One picture can tell more than you think

BoatOne of my big passions is photography. I’m quite old-school as I mostly use a big DSLR, post-process my shots on the PC and upload some keepers to Flickr. But I’m also using my mobile phone camera more and more. Nothing beats the convenience of snapping a shot and being able to upload in one sweep. Some people, like me, just have a mental barrier to overcome, the technical perfectionism. A shot can be fun and interesting even if you haven’t spent hours tweaking it. I’m working on that…

Sharing photos on the net is fun, but did you know how much a single picture can tell? I’m not talking about the traditional “more than 1000 words” here. I’m talking about metadata. This is invisible data that describes the content and is embedded in the picture file. This is some of the data that a photo can contain:

  • Date and time when the picture is taken
  • Photographic parameters like lens, aperture and exposure time
  • Geographical position from a GPS-device
  • Information about the device that took the picture, brand, model, serial number, etc.
  • Name and contact information of the device’s owner
  • Information about the photo’s copyright owner and rights to use the photo
  • A lot of other info that professionals and serious amateurs can use to manage large photo collections.

All this data does really provide a lot of added value. You can automatically have shots sorted by capture time, you can plot photo locations on maps, find all shots taken with a certain camera or lens, and so on. The possibilities are almost endless. But metadata is like all other great things, it can be used and misused. The downside is naturally privacy.

I did a quick test with my Nokia Lumia, which is a Windows Phone -device. It turned out that its camera embeds the date and time, photographic parameters and the GPS-location automatically. But data about the owner is not included. This data is also kept when using all share-options that I currently have available; mail, Flickr, Facebook, SkyDrive and DropBox. There’s no setting anywhere that would control this behavior. In theory, I could reveal my exact location every time I upload a photo.

But this is not the full story. The service that you upload to can also decide how to process metadata. Facebook strips it altogether. This design was probably implemented to save storage space, but has a positive side-effect on privacy. Photographers who are interested in the photo parameters are however not happy. Flickr uses a different strategy. Metadata is extracted and used in the interface. You can decide if you want it to be showed or not. Users can also download smaller picture files without metadata, or the original with all data intact, if you choose to allow it. It’s quite natural that Flickr is more advanced as it is a site focusing on photo sharing.

So what should I do about this?

  • What data you share depend on many factors, so you really have to find out yourself. Go to the site where your pictures are shared. Download a picture of yours and examine its metadata. This can be done by opening the file’s properties or with some special tool. Photo editing software usually let you examine and manipulate the metadata. Opanda IExif is a free tool for Windows. Think about what data you can see and if you think it is a privacy problem.
  • If you share photos from your mobile device, there may not be much you can do to manage metadata. Look for settings controlling metadata in the camera program and all apps used when sharing. You may also look for alternative apps with better controls. If nothing else helps, you may have to accept the situation, restrict your sharing or disable the GPS if position info is your concern.
  • Old-school folks who share through a computer have much more options. Most workflow programs have options that control what metadata you embed in the final files. There’s also many tools available that can strip metadata from files before you upload. I already mentioned one above.

To summarize. You do not necessary have a privacy problem with metadata in photos you share. It depends on many factors. The device you take photos with, the software you use to process and transmit the shots and finally the site where they are published. And naturally your own privacy expectation, what data are you ready to share? But the most important point is to be on top of this yourself. Don’t leave it to chance. Check what you share and make up your mind if it’s OK or not.

An exercise for you. Download the photo file in this post and check what kind of metadata you can find in it. It’s taken straight from my workflow program on the PC, no data removed.

Safe surfing,
Micke

PS. Also keep this in mind if you feel tempted to cheat about when and where a shot is taken. You are unlikely to get away with it if you have photo-savvy friends.

Photo by Micke-fi @ Flickr

More posts from this topic

groupmeeting

Why You May Want to Disable Location Services for Facebook

When news broke that Facebook was at least temporarily using users physical location to suggest real world connections, a strategy that has been employed by the NSA, the backlash was sharp.  It wasn't difficult to imagine scenarios when identities could be inadvertently and uncomfortably revealed through group therapy, 12-step meetings or secretive political movements. The world's most popular social network quickly said it would not continue what it called a small-scale test nor roll the feature on a wider scale in the future. But Facebook is still using your location data for other purposes, Fusion's Kashmir Hill reports: We do know that Facebook is using smartphone location for other things, such as tracking which stores you go to and geotargeting you with ads, but the social network now says it’s not using smartphone location to identify people you’ve been physically proximate to. Hill notes that using location to match users up, thus acting as a tool to reveal the identity of nearby strangers, might violate Facebook's agreement with the Federal Trade Commission . So you should expect that your location -- like everything you do on Facebook -- is being used to turn you into a better product for its advertisers. That's the cost of using a "free" site but you can limit your exposure a bit by turning off location services for Facebook on your phone. Here's very simple instructions for turning off location services on your Facebook and Facebook Messenger apps on your Android of iOS device. Do you mind if Facebook uses your location to suggest new friends? Let us know in the comments. [Image by Lwp Kommunikáció | Flickr]

June 30, 2016
Juhannus

How To Prepare Yourself and Your Phone For Juhannus

In Finland, there is this thing called juhannus. A few years ago, our former colleague Hetta described it like this: Well, Midsummer – or juhannus – as it is called in Finnish, is one of the most important public holidays in our calendar. It is celebrated, as you probably guessed, close to the dates of the Summer Solstice, when day is at its longest in the northern hemisphere. Finland being so far up north, the sun doesn’t set on juhannus at all. Considering that in the winter we get the never ending night, it’s no surprise we celebrate the sun not setting. So what do Finns do to celebrate juhannus? I already told you we flock to our summer cottages, but what then? We decorate the cottage with birch branches to celebrate the summer, we stock up on new potatoes which are just now in season and strawberries as well. We fire up the barbecue and eat grilled sausages to our hearts content. We burn bonfires that rival with the unsetting sun. And we get drunk. If that isn't vivid enough, this video may help: [protected-iframe id="f18649f0b62adf8eb1ec638fa5066050-10874323-9129869" info="https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com%2Fsuomifinland100%2Fvideos%2F1278272918868972%2F&show_text=0&width=560" width="560" height="315" frameborder="0" style="border: none; overflow: hidden;" scrolling="no"] And because the celebration is just so... celebratory, it's easy to lose your phone. So here are a few ways to prepare yourself for a party that lasts all night. 1. Don't use 5683 as your passcode. That spells love and it's also one of the first passcodes anyone trying to crack into your phone will try. So use something much more creative -- and use a 6-digit code if you can on your iPhone. You can also encrypt your Android. 2. Write down your IMEI number. If you lose your phone, you're going to need this so make sure you have it written down somewhere safe. 3. Back your content up. This makes your life a lot easier if your party goes too well and it's pretty simple on any iOS device. Just make sure you're using a strong, unique password for your iCloud account. Unfortunately on an Android phone, you'll have to use a third-party app. 4. Maybe just leave it home. Enjoy being with your friends and assume that they'll get the pictures you need to refresh your memory. And while you're out you can give your phone a quick internal "clean" with our free Boost app. [Image by Janne Hellsten | Flickr]

June 22, 2016
Porn blog post image

4 People who can see what Porn you Watch, and 4 Tips to Stop it

In the grand scheme of things, there certainly are more important facets to online privacy than keeping one’s porn habits private (government overreach, identity theft, credit card fraud to name a few). However, adult browsing histories are one of the secrets in their online lives people want to protect the most, so it might be disconcerting to know that porn browsing is not as private as one might think. A large majority of web users are lulled into a false sense of security by incognito mode or private browsing, but this is only one of the steps needed toward becoming private online. Here are a few people who have access to this info, along  with a few easy tips that can be taken to prevent this from happening. 1. Anyone on the same hotspot No one is suggesting you should watch porn at your local coffee shop (in fact, please don’t). However, what people surf in places like the privacy of their hotel room should probably stay there. With that in mind, the following statement might be more than a little disconcerting: What you do on Wi-Fi can be usually be seen by pretty much anyone connected to that hotspot. It doesn't require great hacking skills to see what other people connected to the same network are doing. Only traffic on encrypted websites starting with https is always secure, and almost no adult sites fall under this category. 2. Foreign web service providers When traveling, it's easy to forget that what might be culturally acceptable in one country can land you in hot water with the authorities in another. Whether on public Wi-Fi or roaming on the network of a foreign internet service provider, they may be bound by law to report anyone surfing adult material. The personal freedom we enjoy to surf anything we want online is so second nature to many of us by now, we easily forget the same isn't true for others. 3. Analytics and advertisers (often one and the same) It might not bee too surprising to hear that most companies aren't exactly jumping at the chance to be associated with adult websites. For this reason, networks that serve ads to adult websites don't serve ads to "normal" websites, making porn sites mostly self-contained when it comes to using your private information for advertising purposes. Unfortunately, your adult browsing can still be connected to you. Many adult websites implement analytic services, as well as "like" and "share" buttons, that feed into major advertisers such as Google and Facebook. 4. Your employer (in the U.S. and many other countries) Now, we are DEFINITELY not suggesting you watch naughty stuff at work. I mean, they call it NSFW for a reason. However, that doesn’t change the fact that in some countries, companies have an uncomfortable amount of rights to spy on their workers. It’s natural that employers don’t want their workers doing anything illegal, but you still have a right to privacy, even on a work network. What are your options? So what can you do to prevent privacy intrusions? The first and most obvious choice is to not supply any personal information to adult websites. A lot of porn sites require registration in order to comment on videos (if that's your thing) or to view content in higher quality. Keeping a separate email address for adult websites is therefore highly recommended. The other obvious choice is to always have private browsing on, as this prevents cookie-based tracking and embarrassing browsing histories from being saved on your computer. A slightly more technical but still very easy tip is to disable JavaScript from your browser settings while surfing adult websites. A lot of websites don't function without JavaScript, but all the adult websites we tried for research purposes work just fine. JavaScript makes it much easier  to do something called device fingerprinting. This frustratingly intrusive method of snooping involves the use of scripts to identify your computer based on variables such as your screen size, operating system and number of installed fonts. It might not seem like it, but there are enough variables to make most devices in the world completely unique. But the simplest and most efficient method of controlling your privacy is to use a VPN. A VPN (virtual private network) encrypts all your traffic, meaning no one is able to intercept it and see what sites you visit or what you download. It also hides your real IP address, the unique number which can easily be used to identify you online. A top-tier VPN like Freedome also contains extra features like anti-tracking to stop advertising networks from identifying you, and malware protection to automatically block webpages that contain malicious code. The app is easy to use, and available on most platforms. Online privacy is not a difficult or expensive  goal to achieve, and by following these few steps you will be able to surf what you want without worry.

June 13, 2016
BY