

Remove personal data from photos before sharing them on the internet - ndesaulniers
https://codepo8.github.io/image-data-cleaner/

======
pdkl95
There might be value in having an image[2] [container?] file format that is
_explicitly_ incompatible with EXIF and other metadata. This includes not
having any kind of "comment" field or free-form data such as JPEG's "APP1"
location where the EXIF data is stored. It would specify only height, width,
ppi, gamma, and some _enumerated_ bitfields to identify the pixel format and
any _necessary_ compression options (i.e. lossy/DCT vs DEFLATE).

Even better, it should have some sort of self-checksum of the entire file, so
it is harder (but not impossible, unfortunately) to extend the format beyond
the original spec.

This would make it far simpler to encourage better behavior: the average
person isn't going to bother if you tell them to run exiv/exiftool. Instead,
saying "Normal image files are not safe! Only upload $SAFE_FORMAT files!" will
get at least some people to strip the files, and those that don't should at
least get a more useful sense of what is safe/risky.

In the (very hypothetical) future, once the format was used, it would even be
possible to for browsers to explicitly deny upload of JPEG/PNG/etc or they
could auto-convert other formats.

Security doesn't work when it relies on complicated methods that _won 't
actually be use in practice_, so changing the format of stuff that _is_ used
might be necessary.

[1] the same idea would obviously apply to audio/video/whatever files

------
xiaomai
This is great, I always remove the metadata from files before sharing them
(why don't the social networks don't do this for you?). This is how I do it at
the command-line:

    
    
        cp files-to-strip /tmp/foo
        exiv2 rm /tmp/foo/*

~~~
billmalarky
If I recall correctly in a old reddit ama Alan Schaaf said that Imgur strips
all metadata from images on upload.

