Comment by Waterluvian
3 years ago
EXIF metadata is useful but we strip it when we post an image because it’s also a security vulnerability.
Image edit metadata also seems like an incredibly useful feature. Do we just strip it as well?
3 years ago
EXIF metadata is useful but we strip it when we post an image because it’s also a security vulnerability.
Image edit metadata also seems like an incredibly useful feature. Do we just strip it as well?
Since you read the article beforehand, you know that this comment is entirely orthogonal to the vulnerability in question.
I think it’s okay to talk about the core issue that leads to that. From the linked tweet it looks like there’s edit data stored in the image, allowing the original to be recovered?
Do you have a specific concern to warrant your comment?
It's not the core issue, and it's misleading to suggest that it is. I suggest reading the aptly named "Root Cause Analysis" section of the linked article.
7 replies →