METADATA – the UGLY

View Github Repository Open presentation in a new window

bashz

See all presentation from bashz

METADATA – the UGLY

0 0

metadata

On Github bashz / metadata

the GOOD, BAD, and UGLY of photo & video

METADATA

File's Metadata

  • Metadata is not what you see upon taking a picture, but rather the footprint that's left behind.
  • File’s metadata, exists within the file.
  • Those metadata can be erased and edited.
In order to avoid any confusion during this talk, I guess that some clarifications are needed. So what is metadata? … there are numerous definitions of what could be metadata, the one that fits the most this topic would be : Metadata is not what you see upon taking a picture, but rather the footprint that's left behind. So here we are interested on the file’s metadata, especially media files. Those metadata exists within the file itself, making them transportable for instance if you upload a picture you upload its metadata within it. This type of metadata also called Guide metadata can be overwritten and altered.

the GOOD

  • They are all beneficial as long as they stay on your machines.
  • Provide you with numerous information about a file.
Metadata are all beneficial as long as they stay on your local machines. For instance if it happen that you recovered an old picture file and you no longer remember when it was taken you can always consult its metadata to get that information, along with other precious informations.

the BAD

  • Things gets murky once you upload/share a file.
  • Possible use of your metadata :
    • Commercial use by extracting the device’s fields.
    • Identity finding by extracting author’s fields.
    • Location tracking possibility.
When could your metadata be bad? … well whenever you don’t have control over it, it might be bad. Most common case of losing control occur when uploading files to a distant server, especially for pictures now days, with the grown use of social media sites and the selfies culture. So, by uploading a picture you literally handle its information to a distant machine and many of those information could be exploited without your knowledge. For instance if we look closer to a picture metadata sometime we can find : The camera / the mobile used to take the picture. The software used to take or edit the picture. At a huge amount, those information can be exploited for as commercial prospection, but that is not important as handling identity informations, for instance your file can have : Author informations - your name. Geolocation informations, of where the picture was taken. If constantly linked to the date the picture was taken it would result on a geolocation tracking. So if you are anonymously browsing this would clearly reveal your identity, and location. Worse, as the picture get shared, anyone who can open it can access those informations (but that’s not always the case like we will see in the next section), so lets move on to the ugly part of the metadata.

the UGLY

  • What if the server, not only used your metadata but also changed them?
  • Demonstration :
    • exif-tool before and after uploading a file.
    • diff the two results.
Imagine that your file’s metadata got changed by the server to something else, adding new information and erasing some while editing others, yes now your metadata looks ugly. Is that possible? … well in reality that is happening right now, here is a case where I compared metadata of a local file with the same file uploaded to facebook, as you can see more than 80% of the data have changed. The comparison method is pretty simple, I just extract the file’s metadata using exiftool and save them, then I upload the file it and then look again at its metadata, by using diff between the first and the second file I can clearly see what have changed. By repeating this method on different platforms I was able to gather some statistics : Such a behavior result sometime on the inability to prove that the file is even yours, remote storage platforms also become scary as they can result on removing and customizing your files informations. Now if we combine the bad of the metadata and its ugly we can clearly see that a server can use your metadata and then hide them, becoming the only entity (beside you) holding such informations about you !

Prevention and solutions

Credits

Oh hey, these are some notes. They'll be hidden in your presentation, but you can see them if you open the speaker notes window (hit 's' on your keyboard).
1
the GOOD, BAD, and UGLY of photo & video METADATA