Anonymity About Metadata Security.

[Fixxx]

Almost every day we share photos, videos and documents, send voice messages and emails, but almost never think that we are transmitting far more data than we assume. The thing is every file contains metadata - service information about the file itself, in which you can find many interesting details not intended for other's eyes: for example, the time and place a photo was taken, the edit history of a document, information about your device, your IP address, geolocation and much more. All of that, together with an innocent selfie or presentation, gets into the hands of the recipient, is posted on social networks or published on websites. Today we will talk about the benefits and harms of metadata and explain how to remove it.

What Metadata is and why it's Needed ​

In simple terms, metadata is additional information about a file’s contents, added by the applications that create or process those files, by operating systems or by users themselves. In most cases metadata is created and updated automatically: for example, for files these can be attributes like creation date, last modified date, type, owner and so on. When we take a photo with our smartphone or camera, the file, in addition to the image itself, records the date and place of shooting, exposure parameters, the smartphone model and other information provided by the EXIF format. The set of these data may vary depending on the camera or smartphone model and settings.

Some metadata is in plain sight and easy to edit. For example, audio files contain special tags that describe the content: author, performer, album, track title, genre and they can be easily changed in almost any player. ​

Most people don’t even guess about other metadata: for instance, from an office document one can easily learn who edited it, when and for how long, which program versions were used and in some cases even recover the entire edit history from the first character. Of course, metadata were not conceived as an ideal stalking toolkit, but they can reveal a lot about you that you never intended to share. For example, your employer or client can learn how much time you actually spent working on a document, and from the EXIF of a selfie posted online one can easily determine which smartphone you have and where you were at the moment of photographing. Moreover, metadata can help catch a criminal or expose a fraud scheme.

For example, in 2019 U.S. law enforcement arrested fraudster Hisham Kabbaj - four years he sent his former employer invoices for equipment allegedly supplied by a shell company called Interactive Systems. No equipment was actually to be delivered, but $6 million flowed to Interactive System's accounts. The fraudster was caught on a trifle - four of the 52 invoices were received as Word documents whose metadata listed the author as someone named KABBAJ.​

A slightly more complex case: you create and send an innocent-looking PDF to an attacker. Why you sent it to them is irrelevant - suppose they posed as a colleague. The file’s contents are of no interest to the cybercriminal: what matters is that you already took the bait (so you can be further “worked on”) and leaked your metadata: the software and version used to create the PDF. Knowing this, a hacker can soon send you malware that exploits a vulnerability in your specific program version. In this case you can protect yourself with a combination of methods: ignore suspicious messages, remove metadata and keep applications up to date.

How to Remove Metadata ​

This can be done using built-in tools or third-party programs and services. We recommend the first option, because then you can be sure your metadata will not end up in third partie's hands. Third-party tools act as an unnecessary layer between you and the cleaned file. It's possible that metadata remain in that layer and later get into cybercriminal's hands. Let’s see how to remove metadata from photos, videos, DOC and PDF files using built-in tools.

Photos and videos ​

• In Windows File Explorer right-click the file, choose Properties and go to the Details tab. At the bottom of the window click Remove Properties and Personal Information, in the opened dialog leave the default option Create a copy with all possible properties removed or manually select the properties you want to remove and click OK.
• On macOS and iOS Apple operating systems let you remove or change date, time and location. Location will be recorded only for photos and videos for which location services were enabled when created. To remove or change metadata on macOS, open the Photos app, choose the Image menu, go to Location, then click Hide Location. There you can also Revert to Original Location, which makes you think about where it's stored, and Assign a Location to one or more photos after Copying Location from another photo. In the Image menu you can also Set Date and Time of capture. On iPhone or iPad open Photos, select the photo, tap the info ⓘ button or swipe up on the photo. Here you can Edit Date & Time and Edit Location; for location you can choose No Location or assign any other location. To edit multiple photos select them, tap the three-dot (…) button and choose Edit Date & Time or Edit Location.
• On Android devices, using Google Photos you can remove or change location: open the photo or video, tap the three-dot More icon, tap Edit and then Remove location info.

DOC files ​

In Word go to File → Info. Then click Check for Issues → Inspect Document and click Check. In the Document Properties and Personal Information section click Remove All. Windows users can also remove DOC file metadata via File Explorer as with photos and videos.

PDF files ​

In Adobe Acrobat go to File → Document Properties and choose Description. In the opened dialog you can manually edit author, subject, keywords and document title. The Additional Metadata button opens a window with all the document’s metadata. You can also remove PDF metadata using Windows File Explorer similarly to photos and videos.

Protective Measures ​

The main defense against attackers who can use your metadata is caution. Don’t be lazy: remove service information every time you are about to send a file to someone you don’t know well. In addition, for maximum security follow these rules:

• Close old social media profiles. That way attackers can’t use metadata from your old photos and videos.
• Use comprehensive protection. It will act as insurance: it keeps your payment and personal data safe even if you already fell for an attacker.
• Remove metadata. This will seem like an extra step the first few times you do it, but eventually removing service information will become a habit.