Detectify
Knowledge Base

Back to Knowledge Base

Support Center

Metadata Information Leakage

Last Updated: Apr 22, 2017 12:17AM CEST

Many popular file types contain metadata. Metadata is information about the file that can include details like the software used in creating it, name of the author of the file, local computer username, and more. The data varies depending on file type; in pictures it could be geo coordinates of the location the photo was captured or what camera was used.

What can happen?

The most common issue is that the metadata might expose more information than you are aware of. If you are trying to stay anonymous, metadata could expose your name, and details such as the location of a captured picture may be bad even though you as an author are not anonymous.

Even if all that information is considered public, information such as software version of programs used to produce the file can be interesting for an attacker to use the knowledge in further attacks.

Example

John McAfee is a well-known person within the security community with many strange stories. A few years back he was on the run escaping the police who wanted to question him regarding a murder. With him was a journalist allowing him to reach out with his version of the story.

The problem occurred when the journalist published a photo from their journey. Anyone was able to look up where the photo was taken, which is not that convenient when you are on the run.

There are of course many more situations other than fleeing the police where this could be a problem. Whether you are trying to be anonymous or aiming not to overshare personal data without being aware of it, metadata information leakage can become a problem, so make sure you are not betrayed by your files.

Remediation

There is no standard or established way of removing metadata from files. The process varies depending on the file format so research on the Internet needs to be done for each one of them. We have not audited any software for this enough to be able to recommend it.

However, just by being aware of metadata you have come far, regardless of whether you remove it or not.

Resources


support@detectify.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete