this post was submitted on 27 Oct 2024
81 points (96.6% liked)

Asklemmy

43731 readers
1072 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

What I do is to run the exiftool to strip all the metadata from the image. Next, I check if there are any identifying details in the image like landmarks or background details (e.g. stuff on my whiteboard). And finally I check for the unwanted reflections or for the setup that could be recognised outside the community I share the photo with. Last but not least, I never share a photo in more than one place.

top 33 comments
sorted by: hot top controversial new old

Not at all. Here, my first ever face reveal.

[–] unexposedhazard@discuss.tchncs.de 33 points 4 days ago* (last edited 4 days ago) (1 children)

Basically all outdoor images can be automatically geotagged by neural nets developed for this purpose. So you gotta keep it indoor only if you have physical safety concerns.

The more human infrastructure there is, the easier it is to doxx you, but even in the middle of nowhere the neural nets are starting to be very optimized for it. Even the publicly available tools arent too bad and the ones developed for and by the military/feds are probably even better.

[–] Anticorp@lemmy.world 3 points 3 days ago (1 children)

The CIA and NSA were able to remotely access any device or social media account without the owner knowing, all the way back as early as the early 2000's. Edward Snowden revealed this to an apathetic public. If they could do that back then without AI, I can't imagine what they can do now.

[–] unexposedhazard@discuss.tchncs.de 4 points 3 days ago* (last edited 3 days ago)

Probably significantly less actually. Because all the encryption and communication protocols are open source and regularily audited, they have become more and more secure. All sides of this conflict have an interest in these systems being secure because everyone indcluding the feds themselves are using them. From looking at actual cases they have to either wait for a zero day to infiltrate a phone remotely or physically compromise it (airport, etc).

Back when every country was developing its own IT systems, it was different, but now everything is globalized. If Russia/Iran/China is suffering from a 0day, chances are the US is suffering from it aswell.

[–] AnnaFrankfurter@lemmy.ml 3 points 3 days ago (1 children)

I last uploaded my photo on internet when avengers civil war came out.

[–] NauticalNoodle@lemmy.ml 2 points 3 days ago

hey, that's the same time I stopped sharing new content, though it took 4 more years before I officially deleted my FB account. By that point i was checking it only once every three months.

[–] Anticorp@lemmy.world 5 points 3 days ago (1 children)

Reflections are a big one that is easily overlooked. I typically stare at a picture for a couple minutes looking for tiny reflections that some psychopath on the internet could enhance and glean identity from. I shut geo location on my pictures off so that I don't have to worry about that, but I recently turned it back on. How do you run that tool on Android?

[–] communism@lemmy.ml 6 points 3 days ago* (last edited 3 days ago)

I don't upload photos anywhere public for this reason. For screenshots I just strip the exif data, and if it's a screenshot that goes from edge to edge of a screen, I resize it so as to not give away info on the size of my screen. I also don't share the same image in multiple places. If I have any kind of custom theming (fonts or colours) in a screenshot I also usually change it to something more generic, unless the point of the screenshot itself is to showcase the theming.

[–] mipadaitu@lemmy.world 12 points 4 days ago (1 children)

I open the picture on my computer, then screenshot it before uploading.

That removes any association with the original picture without relying on any exif stripping that might miss a hash or weird embedded info.

[–] Scubus@sh.itjust.works 2 points 4 days ago (1 children)

Now it simply has the metadata from your home conputer.

[–] fossphi@lemm.ee 9 points 4 days ago (1 children)

Print it out, scan it. Screenshot again. Post it from behind 7 proxies

[–] MonkeMischief@lemmy.today 1 points 3 days ago

Surely you won't regret 7 proxies.

[–] Corno@lemm.ee 8 points 4 days ago (1 children)

I don't upload photos of myself or my environment to public websites. The only people online who have seen me are two close friends on Discord.

When uploading my art I admit I'm somewhat paranoid about it since my art has been stolen once already, and I like to keep the files associated with my art archived just prior to uploading as a point of reference.

[–] toastal@lemmy.ml 2 points 3 days ago

Which means your two close friends & the corporate Discord data harvester.

With friends I can at least tell them to use a privacy-respecting or self hosted option, but I still don’t understand how businesses actively prefer US-based, proprietary services such as Google Meet for meetings. Do they really think Google & others aren’t record & training on their private business meeting data?

[–] Flamekebab@piefed.social 10 points 4 days ago

Not particularly paranoid. I have clothes with my username on!

[–] FireWire400@lemmy.world 9 points 4 days ago

I'm not too fussed about those things tbh. If anyone really wanted to doxx me on here they could do that regardless of any images.

I wouldn't post any pictures of myself to publicly available websites, though; even the one I use on facebook is years old.

[–] wewbull@feddit.uk 7 points 4 days ago

I don't upload my own images to public sites.

[–] makingStuffForFun@lemmy.ml 7 points 4 days ago

Sounds perfectly sensible.

[–] MicrowavedTea@infosec.pub 6 points 4 days ago

I check the metadata my cameras record every now and then. It's not particularly useful. For screenshots I'll make sure to not have any names or usernames visible. You can assume every outdoors photo is geolocatable so you can choose what you want to reveal. I'm ok posting a photo from the city center but not from my neighborhood.

[–] daniskarma@lemmy.dbzer0.com 2 points 3 days ago (1 children)

You don't upload pictures because you don't want to be tracked.

I don't upload pictures because no one wants to track me.

We are different.

because no one wants to track me.

I get you're just joking here but I would like to point out that this is a flawed way of thinking. Someone will spite you for whatever reason they can think of and will try to ruin your life whether its because of your political beliefs or just because of who you are as a person, cause sadly thats the internet right now

[–] lemmylemonade@lemmy.ml 2 points 3 days ago (1 children)

I used to be; I am becoming more and more complacent by the day. How can I motivate myself to get back on track?

[–] Anticorp@lemmy.world 2 points 3 days ago* (last edited 2 days ago)

Piss off a basement dweller who makes it his mission to find you in real life and destroy you. That'll definitely ramp up your precautions again.

[–] rumschlumpel@feddit.org 4 points 4 days ago

AFAIK cameras can be identified by the dust/grain patterns on their lenses. Probably no risk of random users doxxing you through that, but I don't feel comfortable opening myself up to mass surveillance like that.

[–] SaltySalamander@fedia.io 2 points 4 days ago (1 children)

Why would I ever upload a photo of myself, my home, my place of work, or anyone I know to a public website?

[–] Anticorp@lemmy.world 1 points 3 days ago

There are other things to share.

[–] Ziggurat@sh.itjust.works 3 points 4 days ago

What's on the image? Can you accept to talk about it with your boss?

There is a big difference between a photo of Dr OP giving an invited seminar about some advanced topic, and OP wearing a German WW2 outfit "for Carnaval"

[–] ctkatz@lemmy.ml 2 points 4 days ago

any images I upload are either already found online or if they are images I took scrubbed of location information in the metadata plus I don't put my face online. my face is on my fb page and a few pictures have my face in them but as far as I'm aware there's less than 10 pictures of my face online.

[–] Jimmycrackcrack@lemmy.ml 1 points 3 days ago (1 children)

what's the last step do for you?

[–] ValenThyme@reddthat.com 5 points 3 days ago* (last edited 3 days ago) (1 children)

if you upload the same pic here and to linkedin people can connect your lemmy account to your linkedin account, for instance. tineye.com is as example of a tool that does this well

[–] Anticorp@lemmy.world 5 points 3 days ago

I always assumed that anything uploaded to Facebook would be found by Meta if it's uploaded elsewhere and then they'll have all of the data points from your identity on that platform as well.