You’re Sharing More Than Just Photos
Did I really just send a photograph of the Pizza Bianca that I’m currently making, or did I also expose my residential address when I sent this photo?
Behind every digital photo is a wealth of information that is not normally visible to a user. They are what we call metadata.
Examples of metadata in a digital photograph range from the exact date and time when the photo was taken, to the camera settings used (eg. aperture, shutter speed, ISO), to the GPS coordinates pin-pointing the location where the photograph was taken.
Whenever you send a photograph taken on your iPhone to someone over iMessage, you’re also sharing all the invisible metadata. And while these metadata are not normally visible, they can be easily viewed with an app that is capable of reading them.
So if you’ve ever sent a photograph of your lock at home to a locksmith, you’ve also passed him your address. If you’ve sent photographs of your kids at school to someone, you’ve also told them where your kids are studying.
Scary? Yeah
pico is an iOS 10 iMessage app we made that does three things:
- View otherwise hidden metadata associated with photographs.
- Protect your privacy when sharing photographs.
- Reduce the amount of data used when sharing photographs.
For the purpose of this article, we’ll focus on viewing and stripping of metadata from your images.
pico comes with a handy action extension that not only lets you compress images, but also inspect images from any app that supports the iOS Share Sheet.
Inspecting this photo with pico, we quickly learn that it was taken:
- With the latest iPhone 7 Plus.
- With the telephoto lens (most probably with the depth effect).
- Under relatively bright conditions from the low ISO and fast shutter speed.
- Somewhere near Pearl’s Hill City Park in Singapore.
If we’d like more information, tapping on the ‘i’ info button brings up the full metadata viewer. From which we can see the exact date and time the photograph was taken as well as the GPS coordinates of the location.
When you share this photograph, you’d probably not want everyone to have the GPS coordinates to your home. But you may want the photography buffs among your friends to find what camera and settings were used to capture the photograph.
(This metadata, called EXIF, was what led to the the discovery that a photograph used by Huawei in promoting its P9 dual-camera phone was actually taken on a Canon DSLR and lens).
To investigate whether other popular messaging apps similarly expose potentially sensitive metadata when sending photographs, we tested sending the same photograph using 7 different and popular messaging and communication apps:
- Apple Messages.app
- Apple Mail.app
- LINE
- Telegram*
- Slack
Much to our surprise, only Apple’s own Messages.app and Mail.app consistently expose all metadata included with your photograph, including location information and camera settings.
Compressing images in Mail.app before sending or turning on Low-Quality Image Mode for Messages.app continues to preserve the metadata in the sent images.
It may not be by design that all the third-party apps that we’ve tested completely remove metadata from your photographs. Preserving metadata in your photographs is actually a lot more work than stripping them. All of Apple’s public imaging API that developers have access to strips away all metadata. In pico, we actually had to read the metadata separately, and write it out to the resulting file in order to preserve them.
It is somewhat curious that Apple chooses to preserve all metadata when sharing photographs across its own apps. Whether it is by design or it was something that was overlooked, we can’t be sure.
What we can conclude though is that if you use the third-party apps listed above for messaging, you don’t currently have to worry about exposing potentially sensitive information like your location (but there’s no guarantee behavior this won’t change in future).
If you use iMessage, Mail.app or even iCloud Photo Sharing, consider using pico to strip away metadata that you’d rather not share.
Moving forward, we think Apple should provide a setting to allow users to exclude sensitive metadata from shared photos.
Viewing metadata and protecting privacy are but two reasons why we made pico.
In the next instalment, we’ll look into the amount of data used when sharing photographs over different apps.
We’ll also discuss the relationship between quality and dimensions when it comes to compressing images.
Till then, you can download pico for free from the App Store.
*Telegram can send the actual photo along with all metadata preserved when it is sent as a File instead of a Photo or Video.
