Sister CISA CISSP

Aug 26 2010   1:33AM GMT

Smart Phone Photographs Can Expose Much More than The Picture

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

Would you publish a digital photograph from your smart phone on the Internet if it could tell everyone where you lived, or where you were when you took it?

Unless GPS capability is specifically turned off (for phones that have it – think iPhone, Palm and Blackberry) photographs that are posted on the web from a smart phone automatically have a geo-tag embedded in the metadata (which means it’s invisible to the viewer) of the photograph. The tag includes the latitude and longitude where the photograph was taken. i.e., if you’re tweeting about something, say the great dessert you just had, and send out a picture to your envious friends – unknown people can discover quickly where you are.

My first thought was, “What’s the big deal? So I’m having a fancy ice cream in SoHo.”

Then I read on: researchers Ben Jackson and Paul Vet did a research project examining information from publicly posted tweets and photos to demonstrate that it is easy to identify where a specific person sleeps, works, and potentially engages in private activities. Software that edits photographs and metadata is frequently freeware and easily available.

As a “proof of concept,” they’ve created a website ICanStalkU.com to educate people about how much information they are releasing onto the Internet. The site actually does a LIVE demo of CURRENT tweets and pictures, with linkage to a Google map.

Both Jackson and Vet separately presented their research at the Hackers On Planet Earth (HOPE) conference in New York City last month to demonstrate just how easy it is to track a single individual using just a few pieces of metadata attached to their tweets and/or online photos.

Consider what business information or inadvertent personal information might be revealed from pictures from a smart phone – even if they are never uploaded. Given how many users are carrying around iPhones and sending pictures – this has an enormous privacy implication.

Their website does contain instructions on how to turn GPS off for the iPhone, Palm and Blackberry – on other phones you may not have that option. The government is actually considering making GPS a mandatory requirement on cell phones in case of 911 calls. It’s not a big leap to monitor more than that.

The Website demonstration is unnerving.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: