$ apt-get install jhead
It can display/extract a great amount of metadata fields from JPEG files and also extract the thumbnails stored in JPEG files (if any). The following will list all known metadata fields from a sample photo:
$ wget http://farm4.static.flickr.com/3173/3061542361_60acb0904b_o.jpg $ jhead *.jpg File name : 3061542361_60acb0904b_o.jpg File size : 1074172 bytes File date : 2008:11:26 23:38:04 Camera make : Panasonic Camera model : DMC-FZ18 Date/Time : 2008:03:05 15:45:52 Resolution : 3264 x 2448 Flash used : No Focal length : 4.6mm (35mm equivalent: 28mm) Exposure time: 0.0100 s (1/100) Aperture : f/3.6 ISO equiv. : 100 Whitebalance : Auto Metering Mode: matrix Exposure : program (auto) GPS Latitude : N %:.7fd %;.8fm %;.8fs GPS Longitude: E %;.8fd %:.7fm %;.8fs GPS Altitude : 174.00m Comment : Aufgenommen auf dem <a href="http://www.froutes.de/TT00000014_Ars_Natura">Kunstweg Ars Natura</a>. ======= IPTC data: ======= Record vers. : 4 Headline : Felsburg auf dem Felsberg (C)Notice : www.froutes.de Caption : Aufgenommen auf dem <a href="http://www.froutes.de/TT00000014_Ars_Natura">Kunstweg Ars Natura</a>.
As you can see there's a huge amount of potentially privacy-sensitive metadata in your typical JPEG as generated by your camera (including camera type, settings, date/time, maybe even GPS coordinates of your location, etc).
You can extract the thumbnail stored in all JPEGs in the current directory with:
$ jhead -st "&i_t.jpg" *.jpg Created: '3061542361_60acb0904b_o.jpg_t.jpg'
Note that the JPEG thumbnail does not necessarily show the same picture as the JPEG itself. Depending on the image manipulation software that was used to create the edited/fixed/cropped JPEG, the thumbnail may still reflect the original JPEG contents (see sample image on the right-hand side). This is a huge potential privacy issue. There have been a number of articles about this some years ago, in case you missed them:
Thus, an important jhead command line to know is the following, which removes all metadata (including any thumbnails) from all JPEG images in the current directory:
$ jhead -purejpg *.jpg Modified: 3061542361_60acb0904b_o.jpg
As you can see the result is that only very basic information can be gathered from the file afterwards:
$ jhead *.jpg File name : 3061542361_60acb0904b_o.jpg File size : 1052506 bytes File date : 2008:11:26 23:38:04 Resolution : 3264 x 2448 $ jhead -st "&i_t.jpg" *.jpg Image contains no thumbnail
I recommend doing this for most photos you make publically available on sites like flickr etc. (unless you have a good reason not to). Finally, see the jhead(1) manpage for lots more options that the tool supports.
Today seems to be Firefox/Iceweasel 3 Bashing Day on Planet Debian, so let me join the fun :)
I agree with most other people that the default Firefox/Iceweasel 3 config is not ideal, so here's what I did to fix it. Some of these items improve performance, some remove annoyances, some remove privacy issues, some remove security issues. Not everything here may be desirable for people other than me.
Select "Edit / Preferences".
Open a new tab, enter "about:config" as URL and hit ENTER. Click the annoying "I'll be careful, I promise!" button. Uncheck "Show this warning next time" while we're at it.
browser.urlbar.matchOnlyTyped = trueto disable the new, annoying "AwesomeBar" URL bar feature (which is also a huge privacy risk).
browser.tabs.tabMinWidth = 60and
browser.tabs.tabMaxWidth = 60(needs a browser restart). You can even use less than
60if you don't need any text and an icon per tab is enough for you.
extentions.getAddons.showPane = false.
bidi.support = 0. You'll probably never need it, so reduce the number of potential bugs and security issues by disabling it.
browser.ssl_override_behavior = 2and
browser.xul.error_pages.expert_bad_cert = true(thanks Pierre Habouzit).
browser.tabs.closeButtons = 3in order to prevent accidental closing of tabs (no more Close buttons on each tab, only one global Close button on the right). Yes,
CTRL+Shift+Thelps in case it still happens.
network.prefetch-next = falseto prevent random prefetching of webpages which means wasting CPU cycles and bandwidth, as well as subtle privacy and security issues.
None. Don't even think about installing crap like the closed-source Flash player if stability or security are important to you. If you absolutely must watch YouTube videos, I recommend youtube-dl.
Use as few as possible. Every extention may have security problems or bugs, and can negatively affect performance etc.
Interesting paper from the PacSec 2006 security conference: OpenOffice / OpenDocument and MS Office 2007 / Open XML security (PDF)
Not too surprising when you come to think of it, there are tons of possibilities to embed various kinds of malware in the new office document formats. Also, you always have the risk of leaving sensitive metadata in there... If you publish stuff, you better convert to PDF before. But even that might leave sensitive data in the PDF, mind you!
Oh, and one nice detail you might enjoy:
And that doesn't even describe all of the format (e.g. VBA macros are missing)! No further comment required...
This demo is initiated and backed by a number of organizations in Germany, among others the Arbeitskreis Vorratsdatenspeicherung, Chaos Computer Club e.V., FoeBuD e.V., STOP1984, Attac AG Wissensallmende, Indymedia Germany, and the German Pirate Party.
Place: Bielefeld, Germany (exact meeting place)
Time: 15:00 o'clock on Friday, October 20, 2006
Motto: Freiheit statt Angst (Freedom instead of fear)
Demo participants can visit the Big Brother Awards 2006 right after the demo (for free).
If you value your privacy and democracy in this country, now is the time to speak up and let the whole world (and especially the German politicians) know! This surveillance-madness has to stop!
From the website:
ScatterChat is a HACKTIVIST WEAPON designed to allow non-technical human rights activists and political dissidents to communicate securely and anonymously while operating in hostile territory. It is also useful in corporate settings, or in other situations where privacy is desired.
Its security features include resiliency against partial compromise through perfect forward secrecy, immunity from replay attacks, and limited resistance to traffic analysis... all reinforced through a pro-actively secure design.
So the client is a "friendly-fork" of Gaim, it uses Tor to achieve anonymity, and for the crypto parts (secure messaging, secure file transfer) ScatterChat uses libgcrypt.
It's a cross-platform application available for Linux, Windows; support for other OSes is planned (Mac OS X, others).
You can always download the source code, of course, as it's free software. Actually, not quite. While ScatterChat itself is based on the GPL'd Gaim, it has to be GPL'd, too. However, the scatterchat-module package, which seems to contain the crypto-parts, is licensed under a custom "Hacktivismo Enhanced-Source Software License Agreement" (HESSLA) right now, which is so horribly long I didn't even bother reading it.
However, the README says:
I am open to the possibility of re-licensing parts of this library to GPL, BSD, public domain, or some other license. I cannot make any promises, but I will try to accomodate reasonable requests.
I'm going to do just that, email the author and ask him nicely to change the license to some sane, well-known free software license. If you feel similar, please let the author know (hint, hint). Depending on what the HESSLA really says, it might prevent ScatterChat from entering Debian, for example.
I haven't yet tried to use the application, but it sure looks like it has a lot of potential. It also seems do most security-related things right:
Of course that's no guarantee that it's secure; I hope some crypto-gurus look over it soon. But at least they didn't make obvious stupid mistakes we've all seen in many other pieces of software.
Anyways, I feel this is a real important project which will help lots of people (activists, political dissidents, normal people like me and you who value their privacy). Go check it out!
(via Boing Boing)