zlacker

[parent] [thread] 5 comments
1. dabei+(OP)[view] [source] 2020-05-31 15:47:42
Sure. I'm just interested to know what else in EXIF could be identifying.
replies(2): >>JimDab+02 >>therea+b4
2. JimDab+02[view] [source] 2020-05-31 16:04:00
>>dabei+(OP)
Camera serial numbers. If you ever have your camera stolen, you can put the serial number into Stolen Camera Finder. It will show you the images uploaded to the Internet with your camera’s serial number so you can recover it.

https://www.stolencamerafinder.com

replies(1): >>snazz+33
◧◩
3. snazz+33[view] [source] [discussion] 2020-05-31 16:11:40
>>JimDab+02
Is this data included in iPhone photos? I don't think so.
replies(1): >>mceach+L6
4. therea+b4[view] [source] 2020-05-31 16:20:03
>>dabei+(OP)
I guess that is more about hiding the identify of the photographer instead of the people pictured, but since browser fingerprinting works by combining seemingly innocuous data to identify individuals, that suggests that removing everything is probably safest. The camera model, software versions and other explicit labels are one obvious thing. The ISO, focal length, and shutter speed could narrow down what sensor was used and maybe what software, especially if you had multiple images from the same camera. Maybe manual settings changes that the photographer made could show up in the same data. Possibly small amounts of clock drift? If you saw the news story that combined multiple security cameras' footage with phone video around the time of George Floyd's arrest, clock disagreement was something they saw, and the events in the images themselves allowed them to figure out the clock difference (which was huge there, like 20 minutes, but you could still do for a smaller drift.)

Other things are external to the EXIF but could be combined with it. The sequence numbers in the filenames are the most obvious signal. The precise number of megapixels of the image might also tell you what sensor was used -- so maybe an anonymizer should resample the image to a new size.

I guess these seem unlikely to be investigated, but then again nobody initially thought that telling every web server what fonts you have installed on your machine would be used against you, or that the existence of "Do Not Track" would make browsers easier to track. It just depends on how much it's worth to someone to write this stuff once -- then it's free for all future uses.

I just looked at https://en.wikipedia.org/wiki/Exif and there are lots of interesting possibilities.

◧◩◪
5. mceach+L6[view] [source] [discussion] 2020-05-31 16:43:10
>>snazz+33
iPhone metadata includes several fingerprints that can be used to differentiate between different devices, including a serial number, uptime in seconds, and shutter release count (depending on the model of iPhone you have).

(source: me examining as many different iPhone models and instances to build deduping heuristics for PhotoStructure)

replies(1): >>snazz+E8
◧◩◪◨
6. snazz+E8[view] [source] [discussion] 2020-05-31 16:59:43
>>mceach+L6
Interesting! That's more information than I thought. Thanks for informing me!
[go to top]