Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
LeoPanthera 6 days ago

"Some phones will silently strip GPS data from images when apps without location permission try to access them."

Uh... good?

steve_adams_86 6 days ago | parent | next [-]

I'm torn. Maybe a better approach would be a prompt saying "you're giving access to images with embedded location data. Do you want to keep the location data in the images, or strip the location data in this application?"

I might not want an application to know my current, active location. But it might be useful for it to get location data from images I give it access to.

I do think if we have to choose between stripping nothing or always stripping if there's no location access, this is the correct and safe solution.

Aurornis 6 days ago | parent [-]

> saying "you're giving access to images with embedded location data. Do you want to keep the location data in the images, or strip the location data in this application?"

This is a good example of a complex setting that makes sense to the 1% of users who understand the nuances of EXIF embedded location data but confuses the 99% of users who use a product.

It would also become a nightmare to manage settings a per-image basis.

fc417fc802 6 days ago | parent [-]

Not per-image, it would be per-app. The first time it happened it would ask you. There are already quite a few per-app toggles for things like this so it wouldn't be anything new or particularly surprising.

That said, an alternative to bugging the user might be that when the app makes the call to open the file that call should fail unless the app explicitly passes a flag to strip the location data. That way you protect users without causing needless confusion for developers when things that ought to "just work" go inexplicably wrong for them.

a96 6 days ago | parent | prev | next [-]

Kind of. But that means any file that goes through that mechanism may be silently modified. Which is evil.

account42 3 days ago | parent | prev [-]

It is cursed because now the photo management app needs to ask for the permission to constantly track you instead of only getting location of a limited set of past points where you specifically chose to take a photo. Besides giving malicious photo app developers an excuse for these permissions, it also contributes to permission fatigue by training to give random applications wide permissions.