Hacker News new | past | comments | ask | show | jobs | submit login

Friendly tip if you are uploading any photo made by you to some untrusted site (works on linux and macos):

      exiftool -all="" filename.jpg
Because oftentimes you don't need to look at the picture to figure out the location.



Beware that this can strip colour profile information and lead to incorrect rendering of your image.

I'm not quite sure how to address that properly.


It should be possible to use exiftool to write any color profile tags you want to keep to a separate file, strip all metadata from the image, and then copy the color profile metadata you saved out earlier back to the image.


Dumb question: do Twitter, Facebook and Instagram remove location exif data?


They do, but that's not to say that they don't store the exif data for themselves.


They do, but you don't know at which stage and whether or not raw copies are kept. Most platforms will at least filter the egress.


You can also additionally configure your phone not to tag the geolocation on your photos.


Faking the geolocation might be more fun and frustrate any attacker :)


Why don't browsers do this? Firefox should implement this (warn about geolocation and suggest either remove it or fake it).


There isn't a clear "right" answer to what metadata should be stored and displayed. And, increasingly, metadata doesn't even need to be explicit, e.g. with facial recognition.

So, generally, having software make decisions on its own about how to handle some aspect of metadata seems like a poor choice.


If I were to use a website and a browser were to manipulate the data without this being clearly announced, I'd be pissed beyond belief.

Besides, this also introduces a security vulnerability - image metadata parsers are complex and there are regularly bugs found in them.


That argument could be used to prove that Firefox should have no features, and it's rebutting something not stated in the parent comment.


It's on the publishing side, so it seems like photo apps (Google Photos, Apple Photos) and publishing apps (WordPress) would be a better place to manage this?


I think he means warning users that a picture contains this information before uploading it somewhere.


A browser extension could do this. (Maybe one already does?)


I'm guessing most of these sorts of photos are posted directly from a smartphone, though, these days. So fancy unix commands or browser extensions would help protect statistically zero people.

Apple, though, with privacy ostensibly being their thing, would be pretty on-brand to set up an iOS capability for getting to see the original image files, with all apps you don't explicitly authorize instead getting to see degraded-resolution images with the exif data scrubbed.

Android could do it, too, but it seems less likely to happen since all that extra information is valuable marketing and tracking signal.


Surely this should be a camera feature or image editing plugin (which Android already supports today).

The swipe against Android is absurd, since Google could easily slurp that information before letting you edit it (as the do with your browsing activity) to prevent others from accessing that information, if they wanted to (which they don't).


I don’t want that feature in my camera since the geo data is phenomenal for organizing and search. I want the metadata in my copy just not in the copy I upload.


I think it would be great if iOS stripped this out when you shared an image.

Edit: I had a vague memory of this being in iOS 13, so I looked for it and there’s an option to strip location data when you share an image now.


Where is that in settings?


It's not in settings, it's an option that appears when you try to share an image.


exiftool tool also has a GUI for Windows, It's not pretty to look at but works great


On windows you can go into the properties window, and there's an option to clear the metadata of the image.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: