Security Basics mailing list archives

Re: Hacking Pictures?

From: Sven Aluoor <aluoor () gmail com>
Date: Sun, 23 Jan 2011 00:04:04 +0100

On Fri, Jan 21, 2011 at 5:42 PM, Steven Bonici <sbonici () ilaonline org> wrote:

I was speaking to someone from DHS (not a tech) and he was telling me
that there are applications that can "look" at a picture taken from a
cell phone and can get the location of where the picture was taken.  Is
this true?  If so, can someone provide more information?  If this can be
done, people posting pictures from their cell phones to social sites
should be aware of this...

Hi Steven

Quote from https://secure.wikimedia.org/wikipedia/en/wiki/Exchangeable_image_file_format

The Exif format has standard tags for location information. Currently,
a few cameras and some higher-end mobile phones have a built-in GPS
receiver and store the location information in the Exif header when
the picture is taken. Some other cameras have a separate GPS receiver
that fits into the flash connector or hot shoe. Recorded GPS data can
also be added to any digital photograph on a computer, either by
correlating the time stamps of the photographs with a GPS record from
a hand-held GPS receiver or manually using a map or mapping software.
The process of adding geographic information to a photograph is known
as geocoding. Photo sharing communities like Panoramio, locr or Flickr
equally allow their users to upload geocoded pictures or to add
geolocation information online.

With the command line tool "exiftool" you can view those information.
http://www.sno.phy.queensu.ca/~phil/exiftool/

cheers Sven

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Re: Hacking Pictures?, (continued)
- Re: Hacking Pictures? Archangel Amael (Jan 24)
- Re: Hacking Pictures? Morten Wegelbye Nissen (Jan 24)
  - Message not available
    - Re: Hacking Pictures? Marcel Grabher (sallas) (Jan 24)
    - Re: Hacking Pictures? Matthias Appel (Jan 26)
- Re: Hacking Pictures? David Kovar (Jan 24)
- Re: Hacking Pictures? Stephen (Jan 24)
  - Re: Hacking Pictures? Robert Craddock (Jan 24)
- Re: Hacking Pictures? Eitan Adler (Jan 24)
  - RE: Hacking Pictures? Steve Armstrong (Jan 24)
- Re: Hacking Pictures? Hendrik.Lemelson (Jan 24)
- Re: Hacking Pictures? Sven Aluoor (Jan 24)
- Re: Hacking Pictures? Brendan Coles (Jan 24)
- Re: Hacking Pictures? Gustavo Castro (Jan 24)
- Odp: Hacking Pictures? Adrian Ryniec (Jan 24)
- Re: Hacking Pictures? Sherwyn (Jan 24)
- RE: Hacking Pictures? Craig S Wright (Jan 24)
- Re: Hacking Pictures? Jon Janego (Jan 24)
- RE: Hacking Pictures? Murad (Jan 24)
- Re: Hacking Pictures? PacketNull (Jan 24)
  - RE: Hacking Pictures? Steven Bonici (Jan 26)
- Re: Hacking Pictures? Matthew Caron (Jan 24)

(Thread continues...)