I only share nostr.build links now.
quoting
naddr1qq…tnw3<MISSIVE /09>
You are Giving Away a Lot of Data with those Pictures
You post pictures on nostr and other social media. You send pictures to friends and sometimes sorta friends. I hate to tell you this but you are giving away a lot more personal data than just what's on the image of the picture.
It all comes down to the metadata. The term Metadata refers to descriptive information about a picture, image, or file. This set of information is so vital as it reveals everything about a picture.
Metadata is key as it explains the privacy and security dangers that you are exposing yourself to everytime you share that file. And not just pictures, but text documents, PDFs and Videos.
What data is in Pictures?
EXIF Data (Exchangeable Image File Format): This is a standard that specifies the formats for sound, images and ancillary tags used by scanners, smartphones and other smart devices.
EXIF contains so much more personal information than you can imagine.
It tells the geolocation of where the picture was taken and it gives the timestamp of when it was taken.
So that creepy guy who follows your accounts knows all your favorite lunch spots because you like to post pictures of your food.
Additionally the metadata contains a description or title of the image. Any tags or keywords associated with the image, author information, and any custom metadata from any image editing software that might have been used including more timestamps, system information, and log of any edits.
So yes your Bumble date knows you are trying to catfish them with that 5 year old picture you doctored up with AI.
Uses in Open Source Intelligence
Open Source Intelligence or OSINT is a fancy term for cyber stalking someone. It is using nothing more than specialized knowledge and freely available information on the internet to find out all kinds of stuff about someone.
Using the GPS metadata and reverse image search of that picture posted online you figure out where that person is from and maybe a first name. Using that to narrow down your search criteria you find their Facebook and Instagram. Now you have their last name, how they spend their time, friends, and maybe where they work. Searching free data brokers you find their address and phone number. Public records tell you how much they paid for their house and Google street view gives you a view of the house from the street.
So other than being a creep, what else is metadata used for?
Analysis of metadata helps to trace the origin and history of digital files. Digital Forensics will know when those files were created, accessed, or modified. Forensics then uses this for additional context about files and other data stored on a computer or network, this information is useful because it provides information that may not be immediately clear from the file itself. Remember your OPSEC rules and be a Nemo when necessary.
There is some good news. (And bad)
Luckily the more popular services out there such as Facebook and Instagram do not display the metadata of the users. You cannot check the metadata of pictures as it does not allow you to download pictures or copy the image link. Although that doesn't mean the companies themselves do not have access to that data.
This is not the case with services like Tumbler and most image hosting or storage services. When pictures are uploaded to cloud services like dropbox or google drive anyone with access to these images can also access the metadata.
Okay I am terrified, how do I remove metadata from pictures?
Thankfully there are several options to take care of this. Most operating systems have methods built in. (see below for instructions for Windows and MacOS). Tails and QubesOS has Metadata Cleaner software preinstalled. There are several online tools that also scrub metadata from pictures. (Shout out to nostr.build)
Windows
Right Click the image file and select properties
Click the details tab
Click Remove Properties and Personal Information
Choose the level of metadata removal desired
MacOS
Open the image in the preview
Go to Tools
Click EXIF tab
Select Remove EXIF file
How to remove EXIF data after capture on phones
Let's be honest that most of your photos are taken and reside on your phone now of days.
On iPhone you have to open the Photos app, select the image, tap on 3 dots and select Adjust Date & Time and Adjust Location. You can also get the adjust setting by clicking the little i at the bottom of the picture.
On android it is much the same way. Open Gallery, select image, tap 3 dots, choose details, then the pencil to remove location and timestamp, save.
On Graphene OS no worries, remove EXIF data after capture is an existing setting in the camera and is enabled by default.
It is a total pain that you have to do this each and every time to every picture. But I hope you now realize how important that metadata can be and why you shouldn't just be sharing it with the world.