Smart phones include geotagging features that many people aren’t aware of.
People were up in arms this week about the privacy implications of news that the iPhone gathers location information and stores it in a file on the user’s computer. But experts say that smart-phone owners are unknowingly taking a much bigger risk with information about where they go all day. During a presentation at the computer security conference Source Boston, Ben Jackson of Mayhemic Labs and Larry Pesce, a senior security consultant with NWN, described the way photos taken by many phones are routinely encoded with latitude and longitude tags. When users post those photos online through services such as TwitPic, they often expose much more personal data than they realize.
“It is definitely true that folks don’t [understand] the risk,” says Jackson.
For example, by looking at the location metadata stored with pictures posted through one man’s anonymous Twitter account, the researchers were able to pinpoint his likely home address. From there, by cross-referencing this location with city records, they found his name. Using that information, the researchers went on to find his place of work, his wife’s name, and information about his children.
A few smart phones, such as the BlackBerry, leave the geotagging feature turned off by default. In many devices, however, photos are tagged with this information unless users to go in and disable the feature themselves. Continue reading…