Online Security

Very useful and informative post. Thank you for sharing. Always better safe than sorry, especially when involved in this kind of stuff.
 
using a Linux distro is also good since getting is much lower if you can get most of the same applications on Linux now than in the past.
 
dogluver101 said:
AFAIK from testing a few years ago, it does.. I'll test it once more. But if it wasn't mentioned. Be careful with videos, as it's possible its not stripped. Which is why we say make sure location is turned off in general.
Click to expand...
I can tell you with absolute certainty that EXIF data remains present in video files. The largest offenders are iPhone's by a large margin. Not only do they almost always include the GPS data, they also have a unique ID embedded with each that very likely ties the video back to the owner of the phone. It is a good practice to always run your video files through an EXIF stripper first. I am not an iPhone user, but I believe there are few apps for the phone that will do this for you.
 
K9GuyinTX said:
I can tell you with absolute certainty that EXIF data remains present in video files. The largest offenders are iPhone's by a large margin. Not only do they almost always include the GPS data, they also have a unique ID embedded with each that very likely ties the video back to the owner of the phone. It is a good practice to always run your video files through an EXIF stripper first. I am not an iPhone user, but I believe there are few apps for the phone that will do this for you.
Click to expand...
Both my iPhone and iPad include GPS and camera data so I always remove EXIF with the app ‘EXIF viewer’.
 
humananimal said:
Both my iPhone and iPad include GPS and camera data so I always remove EXIF with the app ‘EXIF viewer’.
Click to expand...
I believe this is a feature that can be toggled off in the camera settings (I know it can be on Android devices). However, the unique ID that is embedded in the EXIF still remains and should be stripped out. Also, it is possible and likely that software updates will toggle this feature back on so users of these devices should be vigilant in checking the settings prior to shooting pictures and videos.
 
Security question, If I am torrenting doing I need my vpn active the whole time I am downloading the torrent and when I am actively seeding?
 
notme1 said:
Security question, If I am torrenting doing I need my vpn active the whole time I am downloading the torrent and when I am actively seeding?
Click to expand...
Its best to have it on during the whole process. If you just want the torrent on a vpn. I think some vpn providers have a dual tunnel setting to have the torrent program use vpn and you can set others to bypass it.
 
dogluver101 said:
Its best to have it on during the whole process. If you just want the torrent on a vpn. I think some vpn providers have a dual tunnel setting to have the torrent program use vpn and you can set others to bypass it.
Click to expand...
I have (almost) allways VPN on. As a combined program for antivirus, VPN and more I have used the Norton package for a few years, and for the same price on both PC, iPhones and iPad.
In this thread, several programs are mentioned, but I have not seen Norton. But I haven't had any problems with it.
A few websites rejects me when using VPN, ie. my insuring company and a few webshops. Probably because they are afraid of being cheated.
 
Soooo I was trying to go to this website, and it downloaded a file. Seems like very bad news. I probably typed in the wrong address, yeah?

I immediately deleted the file, and I think I'm going to wipe this pc.

Edit I think I typed in .com and not .net. Well shit.
 
fluffydoggylover said:
Soooo I was trying to go to this website, and it downloaded a file. Seems like very bad news. I probably typed in the wrong address, yeah?

I immediately deleted the file, and I think I'm going to wipe this pc.

Edit I think I typed in .com and not .net. Well shit.
Click to expand...
Yea. It's if you don't include https before the website. I kept mentioning this is happening. But I guess I'm full of it.
A properly configured server should never do that.
 
TeamZoo said:
Does a VPN protect you with downloading and uploading files as well?
Click to expand...
If you upload a file that contains metadata that may be used to identify you, the VPN won't help you. You are then counting on the forum system for removing dangerous metadata. I recommend you check your files and clean the metadata yourself.

What the VPN does is making sure that the forum can't trace you back to your IP address directly, and also makes it so that a network sniffer watching Internet traffic cannot learn you are visiting this forum. Keep in mind that you place a lot of trust on the VPN operator, since the VPN operator can theoretically know and log who you are and which sites you are visiting.

An alternative to VPNs is using the Tor network, but Tor has much slower performance.
 
Ceencee2 said:
There are apps that you can remove the data from your photos before uploading
Click to expand...
Most people dont know.. but iPhone photos are embeded with data .. things like your GPS location - for example.

exif data isnt hard for a website to read and its easy as well for a person to read.
 
Jtiller997 said:
Most people dont know.. but iPhone photos are embeded with data .. things like your GPS location - for example.

exif data isnt hard for a website to read and its easy as well for a person to read.
Click to expand...
Like I wrote earlier.
Take a picture with your iPhone / iPad, view the photo and press the ‘i’ function. Then you will see a lot of information about the picture, which camera and settings and a small map showing the location where this photo was taken !!
So all photo I get, from ZV and other of this sort, is cleaned from EXIF data before saving.
 
humananimal said:
Like I wrote earlier.
Take a picture with your iPhone / iPad, view the photo and press the ‘i’ function. Then you will see a lot of information about the picture, which camera and settings and a small map showing the location where this photo was taken !!
So all photo I get, from ZV and other of this sort, is cleaned from EXIF data before saving.
Click to expand...
Most websites clean photos of EXIF data while uploading the photo - this is done for many reasons, some un-intentional but

  1. Privacy and Security: EXIF data can contain sensitive information, such as the location where the photo was taken (GPS coordinates), the date and time it was captured, and details about the camera used. Websites may strip this data to protect the privacy and security of their users.
  2. Reducing File Size: EXIF data can increase the size of an image file. Removing it helps to reduce the file size, which is particularly important for web use, as it decreases loading times and saves bandwidth.
  3. Uniformity and Processing: When users upload photos, websites often process these images to conform to certain standards or formats. This processing can include resizing, cropping, and compressing, which can strip out EXIF data.
  4. Simplification and Compatibility: Removing EXIF data can simplify image handling and ensure compatibility across different platforms and devices. Some websites or applications might not support all types of EXIF data, so removing it can help avoid compatibility issues.
  5. User Preferences and Control: Some users prefer not to share certain details included in EXIF data. Websites may provide an option to remove this data during the upload process, either as a default setting or as a choice for the user.

Exif data is generally removed when uploading GLOB data for example automatically, its just what happens to the image, its not like the website chose to do this. In other sites Exif data is purposely removed for user security should their upload system somehow not strip it automatically. Modules like FFMPEG strip it automatically, this is the most common used image handler online.
 
Jtiller997 said:
Most websites clean photos of EXIF data while uploading the photo - this is done for many reasons, some un-intentional but

  1. Privacy and Security: EXIF data can contain sensitive information, such as the location where the photo was taken (GPS coordinates), the date and time it was captured, and details about the camera used. Websites may strip this data to protect the privacy and security of their users.
  2. Reducing File Size: EXIF data can increase the size of an image file. Removing it helps to reduce the file size, which is particularly important for web use, as it decreases loading times and saves bandwidth.
  3. Uniformity and Processing: When users upload photos, websites often process these images to conform to certain standards or formats. This processing can include resizing, cropping, and compressing, which can strip out EXIF data.
  4. Simplification and Compatibility: Removing EXIF data can simplify image handling and ensure compatibility across different platforms and devices. Some websites or applications might not support all types of EXIF data, so removing it can help avoid compatibility issues.
  5. User Preferences and Control: Some users prefer not to share certain details included in EXIF data. Websites may provide an option to remove this data during the upload process, either as a default setting or as a choice for the user.

Exif data is generally removed when uploading GLOB data for example automatically, its just what happens to the image, its not like the website chose to do this. In other sites Exif data is purposely removed for user security should their upload system somehow not strip it automatically. Modules like FFMPEG strip it automatically, this is the most common used image handler online.
Click to expand...
I agree with your post.
But that most websites removes EXIF data will sadly not guarantee it in generally.
Other users wrote that it is done here on ZV, maybe pictures but not correct for videos - I have two times downloaded videos where I found that the videos contained EXIF data, which not only revealed data about the date and time, camera type and settings, but also the GPS location.
So my iPad showed a map of the location, just by pressing the ’I’ function !
So I PM’ed the author to warn about it.
 
humananimal said:
I agree with your post.
But that most websites removes EXIF data will sadly not guarantee it in generally.
Other users wrote that it is done here on ZV, maybe pictures but not correct for videos - I have two times downloaded videos where I found that the videos contained EXIF data, which not only revealed data about the date and time, camera type and settings, but also the GPS location.
So my iPad showed a map of the location, just by pressing the ’I’ function !
So I PM’ed the author to warn about it.
Click to expand...
Oh i see, so sometimes on ZV the meta data, exif data etc isnt stripped?

If they use FFMPEG for file handling changing some settings is quite simple to remove all exif data, and the administrators should be made aware, please send them detailed message about your experience.
 
Jtiller997 said:
If they use FFMPEG for file handling changing some settings is quite simple to remove all exif data, and the administrators should be made aware, please send them detailed message about your experience.
Click to expand...

I just checked some video. Both the name of the Zoo and the animal involved can be found out from metadata alone. This is a bit concerning.

The Tails Linux distribution comes with a metadata removal tool which works quite fine and is designed for preventing scenarios such as this. Maybe we should pick a solution such as this and post it as a recommended option, but it would be good if the forum software itself stripped the metadata from the videos itself.
 
dogluver101 said:
Yea. It's if you don't include https before the website. I kept mentioning this is happening. But I guess I'm full of it.
A properly configured server should never do that.
Click to expand...
@ZTHorse I have hit the problem of redirection to plain http before as well. The forum should not even have the http version available because it is plain text, unencrypted and not secure.
Either the corresponding port should be closed or automatic redirection to https set or the server should have the plain http disabled completely.
 
If I download something to my computer and then upload it here, not a picture I took but just an internet file. Could that contain any potentially identifying meta data?
 
TeamZoo said:
If I download something to my computer and then upload it here, not a picture I took but just an internet file. Could that contain any potentially identifying meta data?
Click to expand...
Usually not a problem if you just downloaded an image from another site. Can always check with a metadata viewer, like Mediaview to see if it has anything.
 
foalmaker said:
I just checked some video. Both the name of the Zoo and the animal involved can be found out from metadata alone. This is a bit concerning.

The Tails Linux distribution comes with a metadata removal tool which works quite fine and is designed for preventing scenarios such as this. Maybe we should pick a solution such as this and post it as a recommended option, but it would be good if the forum software itself stripped the metadata from the videos itself.
Click to expand...
the forum can easily do that, this forum is 100% definately PHP driven, so they just need to save the image, remove the data and then re-save the image
 
Wolf_Moon said:
When I was younger and dumber I would just straight up google horse dicks with no VPN/encryption lol.

I use TOR browser for anything Zoo related now but I don't have dedicated VPN like Nord. Will I be fine for the most part just using an encrypted browser like TOR for browsing ZV?.

Thanks for the info.
Click to expand...
You really need a combination of both van and tor

May I leave a couple of links. They are both the same video, the second link is for brave browser users 👍
 
Last edited by a moderator:
You must log in or register to reply here.
Back
Top