Malwarebytes Revisits Geolocation Metadata In Our Toys
Posted by: Tim Tibbetts on 07/01/2013 12:02 PM
[
Comments
]
Metadata is data about data, imbedded in that data.
Confused yet? Files can have information about themselves, contained within them. It can be simple information, such as genre or artist in the case of an mp3 music file. It can also have more complex information, like camera model, aperture of the lens, and GPS data in relation to a picture.
Metadata has been in the news recently, with the revelation that the National Security Agency (NSA) collects a lot of metadata about American citizens and foreigners.
Many people do not know that this hidden data exists and that this is where it can be an issue. If you take a picture with a device, then post it to a social network, you could be unwittingly advertising your exact location.
This happened not too long ago, when a reporter who was interviewing John McAfee posted a picture that contained geotagging metadata. This effectively pinpointed exactly where they were when the interview took place. There are arguments concerning whether this was done intentionally or not, but it certainly demonstrates how powerful this metadata can be.
Projects such as icanstalku.com showed that GPS coordinates could be harvested from pictures posted to online services. This helped raise awareness on the potential risks associated with unwittingly sharing more information than intended. Many manufacturers have modified their default settings since then. Some have disabled geotagging by default, while others have implemented a more granular approach, in which individual applications request permission when required.
It is always a good thing to revisit problems, to see if things have changed. And so, I set about collecting any Internet-enabled device I could that had a camera attached to it and verifying the geotagging settings in each of them.
Complete details and photos on different devices is available at http://blog.malwarebytes.org/whats-in-the-news/2013/06/revisiting-geolocation-metadata-in-our-toys/
Confused yet? Files can have information about themselves, contained within them. It can be simple information, such as genre or artist in the case of an mp3 music file. It can also have more complex information, like camera model, aperture of the lens, and GPS data in relation to a picture.
Metadata has been in the news recently, with the revelation that the National Security Agency (NSA) collects a lot of metadata about American citizens and foreigners.
Many people do not know that this hidden data exists and that this is where it can be an issue. If you take a picture with a device, then post it to a social network, you could be unwittingly advertising your exact location.
This happened not too long ago, when a reporter who was interviewing John McAfee posted a picture that contained geotagging metadata. This effectively pinpointed exactly where they were when the interview took place. There are arguments concerning whether this was done intentionally or not, but it certainly demonstrates how powerful this metadata can be.
Projects such as icanstalku.com showed that GPS coordinates could be harvested from pictures posted to online services. This helped raise awareness on the potential risks associated with unwittingly sharing more information than intended. Many manufacturers have modified their default settings since then. Some have disabled geotagging by default, while others have implemented a more granular approach, in which individual applications request permission when required.
It is always a good thing to revisit problems, to see if things have changed. And so, I set about collecting any Internet-enabled device I could that had a camera attached to it and verifying the geotagging settings in each of them.
Complete details and photos on different devices is available at http://blog.malwarebytes.org/whats-in-the-news/2013/06/revisiting-geolocation-metadata-in-our-toys/
Comments
