How Tech-Savvy Thieves Could 'Cybercase' Your House

Credit: Gerald Friedland and Robin Sommer
Data embedded in a digital photograph of a bicycle, taken with an iPhone 3G, can identify an individual's location to a range of +/- 1 meter.

The photos and videos you upload could reveal a lot about where you are.

Data stored in digital photographs can help criminals locate individuals and plot real-world crimes, a practice two researchers called "cybercasing" in a recently published paper. The site Pleaserobme.com was one of the first to expose the problem by displaying tweets tagged with location information, although it has since stopped the practice.

Location data can be stored in a digital photo or video's metadata, information about the file itself. That data can include, among many other things, the make and model of the device used, the date and time the photo or video was taken, and the geographic coordinates of the device at the time the photo was taken.

In the paper, Gerald Friedland, of the International Computer Science Institute, and Robin Sommer, of Lawrence Berkeley National Laboratory, explain how Craigslist, Twitter and YouTube could be used to locate people and plot crimes.

On Craigslist, location data in uploaded photos could be combined with information from the postings themselves, such as "please call Sunday after 3pm," to help a thief speculate about a user's whereabouts. And while many posters chose not to list home addresses, their photos seemed to reveal that information anyway. To examine how accurate location data can be, Friedland and Sommer used an iPhone 3G to photograph a bike, as one might do to sell it on Craigslist, and found that the location information was accurate to within one meter of the actual spot the photo was taken.

The researchers followed one reality TV show host's Twitter feed and were able to use location data from the photos he uploaded to locate his home, where he walks his dog, his studio and when and where he was on vacation. The researchers also used Picfog, which lets users search photos shared on Twitter by keyword and location, to find one unnamed celebrity's public, but unadvertised, Twitter feed.

On YouTube, the researchers wrote a script to conduct a two-step search. First, they looked for videos in a certain radius: within 60 miles of Berkeley, CA. Then they looked for videos uploaded by those same users over 1,000 miles away that same week, suggesting that the uploaders were on vacation or away on business, possibly leaving their homes unattended. Using the custom script, the researchers were able to conduct the searches in about 15 minutes.

iPhone Location Mockup -- Gerald Friedland and Robin Sommer -- photo.png

It's all pretty scary, but worry not, Friedland and Sommer offer up some smart suggestions on how to raise awareness of the issue. One idea they propose is giving users the ability to fine-tune the accuracy of the data they attach to content. For example, users could chose to share their location by house, block, city, region or country (see right). "Not only would this give users more control," they write, "but it would also explicitly point out that house-level accuracy is in the cards." Also, services such as YouTube, Twitter and Craigslist could advise users on privacy risks as they upload their content.

Until either of those options are enacted, though, there is an easy solution: devices often come with the location feature enabled, but almost all will let you simply turn the feature off.

(via ReadWriteWeb)

About the Author

Niraj Chokshi is a former staff editor at TheAtlantic.com, where he wrote about technology. He is currently freelancing and can be reached through his personal website, NirajC.com.

When the FBI discovered a network of Bosnian-Americans giving support to terrorists, they also discovered Abdullah Ramo Pazara, a U.S. citizen and a battalion commander in Syria.

Abdullah Ramo Pazara had a craving for packets of instant hot cocoa. The Bosnian-American former truck driver was, at the time, a commander of an Islamic State tank battalion in Syria. Apparently, even foreign fighters who reject their former lives in Western countries for a chance at martyrdom for ISIS sometimes long for the creature comforts of their previous homes.

Listen to the audio version of this article:Download the Audm app for your iPhone to listen to more titles.

In 2013, six Bosnian immigrants in the United States allegedly sent money, riflescopes, knives, military equipment, and other supplies to jihadists in Syria and Iraq through intermediaries in Bosnia and Turkey. According to the U.S. government’s allegations, individual ISIS fighters would make specific requests—mostly for money and military equipment—and the group would then raise funds and send supplies to Syria. The requests included what was surely an unexpected revelation of nostalgia—packets of Swiss Miss hot cocoa. By sending the cocoa mix and other supplies, federal prosecutors argue, these U.S.-based Bosnians provided what is known as “material support” to terrorists, in violation of the Patriot Act.