Views: 8,825,157 Home | Forums | Uploader | Wiki | Object databases | IRC
Rules/FAQ | Memberlist | Calendar | Stats | Online users | Last posts | Search
10-21-18 03:56 PM

0 users reading Uploader update. Beware of EXIF metadata. | 1 bot

Main - Announcements - Uploader update. Beware of EXIF metadata. New reply

Pages: 1 2
Posted on 03-09-17 04:50 PM Link | #81887
So a while ago, SmithJrBlaquaLuigi tried to bargain for an unban. As you guess, he went nowhere, but his attempt is still worth mentioning.

The gist of it was "I know your address, if you don't unban me I will tell you and you will be shocked to death". In itself, it was pretty ridiculous, as pretty much anything he says, but he actually had something. The attack was incredibly clever given his intelligence (or lack thereof).

He took one of my pictures, grabbed the EXIF metadata, and from there, got a guessed address that he thought was mine. The address was relatively close, but not even in the same street. My phone is always in imprecise power-saving GPS mode, so the coordinates aren't precise enough to find the address.

Regardless, this is a very important point, especially within today's increasing culture of making everything public and transmitting all sorts of data behind users' backs.

When you take a picture with your phone, a bunch of data are embedded in it (the EXIF metadata), among which are GPS coordinates.

It's a good idea to strip EXIF metadata from JPEGs as much as possible. It's also a good idea to disable the GPS on your phone entirely, if you don't care about things like weather forecasts.

So, the uploader update.

When you upload a JPEG, the uploader now automatically strips EXIF metadata. Similarly, all the existing JPEG files have been stripped.

Let me know if this goes wrong somehow.

NSMBHD - Kafuka - Jul


Posted on 03-09-17 07:02 PM Link | #81890
Ijah's Post
Crafty motherfucker, I'll give him that.

Thinking on the subject I am actually surprised there haven't been more warnings about this as a pretty serious privacy risk.

Then again the powers that be would rather know all about where we are, have been, plan to go, etc... >_> <_<

Posted on 03-09-17 07:04 PM Link | #81891
and the possibility that the data are sold to advertisers for the sake of "intelligent" targeted advertising is, sadly, the best one

NSMBHD - Kafuka - Jul


Super Hackio
Posted on 03-09-17 07:04 PM Link | #81892

Jpeg's carry GPS data? Wow, I know a lot of technical things, but I didn't know that. I'll be more cautious now.

SMG RUN Progress: 11%
I have a discord if you want:

Posted on 03-09-17 08:24 PM Link | #81896
Didn't know it can store data like that. Is the same information my Android phone displays when I'm browsing images? It tells me the location where the picture was taken.

This SmithJrBlaquaLuigi was so nice to me, but I guess he lost my respect for him. Thanks for the heads up.

Posted on 03-10-17 02:04 AM Link | #81911
I tend to use VerExif all the time, for this very reason.
It's nice to see you've added that to the Uploader, even though I never make photos with my phone camera.

Posted on 03-10-17 03:35 AM Link | #81912
I used that website and it doesn't seem like my images have any GPS data. I mean, I always keep GPS and Sync disabled since when my father gave me this phone he warned that this can create data which others can use to find who the person using the phone is so I assume there's not much there since, well it's disabled.

It's not like weather data requires GPS either, it just won't change when you go from a city to the next, but it'll still update the weather. :P
"The quieter you become, the more you are able to hear." --Ram Dass

Posted on 03-10-17 11:29 AM Link | #81914
Atleast you have a convenient weather app. The one on my phone refuses to display anything when the GPS is disabled. It seems I can make it use a set location instead of using the GPS, but (of course) no way to enter anything besides a few presets.

I hate this kind of blackmailing from a program. No GPS tracking? You ain't getting no weather info, sucker! I damn well could give you info for a given town, but I won't, because fuck you!

And who knows if disabling the GPS actually does that and doesn't just "pretend it's disabled"?

NSMBHD - Kafuka - Jul


Posted on 03-10-17 11:45 AM (rev. 2 of 03-10-17 01:02 PM) Link | #81916
Isn't this an issue when uploading images from your phone? I never do that so I guess I'm safe :>

Hmmm in my case, the standard weather app included in Huawei phones can use mobile data instead of forcing GPS to show weather data.

Try a diferent app? I used wunderground before, and it seems fine. Haven't got the chance to re-download it yet.

Also, the thing about GPS, aren't we technically always localizable if we have mobile data? :P
I feel if GPS was always on, it would drain your battery noticeable. I've accidentally left it on when I use something like google maps and find the next day that the battery has decreased below the normal use, just to find out I left the GPS/Localization services on.

[image] [image]

Super Hackio
Posted on 03-11-17 10:21 PM (rev. 2 of 03-11-17 10:21 PM) Link | #81935

This guy is a nut job. He E-mailed me and said this:
Posted by SmithJrBlaquaLuigi
Hello, this is SmithJrBlaquaLuigi and I have to informed you that StapleButter gave false claims about me selling the EXIF data which is a blalant lie. I told him it was unnesscary to make an announcement. I don’t want to travel and find their houses like that. He also told me and said: “Come to my house someday” but instead, he gets angry with me in public.

The E-mail was uncalled for, in my opinion. (If he keeps saying stuff like this, maybe we can have another Hall-Of-Shame entry :3)

SMG RUN Progress: 11%
I have a discord if you want:

Posted on 03-12-17 08:36 AM (rev. 2 of 03-12-17 08:37 AM) Link | #81944
and I reply to his lies with the following IRC query log, pulled straight from my client

read it, it's a fun ride

NSMBHD - Kafuka - Jul


Super Hackio
Posted on 03-12-17 12:59 PM Link | #81954

It certainly was a fun ride. (and now I know where that quote you put in your signature came from XD)

SMG RUN Progress: 11%
I have a discord if you want:

Posted on 03-13-17 11:56 AM Link | #81973
Best parts in my opinion:

[21:49:52] Yep, I gave you 20 mins to cooperate and you failed to cooperate.
[21:50:13] This is why we cannot get along with you.
[21:50:14] but it's been some really long minutes
[21:50:21] 'we'?
[21:50:32] are you schizophrenic?

[21:59:53] I'' trying to improve my English so you can understand better.
[21:59:57] I'm

But wow, I didn't know that JPEG stored GPS coordinates <_<


Sorry for the maintenance -- we'll be back soon!

Posted on 03-14-17 03:39 PM (rev. 2 of 03-14-17 03:44 PM) Link | #81992
Oddly enough I think this video I made (which actually happened) gives context to how he knows about this.

Posted on 03-17-17 02:39 AM Link | #82026
Posted by StapleButter
and I reply to his lies with the following IRC query log, pulled straight from my client

read it, it's a fun ride

"I have something"
"tell me"
"I have something and I'll give you 20 minutes"
"Okay, but tell me"
"I... have.... something!!!!"
"Goddamn it, tell me"
"Then unban me."

That sounds infuriating.

It also doesn't sound like StapleButter is holding EXIF data for ransom.

Posted on 03-18-17 05:04 AM Link | #82040
Rumors say SmithJr still isn't sponsored by Dominos.

Anyway the way he was trying to be cool and shocking with the info makes me cringe. I don't see Staple's posts cringy in what I see.


Posted on 03-18-17 03:29 PM Link | #82044
Sorry for derp question, but who was SmithJrBlaquaLuigi, and what did he do?


"To feel sadness is to live, but as long as you are alive, the future is a blank page." -Merlon, 2007

Go check out my hack!

Posted on 03-20-17 09:35 AM Link | #82070

Posted by LeftyGreenMario
This SmithJrBlaquaLuigi was so nice to me, but I guess he lost my respect for him. Thanks for the heads up.

Reading this thread right now, I guess I feel the same way.

Posted on 03-21-17 05:25 AM Link | #82081
Posted by SuperML
Sorry for derp question, but who was SmithJrBlaquaLuigi, and what did he do?

he was banned for continually backseat modding and generally being a complete fucking idiot. he also reacts like a 8 year old, and can't speak English for shit despite being a North American.

NSMBHD - Kafuka - Jul


Baby Luigi
Posted on 03-26-17 07:13 PM Link | #82152
I'm late to this thread but I completely lost it at this part.

[21:04:57] SmithJrBlaquaLuigi: And okay
[21:08:03] SmithJrBlaquaLuigi: Is this your house?
[21:08:04] SmithJrBlaquaLuigi:
[21:17:34] * Déconnecté (Connexion réinitialisée à l'autre extrémité).
[21:25:28] StapleButter: nope
[21:31:34] SmithJrBlaquaLuigi: Well
[21:31:47] SmithJrBlaquaLuigi: It is. You image has a current location in it.
[21:31:53] SmithJrBlaquaLuigi: your*
[21:32:52] StapleButter: EXIF data, huh?
[21:32:57] SmithJrBlaquaLuigi: Yep
[21:33:12] StapleButter: well, the GPS tracking isn't precise
[21:33:25] StapleButter: I always leave it on 'save power' mode
[21:33:41] StapleButter: the address you got isn't my address, and has never been
[21:34:54] SmithJrBlaquaLuigi: Yes it was. Your picture was taken at your location few years ago.
[21:35:08] SmithJrBlaquaLuigi: It's not hard to figure it out
[21:36:32] StapleButter: it's not, and I explained why
[21:36:55] StapleButter: I always leave my phone in imprecise tracking mode
[21:37:44] SmithJrBlaquaLuigi: You are comprehensively not being a reasonable at all.

This fucker claims you're not being reasonable, but he said that immediately after an, what it looks like, attempting to dox you, threaten you, or at least pry out your private and personal information over his goddamn ban. This pitiful attempt made me lose all respect I ever had for him. I consider this behavior despicable.

If this threat is not indicator that he's not going to be unbanned any time soon, then I don't know what will be.
Pages: 1 2

Main - Announcements - Uploader update. Beware of EXIF metadata. New reply

Page rendered in 0.029 seconds. (2048KB of memory used)
MySQL - queries: 27, rows: 231/231, time: 0.015 seconds.
[powered by Acmlm] Acmlmboard 2.064 (2018-07-20)
© 2005-2008 Acmlm, Xkeeper, blackhole89 et al.