Auto Upload Photo

Steve Smith talks about the auto upload feature, what it means for you, how it could be used against you, and cause you legal troubles down the line.

Tips regarding privacy violating and potentially dangerous or illegal accidents with auto uploading mobile applications.

Episode # 3-41 available on : Youtube Vimeo 

Released: July 6, 2013

Most people now have smart phones or feature phones, with a number of awesome applications, and features. These include cloud storage, social networking, etc... One of the most valuable and dangerous features of these applications is the ability to auto upload, and today, we analyze this new trend.

Every single application designer is being pushed to copy features from other applications, and add functionality that is beyond similar applications. This is leading to a kind of features arm race for applications that traditionally had a few useful features that work awesomely. Instead, we get overly bloated applications on our smart phones that gobble too much power and privileges.

This leads to a few unique issues when it comes to applications being designed in a fashion that does not ask permission first, but says sorry later. Facebook's Auto Upload feature for photos is one of these interesting features that does not ask for permission in a way that is clear. Even though you can enable or disable the auto upload photo feature yourself, you aren't made aware of the fact that you can turn on or off voluntarily uploads using cellphone data plans, or wireless networks.

That, however, is not the danger. That is only a bandwidth issue. The true issue of privacy has to do with photos that are uploaded, that you don't want to be uploaded. Whether this is Facebook, Dropbox, or any other similar application. The reason this is an issue is that you may have forgotten to sanitize the location, date and time meta data from your photos EXIF. If the photo is in anyway compromising, that can, also, be an issue.

We all know that Big Brother, called the NSA, is watching, but they aren't the only ones. A large number of government groups could potentially ask for information and contents of your accounts. If the contents of your account includes messages with addresses, or photos with global positioning information, your are potentially in danger of any legal repercussions stemming from whatever you supposedly did. Not to mention, that in the United States it is a federal crime to action counter to a web-sites terms of service. In Facebook's case you can be counter to their terms of service and community standards to post or share, even accidentally, a photo containing nudity. These kinds of photos can get the picture removed, you banned, and can be used against you later by the government.

What can I do?

There is an easy set of solutions you can follow to avoid issues like this. Turn off auto-uploading. Sanitize photos, refer to previous episode for tips on that, and encrypt anything locally before uploading if it is at all compromising. Else, melt down the drives it came from to remove evidence, if need be.

Next week, I shall be talking about the Do Not Track header, how it can be used, and applied to web-sites, and why it is not ready for prime time, just yet.

Remember to like this episode if you were interested in today's topic, share if you think someone else could benefit from the topic, and subscribe if you want to learn more. For the show notes of this episode and others, for more information on other ways to subscribe to our show, to subscribe to our weekly newsletter, and how to participate by submitting your questions, comments, suggestions, and stories, head over to

Host : Steve Smith | Music : Jonny Lee Hart | Editor : Steve Smith | Producer : Zed Axis Productions

CommentsLogin or Register to post comment

Be the first to comment on this episode.

Posted by ask
July 6, 2013



html text

View previous campaigns.

Powered by MailChimp

Latest Comments

Completely Erased

It should remove all traces of the virus, provided the hard drive has no bad sectors on it. It it does, you the mentioned Spinrite to try to fix the hard drive then run DBAN after, but usually, DBAN can erase the entire drive without issue. I've used it on maximum and let it run almost 16 hours on my friends computer, that is why this episode exists.

Completely Erased

Great! I am going to run 'autonuke' on a machine that has polymorphic malware, not sure if it is in the MBR or somewhere else on the machine. Assuming autonuke runs fully without any error, will it remove the malware from the computer with certainty?

Completely Erased

Yes, it will wipe all data, including the master boot record on your hard drive. If you are unable to get DBAN to work correctly, consider using Spinrite to fix the drive so DBAN can work, rarely needed, good to have.


Log Into TQA Weekly

Register | Lost Password?