If you post any images from your phone, clear exif data first.
Even with a proxy, you might be trackable if someone links to a honeypot site. Check https://amiunique.org/fp for all of the data a server receives before it loads a webpage. That data can be collated with commercially available data sets to get personal information.
Best practice is still to clear this (and any other potentially identifying metadata) before upload in the extremely unlikely event that someone tries to MITM you.
MITM is unrealistic. It would require state-level actor capabilities to MITM a TLS connection (you'd need to control a certificate authority, or at least have access to a signing key), and it's a targeted attack (so they'd need to be targeting a user specifically to employ one). Anyone who's being targeted by an SLA and doesn't already know to wipe exif data is probably doomed tbh.
If you post any images from your phone, clear exif data first.
Even with a proxy, you might be trackable if someone links to a honeypot site. Check https://amiunique.org/fp for all of the data a server receives before it loads a webpage. That data can be collated with commercially available data sets to get personal information.
deleted by creator
Best practice is still to clear this (and any other potentially identifying metadata) before upload in the extremely unlikely event that someone tries to MITM you.
MITM is unrealistic. It would require state-level actor capabilities to MITM a TLS connection (you'd need to control a certificate authority, or at least have access to a signing key), and it's a targeted attack (so they'd need to be targeting a user specifically to employ one). Anyone who's being targeted by an SLA and doesn't already know to wipe exif data is probably doomed tbh.
deleted by creator
deleted by creator
deleted by creator
deleted by creator
whew...