One of the things I love about security awareness is that even though I've been at this for years, I never stop learning myself. In preparation for the upcoming April OUCH! newsletter we have been doing alot of research on Metadata, including geo-tagging for images. I always kind of knew that my smartphone was tagging images with the GPS location, but I never really thought of it or the implications. As part of my Metadata research I started playing with past images and was pretty surprised at the amount of information recorded in them. Don't believe it? Here is an photo I took last year. Based on the metadata alone can you determine which security conference I took this photo at or what type of smartphone I used? For bonus points identify what we are about to eat for lunch (street food rocks by the way).
Concerned about sharing private geo-location data in your photographs? Then disable it for your smartphone camera. For the iPhone, that means going into settings and turning location services off for the camera. In addition, when it comes to sharing photo's consider sharing them as a .png and not as a .jpg. By default .jpg images share far more information. Lots more coming in the April edition of OUCH!
PS: By the way, one more thing I learned from researching metadata. Want to do a snapshot of your iPhone screen? Simply hold down the home button, then quickly press then release the on/off switch at the top. You will find your screenshot in your Camera Roll.