What's new
  • Please note members who been with us for more than 10 years have been upgraded to "Veteran" status and will receive exclusive benefits. If you wish to find out more about this or support IcMag and get same benefits, check this thread here.
  • Important notice: ICMag's T.O.U. has been updated. Please review it here. For your convenience, it is also available in the main forum menu, under 'Quick Links"!

metadata 101: read me before uploading photos

avant gardener

Member
Veteran
there are some things you should be aware of about digital photographs.

JPEGs and other image files contain metadata called EXIF. that is, hidden information attached to the picture you see. this can include anything from the date and time the photo was taken to the color balance of the image to whether or not a flash was used. most of this stuff is pretty innocuous, but there are a couple pieces of metadata that you definitely don't want floating around on the nets. most obvious is the geotag which gives the coordinates where the picture was taken, accurate to a couple dozen feet. more subtle is the serial number of your device. this can link photos to a cell phone account which makes it easy to identify the photographer.

If you entered personal info into your camera, like your name, that too will be automatically transmitted in the EXIF data when a photo gets uploaded.

the good news is that it's really easy to protect your sensitive information. for new images, this is as simple as disabling the location feature on your phone or GPS enabled camera. better yet, tell the camera not to record any EXIF data, or don't post anything from a GPS enabled device.

for older images (and to be perfectly thorough with new ones), you'll need an application to view and edit your EXIF file, which is where most of your metadata lives. there are plenty of freeware options:

Mac OsX:if you already happen to be using aperture, you can just go to the metadata menu and open the GPS pane. otherwise, there's an app called smallimage that works really well. find it here: http://smallimage.en.softonic.com/mac

Linux:
you're going to need to know your way around a command line to do this one as there's no GUI that i know about. but then again, if you're already running redhat and you still need me to tell you this, i don't know even know what to say.
exiftool is the standard:
http://www.sno.phy.queensu.ca/~phil/exiftool/

jhead is popular too:
http://www.sentex.net/~mwandel/jhead/usage.html

Windows 7:
i haven't used a microsoft operating system since '98, but some friends suggested this program: http://www.photome.de/
Another free graphics program with lots of great features is Photoscape. It will allow you to resize/edit batches of photos at once, saving tons of time.

Whatever your platform, if you've got photoshop, clicking "save for web" will remove your location from an image.

It's just good security culture to police your own information. While ICM does strip information from posted photos, it does so ONLY if they get resized by the server. That's why it's up to you to ensure your images are clear of sensitive data before you upload them anywhere. Many other sites will post your photos exactly as you upload them, with EXIF info intact.
 
Last edited by a moderator:

Skip

Active member
Veteran
The real problem comes with the convenience of cellphone cameras, able to take a pic and upload with just a few clicks. This is where ppl can have problems with EXIF data. So just tell your camera NOT TO RECORD EXIF and Geolocation DATA, and you'll have no problems.
 

BadRabbit

Active member
In Windows 7, If you select a photo using your 'explorer' window, right click on a photo and select "properties" from the drop menu, then on the properties dialogue box, select the "details" tab. On that page, a selection is provided for "remove properties and personal information". The brings up the "remove properties" dialogue box, on which you can select "create a copy with all possible properties removed" (and the advisory that "some of these properties might contain personal information").

Select "OK" and the system makes a copy of the file (adds the word "copy" to the file name and saves as a new file.) with all properties removed.

I'm assuming that's a clean version that can be safely posted ..... if anyone can assert differently, please do so.

rabbit
 

Skip

Active member
Veteran
In Windows 7, If you select a photo using your 'explorer' window, right click on a photo and select "properties" from the drop menu, then on the properties dialogue box, select the "details" tab. On that page, a selection is provided for "remove properties and personal information". The brings up the "remove properties" dialogue box, on which you can select "create a copy with all possible properties removed" (and the advisory that "some of these properties might contain personal information").

Select "OK" and the system makes a copy of the file (adds the word "copy" to the file name and saves as a new file.) with all properties removed.

I'm assuming that's a clean version that can be safely posted ..... if anyone can assert differently, please do so.
Yes, that's correct. However you're assuming ppl have actually uploaded their images to their computer first... Many don't anymore. It's so easy to post an image from a cellphone. However, once it's on the computer you can do a lot of things including editing, cropping, color correction, adding a copyright notice, etc.

You can even batch process all the photos you want to upload at once so they all are at the right size, with EXIF info removed... Then uploads go very fast on icmag. Try uploading large unedited images and you will wait and wait... It's your choice and those large image uploads slow down the server for everyone. So if you're doing it, I'll direct all complaints about icmag being slow to you... ;)

Once upon a time when cameras only took 1 or 2 megapixel images, this wasn't an issue. Now most cameras can do 8-16 megapixels, so those images are HUGE, and uploading them requires a lot of bandwidth, then resizing them requires a lot of server processing time. So don't just think about yourself and how convenient it is, think about how you affect others by being an inconsiderate bandwidth hog. ;)

When icmag started, Gypsy clearly intended to make it easy for everyone to upload their images here. However that was eight years ago and in that time things have changed. Camera technology has progressed with higher resolutions and bigger files. Yet here we are, on the same server we had back then (we did add a database server, but that doesn't resize images). We are due for a server upgrade in a few months, and perhaps then we can loosen some of the restrictions I've had to put in place. If everyone edited their images to <150k before uploading we could easily go back to 10 images per upload, but that is not the case for now...

Some simple math...
Upload 10 images @ 4MB each = 40MB upload
Upload 10 images @ 150K each = 1.5MB upload

Can you see the difference in how long it would take to upload? 30 times longer for the big images.

Then add the time for the server to resize 10 4MB images (time varies).
Say it takes 5 seconds per image, that would be 50 seconds of server time just for your images, slowing down the ICMag experience for everyone.

And there could be others uploading at the same time, taxing the server even more, taking more even more time.

Then realize that with 10 150K images, no resizing is necessary at all... Fast upload (probably a few seconds) and no slowdown of server to resize your images.

What I could do is raise the upload limit for those who promise to edit down their images below 150K before uploading... But there is no way to check for compliance.
 
Last edited:

avant gardener

Member
Veteran
here's a tool i forgot to add:
http://pixelgarde.com/
pixelgarde is a fully functional metadata editor app for iOS and android.
you can delete (or spoof) your exif right from your phone.

free version tags your photos with a big colored "X."
paid version is $2 and doesn't brand your images.
 

smokefrogg

Active member
Veteran
exiftool is around for mac osx also, it is a commandline tool so you will need to be familiar with that, i find it is quick and handy for batch processing a folder full of images
 

avant gardener

Member
Veteran
here's stories about 2 guys who DEFINITELY should have known better but still compromised themselves by leaving their geotags hanging out.

adam savage, the mythbusters guy:
https://www.nytimes.com/2010/08/12/...l=1&adxnnlx=1334919621-5ElagCuH950FJLQhvK/84w
which is pretty bad, but this next one takes the cake.


and (ohhhh say it ain't so) some alleged world class hacker type:
http://www.dailymail.co.uk/news/art...-girlfriend-posts-picture-breasts-online.html

this guy was good enough to break into law enforcement computers to dox undercover pigs, but he couldn't remember not to post his damn address for the whole world to see. go figure.



 
D

detoneSmoker

avant gardener;5073528 and (ohhhh say it ain't so) some alleged world class hacker type: [URL said:
http://www.dailymail.co.uk/news/article-2129257/Higinio-O-Ochoa-III-FBI-led-Anonymous-hacker-girlfriend-posts-picture-breasts-online.html[/url]

this guy was good enough to break into law enforcement computers to dox undercover pigs, but he couldn't remember not to post his damn address for the whole world to see. go figure.

Love how he was trying to be cool and saying pwned by...I hate faggots like this jerk off. I hope he gets but fucked so hard hell never again try being alittle bitch and hacking ppl.

So if i take a pic on my phone but upload it direct connect, does it still run the same gps location risks? I immediately erase my pics after upload.
 

Anti

Sorcerer's Apprentice
Veteran
Love how he was trying to be cool and saying pwned by...I hate faggots like this jerk off. I hope he gets but fucked so hard hell never again try being alittle bitch and hacking ppl.

So if i take a pic on my phone but upload it direct connect, does it still run the same gps location risks? I immediately erase my pics after upload.

The geotag is a part of the EXIF data.

So if your phone geotags the image (or stores anything else in exif data, like if you put your name/location into your phone) then it will still be on the image even once you transfer it to your computer.
 

Anti

Sorcerer's Apprentice
Veteran
If you have photoshop, you can use "save for web" to strip EXIF data off your images. (The official reason is because this will make your file size smaller, which is typically a good thing for bandwidth, upload speed, page loads, etc.)

What you do is go to the "file" menu and click "save for web or devices."

Alternately, on a PC you can click (alt+f) and then release and press 'd'.

When you do that, you'll see something like this:

picture.php


Look for the part about "metadata" and make sure it is set to "none":

picture.php


I run EVERY picture I take through photoshop, crop it down to 800x600 at 72 dpi and then "save for web".

Once you've done it a few times, you can do the whole process of loading the image, quick color correction, cropping and saving in under a minute.

(I just made these images while typing this post.)
 
D

detoneSmoker

The geotag is a part of the EXIF data.

So if your phone geotags the image (or stores anything else in exif data, like if you put your name/location into your phone) then it will still be on the image even once you transfer it to your computer.

But if I have my gps location option on my droid off, am i ok? and is there a way to check my current pics to see the attached info? thanks
 

Anti

Sorcerer's Apprentice
Veteran
But if I have my gps location option on my droid off, am i ok? and is there a way to check my current pics to see the attached info? thanks

Here's a website you can upload a picture to and it will tell you what the exif data is...


http://www.exifviewer.org/


(Please be smart enough to upload an INNOCENT picture for the test. Like a picture of your cat or something. Not a picture of your op.)
 

Pumpkin

Active member
Veteran
Can't the uploader just strip this header information?

Save the trouble of people worrying about this? I can't imagine it would be a big code change.

Just keep this
File size : 1244057 Bytes
MIME type : image/jpeg
Image size : 2048 x 1536

And strip the rest.
 

avant gardener

Member
Veteran
Can't the uploader just strip this header information?

Save the trouble of people worrying about this? I can't imagine it would be a big code change.

Just keep this
File size : 1244057 Bytes
MIME type : image/jpeg
Image size : 2048 x 1536

And strip the rest.

hoping that a 3rd party removes your info for you is grossly irresponsible—especially in a situation that could easily result in cops or other bad guys knocking down your door. ICM does a pretty good job of stripping personal info from images, but with the stakes as high as they are, why wouldn't you take the extra 30 seconds to cover your ass?

or don't. that way i don't need to outrun the bear.
i just need to outrun YOU.\\

But if I have my gps location option on my droid off, am i ok? and is there a way to check my current pics to see the attached info? thanks

even if your location is turned off, there's still information that can link a photo to you. for instance, the unique serial number of your device. do yourself a favor and only ever upload anything with a BLANK exif.
 

captain planet

Active member
Veteran
Is there an app for photoshop or similar that I can use? I need to start my pic game and I am def not exif savvy . I will do some googling but wonder if anyone uses their phone for pic, an app to remove resize, and upload from phone/app idk
 

bobman

Member
Well it looks like if u just do a screen capture on ur android that is strips the data. Only gives image size, file type, and picture size. I assume thats good enough anybody want to confirm it would be much appreciated. Thanks
 

Marco61

Member
Just so you know, many of the programs that claim to remove metadata leave enough information behind for forensic software to reconstruct the metadata. FBI and some private investigative companies are quite open about this ability.

As far as the local police go, they probably won't be able to do it, but start posting images of a huge commercial grow and you can bet someone is going to try to reclaim the camera's fingerprints. Best practice is to use a digital camera that is used for nothing but pictures of the grow and isn't connected to your identity. Considering how cheap cameras are today it shouldn't be a problem getting a decent one for sharing mj pictures.
 
Top