I used to manually remove for example the GPS location when using Reddit since I don’t trust them. Does Lemmy or any Android client remove it by default?
You must log in or register to comment.
I have just tested by uploading/re-downloading an image, and the EXIF data is removed.
I then looked through the Lemmy issues and found this issue related to the image-uploading back-end (pict-rs) removing the EXIF data. In response to this issue, the developer of pict-res (asonix) comments that striping the EXIF data was one of the original motivations for building the uploader.
I am not sure about how to search through the source code of pict-rs, and it seems like this step is not properly documented in the readme file, so I have not been able to find exactly where the metadata removal operation takes place. I think that this is done by invoking ‘exiftool’.
Uploaded this test image in the comment with modified metadata (no gps tag but added software, date, vendor info as exif tags) and after downloading it does not contain any metadata anymore. So seems like at least that server does remove it?
Thanks for your effort :) So it seems like you have to trust your instance?
Yes, but that’s something anyway;
- DM’s are unencrypted and stored in the database.
- If the instance owner decides to pull the plug it’s all gone.
So by joining an instance you’re putting trust in the owner of the instance either way.
But there is still a difference between the owner being able to take my public content offline and them knowing my private location. However, since my instance is non commercial and doesn’t make any money by tracking it shouldn’t be that bad to trust them on that.
Yeah probably. Seems like the image is not stored in its original form in this case but might depend on server settings and the image file. So as always private data like geo tags should be removed before uploading.
Most likely no.
It’s better to remove such metadata manually if you care about it.
I believe this has more to do with pict-rs than Lemmy (the image handling back end that Lemmy uses). I’m struggling to find specifics on this from my phone right now though.
