Metadata and stuff! (Refurbished)
You might have often come across this term called Metadata. It is nothing but, data of data! This might sound hilarious, but, it’s true. Let’s take the example of a music file. For a music file, artist’s name, the year of release, album is the metadata. It’s basically data that provides information about other data.
Exif data
Exif stands for Exchangeable image file format. Exif data is sometimes referred to as metadata. It gives the information about an image such as, date, time, aperture, location etc. This information can be very useful in OSINT investigations. There are many ways that how you can extract meta data. You can do it both online and offline. Let’s take an image and try to extract its exif data.
You can install a tool called exiftool. In Debian based GNU/Linux operating systems, just type sudo apt install exiftool. After installing you can extract the information just by typing, exiftool <name of the image file>.
From the above image I was able to extract stupendous amount of exif data! In the first picture of our results you can see file modification dates and model of the camera from which the picture was captured. If you look at the fourth picture of the results (bottom first picture), you can observe cannon’s picture types, in the fifth picture, you can see faces detected(which I found fascinating), file source , subject, date acquired etc. In the subject you can already see that the name of the place is mentioned already; and such details becomes significant in our investigation. One thing to note about metadata is that it can be modified. Sometimes, in order to mislead the investigators, perpetrators often modifies the metadata. In some situations, if your location is turned on by default, the metadata of your image could contain the coordinates from where the photo was taken and then it becomes cakewalk for investigators to locate from where the picture was captured! You can go to https://www.gps-coordinates.net/ and locate the exact coordinates. If you know a thing a two about photography, it gives an edge for you to analyse some extra parameters obtained from the exif data.
You can try out images taken from your phone to stripe down meta data. If you download images uploaded on social media and try to extract information, most of the popular sites might have removed meta data from the original image! You can also try to extract meta data online from the following sites.
The above tool is particularly used for extracting meta data from YouTube videos.
