this post was submitted on 11 Jul 2023
110 points (96.6% liked)

Asklemmy

43817 readers
870 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Title. I'm not the best with privacy... But wanted to upload a picture of my pupper. Thanks!

top 50 comments
sorted by: hot top controversial new old
[–] ted@sh.itjust.works 64 points 1 year ago (5 children)

Exif data is stripped when uploading to Lemmy.

[–] jayknight@lemmy.ml 27 points 1 year ago (2 children)

But you never know (unless you run your own instance) if your instance has been modified to record it somewhere before it is removed.

[–] XpeeN@sopuli.xyz 9 points 1 year ago* (last edited 1 year ago) (3 children)

But it is an open source project and the developers views are strongly in favor of privacy, so yeah you can self host it or check the source code. But I think it's safe to assume they didn't program it like that.

Note that people who host an instance can theoretically change it, but still I wouldn't worry it'll actually happen.

[–] SketchySeaBeast@lemmy.ca 18 points 1 year ago (2 children)

Instance admins are pulling the code down and implementing it in their server. They could easily slip in some malicious backend code and there would be no way to verify it.

[–] XpeeN@sopuli.xyz 6 points 1 year ago

Of course, I said that too. And unless you self host yourself you have to trust the instance you're using. But the question itself was more about lemmy in general, and most people just deploy the docker image or something.

Also, I don't believe that, assuming an average person host an instance, the host will want some random people metadata from photos. It's not big corps that process every bit of data they get.

[–] Serinus@lemmy.ml 1 points 1 year ago

Which is good to be aware of, but I don't think they'd want your image exif data.

[–] Anders429@lemmy.world 5 points 1 year ago (1 children)

Rule #1 in internet privacy: don't assume best intentions of anyone. Just because it is open source does not mean whoever hosts the instance didn't modify the source.

[–] frankivo@feddit.nl 4 points 1 year ago (1 children)

Then what is the first rule?

[–] blackstrat@lemmy.fwgx.uk 3 points 1 year ago

Pascal indexes are the best

[–] Butter_My_Buttcheeks@lemmy.fmhy.ml 2 points 1 year ago (1 children)

Good point. I'm just now getting to this thread to see all the replies, so I bet I'll find some answers on how to do it via my android

[–] XpeeN@sopuli.xyz 2 points 1 year ago (1 children)

But it is an open source project and the developers views are strongly in favor of privacy, so yeah you can self host it or check the source code. But I think it's safe to assume they didn't program it like that.

Note that people who host an instance theoretically change it, but still I wouldn't worry it'll actually happen.

[–] reclipse@lemdro.id 11 points 1 year ago (1 children)

Depends on how much you trust your instance admins.

[–] XpeeN@sopuli.xyz 3 points 1 year ago (1 children)

Isn't this comment deleted for you too? (I replied twice by mistake)

Anyway, yeah I completely agree. But as I replayed to a user at my other reply:

I don’t believe that, assuming an average person host an instance, the host will want some random people metadata from photos. It’s not big corps that process every bit of data they get.

[–] dandroid@dandroid.app 3 points 1 year ago (1 children)

No, it's not deleted for me. I had the same problem as you. I replied twice, immediately deleted one, then had people responding to both and telling me that I replied twice.

It's really scary that deleting comments doesn't work 100% of the time. And it's ironic, given the topic of this discussion is privacy. Not being able to guarantee that your comments can be deleted 100% is a huge privacy concern. It might even be illegal in Europe, but idk.

[–] XpeeN@sopuli.xyz 4 points 1 year ago (1 children)

The deleted comments don't get deleted too tho. The last edit is saved on the server anyways, so if you really want to delete something, edit it first and then delete it.

[–] dandroid@dandroid.app 1 points 1 year ago

Since then, I have been editing my comments several times to different variants of the word "Deleted". Sometimes, I do brackets, sometimes I do Italics.

[–] someguy3@lemmy.ca 6 points 1 year ago (1 children)
[–] ted@sh.itjust.works 4 points 1 year ago (1 children)

Yes, big platforms have stripped this for years. It is in their best interest to do so.

Well... Ever since I left reddit I'm not just lurking around. I feel compelled to participate as a fuck you to reddit. Didn't know they did that

Apologies on the delay!!! Work happens. Good to know that is covered.

[–] resurrexia@kbin.social 3 points 1 year ago (3 children)
[–] ted@sh.itjust.works 5 points 1 year ago

Just guessing based on this open issue, kbin has not done this yet.

I looked at kbin before going with lemmy... So not sure what kbin can do

[–] neal@lemmy.world 0 points 1 year ago (1 children)

Look at who you responded to. It's one of the usernames you pinged. Just saying πŸ™‚

[–] SatyrSack@lemmy.one 1 points 1 year ago (2 children)

I think that's a kbin thing, where any time you reply to a comment, your comment includes an @ to that comment's author. I think the only one they intended to "ping" was butterface

[–] keegomatic@kbin.social 0 points 1 year ago (1 children)

Not a kbin thing… might be an extension though. I’m on kbin and no automatic mention was added to the top of this comment when I replied to you.

[–] effingjoe@kbin.social 1 points 1 year ago (1 children)

It's a setting (default off) called Add mention tags in entries under the "Writing" subsection.

[–] keegomatic@kbin.social 1 points 1 year ago (1 children)

Oh, interesting! Thanks for pointing that out. Side note: entries… I hope kbin adopts better language for what to call Reddit-like posts (articles), Twitter-like microblog posts (posts), and comments (entries?). I never would have guessed entries == comments. Maybe this is ActivityPub-specific naming? It reminds me of a past job where we surfaced internal technical names as the names of products and features… it just confused customers.

[–] effingjoe@kbin.social 1 points 1 year ago* (last edited 1 year ago)

Yes, there needs to be a glossary somewhere to get people up to speed, or some kind of on-boarding process. It's also plausible that some of the naming conventions are from translation weirdness, and, as you say, backend Activitypub naming conventions that frontend users don't normally see.

I made a magazine (aka a community, aka a sub[reddit]) specifically so I could play around with kbin to figure things out. Right now, trial and error is all we have, as I imagine all the devs are more busy with more technical issues than naming conventions.

[–] Wolf@lemm.ee 42 points 1 year ago (1 children)

Great question, but also better to remove it yourself just for the peace of mind.

[–] NightOwl@lemmy.one 4 points 1 year ago

Yep, safest route is to be cautious and do it yourself if it is enough of a concern.

[–] SeeJayEmm@lemmy.procrastinati.org 13 points 1 year ago (1 children)

That is an absolutely amazing question that I'd also like the answer to.

I did a test upload of an image I knew had location data and it appeared to be stripped when I viewed the post. That being said I'd like a definitive answer and I do agree with everyone saying, the only way to know for sure is to do it yourself.

[–] A_S_B 11 points 1 year ago (1 children)

Follow-up question: how one removes the metadata from a picture or archive ?

Using tools like meta data cleaner from flathub and other tools have the feature built in. Also like with main social media it does it when uploaded

[–] lasagna@programming.dev 4 points 1 year ago (1 children)

I would suggest getting to the root of the issue and disable it on your camera app.

On to look at the Google app to see if there are settings for it

[–] I_Miss_Daniel@kbin.social 3 points 1 year ago (1 children)

I'm not sure anyone would want to steal your butter.

[–] Butter_My_Buttcheeks@lemmy.fmhy.ml 1 points 1 year ago (1 children)
[–] I_Miss_Daniel@kbin.social 1 points 1 year ago

How do you apply it?

[–] Blizzard@lemmy.zip 2 points 1 year ago* (last edited 1 year ago)

I'd disable attaching metadata to pictures in your phone setting in the first place, especially location.

[–] ablackcatstail@lemmy.goblackcat.com 2 points 1 year ago (3 children)

It's a good idea for the sake of your privacy to remove the metadata from the picture. While for a picture of a pet it is less important, it's still a good idea to get in the habit of nixing the metadata. Don't make it easier for you to be tracked and profiled.

Agreed - even if it's doggo... It has data on it

[–] apex32@lemmy.world 1 points 1 year ago

for a picture of a pet it is less important

What? That would likely give away the location of your home.

[–] mizu6079@lemmy.world 1 points 1 year ago

Why would it be less important for pet pics though? I think it would be more important because you probably take those pics at home and your home location might get leaked.

[–] M_Reimer@lemmy.world 1 points 1 year ago

Just to be sure you should always remove information, you don't want on the internet, by yourself.

I always have most metadata storage disabled on my smartphone. Good way to prevent leaking of a location stored in images.

[–] Doe@lemmy.world 1 points 1 year ago

If sharing from iOS, you can chose to strip the information when sharing.

The language on the toggle however suggests the metadata is only shared when using AirDrop.

load more comments
view more: next β€Ί