Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
I always remove this data from my screenshots before sharing, but is there any way to prevent this from happening in the first place? I've searched and searched, but all I can find is information about how to remove the data after the fact, which I already know how to do, but it would sure be nice if it never got added in the first place. Thanks.
I knew I'd get a comment like this eventually. There's no rational reason it should be adding this data at all, and there should be a way to disable this behavior. The camera I use doesn't add this data when I take a photo, and there's no reason taking a screenshot should do so.
The software version doesn't just say "Android 14" either. It looks very specific.
No matter how you look at it, this is not an acceptable way for a device to behave, with no way to change it in settings.
Yeah, it's likely a rather precise Android version.
So what? What does the Android version you use reveal about you? What part of your threat model does it violate?
Here, you can have the exact version of my phone: lineage_FP4-userdebug 13 TQ3A.230901.001 2023111915 test-keys. Can you identify me now?
(In my case, you theoretically actually could because my version is unique because I homebrew my Android but if you didn't know that, it'd look like any other FP4 with [email protected] on it which is why I'm not at all worried.)
Adding useful metadata that reveals no actual data about the user is a great feature and not worth adding a setting for; especially not in the UI.
I didn't know about this before but I'll look out for that whenever sends a bug report of a mobile app with screenshot as it might include the device and Android version used which is super useful info to have when troubleshooting.
Combined with your user agent string, timezone, IP address etc it allows you to be tracked more accurately through probabilistic matching on the internet. All this stuff gets recorded as a matter of course when you visit websites and send emails.
That argument ignores that you need an account to upload pictures in most places (including here); you're already identified.
Ignoring that, while it is technically true that the Android version adds a data point and therefore identifying bits of information, you'd still be one of 10^5 - 10^6 people in the same time zone with the same device/version combo unless you're using some extremely uncommon device or are in an extremely unpopulated time zone. Compared to user agent and IP address, this is extremely little information and I'd argue quite useless without. If you need such strongly identifying data to even make any use of this, I don't think it's worth worrying about.
Besides, if you control a forum or other site that allows picture uploads and wanted to identify a user, there are so much better methods than any of this.