about:blog Archives

reversing, python, cookies
Friends: aj deadrom1 fr33tux kiwie


Some funny stories about metadata

The BTK killer

The BTK Killer last known communication with the media and police was an envelope with a 1.44-MB Memorex floppy disk was enclosed in it. Police found metadata embedded in a deleted Microsoft Word document that was, unbeknownst to Rader, recoverable from the disk. The metadata contained "Christ Lutheran Church", and the document was marked as last modified by "Dennis". This lead to its capture in February 2005.

CabinCr3w member AnonW0rmer conviction

In February 2012, the Twitter account from AnonW0rmer posted a tweet to a website where the information stolen from a law enforcement websites was available.

At the bottom of the website was a photograph of young woman holding a sign saying "PwNd by w0rmer & CabinCr3w <3 u BiTch's".

This photo contained metadata, revealing that it was taken from an iPhone, and thus embeding GPS coordinates. The police was able to track down AnonW0rmer and his girlfriend. He was sentenced to 27 month of prison; the couple were married the within the last day after his release on bond.

McAfee

On November 12, 2012, Belize police started a search for McAfee as a "person of interest" in connection to the murder of American expatriate Gregory Viant Faull, a neighbor of McAfee. In a November 2012 interview with Wired, McAfee said that he has always been afraid police would kill him and thus refused their routine questions; he has since been evading the Belizean authorities. Vice accidentally gave away his location at a Guatemalan resort in early December 2012, when a photo taken by one of its journalists accompanying McAfee was posted with the Exif geolocation metadata still attached.

Destroying helicopters

Taken from this article:

When a new fleet of helicopters arrived with an aviation unit at a base in Iraq, some Soldiers took pictures on the flightline, he said. From the photos that were uploaded to the Internet, the enemy was able to determine the exact location of the helicopters inside the compound and conduct a mortar attack, destroying four of the AH-64 Apaches.

Stolen camera finder

stolencamerafinder crawls the internet searching for photos, collecting the serial numbers of the cameras that took them. It then allow users to locate their missing camera given its serial number, or a photo taken from it.

Amateur porn and drug dealers

You should definitively build a scraper for pictures of amateur porn site, or doggy black-market, and check their metadata ;) (Thanks to nextgens and his friend for the idea)