Best practice is still to clear this (and any other potentially identifying metadata) before upload in the extremely unlikely event that someone tries to MITM you.
MITM is unrealistic. It would require state-level actor capabilities to MITM a TLS connection (you'd need to control a certificate authority, or at least have access to a signing key), and it's a targeted attack (so they'd need to be targeting a user specifically to employ one). Anyone who's being targeted by an SLA and doesn't already know to wipe exif data is probably doomed tbh.
Best practice is still to clear this (and any other potentially identifying metadata) before upload in the extremely unlikely event that someone tries to MITM you.
MITM is unrealistic. It would require state-level actor capabilities to MITM a TLS connection (you'd need to control a certificate authority, or at least have access to a signing key), and it's a targeted attack (so they'd need to be targeting a user specifically to employ one). Anyone who's being targeted by an SLA and doesn't already know to wipe exif data is probably doomed tbh.
deleted by creator
deleted by creator
deleted by creator