this post was submitted on 16 Mar 2024
87 points (98.9% liked)

Privacy

31939 readers
675 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I always remove this data from my screenshots before sharing, but is there any way to prevent this from happening in the first place? I've searched and searched, but all I can find is information about how to remove the data after the fact, which I already know how to do, but it would sure be nice if it never got added in the first place. Thanks.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 23 points 8 months ago (2 children)

Is this all the metadata it adds?

Because the information you've shown here is not at all sensitive. It's just the timestamp, Android version and time zone.

[–] [email protected] 3 points 8 months ago

No, but when combined with other data it makes identifying someone more accurate. And what is the need for it anyway? OP is reasonable to not want it IMO.

[–] [email protected] 1 points 8 months ago (2 children)

I knew I'd get a comment like this eventually. There's no rational reason it should be adding this data at all, and there should be a way to disable this behavior. The camera I use doesn't add this data when I take a photo, and there's no reason taking a screenshot should do so.

The software version doesn't just say "Android 14" either. It looks very specific.

No matter how you look at it, this is not an acceptable way for a device to behave, with no way to change it in settings.

[–] [email protected] 20 points 8 months ago (3 children)

There's no rational reason

https://xkcd.com/1172/

I don't share screenshot frequently, and I store them for a long time, in 10 years in the future this data can be useful, I won't remember what phone and rom I had, so it can be useful for some people. I also store gps data in my photos' exifs, but again I never share them on the public internet.

But a button to switch it onoff would be useful, that's true.

load more comments (3 replies)
[–] [email protected] 11 points 8 months ago (3 children)

The software version doesn’t just say “Android 14” either. It looks very specific.

Yeah, it's likely a rather precise Android version.

So what? What does the Android version you use reveal about you? What part of your threat model does it violate?

Here, you can have the exact version of my phone: lineage_FP4-userdebug 13 TQ3A.230901.001 2023111915 test-keys. Can you identify me now?

(In my case, you theoretically actually could because my version is unique because I homebrew my Android but if you didn't know that, it'd look like any other FP4 with [email protected] on it which is why I'm not at all worried.)

No matter how you look at it, this is not an acceptable way for a device to behave, with no way to change it in settings.

Adding useful metadata that reveals no actual data about the user is a great feature and not worth adding a setting for; especially not in the UI.

I didn't know about this before but I'll look out for that whenever sends a bug report of a mobile app with screenshot as it might include the device and Android version used which is super useful info to have when troubleshooting.

[–] [email protected] 5 points 8 months ago (6 children)

A precise android version could for example be used to target you with an exploit for that version.

I agree with OP, it shouldn't behave like this because the expectation with screenshot software is that it doesn't add any metadata and if it would it should be explicit and probably opt-in.

[–] [email protected] 1 points 8 months ago

because the expectation with screenshot software is that it doesn't add any metadata

I'm not sure where you got that idea but I assume the opposite. Many devices add metadata by default

load more comments (5 replies)
[–] [email protected] 3 points 8 months ago (1 children)

Combined with your user agent string, timezone, IP address etc it allows you to be tracked more accurately through probabilistic matching on the internet. All this stuff gets recorded as a matter of course when you visit websites and send emails.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

That argument ignores that you need an account to upload pictures in most places (including here); you're already identified.

Ignoring that, while it is technically true that the Android version adds a data point and therefore identifying bits of information, you'd still be one of 10^5 - 10^6 people in the same time zone with the same device/version combo unless you're using some extremely uncommon device or are in an extremely unpopulated time zone. Compared to user agent and IP address, this is extremely little information and I'd argue quite useless without. If you need such strongly identifying data to even make any use of this, I don't think it's worth worrying about.

Besides, if you control a forum or other site that allows picture uploads and wanted to identify a user, there are so much better methods than any of this.

load more comments (1 replies)
[–] [email protected] 11 points 8 months ago (2 children)

That's so weird, exif on a screenshot? Usually my quick fix to remove exif from something when I'm on the go is to take a screenshot of it. I'm on lineage 21 and according to exiftool there's no exif data on my screenshots.

[–] [email protected] 6 points 8 months ago (1 children)

Do you have a Samsung phone? I'm starting to think it might be yet another Samsung thing.

[–] [email protected] 5 points 8 months ago

Google Pixel 5, if you're using a stock rom then that sounds likely.

[–] [email protected] 4 points 8 months ago (1 children)

On lineageOS 20 it records the exact android build string as the Software for me, so "Android lineage_pdx215-userdebug 13 TQ3A.230901.001 b30079afa2". Which is probably enough to uniquely identify me, and you if you have a less common phone or are on an older or uncommon version.

Needless to say I am pissed.

load more comments (1 replies)
[–] [email protected] 8 points 8 months ago (1 children)

Wtf. What phone are you using?

[–] [email protected] 3 points 8 months ago

Basically all new phones have that.

[–] [email protected] 7 points 8 months ago (1 children)

GrapheneOS Camera is very nice. May only work on Pixels, but on stock android (which is an insane tracking platform you should ditch) too.

Https://github.com/grapheneos/apps/releases/latest

Download their appstore, there you get the camera app.

[–] [email protected] 2 points 8 months ago (1 children)

Thanks. I've been looking for a replacement app for the camera since the one I use was bought out.

[–] [email protected] 2 points 8 months ago

This was about screenshots, sorry. No idea, dont think you can change that without a different android OS

[–] [email protected] 6 points 8 months ago (1 children)

Same here, but no "sensitive" information like what Android version I use or anything like that. It depends on what phone you use, I guess. I use a Pixel 6a with GrapheneOS.

[–] [email protected] 2 points 8 months ago

Mine's a Samsung S21FE so I don't think I can use that OS

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago) (1 children)

ObscuraCam of Guardian Project doesn't save metadata. OpenCamera is highly configurable.

edit: ah, screenshots. I think in LineageOS it's part of the launcher (app-switch doesn't work with default launcher disabled) or backed into the system. If it's the second and you have a vendor OS, guess you can only flash a custom ROM to fix it.

[–] [email protected] 1 points 8 months ago (1 children)

Yeah, unfortunately I don't believe I can flash a custom rom onto a Samsung. Ugh.

Thanks for responding!

[–] [email protected] 3 points 8 months ago* (last edited 8 months ago) (2 children)

You can, but, it's a select few models and most are older.

Edit: personally I don't flash my phone because I'm poor and can't risk bricking it

[–] [email protected] 3 points 8 months ago (1 children)

Honestly, hard bricking (damaging the bootloader beyond repair) is really hard and soft bricking is solved by getting to download mode and flashing the correct version. While starting with custom roms, having no idea what i do, i flashed my Galaxy Xcover 1 with the OS for a sub-version of the device and it almost worked.

[–] [email protected] 3 points 8 months ago

That's good to know, thank you.

[–] [email protected] 3 points 8 months ago

I’m poor and can’t risk bricking it

Truth, I feel this too. My phone was a birthday present from my husband too, so I'd feel really bad if I bricked it.

[–] [email protected] 3 points 8 months ago (1 children)

What phone, what camera app, what Android version (and be specific if the manufacturer or service provider added their own customizations, as is common with Samsung and most major service providers).

[–] [email protected] 4 points 8 months ago (1 children)

Android 14, and it's Samsung so I know they add their own restrictions, etc., but I'm not sure what they all are. Nothing good lol

I'm using Simple Camera, which I do plan to replace, but it doesn't save exif data to the photos I take. It happens when I use the volume + power button combo to take screenshots.

When I open any photo taken with my camera, I see no exif data at all.

[–] [email protected] 4 points 8 months ago (2 children)

Oh, yuck. Yeah, I have a Samsung phone, too, and can't figure out how to strip exif data from screenshots. You might be stuck with a third-party exif-stripper app.

[–] [email protected] 3 points 8 months ago

Yeah that's what I've been using. I was hoping there'd be a way to just not include exif data in the first place.

load more comments (1 replies)
[–] [email protected] 2 points 8 months ago (1 children)

What app are you using to see the exif data? Perhaps my screenshot has this info as well but the different apps I use to view exif data do not show it.

[–] [email protected] 1 points 8 months ago (2 children)

I'm using an app called Image Toolbox

I use a FOSS camera, and when I take photos I can see there's not any exif data, but there is when I use the volume/power combo to take screenshots.

[–] [email protected] 6 points 8 months ago (2 children)

Screenshots are taken using a different app (screenshot utility). Camera apps have nothing to do with it. Who is your phone's manufacturer?

[–] [email protected] 1 points 8 months ago (1 children)

It's Samsung

I looked in settings, but I didn't see anything that looked relevant to metadata

[–] [email protected] 3 points 8 months ago (1 children)

I don't think Samsung has the feature to disable it

[–] [email protected] 2 points 8 months ago

Yeah, that's what I'm starting to think. Ugh, so frustrating! I'll just keep removing it after the fact. Thanks!

[–] [email protected] 1 points 8 months ago (1 children)

I don't see a screenshot app in the apps list, even when I select to show system apps.

[–] [email protected] 3 points 8 months ago

I believe it can be a part of a system app (Core API, Android System etc)

[–] [email protected] 2 points 8 months ago (3 children)

Ok, yes, my phone (which is not a Samsung) also includes some info in screenshots.

[–] [email protected] 1 points 8 months ago

Is there a way to prevent this?

load more comments (2 replies)
[–] [email protected] 2 points 8 months ago

I don't know of a screen shot app that works without addind metadata to screen shots. What I use is "Metadata Remover" from Fdroid: https://apt.izzysoft.de/fdroid/index/apk/rocks.poopjournal.metadataremover

You take a screen shot, open the screen shot image from Metadata Remover, click on "Remove metadata", and the moment it's done, it'll take you to share automatically.

I hope this helps you.

load more comments
view more: next ›