Beware of "one-click leakage" of private information when posting photos on social media

　　Beware of "one-click leakage" of private information when posting photos on social media

　　Exif is a standard information that helps users categorize photos in the process of finding, managing, and using photos.

More importantly, the key to distinguishing digital photos from film is the digital editing in the later stage. It is Exif that records some professional data during the shooting process, which can assist photographers to do some professional debugging.

　　Recently, the topic of "sending original pictures or exposing privacy" has been trending on Weibo.

For a time, the protection of personal privacy information has once again received widespread attention.

　　In the report, the reporter sent a photo of the original image taken at random to the expert, and the expert quickly read a lot of information contained in the photo.

This information includes not only the shooting time, shooting equipment, and the specific location where the shooting took place, but also if the latitude and longitude information is entered into the map software, the building where the photo was taken can be found immediately and accurately.

This made netizens exclaim: God, I don't dare to post the original picture again!

　　In fact, sending the original image in WeChat or email will send the photo and information together, and anyone can read it.

How is this information generated?

Which processing technologies can best protect users' personal privacy?

How should the public increase their awareness of personal protection?

Science and Technology Daily reporters interviewed front-line cybersecurity experts on these issues.

　　Private information lurks in digital image generation

　　"When we send the information in the form of the original image or the original file, the Exif information will be sent together, which has nothing to do with whether we use WeChat to send or not." Pan Bowen, a senior security expert of Antiy Mobile Security, said in an interview with a reporter from Science and Technology Daily, Each digital photo has a set of information in an exchangeable image file format, referred to as Exif, which is the self-contained information generated when the photo is taken, mainly including the exact location and time when the photo was taken, and the unique ID number of the shooting device.

"This information is automatically generated when a photo is taken with a smartphone or digital camera," Powen said.

　　So, why are these private information stored and displayed in photos, and what are their irreplaceable roles?

Pan Bowen told a reporter from Science and Technology Daily that Exif is a standard information that can help users classify and process photos in the process of finding, managing, and using photos.

More importantly, the key to distinguishing digital photos from film is the digital editing in the later stage. It is Exif that records some professional data during the shooting process, which can assist photographers to do some professional debugging.

　　At present, the camera programs of smartphones such as Huawei and Xiaomi provide a switch to turn off automatic recording of geographic location information.

When "Record and save location information" is turned off, the phone will not be able to use the product function of filtering and viewing the photo stream according to the shooting location in the album.

"In this way, the location information will not be included in the original file of the photo, but the shooting time and device identification information will still exist." Poon added.

　　From the perspective of the whole process, a key link involved in exposing or leaking privacy due to shooting content is "image intelligence analysis".

In an endless stream of typical cases, relevant personnel can often analyze the location of the photographer through various information such as buildings, signs, and angles in the photos, and some can even be accurate to the specific floor where the photographer is located.

Based on this, combined with the shooting timestamp information in the photo file, it will still lead to privacy leakage.

Pan Bowen reminded, "So removing the geographic location information during the shooting process can indeed improve privacy security, but it cannot be done once and for all."

　　Social platforms and device manufacturers can continue to improve quality

　　The transmission of information depends on channels, and most of the transmission channels of high-definition original images are social platforms.

　　In order to facilitate information transmission and protect personal privacy, when users upload or share photo files on some mainstream social platforms, the program will crop or compress the files by default.

"During this process, the photos will not only become smaller, but the original Exif information will also be removed or modified, which is a kind of protection for private information," said Pan Bowen.

　　For example, when sharing photo files in WeChat, there will be an option of "original image". This procedural setting is a good prompt and choice for users, that is, whether to transmit high-definition original images, the decision-making power lies in in the hands of the user.

　　Pan Bowen suggested that for social platforms, in order to help users avoid exposing the privacy of original photos, users can provide a pre-check function when users choose to upload or share pictures, and remind users when suspected sensitive information is detected. the existence of a security risk, or remove it.

Of course, in order to improve the interactive experience, the social platform can also provide a built-in function of automatically deleting the Exif information of pictures.

　　When a user takes a picture with a mobile phone, can the generated picture be automatically protected for information?

For shooting manufacturers, this puts forward new requirements for upgrading and optimization of the shooting functions of mobile phones and other devices.

　　Especially when the photo is taken and generated, the shooting device can write random information or fuzzy information. For example, the shooting device information can be random, and the shooting time can be a fuzzy time of the day. Of course, these can also be provided to the user as a setting s Choice.

The "camera" or "photo album" tool of a smartphone, or an app with similar functions, can also actively provide the function of deleting the Exif information of photos in batches, so as to strengthen the protection of user privacy information.

　　It is essential to build a strong sense of privacy and security

　　As mentioned earlier, deleting Exif information does not completely eliminate the risk of users' privacy leakage. Users' own privacy and security awareness when using social media and other products is very important.

Pan Bowen told the Science and Technology Daily reporter that for privacy protection, the application of technical means is an objective condition, and the key lies in the improvement of subjective awareness.

　　"There are now a wide variety of social products for users to share their daily lives. In this process, if users set inappropriate access permissions, especially if strangers can access the information publicly, it will be a great challenge for personal privacy and security. Disaster," Powen said.

　　For example, a mother may share a photo of her child on a social platform just after taking a photo of her child, and does not set up private access or restricted access. At this time, strangers can use the "nearby" sharing status function provided by the social platform to access and view this information. A message just shared by a mom.

Then, even if the photo itself does not have location information, it will also cause the risk of personal privacy leakage.

　　Pan Bowen reminded that for ordinary users, before sharing and uploading photos related to personal privacy, they should be sure to check the access permission settings of the social platform they use, and set the “privacy and permission” of the social platform to only friends. Access; if there is a setting for sharing time, try to set it as short as possible.

In addition, if there is an obvious location mark in the captured photo, you can choose to crop it before sending it.

"Also, we recommend that parents be cautious about sharing the content of their children's photos," said Poon Bowen.

　　In recent years, government agencies and regulatory authorities have paid close attention to issues related to the protection of personal information, privacy security and data security of the Internet and Internet products, and national legislative work has also been carried out in an orderly manner.

In view of the common situations in work, Pan Bowen reminded that even if the Internet platform complies with compliance requirements and attaches great importance to the privacy and data security of users, the risk of personal privacy leakage caused by users' own reasons will still exist.

　　"This requires all walks of life to continuously strengthen users' privacy and security awareness through various methods such as popular science and publicity. At the same time, while Internet platforms ensure the privacy and security compliance of their own products, they must also consider the privacy leakage risks that users may appear when using the platform. , and reasonably avoid it in the functional design of the product." Pan Bowen said.