I Can Stalk U site exposes danger of sharing photos online

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Plenty of people are familiar with the dangers which can be associated with sharing your location online – whether it be by Twitter updates (“I’m at Heathrow airport, Terminal 3, waiting to go on two week’s holiday..”), Foursquare (“I just ousted @gcluley as the mayor of Sophos on @foursquare!”) and the newly launched Facebook Places.

But a new website called I Can Stalk U demonstrates how easy it is to unwittingly reveal your location – just by sharing a digital photo from your smartphone.

I Can Stalk U website

Many people may be unaware that lots of smart phones geo-tag photos that they take with information about where they were taken. The location data isn’t visible to the naked eye in the photo, it’s embedded as encoded meta-data inside the picture, alongside information about what type of camera was used, camera settings, and so forth.

Sign up to our free newsletter.
Security news, advice, and tips.

That means, anyone who accesses your digital photos can (if you haven’t wiped the location meta-data) work out where you were when you take the snapshot.

And as many people upload their pictures virtually instantly to Twitter via services like TwitPic, someone could find out where you are even if you had no intention of sharing that information with the world.

You can imagine how that could be very dangerous – imagine if you had a jealous ex-partner, or if you were a celebrity with hundreds of demented fans keen to “hang out” with you.

The I Can Stalk U website appears to have been set up to raise awareness of the security problem, rather than to cause mischief, and they have helpfully provided information about how to disable geo-tagging on some of the most common smartphones.

As the world wide web increasingly becomes the world where web, with location playing an ever more important role in the information we glean from the internet, it will become increasingly important for net users to consider how this information is shared, and ensure that they are not unwittingly sharing it with unauthorised parties.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.