• 4_AOC_DMT [any]
    ·
    4 years ago

    Best practice is still to clear this (and any other potentially identifying metadata) before upload in the extremely unlikely event that someone tries to MITM you.

    • Sphere [he/him, they/them]
      ·
      4 years ago

      MITM is unrealistic. It would require state-level actor capabilities to MITM a TLS connection (you'd need to control a certificate authority, or at least have access to a signing key), and it's a targeted attack (so they'd need to be targeting a user specifically to employ one). Anyone who's being targeted by an SLA and doesn't already know to wipe exif data is probably doomed tbh.