session-desktop icon indicating copy to clipboard operation
session-desktop copied to clipboard

Published 20 hours ago verified publisher icon oxen-io

[feature-request] Stripping of metadata from attachments

Open eyeberic opened this issue 3 years ago • 4 comments

Opening an Issue for future reference, and to keep track of progress.

With reference to Android #614; Most of the information are based from other users, as follow:

(Context starts in "Session" open group, at 1629640643951 unix time)

  • Laurin <056e9b2488937790bdf3f1aaf8da7d60f03e6388e0ea3bee4500e9d84fdfc6724b>: Well, last time I checked some months ago, some EXIF data is stripped from jpegs when sent with Session, other files(pngs as well) are not modified based on my testing.
  • Laurin <056e9b2488937790bdf3f1aaf8da7d60f03e6388e0ea3bee4500e9d84fdfc6724b>: I tested it using session-desktop, the mobile apps might have different behavior, and maybe that was changed for the desktop client in the meantime as well.
  • Loki Peanut <05fce6cca601ba134962d6c9cd2d439483f4c7439cb3de6fbab5b0500b49d8e77c>: Metadata is stripped from jpegs only at the moment. Other file formats will be addressed soon
  • Kvothe <05e8e521698ab09e13fee1482c7729bb09b58bcc65159f3d79a529be7698efa73b>: Thanks, according to me stripping metadata of files being shared is an important feature for for a privacy based messenger app to have.
  • MassiveBox <05db9a9be3b156d7e2598806c4de970187b15e216d36610300693874ce16a6020f>: Will it be optional (aka from client you have a feature to strip metadata) or mandatory?
  • Maxim <05bd4745955974ea3682398c3ceaca873a9c2305c212455fd68b8b0edebd992c39>: I don’t think it will be mandatory

This feature should be:

  • [ ] Implemented across all client platforms: Desktop, Android, iOS
  • [ ] An opt-in toggle switch in the "Privacy" section of Session settings: This extra protection is only for those that are aware of the tradeoffs.

eyeberic avatar Aug 23 '21 00:08 eyeberic

This is a very important feature to implement for security and privacy purposes. I tested uploading an image to Session and then downloading it again, and it did not remove unneeded Exif information. Maybe if the image had more exif info then I would notice a difference, but the application I am using (Exifcleaner) decreased the amount of metadata for the file. image

peepo5 avatar Nov 11 '21 00:11 peepo5

Sometimes you do need to send byte-accurate files, so if attachment metadata stripping is implemented, it should probably be with some kind of dialog; "Strip metadata from attachment? Yes / No".

n0kovo avatar Dec 18 '22 17:12 n0kovo

It was recently found that mobile version scrub metadata while desktop does not (despite FAQ mention otherwise).

Session attachment metadata compression handling

  • Unaltered option = ability to send unaltered image (possibly exif, resize, compression) https://open.lbry.com/@PrivacyProShop:4/metatada-session-signal-telegram:d

Check boxes allowing to toggle metadata scrub/compression/large img. resize can be good.

slrslr avatar Jul 27 '23 06:07 slrslr

"Privacy" section of Session settings: This extra protection is only for those that are aware of the tradeoffs.

The expected default behavior should be to strip all metadata (EXIF), this is a huge privacy issue considering even GPS location goes in there

AndreiRegiani avatar Mar 07 '24 17:03 AndreiRegiani