GPS-equipped smartphones and digital cameras are capable of embedding geotags, a bit of data providing the longitude and latitude of where the photo was taken. This piece of data is not visible to the casual observer but nonetheless remains in the image. When these pictures are uploaded to a site on the Internet like Twitter, YouTube, Flicker or Craigslist anyone can learn the exact location the picture was taken using a free browser plug in like Exif Viewer for Firefox or Opanda IExif for Internet Explorer.
Imagine posting a picture of a car you are trying to sell on Craigslist taken with your smartphone. Someone downloads the photo, extracts the lat and long from the picture and then e-mails you asking if anyone is available at 10am on Wednesday to take a look at the car. You would obviously respond, no, everyone is at work! Now, they know where you live and that you’re not at home. Combine the fact that you could write a program to look for geotagged pictures accompanied by text like “on vacation” and the whole process can be automated making it that much easier for an attacker.
Of course, this doesn’t apply to you if you don’t use any GPS enabled devices but friends or family may post a picture at your house before heading to Vegas a la “Tom and Jerry headed to Las Vegas Sept 10-12.”
At a minimum , you should be aware of this capability which exists by default on most devices. Each device has its own way of disabling the feature, something like location-don’t allow. As a warning, this does cause some device’s mapping features to stop working. How you protect your privacy is ultimately your own choice, but don't say I didn’t warn ya.
No comments:
Post a Comment