Remove ExifCleaner

jonah · February 16, 2023, 5:54pm

Reference: szTheory/exifcleaner#218

Exifcleaner is recommended here: Remove PII with Metadata Scrubbers and Data Redaction Tools - Privacy Guides

Exifcleaner is no longer maintained since march 2022 , it might be heavily behind security updates and hence bad for privacy.

Continues the discussion from: https://github.com/privacyguides/privacyguides.org/issues/1998

Niek-de-Wilde · February 16, 2023, 5:58pm

I dunno, i can see no statements that is no longer maintained. And 1 year for relatively simple software like this is not THAT long in my opinion.

I think it would be better to first give the lead dev a poke to see what hes up to.

jonah · February 16, 2023, 6:00pm

Sounds reasonable, but I don’t think I’ll be developing this app much further. I started it just to learn Electron and it does what I want for my own purposes.

https://github.com/szTheory/exifcleaner/issues/218

matchboxbananasynergy · February 16, 2023, 6:04pm

I remember mentioning this back when I was in the team, and we didn’t act on it at the time, but seeing as the developer themselves doesn’t seem interested in continuing this project, I would get rid of it.

Also, to demonstrate issues with using outdated software (even simple software like this), from the project’s README:

If you are running a version of ExifCleaner before 3.6.0, upgrade immediately! A security vulnerability was found in exiftool, the command-line application that powers ExifCleaner under the hood, and this was updated in ExifCleaner 3.5.0. There was also an XSS and Electron remote shell vulnerability due to unsanitized HTML output that was fixed in ExifCleaner 3.6.0.

Who’s to say that a similar vulnerability won’t crop up in the future as well? Using software with outdated libraries dependencies is risky, and not something we should be encouraging by recommending it.

Niek-de-Wilde · February 16, 2023, 6:25pm

Whelp, forget what i said then, away it goes!
( i checked the website and github readme and didn’t see anything there)

Niek-de-Wilde · February 16, 2023, 6:29pm

Well, that wasn’t exactly what I meant, I mean’t that whenbrelatively small and simple software which gets used locally without updates for a year strikes me as less of an issue then lets say a browser.

matchboxbananasynergy · February 16, 2023, 10:10pm

github.com/privacyguides/privacyguides.org

Remove ExifCleaner

privacyguides:main ← matchboxbananasynergy:pr-remove-exifcleaner

opened 10:07PM - 16 Feb 23 UTC

matchboxbananasynergy

+0 -21

https://discuss.privacyguides.net/t/remove-exifcleaner/11841  - [x] Please check this box to confirm you have disclosed any relevant conflicts of interest in your post. - [x] Please check this box to confirm your agreement to grant Privacy Guides a perpetual, worldwide, non-exclusive, transferable, royalty-free, irrevocable license with the right to sublicense such rights through multiple tiers of sublicensees, to reproduce, modify, display, perform, relicense, and distribute your contribution as part of our project. - [x] Please check this box to confirm you are the sole author of this work, or that any additional authors will also reply to this PR on GitHub confirming their agreement to these terms.

HauntSanctuary · February 16, 2023, 11:17pm

I’ve been using Metadata Cleaner in Silverblue, mainly because it was recommended by the GNOME Software featured page.

Topic		Replies	Views
Metadata cleaner for video on mac Questions	2	268	March 10, 2023
GUI metadata remover for Windows Questions	5	326	March 14, 2024
Integrating Metadata Removal Blog	1	305	April 22, 2023
Remove Crypt.ee from "Cloud Storage" Tool Suggestions completed	35	3303	February 14, 2023
Remove EteSync Tool Suggestions completed	23	4334	October 15, 2023

Remove ExifCleaner

Related Topics