this post was submitted on 31 Jul 2025
524 points (98.9% liked)

You Should Know

40304 readers
605 users here now

YSK - for all the things that can make your life easier!

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)

Rule 1- All posts must begin with YSK.

All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.

Rule 2- Your post body text must include the reason "Why" YSK:

**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **

Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.

Rule 4- No self promotion or upvote-farming of any kind.

That's it.

Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.

Rule 6- Regarding non-YSK posts.

Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.

Rule 7- You can't harass or disturb other members.

If you harass or discriminate against any individual member, you will be removed.

If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.

Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.

Rule 10- The majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.

Rule 11- Posts must actually be true: Disiniformation, trolling, and being misleading will not be tolerated. Repeated or egregious attempts will earn you a ban. This also applies to filing reports: If you continually file false reports YOU WILL BE BANNED! We can see who reports what, and shenanigans will not be tolerated.

If you file a report, include what specific rule is being violated and how.

Partnered Communities:

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Credits

Our icon(masterpiece) was made by @clen15!

founded 2 years ago
MODERATORS
_MoveSwiftly@lemmy.world
Thekingoflorda@lemmy.world
ja2@lemmy.world
Rooki@lemmy.world
FartsWithAnAccent@lemmy.world
FartsWithAnAccent@fedia.io
524
You can (probably should) remove personal information from a photo before uploading it to social media (media.piefed.social)
submitted 1 week ago by cloudless@piefed.social to c/youshouldknow@lemmy.world
74 comments fedilink hide all child comments
 

Your photos might include information of the exact location and time of the photo taken, your photo/camera models etc. Companies, governments, or someone with bad intentions can use such information for their benefits against you. This can easily be accessed by AI as well.

On Windows 11:

  1. Right-click on the file
  2. Properties
  3. Details
  4. Remove properties and personal information

Lots of people don't care, but I guess this could be useful for some of you.

top 50 comments
sorted by: hot top controversial new old
[–] kepix@lemmy.world 4 points 6 days ago

any of you allow gps for your photo app?

[–] AbsolutelyNotAVelociraptor@sh.itjust.works 132 points 1 week ago (2 children)

Alternatively, you can (probably should) decide to not upload any photo to social media.

[–] null@lemmy.nullspace.lol 7 points 1 week ago (22 children)

That would destroy the majority of Lemmy though

[–] Sunsofold@lemmings.world 10 points 1 week ago

The data is different for a 'photo' one took vs one of many other types of image. Your camera/phone can often include a lot of surprising data, possibly even your PII or location. An image you made in krita or with a screenshotting tool is somewhat less likely to have such data.

load more comments (21 replies)
[–] qarbone@lemmy.world 57 points 1 week ago (2 children)

Feels like an honorable site would make the uploader aware of this and offer a checkbox or something to do it for you.

[–] themoonisacheese@sh.itjust.works 68 points 1 week ago (1 children)

Every site that allows image upload in existence now strips this data by default, but they do it on their server so they can get it first.

[–] GissaMittJobb@lemmy.ml 8 points 1 week ago* (last edited 1 week ago) (2 children)

I mean, I'd probably do it server-side even if I were to have nefarious intent and want the data for myself anyway, since image processing client-side isn't necessarily a good use of your users devices, really.

Plus, if I were to want the data in a client-side, I could upload it before doing the client-side stripping.

This comment doesn't really hold up to scrutiny, my friend

[–] hypna@lemmy.world 4 points 1 week ago

Calling deleting metadata image processing is a bit of a stretch. And you can disingenuously clean images either client- or server-side, that's true, but if we're getting serious here about data privacy, one could independently validate, build, and sign an executable for users to run locally. I don't know of any similar technique to guarantee what's running server-side.

[–] themoonisacheese@sh.itjust.works 4 points 1 week ago

You can strip exit data in less than 1ms on a phone processor in 90 lines of js btw https://github.com/Coteh/exifremove/blob/master/src/exifremove.js

You're delusional if you think FAANGs don't harvest the shit out of every single but of data they can get on you, including exif.

[–] JubilantJaguar@lemmy.world 56 points 1 week ago (6 children)

Every social-media platform strips EXIF metadata before publishing the photo.

So the issue is the trustworthiness of the social-media platform itself. Personally I always strip the metadata before sharing anything anywhere.

[–] phoenixz@lemmy.ca 22 points 1 week ago

Of course they strip it before publishing and of course they use the stripped data for themselves. Anyone assuming that they won't should come and buy that bridge that I'm selling, it's a great opportunity!

[–] Showroom7561@lemmy.ca 18 points 1 week ago

Strips metadata so that the public can't see it, isn't the same as stripping metadata after the corporation has already collected and linked it to your profile. 😫

Always clean the metadata BEFORE it touches their upload UI.

[–] hperrin@lemmy.ca 7 points 1 week ago (2 children)

Sure, but let’s say you don’t allow Facebook to track your location. Well, as soon as you upload a photo with location exif data, they know it anyway.

load more comments (2 replies)
[–] icegladiator@lemy.lol 5 points 1 week ago

This. Literally every social media site strips EXIF data from photos you post or else you would be hearing about 100x the number of doxxes you do these days. This tip would've been good in 2006 or if you're communicating over something unusual like Email or Onionshare

load more comments (2 replies)
[–] Successful_Try543@feddit.org 32 points 1 week ago* (last edited 1 week ago)

For Android, there are e.g.

[–] seathru@lemmy.sdf.org 26 points 1 week ago* (last edited 1 week ago) (3 children)

For linux I use exiftool

exiftool -all= image.jpg

load more comments (3 replies)
[–] homesweethomeMrL@lemmy.world 26 points 1 week ago (1 children)

You guys are uploading personal photos to social media?!

[–] _thisdot@infosec.pub 4 points 1 week ago (2 children)

That's how 99% of social media works

[–] Duamerthrax@lemmy.world 10 points 1 week ago

Terrible idea. Hopefully it never catches on or we're all in deep shit.

load more comments (1 replies)
[–] DBT@lemmy.world 25 points 1 week ago

For iPhone you can make a simple shortcut to do this. Here’s what it would look like:

[–] backgroundcow@lemmy.world 21 points 1 week ago* (last edited 1 week ago) (1 children)

I discovered that recent versions of the built-in photo apps on Android flat out refuses to do this. The UI for removing location info is there, but it is intentionally blocked if the exif info was added automatically by GPS (i.e., it only works if you manually have set a location). It seems so weird, and outright evil, to block one of the key ways for people to stay safe.

[–] 0x0@lemmy.zip 12 points 1 week ago

Scrambled Exif has served me well.

[–] oce@jlai.lu 15 points 1 week ago (1 children)

You should be able to prevent your device from adding the location to your photos. I never felt the need to have it, given the date and the photos around, it is easy to remember where it was.

load more comments (1 replies)
[–] irelephant@lemmy.dbzer0.com 15 points 1 week ago (1 children)

Most sites strip metadata thankfully.

[–] iglou@programming.dev 12 points 1 week ago (2 children)

Yes, but the company could still keep the data somewhere.

load more comments (2 replies)
[–] hansolo@lemmy.today 12 points 1 week ago

Linux:

exiftool -overwrite_original -all= ~/Downloads/your_photo.jpg
[–] rumba@lemmy.zip 10 points 1 week ago

ehhh

Screenshot

Paste Screenshot

Works on all platforms

Apple puts a little exif data in there, but it's not very useful data.

[–] masto@lemmy.masto.community 8 points 1 week ago

There are a million ways to do this, as have already been described in other comments. This is one more. I built https://photostripper.com/ a while back, when I was practicing building small web applications to learn different tech stacks. Lemmy is not the target audience - you folks know how to do this already, and why would you trust that I’m not keeping copies of your photos (I promise I’m not, but what is that worth?)

Anyway, I’m only mentioning it because it’s my thing and I enjoyed making it.

[–] Quexotic@infosec.pub 7 points 1 week ago

https://guardianproject.info/apps/org.witness.sscphase1/

Above you will find the link for an app called a obscure cam. It's open source and made by the Guardian Project. It allows you to sensor faces and automatically removes exaptata from your photos so that you don't put your geolocation on dating apps.

If all of the Tea users used this, that breach wouldn't be even a quarter as bad. Also would help if they didn't post their fn drivers license to a dating app.

[–] moseschrute@lemmy.ml 7 points 1 week ago* (last edited 1 week ago)

I haven’t looked into this, but if it doesn’t already, Lemmy and PieFed should scrub this data before writing it to disk. Would be a lot easier to implement this in one place than teach everyone to scrub the data themselves. If either of them don’t do that, we should put up a feature request.

[–] Proprietary_Blend@lemmy.world 6 points 1 week ago

Or just don't.

[–] AshKaashh@lemmy.zip 6 points 1 week ago* (last edited 1 week ago) (1 children)

most social media sites already do that for you . Unless you upload the image as a document, most media sites automatically remove the exif and compress the img.

[–] cloudless@piefed.social 4 points 1 week ago

Bots including Mark Zuckerberg is going to keep all your data before "doing that for you".

[–] bacon_pdp@lemmy.world 5 points 1 week ago

You want to use the Metadata Anonymisation Toolkit not trust Microsoft to not fuck you

[–] dan1101@lemmy.world 5 points 1 week ago

I run it through my 1995-era photo editor that doesn't support all the metadata.

[–] NarrativeBear@lemmy.world 4 points 1 week ago* (last edited 1 week ago) (1 children)

Also on mobile what works for me when uploading a photo, I generally screenshot and upload that screenshot. Never upload the "original" photo.

[–] misteloct@lemmy.dbzer0.com 8 points 1 week ago

Your phone or computer may add that data into its screenshots. Use a metadata cleaner if you want to be thorough.

[–] betterdeadthanreddit@lemmy.world 4 points 1 week ago

I bet there are some poorly-built automatic scrapers out there harvesting EXIF tag data and not being too careful about sanitizing what they find.

[–] tisktisk@piefed.social 4 points 1 week ago (2 children)

I've always been curious how one could verify that all that exif data was certainly removed fully

load more comments (2 replies)
load more comments
view more: next ›