How much EXIF information is tracked by photo sharing sites?

How much EXIF information is tracked by photo sharing sites?
http://regex.info/exif.cgi

I often post photos to photo-sharing sites, whether for the
purpose of social networking (pinterest, facebook, etc)
or for Usenet posts (tinypic, flickr, etc) or for personal
sharing (iCloud, dropbox, google drive, etc).

The EXIF, as you know, can reveal exactly where and when
the photo was taken, and even what camera was used, and, of
course, the time and date, etc, the combination of which could
easily reveal intensely personal information.

When I DOWNLOAD those pictures, generally (always?) the
EXIF information seems to be stripped out.

But ... how much of that personal EXIF information is retained by
the web site (and used for their possibly nefarious purposes)?

On 10/28/2014 05:54 PM, A. Beck. wrote:

But ... how much of that personal EXIF information is retained by
the web site (and used for their possibly nefarious purposes)?

Dude, a few years ago nobody would have thought it possible (or even
constitutional) in the western world that social media and cloud
services treat your data as their property, that postal service retain
every sender/recipient address, that secret services read and store all
your e-mails, passwords and browsing profiles. And yet, we were shocked
to learn that all this is common practice today.

So you just have to assume that every bit of information that leaves
your local network is intercepted, stored and evaluated. If it is
encrypted it is either decrypted today, or stored for decryption in the
future.

Sorry to break the news to you.

On 10/28/14 PDT, 10:17 AM, Martin wrote:
On 10/28/2014 05:54 PM, A. Beck. wrote:

But ... how much of that personal EXIF information is retained by
the web site (and used for their possibly nefarious purposes)?

Dude, a few years ago nobody would have thought it possible (or even
constitutional) in the western world that social media and cloud
services treat your data as their property, that postal service retain
every sender/recipient address, that secret services read and store all
your e-mails, passwords and browsing profiles. And yet, we were shocked
to learn that all this is common practice today.

So you just have to assume that every bit of information that leaves
your local network is intercepted, stored and evaluated. If it is
encrypted it is either decrypted today, or stored for decryption in the
future.

Sorry to break the news to you.

Evaluated? I suppose if it's a photo of a military installation or some
other super secret place, maybe.

Nefarious purpose? Unless sensational, or above, what can they really do
about knowing you shot a photo of Suzie Q in front of the Prado at 14:55
UMT?

On Tue, 28 Oct 2014 18:17:35 +0100, Martin wrote:

postal service retain every sender/recipient address

I didn't know that the (snail mail) post office retains
all from/to information.

Is that really true and verified?
(or just conjecture?)

In article , A. Beck.
wrote:

postal service retain every sender/recipient address

I didn't know that the (snail mail) post office retains
all from/to information.

Is that really true and verified?
(or just conjecture?)

it's true.

they photograph every item mailed.

A. Beck:
I didn't know that the (snail mail) post office retains
all from/to information.

Is that really true and verified?
(or just conjecture?)

It is verified that the USPS records and reports to security
authorities a relatively small amount of sender and receiver data.
WaPo, 27 October "In a rare public accounting of its mass surveillance
program, the United States Postal Service reported that it approved
nearly 50,000 requests last year from law enforcement agencies and its
own internal inspection unit to secretly monitor the mail of Americans
for use in criminal and national security investigations."

50,000 out of approximately 212 billion pieces of mail. That's about
2.358x10e-5%.

It is also not true that the NSA has the capability of reading every
e-mail sent in the world or listen to every phone call. SIGINT is labor
intensive; most of the people at NSA are so busy that they don't have
time to read their own e-mails.

--
I agree with almost everything that you have said and almost everything that
you will say in your entire life.

usenet *at* davidillig dawt cawm

In article , Davoud
wrote:

I didn't know that the (snail mail) post office retains
all from/to information.

Is that really true and verified?
(or just conjecture?)

It is verified that the USPS records and reports to security
authorities a relatively small amount of sender and receiver data.
WaPo, 27 October "In a rare public accounting of its mass surveillance
program, the United States Postal Service reported that it approved
nearly 50,000 requests last year from law enforcement agencies and its
own internal inspection unit to secretly monitor the mail of Americans
for use in criminal and national security investigations."

50,000 out of approximately 212 billion pieces of mail. That's about
2.358x10e-5%.

that's for requests.

the usps photographs *every* piece of mail. every single one. this
began after 9/11.

It is also not true that the NSA has the capability of reading every
e-mail sent in the world or listen to every phone call. SIGINT is labor
intensive; most of the people at NSA are so busy that they don't have
time to read their own e-mails.

yes they do. they may not read them now, but they are stored 'just in
case'.

On Tue, 28 Oct 2014 16:29:20 -0400, nospam wrote:

the usps photographs *every* piece of mail. every single one.
this began after 9/11.

Nospam is right. They started photographing *every* piece of mail,
and holding it for 30 days, I think, after the anthrax scares.

It's in the NY Times article from yesterday, which I found after
searching (because, at first, I didn't believe it myself).

http://www.nytimes.com/2014/10/28/us...ands.html?_r=0

In article , A. Beck. wrote:

How much EXIF information is tracked by photo sharing sites?
http://regex.info/exif.cgi

I often post photos to photo-sharing sites, whether for the purpose
of social networking (pinterest, facebook, etc) or for Usenet posts
(tinypic, flickr, etc) or for personal sharing (iCloud, dropbox,
google drive, etc).

The EXIF, as you know, can reveal exactly where and when the photo
was taken, and even what camera was used, and, of course, the time
and date, etc, the combination of which could easily reveal
intensely personal information.

Sorry, but how is this "intensly personal information"? If you have
Lightroom set to add your personal details it would certainly be personal
infromation, but hardly "intensly", that would be if you also add your
social security number and other more intimate details about yourself.

When I DOWNLOAD those pictures, generally (always?) the EXIF
information seems to be stripped out.

Which just means that the thumbnail, or scaled down version of the image,
has EXIF stripped, and that's the version you (and maybe others) can
download, meaning they've taken steps to conceal the somewhat personal
information there is in the image.

But ... how much of that personal EXIF information is retained by
the web site (and used for their possibly nefarious purposes)?

While some social web sites surely create a local scaled down version of
the image, and toss the original, I'd say most keep the original on disk
for future re-scaling.

And with regards to the supposed "nefarious" purposes, whatever purposes
could they have with knowing your camera model, the date the image was
taken and possibly where it was taken? I mean, in theory it could be used
to give you ads about going back to Thailand a year after, but that's
hardly "nefarious", and if you're the kind of person that thinks targeted
ads are nefarious, then you're also the kind of guy that strips the EXIF
yourself first, and upload it in another name, using a secure email address
:-D


--
Sandman[.net]

On Tue, 28 Oct 2014 18:03:10 +0000, Sandman wrote:

how is this "intensly personal information"?

If I snap a picture of a pink flower in the open-air foyer
at the AIDS clinic while I'm supposed to be at work, and the
EXIF information shows almost exactly when & where I was, that's
(by it's very revealing nature) certainly intensely
personal information (it's meta-information but intensely
revealing nonetheless).