pull down to refresh

1517 sats \ 11 replies \ @siggy47 7 Nov 2023 \ on: SN release: image uploading meta

Someone has to ask: How secure is it to directly upload from your device?
I have no idea. I am not insinuating anything.

write
preview
286 sats \ 9 replies \ @k00b OP 7 Nov 2023

What would be insecure about it? Us reading all your images or something?

Browsers don't allow us to do that.

reply
3747 sats \ 1 reply \ @WeAreAllSatoshi 7 Nov 2023

Or maybe images having metadata like Exif could contribute to leaking PII about OP e.g. location, device used to take the picture, etc.

Do we strip that before persisting to S3?

ETA: I think services like imgur strip that data for you, but I am not certain. There's so many image hosting services out there, idk how common this functionality is.

reply
121 sats \ 0 replies \ @k00b OP 7 Nov 2023

Oh that'd be cool!

reply
60 sats \ 6 replies \ @siggy47 7 Nov 2023

Thanks for the quick answer. Service around here is amazing!

reply
2133 sats \ 5 replies \ @k00b OP 7 Nov 2023
reply
1444 sats \ 3 replies \ @chungkingexpress 7 Nov 2023

@k00b is meta data stripped on uploads?

reply
120 sats \ 2 replies \ @k00b OP 7 Nov 2023

No. I don't think it is. I forgot that's even a thing until @WeAreAllSatoshi brought it up.

Ticket: https://github.com/stackernews/stacker.news/issues/607

reply
554 sats \ 1 reply \ @WeAreAllSatoshi 7 Nov 2023

If I had thought of this before now I would have commented on the PR. Thank you for asking the question @siggy47!

reply
0 sats \ 0 replies \ @ek 7 Nov 2023

Yeah great point, completely forgot about that being a thing, haha

reply
10 sats \ 0 replies \ @DarthCoin 7 Nov 2023

Beware!
k00b is now 100% into memes

reply
174 sats \ 0 replies \ @DarthCoin 7 Nov 2023
reply