this post was submitted on 16 Mar 2024
87 points (98.9% liked)
Privacy
32013 readers
1392 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Is this all the metadata it adds?
Because the information you've shown here is not at all sensitive. It's just the timestamp, Android version and time zone.
I knew I'd get a comment like this eventually. There's no rational reason it should be adding this data at all, and there should be a way to disable this behavior. The camera I use doesn't add this data when I take a photo, and there's no reason taking a screenshot should do so.
The software version doesn't just say "Android 14" either. It looks very specific.
No matter how you look at it, this is not an acceptable way for a device to behave, with no way to change it in settings.
Yeah, it's likely a rather precise Android version.
So what? What does the Android version you use reveal about you? What part of your threat model does it violate?
Here, you can have the exact version of my phone: lineage_FP4-userdebug 13 TQ3A.230901.001 2023111915 test-keys. Can you identify me now?
(In my case, you theoretically actually could because my version is unique because I homebrew my Android but if you didn't know that, it'd look like any other FP4 with [email protected] on it which is why I'm not at all worried.)
Adding useful metadata that reveals no actual data about the user is a great feature and not worth adding a setting for; especially not in the UI.
I didn't know about this before but I'll look out for that whenever sends a bug report of a mobile app with screenshot as it might include the device and Android version used which is super useful info to have when troubleshooting.
A precise android version could for example be used to target you with an exploit for that version.
I agree with OP, it shouldn't behave like this because the expectation with screenshot software is that it doesn't add any metadata and if it would it should be explicit and probably opt-in.
I'm not sure where you got that idea but I assume the opposite. Many devices add metadata by default
If you have the Mossad targetting you, that's an extreme edge-case which has no place in an argument about online privacy.
Except who's trying to argue? I'm merely asking if anyone knows a way to prevent metadata from being saved to my screenshots. I'm not looking for an argument.
If this type of inquiry doesn't belong in this community, I'd gladly take advice on where to ask instead.
If you're not looking to question your views, then ignore people like me who do. Though as a general rule of thumb, not questioning your own views may not be the best strategy in life but you do you.
Except you aren't questioning anyone's views, you're making an argument that barely touches the subject it responds to. And doing so in a very argumentative and condescending way.
So yeah, it doesn't really belong in a civil discussion.
It's fine to as that sort of question; I wouldn't say it doesn't "belong in this community". That doesn't mean it makes sense to care about this which is what I wanted to point out.
Combined with your user agent string, timezone, IP address etc it allows you to be tracked more accurately through probabilistic matching on the internet. All this stuff gets recorded as a matter of course when you visit websites and send emails.
That argument ignores that you need an account to upload pictures in most places (including here); you're already identified.
Ignoring that, while it is technically true that the Android version adds a data point and therefore identifying bits of information, you'd still be one of 10^5 - 10^6 people in the same time zone with the same device/version combo unless you're using some extremely uncommon device or are in an extremely unpopulated time zone. Compared to user agent and IP address, this is extremely little information and I'd argue quite useless without. If you need such strongly identifying data to even make any use of this, I don't think it's worth worrying about.
Besides, if you control a forum or other site that allows picture uploads and wanted to identify a user, there are so much better methods than any of this.
So ... do you have a way to stop screenshots from saving metadata to my screenshots or not? I've indicated my wishes. If you don't want to help, then please ignore the post.