Author Topic: 5 - Metadata  (Read 18989 times)

Offline APX808

  • Administrator
  • *****
  • Posts: 1815
  • Karma: +10/-0
    • APX R4nt5
5 - Metadata
« on: March 07, 2014, 07:03:11 PM »
Metadata

Metadata is “data about data”. Security wise metadata is important for us in two ways:

1 - Metadata about a communication.
2 - Metadata about a computer document.

Metadata about a communication

We can say that in a communication the data is the content of that communication, for instance
what you say over the phone, the metadata would be the data describing who was involved in
that phone call, how long it was, the time the communication started etc. That information usually
is used by the by the provider for billing purposes and by the government to keep track of what
you do and with whom you communicate.

Thanks to Snowden leaked documents was known an order from the Foreign Intelligence Surveillance
Court (or FISC) that directs Verizon to provide “on an ongoing daily basis” all call records for any call
“wholly within the United States, including local telephone calls” and any call made “between the
United States and abroad.”
Government officials claimed that they weren’t listening to your calls but “just analyzing the metadata”,
in a great article the EFF shows that metadata isn’t trivial, just check these examples:

- They know you rang a phone sex service at 2:24 am and spoke for 18 minutes. But they don't know
  what you talked about.

- They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the
  call remains a secret.

- They know you spoke with an HIV testing service, then your doctor, then your health insurance company
   in the same hour. But they don't know what was discussed.

- They know you received a call from the local NRA office while it was having a campaign against gun legislation,
  and then called your senators and congressional representatives immediately after. But the content of those
  calls remains safe from government intrusion.

- They know you called a gynecologist, spoke for a half hour, and then called the local Planned Parenthood's
  number later that day. But nobody knows what you spoke about.

Same happens when you use email, even using end-to-end encryption, metadata is available and it reveals
with whom you are communicating.

Sadly there isn’t a easy way to solve those issues, you can use discardable phones and email accounts.

Metadata about a computer document

Most computer documents, like images, word files, .ppt presentations etc; besides its contents include
information about the time they were created, the device that created them and its configuration, some
phones even included the GPS coordinates of pictures they took.

A few years ago, when IPhones just appeared, Hollywood stars noticed that paparazzis found them
everywhere, at one point they realized that it was because they were posting pictures took with their
phones on Twitter and those pictures included the GPS coordinates of the place they were took, so
paparazzis extracted that info and ran to there to get an exclusive picture.

Because of that, most Internet sites started cleaning up the metadata contained in pictures and some other
multimedia documents, known as EXIF data, but you shouldn’t trust in that, you should be cleaning the metadata
yourself, check your phones and turn off “geotagging”.

Documents created with Microsoft Office include metadata about who created or modified them and when, analyzing
them is a technique used by hackers to identify usernames inside a corporate network. The Microsoft’s competitors
“Office suites” behave the same way.

There are some online tools that allow you to view documents metadata, for pictures you can use http://metapicz.com
and to analyze documents http://www.informatica64.com/foca/.

Also to be sure you’re not leaking your identity, or little clues that could end up acting as a fingerprint you should 
be cleaning up the metadata yourself, or avoid using documents that contain metadata. For instance is best to
exchange plain text files than Word documents.
Also, .pdf documents are the worst, you shouldn’t use them if possible, because they use an scripting language can
be exploited, there are many documented attacks using .pdf files.

Depending on your operating system there are many tools to clean up metadata, here are just a few of them:

Windows: http://www.thewindowsclub.com/office-metadata-cleaner-cleanup-tool
Linux: https://mat.boum.org/
Mac: Sorry I can’t find shit for Mac, except for people asking why would you like to do that...Please tell me if you find a nice tool.

Here is a nice list of incidents due leaked metadata:
http://www.digitalconfidence.com/the-importance-of-using-metadata-removal-software.html

And for the tl:dr; guys:

The Resident: How Metadata is Mega-dangerous


Practice

1 - Check a few of your files for metadata using the online resources I shared with you.

2 - Install one of the metadata removal tools and clean up a picture metadata.

3 - Start using plain text documents whenever is possible.
« Last Edit: March 07, 2014, 07:07:19 PM by APX808 »

Offline SonofLiberty

  • Prepper Apprentice
  • *
  • Posts: 14
  • Karma: +0/-0
Re: 5 - Metadata
« Reply #1 on: August 23, 2019, 01:01:31 PM »
Does Open office have the same type of metadata that microsoft office does? Thanks for this information. I rarely post pictures because I do not know how to scrub the metadata. Now, I know where to start.  :thumbsUp:
Not all who wander are lost

Offline JohnyMac

  • Administrator
  • *****
  • Posts: 15167
  • Karma: +23/-0
Re: 5 - Metadata
« Reply #2 on: August 24, 2019, 03:36:39 PM »
I do not know. Interesting question. Anybody else that knows the answer?
Keep abreast of J6 arrestees at https://americangulag.org/ Donate if you can for their defense.

Offline APX808

  • Administrator
  • *****
  • Posts: 1815
  • Karma: +10/-0
    • APX R4nt5
Re: 5 - Metadata
« Reply #3 on: August 25, 2019, 05:54:26 PM »
Does Open office have the same type of metadata that microsoft office does? Thanks for this information. I rarely post pictures because I do not know how to scrub the metadata. Now, I know where to start.  :thumbsUp:

It saves some metadata too in order to track the file author, I think its less than MS, but it saves something.

You can check it manually, and thats really cool, .odt format is a zip file with many text documents inside that describe your document.

You can do this test, save a test document in odt format, rename the file to document.zip and open it with winRAR, 7zip or something like that to open zip files.
You'll see there is a file called meta.xml there you can see what info is being sent with your file without you knowing it.

If opsec is a must, my recomendation is to exchange plain text files

Offline patriotman

  • Committed prepper
  • *****
  • Posts: 783
  • Karma: +5/-0
  • Find me on Freezoxee - patriotman
Re: 5 - Metadata
« Reply #4 on: August 26, 2019, 09:04:31 PM »
Does Open office have the same type of metadata that microsoft office does? Thanks for this information. I rarely post pictures because I do not know how to scrub the metadata. Now, I know where to start.  :thumbsUp:

It saves some metadata too in order to track the file author, I think its less than MS, but it saves something.

You can check it manually, and thats really cool, .odt format is a zip file with many text documents inside that describe your document.

You can do this test, save a test document in odt format, rename the file to document.zip and open it with winRAR, 7zip or something like that to open zip files.
You'll see there is a file called meta.xml there you can see what info is being sent with your file without you knowing it.

If opsec is a must, my recomendation is to exchange plain text files

I never knew that about odt format. Interesting...

Yeah I would just go with .txt files
Blessed be the LORD my strength, which teacheth my hands to war, and my fingers to fight: My goodness, and my fortress; my high tower, and my deliverer; my shield, and he in whom I trust; who subdueth my people under me.

Psalm 144:1-2

Offline Nemo

  • Hardcore Prepper
  • ******
  • Posts: 6553
  • Karma: +17/-2
  • From My Cold Dead Hands
Re: 5 - Metadata
« Reply #5 on: August 26, 2019, 11:43:19 PM »
Isn't ODT Files what OpenOffice uses. 

Nemo
If you need a second magazine, its time to call in air support.

God created Man, Col. Sam Colt made him equal, John Moses Browning turned equality to perfection, Gaston Glock turned perfection into plastic fantastic junk.

Offline APX808

  • Administrator
  • *****
  • Posts: 1815
  • Karma: +10/-0
    • APX R4nt5
Re: 5 - Metadata
« Reply #6 on: August 28, 2019, 11:17:03 PM »
OpenOffice writer as defaults saves in .odt format but you can select it to save in other formats, if you save in .doc the same tools you use to view/edit Word metadata can be used.