The following article will provide a step-by-step guide on matters concerning the need to remove EXIF metadata that’s embedded in a picture.
Before we proceed to outline the necessary steps, it is critical that we shed some light on the basic principles of EXIF Metadata. The term refers to the range of metadata that’s linked to photographs – often stored in a format called “Exchangeable Image File Format” (EXIF) – and it includes:
GPS coordinates that spell out the precise location where a picture was taken.
Camera settings such as ISO speed, shutter speed, focal length, aperture, white balance, and lens type.
The type, both model and make, of camera that was used to capture a particular photograph.
The date and time when a photo was taken.
The name and design of all applications that can be used to view and edit the picture.
Therefore, picture metadata serves to provide information about the location, time, and, importantly, the person who uploaded a photo. This fact exists within the context of internet-hosted photos that still contain EXIF thumbnails that can provide a wealth of insights into the original pictures.
Removing EXIF – What Are the Steps?
As long as you have uploaded image files to online platforms, whether social media sites or private cloud servers, you most likely failed to acknowledge the fact that potentially sensitive personal information was attached to the pictures in the form of EXIF.
Still, even if you were aware of this possibility, chances are very high that you had no idea of how another party may come across this information. Thus, the practice of removing EXIF from photos would be a fantastic way to avoid giving away your location, and other sensitive information, to potential threat actors.
The following section will outline the procedure of removing metadata from photos within the context of Android, iOS, Windows, and Linux operating systems.
Step 1 – Before Taking Photos
First, before taking any photos, smartphone users should create the habit of disabling their location via phone settings. This follows the fact that smartphones are designed to automatically save user location via GPS whenever photos are captured.
Open the Settings app on your Android and search for either the "Connections" tab or, depending on your phone, the "Privacy" tab.
Choose "Location" and toggle the switch to “off”.
You can also select "Emergency Location Service" and "Google Location Sharing" to switch off location-tracking features there as well.
iOS (iPhone or iPad)
Go to Settings > Privacy > Location Services.
Make sure that “Location Services” is turned off.
For both smartphone operating systems, the above steps will successfully prevent the attachment of GPS location data to your photos – still, turning location settings “off” will not be a surefire way to protect your sensitive information.
Indeed, other aspects of EXIF will still be accessible to potential criminals that may trace the metadata back to you. The rest of the guide will educate you on the appropriate steps to take in order to stay safe.
Step 2 – Taking Photos
Most people fail to pay attention to their phone camera lens when taking photos. A user exposes themselves to potential data leaks whenever they touch their phone camera lens – they end up leaving fingerprints that may be digitally lifted off a photo by tech-savvy criminals.
Therefore, as a first step, it is important that you remember to clean your phone camera lens before capturing any pictures.
The second consideration is your immediate surroundings in the context of the photograph you intend to take. Ensuring that the environment cannot be traced back to you or your personal residence is important in ensuring that you don’t end up leaking sensitive information.
Once you are done with the two steps, you can now go ahead to capture the shots. It would be a great idea to crop or make edits to the photo by adjusting the exposure, contrast, and any other image attribute.
The idea of editing is to create a sharp difference between the photos that you intend to post online from original files. When using social media platforms, image filters serve to add more layers to photos thus making it difficult for other parties to trace metadata back to users.
Otherwise, Facebook claims that they normally remove GPS data from photos as a cybersecurity measure to protect users from accidentally sharing their private info with threat actors.
Step 3 – Removing EXIF
Many tools can be used in EXIF removal, including apps and websites. Point to note, manual removal is the most recommended method – websites cannot guarantee the safety of your personal information once shared for the purpose of metadata removal.
Tails is useful in EXIF removal. To do this, right click on the image file you wish to remove its metadata.
Tails already comes with MAT2 (Metadata Anonymization Toolkit v2).
MAT2 removes all EXIF from files leaving them empty, nothing to see.
Apart from photos, Tails works for files, including .docx, .pptx, .xlsx, .torrent, .flac, and .mp3. – It works by simply right clicking on your file then choosing the "remove metadata" option.
First, it is not advisable for you to use Windows when browsing the dark web. Otherwise, the following steps apply for procedures involving the removal of metadata over the Windows operating system.
Right-click on the picture and choose “Properties”.
Click the “Details” tab. At the bottom of the “Details” tab, you'll see a blue link titled “Remove Properties and Personal Information”.
On the Remove Properties section, select the Remove the following properties from this file option.
Click the Select All to remove all potential properties.
The metadata can be seen in Linux with many apps. Depending on your software set, there is a great chance that you have an app which can display it. For example, Ristretto and Thunar can show this information in image properties.
For your convenience, place all image you want to process to the single folder.
Navigate to that folder.
Open a new terminal and run the following command – to remove the meta data from a single specific picture:
mogrify -strip your_filename.jpg
To process all files at once, execute the command:
mogrify -strip ./*.jpg