1)

John Hasler (414242) | more than 4 years ago | (#33258448)

> I have to wonder...

No you don't. You could look.

Re:General problem (0)

Anonymous Coward | more than 4 years ago | (#33258668)

And exactly how do you think we (or worse, the average consumer) would go about doing that? Install a tool for each file type and analyze it manually?

Re:General problem (0)

Anonymous Coward | more than 4 years ago | (#33259190)

> I have to wonder...

No you don't. You could look.

You probably can't look -- that's why he said "hidden meta data" instead of just "meta data".

Remember how long it took for researchers to find and then identify the purpose of http://www.pcworld.com/article/118664/government_uses_color_laser_printer_technology_to_track_documents.html [pcworld.com] the hidden serial number written on printouts from color laser printers, copiers, etc?

Needed a frickin blue LED and magnifying glass to see it and then you needed serious work to deduce that was actually a bit of encoded meta data and not just a malfunction.

If you're not using Open Source to create your PDF, how can you really know what meta data might be hidden in it?

Programs to strip the data? (0)

Anonymous Coward | more than 4 years ago | (#33257982)

Can anyone recommend a good program for Windows and Linux that can strip out EXIF information and leave just the JPEG data?

Re:Programs to strip the data? (1)

surmak (1238244) | more than 4 years ago | (#33258078)

jhead -purejpj

jhead is simple command-line tool that manipulates EXIF data.

Won't happen to me, I have a blackberry! (0)

Anonymous Coward | more than 4 years ago | (#33258016)

And the GPS really, really sucks on most blackberries.

No GPS = no geotag

And since it's a blackberry, your company can turn off geotagging entirely from their blackberry enterprise server.

The Hidden Danger of Post Marks on Letters (5, Insightful)

Palestrina (715471) | more than 4 years ago | (#33258028)

OMG, letters have post marks and tell what town the sender lives in!

OMG, caller ID gives my phone number to people that I call!

OMG, the Registry of Deeds lists my address and how much I paid for the house!

OMG, the phone book list my name, phone number and address!

We've been dealing with stuff like this for decades, right? I think the danger is more about the contents of your tweets ("I am on vacation") than the metadata ("I live here"). I can probably find your address if I wanted, even without Flickr metadata.

Of course, metadata can lie as well. Maybe I want to say, "I have a big coin collection" in Twitter and put photos of it all over the place on the web, but with false geotag data to make it look like it came from someone else's home. Because of that risk, even those who do not use Twitter, or the iPhone or Flickr are also at risk. Gee. maybe we should just lock our doors at night.

Re:The Hidden Danger of Post Marks on Letters (1)

BradleyUffner (103496) | more than 4 years ago | (#33258064)

Right, who would have ever thought that taking pictures of your stuff, then posting those pictures online would let people know what kind of stuff you have?

Re:The Hidden Danger of Post Marks on Letters (1, Funny)

Anonymous Coward | more than 4 years ago | (#33258136)

Right, who would have ever thought that taking pictures of your stuff, then posting those pictures online would let people know what kind of stuff you have?

Probably the same kind of idiots that can't notice the difference between a blog post and a Facebook login page [readwriteweb.com] ?

Re:The Hidden Danger of Post Marks on Letters (3, Insightful)

grumbel (592662) | more than 4 years ago | (#33258194)

The problem is that it allows correlation. Have two pseudonyms on the net that you use to post pictures? Now suddenly people can easily track you down by your GPS coordinates or better yet, the serial number of your camera or whatever other unique information one can grab from the metadata.

Re:The Hidden Danger of Post Marks on Letters (0)

Anonymous Coward | more than 4 years ago | (#33258140)

OMG, letters have post marks and tell what town the sender lives in!

No, it has the town/post office the letter was mailed from (the Eiffel tower has a post office for that reason). Easy to avoid by going to a different town.

OMG, caller ID gives my phone number to people that I call!

Easily blocked for those of us who don't want to give out that information.

OMG, the Registry of Deeds lists my address and how much I paid for the house!

Depends on your jurisdiction - not all list house prices.

OMG, the phone book list my name, phone number and address!

And it's easy to opt out of the phone book if you chose.

This article is just letting people know about something most aren't aware of, the privacy implications, and how to avoid the issue if they so choose.

Learn something new (1)

way2trivial (601132) | more than 4 years ago | (#33258946)

You are right about blocking CID, but there is little (domestic us) likelyhood you can really hide your number

http://en.wikipedia.org/wiki/Automatic_Number_Identification [wikipedia.org]
ANI is unrelated to caller ID. A caller's telephone number and line type are captured by ANI service even if caller ID blocking is activated. The destination telephone company switching office can relay the originating telephone number to ANI delivery services subscribers. Toll-free Inward WATS number subscribers and large companies normally have access to ANI information, either instantly via installed equipment, or from a monthly billing statement. Residential Subscribers can obtain access to ANI information through third party companies that charge for the service.[4]

Re:The Hidden Danger of Post Marks on Letters (3, Interesting)

Anonymous Coward | more than 4 years ago | (#33258152)

iPhones contain the long/lat of the place where the picture was taken. That's a little bit more than "letters have post marks and tell what town the sender lives in!". Don't be naive. Look at the Sherlock Holmes shit that 4chan does *regularly* with things such as EXIF data.

There was a famous thread on there once where a 30 year old guy was professing how much he wanted to sleep with his 16 year old niece's friend. Using nothing but the emblem of her school mascot on the front, 4chan tracked HIM down and had a field day.

Re:The Hidden Danger of Post Marks on Letters (1)

Dionysus (12737) | more than 4 years ago | (#33258840)

iPhones contain the long/lat of the place where the picture was taken. That's a little bit more than "letters have post marks and tell what town the sender lives in!".

Letters usually have the sender's address.

Re:The Hidden Danger of Post Marks on Letters (4, Insightful)

PopeRatzo (965947) | more than 4 years ago | (#33258232)

OMG, letters have post marks and tell what town the sender lives in!

You believe that having a creep know the town you live in is the same as the creep knowing your GPS coordinates?

No, we haven't been "dealing with stuff like this for decades", because until recently corporations have not had the capacity to have such persistent and precise data about you that they could monetize.

That picture of your 8 year old daughters that you put on the Internet has data that somebody will sell to the highest bidder, and I doubt they're going to make sure the highest bidder isn't a registered sex offender. I'm usually very suspicious of these kind of "consider the children" appeals, but the personal minutiae that is being commoditized by businesses has reached a point where it's going to be very hard to roll back.

You've got one of the biggest corporations in the world collecting very private information, selling it to the highest bidder and then getting into bed with the most repressive regimes on Earth and at the same time forming "strategic alliances" with other huge corporations to subvert the effective net "neutrality":that has been in place since the beginning. And Palestrina thinks that's the same as having your name and number voluntarily listed in the phone book. And his rationalization is that it's OK because if you know what you're doing you can falsify your metadata. Don't you see the problem here?

Re:The Hidden Danger of Post Marks on Letters (1, Insightful)

Anonymous Coward | more than 4 years ago | (#33258396)

“You‘ve got one of the biggest corporations in the world collecting very private information, selling it to the highest bidder...”

Care to back the “selling it to the highest bidder” part up? You seem quite sure of yourself, so let’s see the evidence.

Re:The Hidden Danger of Post Marks on Letters (1)

PopeRatzo (965947) | more than 4 years ago | (#33258618)

Care to back the “selling it to the highest bidder” part up? You seem quite sure of yourself, so let’s see the evidence.

OK, you're right. They're renting it to the highest bidder.

That make you feel better?

Re:The Hidden Danger of Post Marks on Letters (0)

Anonymous Coward | more than 4 years ago | (#33258958)

That picture of your 8 year old daughters that you put on the Internet has data that somebody will sell to the highest bidder, and I doubt they're going to make sure the highest bidder isn't a registered sex offender. I'm usually very suspicious of these kind of "consider the children" appeals, but the personal minutiae that is being commoditized by businesses has reached a point where it's going to be very hard to roll back.

This is the most incoherent paragraph I've read in a while. You're merrily conflating "think of the children" arguments with "big business is commoditizing personal information" arguments without stopping to register how ridiculous that sounds.

Multinational advertising agencies are paedophiles now? Um, what?

Go up to Google or Facebook and say you want to run an ad campaign targetted at 25-32 year old males living in the Midwest with an interest in windsurfing. Yes, they'll be happy to help, and yes, they'll use all the personal demographic data they gather to do so.

Now go up to them and say you would like the name and address of an 8 year old girl - just the one. They will... what exactly? Do you really think they will sell you that data? Are you even thinking through your words before typing them? Do you even understand how business works at all?

Re:The Hidden Danger of Post Marks on Letters (1)

AK Marc (707885) | more than 4 years ago | (#33259038)

We have no more or less anonymity or privacy than ever. What's changed is the cost for a given person to get all they can. There used to be cost/trouble to follow someone around. Now the equivalent info, and no more, is available in easier and cheaper methods.

Re:The Hidden Danger of Post Marks on Letters (2, Funny)

rundgong (1575963) | more than 4 years ago | (#33258242)

Yeah, you are absolutely right, the location is not that big of a deal. What's worse is that the pictures have dates embedded.
With the dates there on your vacation pictures the thieves can just go back in time and rob your house and know for sure that you wont be back for several days.

THIS is what we really need to be worried about.

Re:The Hidden Danger of Post Marks on Letters (1)

Nialin (570647) | more than 4 years ago | (#33259202)

Grandfather Paradox... oh shit, THAT's why all of those pens in my life have simply vanished.

I can only assume that at some point in the future I go into detail about my missing pens, unintentionally giving out detailed info to an acquaintance; like a fact that I wasn't home at such-and-such a time, on such-and-such a date.
One of these acquaintances must, at an even later point in the future, gets their paws on a time machine and decides to be a little unscrupulous and goes back in time, attempting to rid me of my material possessions.
Somehow the magic of the Grandfather Paradox works, and thwarts their attempts at stealing the items that were never lost (money, TV's, etc.), so they manage to only pick up pens... perhaps knowing full well that this would frustrate me throughout the rest of my life.

Re:The Hidden Danger of Post Marks on Letters (1)

Jeff DeMaagd (2015) | more than 4 years ago | (#33258248)

When you call an individual, you give one person your phone number. When you mail someone, you give one person your address. And often, you want them to have your number and address. Cell phones aren't listed. A geotagged photo might be available to millions of people.

To use a register of deeds, wouldn't you need to have an actual address to start with?

Metadata can lie, but the tools to make it lie are hardly convenient.

Re:The Hidden Danger of Post Marks on Letters (2, Interesting)

adolf (21054) | more than 4 years ago | (#33258298)

To use a register of deeds, wouldn't you need to have an actual address to start with?

In my county in Ohio, I can look up properties by name, address, or just by selecting them from a map. The map also includes aerial photos of sufficient resolution to put Google Earth to shame.

It's all on the Web, and it's free. Google around for your county's auditor, and you'll probably find a very similar system.

Geotags and a WHOLE lot more (3, Informative)

xiando (770382) | more than 4 years ago | (#33258034)

http://www.sentex.net/~mwandel/jhead [sentex.net] is a nice Exif Jpeg camera setting parser and thumbnail remover. Try it and get scared. Geotags are new, but the problem has been there for years. The "hidden" parts of images give away camera model, camera time, camera serial number and that is just the tip of the iceberg. Always open and save images in some editor such as GIMP before uploading them to the Internet(s). This is a good idea anwyay as viewers will generally be more happy if you crop the picture, perhaps adjust the color balance etc.

Re:Geotags and a WHOLE lot more (1)

Inda (580031) | more than 4 years ago | (#33258258)

Consumer image manipulators often keep the EXIF data intact. Especially if the user just clicks the save, or save as button.

Websites should strip this data before displaying the image.

Re:Geotags and a WHOLE lot more (0)

adolf (21054) | more than 4 years ago | (#33258274)

Wow, there's a lot of FUD there. From the link:

Things jhead can extract from an Exif jpeg file

  • Time and date picture was taken
  • Camera make and model
  • Integral low-res Exif thumbnail
  • Shutter speed
  • Camera F-stop number
  • Flash used (yes/no)
  • Distance camera was focused at
  • Focal length and calculate 35 mm equivalent focal length
  • Image resolution
  • GPS info, if stored in image
  • IPTC header
  • XMP data

*yawn*

Which part was I supposed to be scared of, again?

Re:Geotags and a WHOLE lot more (1)

CrAlt (3208) | more than 4 years ago | (#33258878)

*yawn*

Which part was I supposed to be scared of, again?

Im gona have to say its this one:

"GPS info, if stored in image"

Since more people are getting "smartphones" this is going to be showing up alot more.

Re:Geotags and a WHOLE lot more (1)

adolf (21054) | more than 4 years ago | (#33259266)

Oh. I thought the GPS part was already covered by both TFA and TFS.

OP seemed to indicate that he had some different, scary insight to offer.

I guess not.

I am amazed (1, Insightful)

Anonymous Coward | more than 4 years ago | (#33258040)

Photos tagged with the location in which the picture was taken can give away information about the location in which the picture was taken. Who would have thought?

Re:I am amazed (1)

Yvanhoe (564877) | more than 4 years ago | (#33258096)

The kind of people who complain about the private data they posted on Facebook are seen by millions. So the answer would be : far too many.

...at how unaware some end users are (1)

tepples (727027) | more than 4 years ago | (#33258744)

Photos tagged with the location in which the picture was taken can give away information about the location in which the picture was taken. Who would have thought?

I understand you're trying to point out a tautology, but a lot of end users aren't even aware that photos taken with a camera phone are "tagged with the location in which the picture was taken".

It's only a matter of time (0)

Anonymous Coward | more than 4 years ago | (#33258042)

Until I can run any sort of outside photo against a database of photos and find its location. Indoor photos are trickier, but even a view out of a window may be enough to find the location.

Help! (4, Funny)

TyFoN (12980) | more than 4 years ago | (#33258084)

Help, they can see me going into my house!
They will know where i live..
WHERE IS MY TIN FOIL HAT?!?!

Re:Help! (2, Interesting)

Anonymous Coward | more than 4 years ago | (#33258320)

WHERE IS MY TIN FOIL HAT?!?!

Last Friday it was on your nightstand, you might want to look there first.

Re:Help! (2, Funny)

PrecambrianRabbit (1834412) | more than 4 years ago | (#33258328)

WHERE IS MY TIN FOIL HAT?!?!

See, if your pictures of your tinfoil hat had geolocation data attached on them, you'd be able to find it!

Re:Help! (1)

sumdumass (711423) | more than 4 years ago | (#33258816)

His pictures did have geolocation data attached on them which is why I found his tin foil hat and his high dollar camera which was sitting right next to it. BTW, who uses a VCR anymore. I guess I should have looked at more of the pictures before going over. And that car he claims is his, he must have sold it to the neighbor because that's the driveway it was sitting in when I stopped by at 4 am last night.

ImageMagick and remove metadata (2, Informative)

lumbercartel.ca (944801) | more than 4 years ago | (#33258086)

You can use the "-strip" command-line option with ImageMagick's "convert" utility to strip out all the metadata from an image prior to uploading it.

Re:ImageMagick and remove metadata (5, Informative)

MechaStreisand (585905) | more than 4 years ago | (#33258210)

Yup, and it recompresses the image when you do so. See suggestions here [stackoverflow.com] for ways of stripping it without recompressing.

Re:ImageMagick and remove metadata (2, Informative)

tepples (727027) | more than 4 years ago | (#33258760)

Yup, and it recompresses the image when you do so.

Which you need to do anyway before uploading a multi-megapixel image to a blog or forum that doesn't allow any image over 1280x1024 pixels.

Re:ImageMagick and remove metadata (1)

zbyg (1662741) | more than 4 years ago | (#33258236)

I guess that everyone who has ever used ImageMagick, has enough brain cells to not post geotaged photos of their apartment, with comments like this: "Today I brought a new computer for 2000$. Had no time to play with it, because I am leaving for a two week vacation. P.S. I like leaving the door key under the mat"

Burglary (1)

blueskies1977 (1841970) | more than 4 years ago | (#33258108)

Burglary tends to be an opportunist crime. The criminal only has to walk round a wealthy area to know that most people in the houses have a large amount of valuable equipment in their houses. People should be aware of posting when they are not going to be at home but photos with geotags only convey historical data "This person was abroad on this date" and does not give away times in the future when they are going to be away.

Re:Burglary (1)

maxwells_deamon (221474) | more than 4 years ago | (#33258176)

Other than this the majority of home invasion breakins are in homes where drugs are being sold, items are being fenced or other off "the books large" cash operations.

They do sometimes get the address wrong. The police sometimes raid the wrong place as well.

Pictures taken yesterday or a year ago (1)

tepples (727027) | more than 4 years ago | (#33258782)

photos with geotags only convey historical data "This person was abroad on this date" and does not give away times in the future when they are going to be away.

If the photo was taken today or yesterday, it's likely that the family is still on vacation. If the photo was taken 52 or 53 weeks ago, it's an educated guess that the family may be taking another vacation in the same or a similar place.

Easy solution (3, Interesting)

awtbfb (586638) | more than 4 years ago | (#33258110)

Don't post media on unprotected pages. No big loss behind this step. Friends and family can handle a simple user/password combination - we've been doing this for years. Trust me, the rest of the world doesn't really want to see your pictures of the kids at their friend Joey's birthday party.

Re:Easy solution (1)

julesh (229690) | more than 4 years ago | (#33258398)

Trust me, the rest of the world doesn't really want to see your pictures of the kids at their friend Joey's birthday party.

Specially not at 2048x1536.

Pictures can tell the future? (3, Funny)

volfreak (555528) | more than 4 years ago | (#33258118)

OP states "By looking at geotags of uploaded photos, 'you can easily find out where people live, what kind of things they have in their house and also when they are going to be away,'..." How can uploaded photos tell someone when I am going to be away? Can pictures now show us what we'll be seeing and where at some point in time in the future? Neat... So, what setting do I use for my DSLR to get it to show me where I'll be going and when I'll be away? I want to see what's ahead of me.... Maybe it can show that I am currently away but how can it show when I'm going to be... anything? Oh, now I get it... I should take a picture of my airline tickets or hotel booking and post those on line... Yeah, that's how they'll know....

Re:Pictures can tell the future? (2, Informative)

tentux (1855140) | more than 4 years ago | (#33258202)

Agreed, the OP may have over-stretched what can be concluded from photographs alone. I think what they were getting at was using geo-tagged photographs and other evidence such as tweet posts and facebook status updates, and indeed advertising your GPS position could all be used to conclude you're on holiday, plus you've photographed where your house is and all of the nice stuff that's in it. However, unless you make a habbit of uploading all of this information to an entirely public domain I'm not entirely sure there's a danger of all this information getting into the wrong hands...

Re:Pictures can tell the future? (3, Interesting)

horatio (127595) | more than 4 years ago | (#33258206)

You make a good point. If I'm going to break into someone's house, a good time to do it would probably be between 9am and 5pm Monday-Friday. Most thefts are crimes of opportunity, not premeditated Oceans-Eleven style. I could just sit out in front of their house in the morning and wait for them to leave for work. No pictures or geotags needed. With a just a couple of guys, I can clean the place out in about 10-15 minutes. Where I live, assuming someone notices and phones the cops, that is about twice the time needed before dispatch will finally put the call through to officers.

Took the cops more than an hour to show up for a suspicious person sitting in his car one morning doing what appeared to be casing a house in my neighborhood. More recently, took them 30 minutes to show up after a call about a man banging on the neighbor's door, yelling and threatening to kick it in.

The most effective deterrent is one of those 'ADT' type stickers. After that, the dog. If that doesn't work, a double-tap to the center of mass should end things rather abruptly.

Re:Pictures can tell the future? (1)

lumbercartel.ca (944801) | more than 4 years ago | (#33258272)

This sounds like something right out of The Hitchhiker's Guide To The Galaxy. I think the DSLR setting you're looking for, whatever it is, must be set to 42.

The past can tell the future (1)

tepples (727027) | more than 4 years ago | (#33258794)

How can uploaded photos tell someone when I am going to be away?

It's not out of the question. See my other comment [slashdot.org] .

We need to come up with a concept of "safe tags" (2, Insightful)

mysidia (191772) | more than 4 years ago | (#33258124)

Presumptively a 'safe' geotag is one that the user has control of.

The user should have options (A) No geotag [the default], (B) Fuzzy geotag that may reveal what city or state they are in, but not their actual location, (C) Hi-Res Geotags

Their phone should ask them how detailed the Geotag should be before they take pictures.

Their graphics software / picture sharing websites should ask what to do with Geotags before uploading.

e.g. (A) Hide/remove all geotags, (B) Only let friends see GeoTag information, (C) Make all Geotags fuzzy

With the default being A.

Re:We need to come up with a concept of "safe tags (1)

grumbel (592662) | more than 4 years ago | (#33258184)

I think the core thing that needs to be solved in general is that of "invisible data". Most software makes it not exactly easy to see what exactly is stored in a file, instead it just provides you a stripped down view with most of the metadata hidden. This doesn't just happen with image files, but also Word documents, PDFs and plenty of other things.

Edit the exif ... (1)

Alain Williams (2972) | more than 4 years ago | (#33258196)

and set the GPS coordinates to that of your local cop shop, or perhaps to someone who you don't like :-)

Still, it is a pain to have to do & think about. Gimp has an exif option, I have not used it.

That photo looks too good. I call BS. (3, Insightful)

tepples (727027) | more than 4 years ago | (#33258814)

Gimp has an exif option, I have not used it.

But if you take a photo for Wikimedia Commons and strip the Exif, and your photography skill looks professional, some regular might assume that you are fraudulently claiming copyright ownership of some other photographer's all-rights-reserved images. Preserving your camera's Exif data tends to shift the burden of proof to whoever is calling bullshit.

FAILZORs! (-1, Troll)

Anonymous Coward | more than 4 years ago | (#33258212)

Not all services are ignorant (2, Interesting)

cybereal (621599) | more than 4 years ago | (#33258316)

It's worth pointing out that not all services are ignorant to this issue. I use flickr and upload geotag information for every picture I take, but, nobody can see it unless they are someone I've accepted as a contact. You can ratchet things up a bit further and use their added friend and family classes for even more restriction. You can also reveal the data on a photo by photo basis if you don't mind it being seen (or actually want it available, like a photoshoot of interesting things in a public place.)

I'm sure other similar photo sharing sites have similar permissions capabilities. I suppose the most likely risk areas are the twitpics and yfrog type upload it and forget it sites.

Dangers to rare speciesand historical sites (3, Insightful)

jo7hs2 (884069) | more than 4 years ago | (#33258326)

Potential security issues aside, geotags have always concerned me with the potential for unintended consequences. As someone with a passion for both native orchids and other rare life forms, along with history, I'm always concerned how an innocent snapshot by someone using geotagging might provide detailed location data to a poacher or pothunter. I've already seen a few plant populations decimated by a mere Flickr post, and I know I've seen geotags for the same species at other locations. I think it is a feature that should be disabled by default and used only with caution.

This is no surprise....nothing "hidden" about this (2, Insightful)

magnusrex1280 (1075361) | more than 4 years ago | (#33258372)

This is pretty obvious. Without even going into detail, once you know what "geotags" are, the first thing that comes to mind is "oh crap. this could be a big problem."

People need to learn to wash their hands first (4, Interesting)

erroneus (253617) | more than 4 years ago | (#33258406)

I actually mean that literally. We go on and on about various privacy risks and on and on about how stupid "average people are" when there are some obvious patterns of behavior outside of computing/networking that shed some real light on where the problems originate.

People simply don't understand the world they live in. They don't understand their cars, their food (c'mon diet coke? really? that nutrasweet that slows your metabolism?) or just about anything? They might think they know some things but not really understand them and nor do they really care to. The people get "flu shots" every year not knowing what strains of influenza are actually being covered by this year's flu-shot-du-jour... they just expect "the experts" to know and to do what they are told.

So who are these experts that the masses follow? Whoever claims to be. The dairy council, for example (you know, the guys who make their living selling dairy products?) tell us every year to drink even more milk than last year. And Microsoft, the company who helped to make "computer virus" a household word and cares more about selling the same thing over and over again instead of redesigning an OS that is both easy and secure. And a lot more. The people who have the most to gain by people being stupid are the "experts." And of course, questioning is something that is beaten out of us by the time we get through the first years of public school so there's no chance of a renaissance happening any time soon... at least not without a dark ages preceding it.

The problem is much, much larger than just being aware of meta-data in a picture. And yes, I agree with some here who suggest that "these online services should really have our backs" on this sort of thing, but it's not really in their interests to do so... so why would they?

They could be compromising their privacy.... (1)

John Hasler (414242) | more than 4 years ago | (#33258412)

...if not their safety, when they post online.

So don't do it. Someone may find out that you exist.

Google has some very bad news for you (2, Informative)

Overzeetop (214511) | more than 4 years ago | (#33258422)

For those who have forgotten, Google is trying to do location based analysis without the geotags - you send them a picture of a place, they tell you where it is (well, what it is for right now). No geotagging necessary.

Of course, Picasa is kind enough to mark each geotagged picture with a google map pin in the preview window - so you at least know which pics have the metadata in the tags.

Have a camera setting (2, Insightful)

supradave (623574) | more than 4 years ago | (#33258484)

Why not just have a camera setting that says "Do not record geotag data within 1 minute of my selected location(s)"? Seems that would be the easiest fix. No extra processing needed.

Re:Have a camera setting (1)

volkerdi (9854) | more than 4 years ago | (#33259142)

Another nice feature would be randomizing the location by _x_ mi/km.

idea (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#33258922)

wait a second, that gives me idea:

1) check my collection of pr0n pic's for geotags
2) find out where are these mansions where they have sessions with sexy ladies
3) ????
4) SEX WITH SEXY LADIES

This is odd (3, Funny)

PPH (736903) | more than 4 years ago | (#33259218)

It seems that quite a few geotags on the porn I download are at my house. The time stamps are when I'm at work.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?