Do You Exif

I want to talk today about EXIF data and just how much of a double sword it can be depending on your use case. With todays modern technology it seems that every picture you take wants to have its geolocation information added to it if its connected to a GPS somehow, and if your camera just happens to be a mobile phone then this might just be happening. Take the following picture I took as an example:

Here is the EXIF data you can pull from it. It shows you a lot of information, from the device make and model that took that picture, the format of the picture, what settings the device was using, if a flash was used, the exact date and time the picture was taken, the filename and size of the picture and the point im trying to get across….. the exact LOCATION the picture was taken. Its all given up and extracted trivially.

ExifTool Version Number         : 11.71
File Name                       : P_20181206_132135_vHDR_On.jpg
Directory                       :
File Size                       : 3095817
File Modification Date/Time     : 2018:12:06 13:21:36+11:00
File Access Date/Time           : 2019:11:02 10:42:40+11:00
File Creation Date/Time         : 2019:11:02 10:42:40+11:00
File Permissions                : 666
File Type                       : JPEG
File Type Extension             : JPG
MIME Type                       : image/jpeg
Exif Byte Order                 : MM
Image Width                     : 3928
Image Height                    : 2208
Compression                     : 6
Resolution Unit                 : 2
Make                            : asus
Camera Model Name               : ASUS_Z01HDA
Software                        : WW_80.30.76.49_20181102
Modify Date                     : 2018:12:06 13:21:35
Orientation                     : 1
Y Cb Cr Positioning             : 1
Warning                         : [minor] Unrecognized MakerNotes
ISO                             : 57
Exposure Program                : 0
F Number                        : 1.7
Exposure Time                   : 0.0003448275862
Sensing Method                  : 2
Sub Sec Time Digitized          : 316484
Sub Sec Time Original           : 316484
Sub Sec Time                    : 316484
Focal Length                    : 3.95
Flash                           : 9
Light Source                    : 0
Metering Mode                   : 2
Scene Capture Type              : 0
Interoperability Index          : R98
Interoperability Version        : 0100
Create Date                     : 2018:12:06 13:21:35
Exposure Compensation           : 0
Exif Image Height               : 2208
Date/Time Original              : 2018:12:06 13:21:35
White Balance                   : 0
Brightness Value                : 0
Exif Image Width                : 3928
Exposure Mode                   : 0
Aperture Value                  : 1.70000000428569
Components Configuration        : 1 2 3 0
Color Space                     : 1
Scene Type                      : 1
Exif Version                    : 0220
Flashpix Version                : 0100
GPS Latitude Ref                : S
GPS Latitude                    : 36.4860193888889
GPS Longitude Ref               : E
GPS Longitude                   : 148.269435166667
GPS Altitude Ref                : 0
GPS Altitude                    : 2086
GPS Processing Method           : ASCII
GPS Date Stamp                  : 2018:12:06
X Resolution                    : 72
Y Resolution                    : 72
Thumbnail Offset                : 13111
Thumbnail Length                : 11231
Image Width                     : 3928
Image Height                    : 2208
Encoding Process                : 0
Bits Per Sample                 : 8
Color Components                : 3
Y Cb Cr Sub Sampling            : 2 2
Aperture                        : 1.7
Image Size                      : 3928 2208
Megapixels                      : 8.673024
Shutter Speed                   : 0.0003448275862
Create Date                     : 2018:12:06 13:21:35.316484
Date/Time Original              : 2018:12:06 13:21:35.316484
Modify Date                     : 2018:12:06 13:21:35.316484
Thumbnail Image                 : (Binary data 11231 bytes, use -b option to extract)
GPS Altitude                    : 2086
GPS Latitude                    : -36.4860193888889
GPS Longitude                   : 148.269435166667
Focal Length                    : 3.95
GPS Position                    : -36.4860193888889 148.269435166667
Light Value                     : 13.8438728532671

Now this picture, I don’t mind sharing where it was taken, as it was literally in the middle of nowhere in the Kosciuszko National Park in NSW back in 2018. But I should be more concerned if that picture was of my family, in my own backyard or say a picture taken inside my house.

In the wrong hands, picture metadata can be used against you. Say for instance a debt collector or jaded lover might be chasing you. You could be freely giving them your movements.

The good news is that large social media sites (Facebook, Instagram and Twitter) remove this metadata from images you post on their platforms (but you can still tag your actual post with a location). However, you are still giving these providers this data when you upload, and in this data driven world they will be finding some way of analysing, collating and monetising it. But what about some random online image hosting service you might be using? can you trust them to do the same? what about your own personal site you run?

You can download exiftool.exe from https://www.sno.phy.queensu.ca/~phil/exiftool/ and using it to check your files is easy. This tool has so many command line switches that it can be overwhelming at first.

The quick and easy way to check with exiftool is to just drag and drop the image file onto the executable in Windows

There are also a wealth of online sites where you can upload a photo to do the same. One such site is https://www.pic2map.com/. It will even plot where the picture was taken on a map. So once again, only use this sort of a service with the trust it deserves.