$ exiftool -all= foo.jpg
And even better, save image first as .bmp or other format that doesn’t support metadata. Then reload and convert to jpeg, and run the exiftool on this image.
[0] https://www.linux-magazine.com/Online/Blogs/Productivity-Sau...
Perhaps it’s better to remove the section of photo with a person’s face instead? Or draw a shape over their face and flatten the image? It seems to me as long as the pixels are there the identifying data is there for anyone willing to spend the time and effort to find it.
Edit: Apparently it was interpol, not the US government. I can't find the reddit thread but here's a NYT article with the photo: https://thelede.blogs.nytimes.com/2007/10/08/interpol-untwir...
Python: https://gist.github.com/symisc/6ecdea76ba0d33d73ea7f23cade0d...
PHP: https://gist.github.com/symisc/d54808915093e5375fdcb841e4365...
Docs: https://pixlab.io/cmdls
In a situation where police feel justified to kill extra-judicially over a possibly fake 20 dollar bill, what hope do we have that protesters won't be targeted in unfair ways? Or worse, that organizers won't be hunted down like animals and murdered like in Furguson? It would be unethical to not do everything in your power to protect those in this position.
secondly how do you plan to identify violent vs non-violent protesters from a static image? How would you find their identity afterwards? There is overwhelming evidence to suggest these methods are at best ineffective and at worst racist, and in either case will lead to innocent people being charged.
https://www.newscientist.com/article/2109887-police-mass-fac...
Other things are external to the EXIF but could be combined with it. The sequence numbers in the filenames are the most obvious signal. The precise number of megapixels of the image might also tell you what sensor was used -- so maybe an anonymizer should resample the image to a new size.
I guess these seem unlikely to be investigated, but then again nobody initially thought that telling every web server what fonts you have installed on your machine would be used against you, or that the existence of "Do Not Track" would make browsers easier to track. It just depends on how much it's worth to someone to write this stuff once -- then it's free for all future uses.
I just looked at https://en.wikipedia.org/wiki/Exif and there are lots of interesting possibilities.
http://www.ws.binghamton.edu/fridrich/Research/double.pdf
http://www.ws.binghamton.edu/fridrich/Research/EI7254-18.pdf
Reference: https://help.github.com/en/github/working-with-github-pages/...
[1] https://www.linkedin.com/posts/creativetech_tensorflowjs-bod...
The short explanation is blurs are kernels that spread a pixel's value across other pixels, so knowing this, you can treat blurred pixel values as a system of equations to solve.
Twitter often shows geodata for users, but I think that's app-based and not derived from photo uploads.
https://www.theroot.com/ferguson-activists-are-dying-and-it-...
"Crawford was found shot to death Thursday night in his car, just like activist Darren Seals in 2016 and protester DeAndre Joshua the night of the Ferguson verdict in 2014. The latter two had gunshot wounds to the head and their cars were lit on fire. Crawford, it is believed by police, shot himself in the back seat of his car either in an attempted suicide or by accident."
I'd be careful with that assumption. The only thing that really loses information is the discretization back into 0-255 range, and that naturally loses very little information.
If you consider the pixels as a large vector of values, you're effectively multiplying it by a matrix (plus discretization afterwards). If that matrix has (near) full rank, you can restore (close to) all the information.
Consider an grayscale image with two pixels a = 10, b = 20. I apply a blur that transfers 10% of each pixel to the other one. I end up with 11, 19. I'm left with the information 0.9 a + 0.1 b = 11, 0.1 a + 0.9 b = 19. Clearly this system can be solved uniquely. Or equivalently, the blur matrix (and I don't mean the kernel but the full blur operation matrix) is [[ 0.9 0.1 ] [ 0.1 0.9]], which has full rank and is thus invertible.
You'd be surprised at the amount of image detail that can be recovered by filtering when the original distortion function is known. See also https://en.wikipedia.org/wiki/Deconvolution and the lower half of that page's "See also" links section.
[0]: https://twitter.com/realDonaldTrump/status/12671296442282475...
There are also a few that do face detection and blur on the AppStore.
This is the country you live in, if you want ignore that fact its on you.
https://lifehacker.com/how-to-uncover-blurred-information-in...
One method is the Lucy-Richardson deconvolution [1], which is an iterative algorithm, and here [2] is the best practical example I could find right away. Unfortunately the text is not in English, but the illustrations and formulae might be enough to give some intuition of the process.
[1] https://en.wikipedia.org/wiki/Richardson%E2%80%93Lucy_deconv...
Deconvolution was used to fix the Hubble Space Telescope.
https://en.wikipedia.org/wiki/Hubble_Space_Telescope#Flawed_...
Even more impressive, you can see around corners with similar reconstruction techniques
https://graphics.stanford.edu/papers/dual_photography/
https://www.quantamagazine.org/the-new-science-of-seeing-aro...
But remember that facial recognition is far from the only way to identify protesters. Assume that the full power of the DHS is there (drones, Stingrays / IMSI catchers, license plate readers)
“…it is not enough for me to stand before you tonight and condemn riots. It would be morally irresponsible for me to do that without, at the same time, condemning the contingent, intolerable conditions that exist in our society. These conditions are the things that cause individuals to feel that they have no other alternative than to engage in violent rebellions to get attention. And I must say tonight that a riot is the language of the unheard. And what is it America has failed to hear?…It has failed to hear that the promises of freedom and justice have not been met. And it has failed to hear that large segments of white society are more concerned about tranquility and the status quo than about justice and humanity.” (“The Other America,” 1968).
Funny, it sounds just as true of 2020 America as 1968 America. https://www.history.com/news/for-martin-luther-king-jr-nonvi...
He would understand. He would probably be out there. He might try to be a calming influence—or he might act as a street medic. He might have turned as militant as Malcolm X over the last fifty years since his assassination. His tone was changing even from his 1966 Mike Wallace interview where he said:
“I contend that the cry of "black power" is, at bottom, a reaction to the reluctance of white power to make the kind of changes necessary to make justice a reality for the Negro. I think that we've got to see that a riot is the language of the unheard.”
https://www.cbsnews.com/news/mlk-a-riot-is-the-language-of-t...
Dr King was heavily involved in protests. He did everything he could to keep his protests non-violent, but he faced extreme violence from the ~slave patrols~ white racist cops of the time. His son is on Twitter…and is being MLKsplained to by white people who consistently misunderstand what MLK said and meant.
https://twitter.com/OfficialMLK3/status/1266040838628560898 (follow the thread)
MLK’s position initially was very much the same as Michele Obama’s “When they go low, we go high”. But he never said that people should just _give in_ to the violence of the state, and so it’s pretty clear that he would not have completely condemned the protests or even the riots.
(In other words, there’s multiple MLKs, and most people—especially white people—remember the sanitized “I have a Dream” MLK that is taught to us as history. That MLK is _not_ the MLK that existed at the time of his assassination.)
https://en.wikipedia.org/wiki/Crime_in_Baltimore#Crime_stati...
A little further down:
"Homicides in Baltimore are heavily concentrated within a small number of high-poverty neighborhoods."
So, my prima facie impression from these data points is the stand down has not benefitted the poor.
In either case, you're massively misrepresenting the "stand down" order, which was not a policy of indefinite disengagement, but rather a specific instruction given in the scope of the 2015 protests in an attempt to avoid further escalation. Whether or not the order was successful in that sense is a matter for separate discussion, but to claim it's a permanent thing, the way you are doing, is simply false to fact - which is probably why you still haven't sourced that claim.
While we're on the topic of BPD actions during the 2015 protests, have you heard about the cop who used the opportunity to loot drugs from a pharmacy and later sell them on to street dealers? [1] I suspect not; for all your apparent interest in the doings of the Baltimore PD, you seem surprisingly ill informed. That's far from all the Gun Trace Task Force got up to, either [2], nor were they alone in their corruption. These are things you need to know about, if you want to talk about policing in my town and expect to be worth taking seriously. But here you are, needing to be told about them. I wonder why that is.
[2] https://www.vox.com/platform/amp/policy-and-politics/2018/2/...
https://www.usatoday.com/story/news/nation/2018/07/12/baltim...
“These guys aren’t stupid. They realize that if they do something wrong, they’re going to get their head bit off. There’s no feeling that anybody’s behind them anymore, and they’re not going to do it,” he says. “Nobody wants to put their head in the pizza oven when the pizza oven is on.”
[1] https://twitter.com/Lattie9001/status/1027204063811850240
The article also, despite a clear editorial slant, can't quite avoid hinting at the kind of solution that actually does need to happen: not for police officers to simply abrogate the responsibility they accepted with their oaths when the public makes clear their conduct has been unacceptable, but for police officers to improve their conduct, and discharge the responsibility they took on, to actually protect and serve.
I grant that that lies outside the false dichotomy you choose to draw, between police doing nothing and police continuing in the massive abuse of power status quo ante. But, after all, it is a false dichotomy. You can do better.
I hope you can do better, anyway. For one thing, you promoted the deputy police commissioner, which I'm sure he appreciates, and spun the world clear around on its axis so he got mugged in the daytime, when he didn't, instead of at night, when he did. (cf. https://www.cnn.com/2019/07/20/us/baltimore-deputy-police-co...)
These are very strange errors of fact to go on making with, it seems like, every single claim you've introduced so far. Wherever you're getting your information from, you might consider finding sources that do a better job of sticking to facts, because whatever you've been using up to now seems not much good at anything beyond leading you into error.
Actually, a lot more whites are killed by cops than blacks. And before you say that's because there are more white people than black people, blacks represent only 13% of the population but commit 52% of the crime. So, you are less likely to get killed committing a crime as a black person than as a white person.
https://www.statista.com/statistics/585152/people-shot-to-de... https://www.channel4.com/news/factcheck/factcheck-black-amer...
A better example is Protonmail, a secure email service. It has a nice web client and there is an 3rd party desktop/electron version of the same size called Electronmail. While both essentially run identical code, the electron version is more secure because even Protonmail insert a backdoor for a single or # of users. They would have to at least publish the backdoor in the vanilla code at which point, the maintainers of Electronmail will probably raise the alarm.
[1] https://developer.mozilla.org/en-US/docs/Web/Security/Subres...
Yes, deliberately preventing anyone from providing care or defense for a person who's being murdered makes you an accomplice to the murder.
>If your city charged these cops justly then nobody would be burning it down
Doubtful. Here's a video of East 4th street in downtown Cleveland being destroyed by pillagers last night: https://www.news5cleveland.com/news/local-news/cleveland-met...
There's over a thousand service industry workers who've already been out of work for months due to the pandemic that the businesses on this street support. Many of them have struggled to get enough financing to even reopen, some have had to permanently close. Many (possibly most) of these businesses are destroyed and can not afford to rebuild. Who should the city of Cleveland have charged justly to prevent this? How many more innocent and unrelated people's livelihoods need to be burned down and how many more times (this has happened before, more than once)? There seem to be a lot of accomplices in the video.
See also https://haveibeenpwned.com/Passwords.
https://chiselapp.com/user/rkeene/repository/bash-drop-netwo...
Free online metadata viewer http://exif.regex.info
Powered by FOSS (Perl-based) https://exiftool.org
Are we in agreement that this was documented as happening, and the other cops present were accomplices in the murder of George Floyd? If so, why do you think they aren't being charged?
>Who should the city of Cleveland have charged justly to prevent this?
I assumed GP meant Minneapolis, which I feel is reasonable given the context. But okay, random US city accepted. Let's see if your city has a history of letting cops get away with killing innocent black people... oh yeah, one of your cops killed a 12 year old kid who was playing airsoft in the park and was subsequently hired by another police department in the same state without facing any charges.[0] So maybe charging Tim Loehmann would have helped make your city less sensitive to this pattern being repeated elsewhere in the country.
I don't think violence against businesses is helpful, but I do think violence against the government is helpful; it seemed to get a cop charged. They need to stop this pattern of violence ASAP, and they need to face time for crimes committed.
[1] https://twitter.com/imactuallynina/status/126691262719377408...
[2] https://www.businessinsider.com/nypd-officer-shoves-woman-ge...
[3] https://www.nytimes.com/2020/05/30/us/minneapolis-protests-p...
this bug (closed as Expected Behavior) has a demonstration: https://gitlab.gnome.org/GNOME/gimp/-/issues/4487
https://www.troyhunt.com/ive-just-launched-pwned-passwords-v...
Even images without chain of evidence reliability might get you on "a list"...
Do you reckon cops invited to "run wild" with clearview ai _AREN'T_ gonna be running protester photos through it to see who to "profile"?
https://www.buzzfeednews.com/article/ryanmac/clearview-ai-co...
It sends a GET request for "https://api.pwnedpasswords.com/range/89F5D"
and gets back 548 rows of the form:
001F74CD3E241B7820C996DA4FB3BDF9FE7:2
...
54C7FB299EC06A0B979C5DE14F1AE61F653:40
...
FFE6FF5698CEC527CD18269D1B7697C8743:1
Note that middle example row with ":40" at the end? Prepend "89F5D" from that GET request the javascript generated to that row's contents "54C7FB299EC06A0B979C5DE14F1AE61F653"
Now compare that to what you get when you run this (This is a macOS specific invocation of the command, but something very similar should work pretty much anywhere):
$ echo -n "silverfish3" | openssl sha1
(stdin)= 89f5d54c7fb299ec06a0b979c5de14f1ae61f653
You might (perhaps rightly) not trust Troy's site to not switch out the javascript underneath you, but you _can_ trust the API, and could always run:
curl https://api.pwnedpasswords.com/range/89f5d
Or, if you're testing that "dichotomy7" password:
echo -n "dichotomy7" | openssl sha1
(to get (stdin)= 772be5bd14dc626ec7fa952b51ae28c482e92d39)
then:
curl -s https://api.pwnedpasswords.com/range/772be | grep -i '5bd14dc626ec7fa952b51ae28c482e92d39'
will show you your result of that dichotomy7 password having been seen 5 times.
You've only revealed the first 5 characters of the 40 character sha hash to the server. That might have been one of the ~500 passwords with that same hash, or any of the rest of the 150 bit space of other strings that hash to that prefix that are not part of their database.
I would be perfectly happy running echo -n "{{a real valuable password of mine}}" | openssl sha1 locally and then feeding the first 5 characters of that into "random apis on the internet".
https://0xacab.org/jvoisin/mat2/ https://0xacab.org/jvoisin/mat2-web/
> “Like snowflakes, no two smartphones are the same. Each device, regardless of the manufacturer or make, can be identified through a pattern of microscopic imaging flaws that are present in every picture they take,” says Kui Ren, lead author of a new study describing the smartphone-identifying technology. “It’s kind of like matching bullets to a gun, only we’re matching photos to a smartphone camera.”
https://www.futurity.org/smartphones-cameras-prnu-1634712-2/
I have only ever observed PPM comments right at the start of the file, so you could open it in a text editor and remove the comments from the start. Maybe check the very end of the file as well.
Binary PPM does not support comments, so that would be a better solution. PPM documentation here, you want possibly P3 or more likely P6 https://en.wikipedia.org/wiki/Netpbm#File_formats
This particular site is with respect to Canada, but I'm pretty sure the same basic idea applies everywhere:
"When publishing photos for commercial purposes: You need the permission of every identifiable model in the photo, even if the photo was taken in a public space. For example, if a photo has 10 identifiable models in the photo, you would require a model release for each of them."
https://www.lawdepot.ca/law-library/faq/model-and-entertainm...
it doesn't matter though. as I've explained, it's far easier to come up with flawed schemes than prove them insecure. just because I can't explain why your specific scheme is insecure doesn't mean it stands a chance against real cryptographers.
Maybe check real sites instead of your usual racist ones? Google is a good start. Here's the first link! https://www.sentencingproject.org/publications/un-report-on-...