# Exif Data



## rhaythorne (Jan 12, 2004)

As some of you probably know, I spend quite a lot of time looking at computers and systems from a security perspective. One of the things I hadn't looked at much (until this week anyway) is the amount of extra information that gets included with digital photographs.

To illustrate this, take a look at the wealth of information that's embedded in this photograph that I took this morning:

http://regex.info/exif.cgi?dummy=on&ur...ha_skeleton.jpg

I'd always assumed that there was some extra info in there but I hadn't appreciated just how much! Not only does it tell you the camera and lens I was using, it also tells you tells you all the camera settings, whether the flash fired, times, dates, even the town in which I live! Post-manipulation with various software packages is also often added. I can tell that lots of you obviously use Adobe Photoshop/Elements, for example.

The good thing about this though is that if you see a really good photograph and want to know what camera the photographer was using and to an extent how they did it, you don't even have to ask, you can just look it up for yourself in the data









It appears that several online hosting companies (photobucket et al) strip out this data, as does opening and saving the photo in older software packages, like PaintShop Pro 4.x for example.


----------



## PhilM (Nov 5, 2004)

I never knew there was that much information embedded in the photo, I've noticed that some software now recognises the camera that I've used but this really is impressive


----------



## mrteatime (Oct 25, 2006)

and this is attched to all photo's on your pc?


----------



## rhaythorne (Jan 12, 2004)

It's included in your photos by the camera and/or the software you use. Some software may have a setting to strip out the data, but I'm not sure.

From what I've read, I think that you can sometimes even see a thumbnail of the original photograph from which a published image has been cropped (potentially very embarassing) or an unedited version of a censored published image (one that has had some personal info like a car number plate or a name, address or telephone number blanked out, for example).

Nearly all of the photos on my website were processed in Paintshop Pro 4 which doesn't appear to support EXIF, so as soon as you save your image all the data is lost/stripped out. Quite a good thing really. However, my new camera and the software I'm using now (Paintshop Pro X) does support EXIF and, as you can see, a wealth of information is preserved in the final, published image.

Of course, lots of other types of files on your computer and published on the Internet also contain "hidden" information which can be revealed by examining them in detail - a process sometimes referred to as "document grinding".

I'd never looked at photos before now though, and was quite surprised at the amount of info embedded as standard and available to anyone with a simple EXIF viewer


----------



## mrteatime (Oct 25, 2006)

bit scary that init?


----------



## rhaythorne (Jan 12, 2004)

I imagine that several people have had to undertake and unexpected change of underwear


----------



## mrteatime (Oct 25, 2006)

So in what instance could this put you at risk (apart from the index of a car number plate) ??


----------



## colinryan (Jul 8, 2007)

EXIF data is about the settings and modes etc. of your camera/lense and does not contain anything private or confidential. To say that the data in your photograph might in some way be harmful is nothing more than a bunch of uneducated FUD and scaremongering.


----------



## rhaythorne (Jan 12, 2004)

Well, only you can evaluate the risk based on your circumstances, the nature of the photograph and what, if anything, you claim it represents.

colinryan said:



> To say that the data in your photograph might in some way be harmful is nothing more than a bunch of uneducated FUD and scaremongering.


No one said it's harmful. You just imagined it


----------



## mrteatime (Oct 25, 2006)

so could this be seen on sites like autotrader (when you put an online photo from your library) ? even tho you blank out the number plate? what about the address and contact number that you submit as well?


----------



## Silver Hawk (Dec 2, 2003)

Can't see anything in there about my wife....good.


----------



## mrteatime (Oct 25, 2006)

or mine


----------



## rhaythorne (Jan 12, 2004)

The unblanked Number Plate, possibly. I've seen one example of this where the data in the edited photo included a thumbnail of the unedited photo.

Addresses and contact numbers, no. I don't know the Autotrader website, but I presume that address/contact info is submitted via a secure web form of some kind. This would be distinct from the photo of the car, even if that's submitted at the same time. The EXIF data, if any, is only embedded in the photo, not any other part of the application with your various contact details. So no worries there









But, how about second hand car photos as a good example of why it may be useful to look up any EXIF data in a photo. Let's say you see a photo of an immaculate second-hand car you're interested in buying, and the EXIF data reveals that the photo was taken 5 years ago! Useful? Yes! Reason to be fearful or scared? Yes ...if you're the seller! Of course this could apply to watches too.

But now, let me make this _extra_ clear for anyone else viewing this thread. I'm not spreading FUD (Fear, Uncertainty and Doubt). I'm merely making people aware that this data may be present in the photos that they're publishing. There is no "uncertainty" or "doubt" about the potential existence of this data as can be seen from the link I published to one of my photos in my original post. _It is_ there (unless otherwise stripped out or not embedded in the first place). Whether anyone has anything to "fear" from such data is entirely open to question. It depends on the photo, the individual who claims to have taken it and what they claim it represents. Likewise, I'm not scaremongering. I can imagine lots of scenarios in which someone might be very scared after realising that so much info was available, but that's up to them to determine.



> Can't see anything in there about my wife....good.





> or mine


Exactly! And now you know to remove the data from the photos you take when you're away with the girlfriends


----------



## mrteatime (Oct 25, 2006)

i think its great that you've shared something that is informative and interesting. Cheers mate....

Shawn


----------



## rhaythorne (Jan 12, 2004)

Glad you found it useful


----------



## mrteatime (Oct 25, 2006)

just been uploading some pis to PB from ebay.....very interesting. Although it doesnt carry the same anount of info as yours di, it does show the time,date when you go into edit mode. Very intersting if your buying second hand of the bay


----------



## rhaythorne (Jan 12, 2004)

Good point. For example, you may have seen in another recent thread that I mentioned a seller on German eBay using a picture of _my_ Breitling SuperOcean in _his_ sale. I just checked and some EXIF data is still present in my photo which reveals that it was taken on a Sony digital camera on Christmas Day 2006 (a present to myself







) Does this tie-up with the seller's description and other photos? Well, it's of no great importance now as the sale appears to have ended (no bids) but it's an example of how this data can be used to reveal some possibly dodgy dealings. Of course, just because one photo may have been taken at a slightly different time on a different camera doesn't necessarily mean that a seller is up to no good, but it's something worth at least checking out I think.


----------



## ESL (Jan 27, 2004)

Just been playing and its easy to get rid of the original camera specific stuff using Photoshop (or Elements). Just make a selection of part (or all of the image) copy into a new image file then resave it.

Most of the offending data is now gone.


----------



## langtoftlad (Mar 31, 2007)

To get rid of Exif data, you have to first know it is there - so this was useful

There was some 'talk' of the authorities getting a lead on the person who leaked the Harry Potter from this data which included the serial number of the camera used - cue underwear change and possibly dumping of expensive digital camera in nearby river?

So now we know that this tag exists, do we automatically get 'suspicious' of a pic that doesn't have it?


----------



## rhaythorne (Jan 12, 2004)

Good, I'm glad some people have found this info useful at least









I don't think you necessarily need be suspicious if EXIF data is absent from an image. As I mentioned earlier, nearly all of the pics on my website don't have this data because the software I was using doesn't seem to support it, so it just got stripped out. Likewise, pics hosted on places like photobucket don't seem to display much of this data either.

There's the potential for some commercial embarassment due to the presence of this data. As a fictitious example, supposing you checked the images on the Pentax corporate website and found that they'd been taken with a Nikon or some other make of camera. I'm sure that wouldn't go down too well!

As longtoftlad says, now you know that the data is (or could be) there, it's something worth thinking about and considering removing before publication.


----------

