Easily Remove GPS Location and Other Information from Photographs Using Exiftool

Most cell phones nowadays stamp each digital photograph with the GPS coordinates of where the photo was taken. If you upload this to Google Photos, google will happily pinpoint the location on Google Maps with a click or two (and some applications may show this information when you view the photo). In addition the photograph will have other metadata such as camera make and model, etc. If you are going to share the photo with others or post it publicly, many times you don’t want this information, particularly, your location information, posted to the web.

Exiftool offers an easy and straightforward method of stripping metadata and is available for Windows, Mac, and Linux.

Make sure you have a backup of all of your original photos with all metadata before you start and only strip information from a copy of the photo (although by default it also makes a backup of the photo, adding “_original” to the extension).

  1. View All Meta Data in Photo

  2. On command line (in windows use CMD):

    This produces output like this:

  3. Remove Only the Location Information from Photo

  4. Remove Location Plus (caution, will strip other useful information)

  5. Adding an extra flag makes sure other xmp information that may contain gps location is also stripped. Unfortunately, this will also remove other information you may want to keep:

  6. Remove All Metadata from Photo

  7. Type the following

    Same photo as above, but with ll exif metadata information stripped, leaving only file and technical information:

    For the full set of features and documentation see the Exiftool website.

Using WhatsApp on A Tablet or With Facebook Portal ? 2 Things You Should Know

WhatsApp

WhatsApp

  1. You Don’t Need To Provide A Mobile Number (but you do need to install the app)

    It’s common belief that you need to verify WhatsApp on a cell phone. When you install WhatsApp it requires you to give it a phone number and it then texts you a verification code. But in fact you can use a Google Voice number or have WhatsApp provide the verification by voice call, allowing you to use a landline. So if you don’t have a cell phone or one that doesn’t permit installation of apps, you can install WhatsApp on an Ipad or Tablet and use Google Voice or your landline to verify.

    Here are the steps to use a landline:

    1. Install WhatsApp on an Android Tablet (or a second Android or iPhone – you can’t install the full WhatsApp on an iPad)
    2. When it asks for a phone number give it your land line number.
    3. It will immediately attempt to send an sms text message to the number. This of course will fail. Below the number you will notice two selections “Resend” and  an option to permit verification by a voice call. These icons will be greyed out until the countdown timer next to them reaches zero.
    4. When the countdown reaches zero, and the voice call selection becomes available,click it.  The phone of the number you provided will ring with an automated call providing you the verification code.
  2. WhatsApp Device Is Required to Be Online for WhatsApp Web or WhatsApp Portal

  3. That is, you can’t install WhatsApp on your mobile phone, setup your WhatsApp account, and then uninstall WhatsApp and expect things to work. This is something you might do if you don’t want to install WhatsApp on your phone but want to use WhatsApp on the web ( or set up something like the Facebook Portal which uses WhatsApp to make video calls). Unfortunately it’s not going to work.

Hacking the Atomi Smart Wifi Plugs and How to Identify Whether IOT Firmware Can be Flashed

The ESP family of wifi chips is manufactured by Espressif. The chips are ubiquitous in Chinese manufactured IOT devices. The firmware on many of these devices can be replaced by open source alternatives like Tasmota or Esp Home. So how do you know if a device advertised as being Wifi-enabled is able to be flashed ? You can try to find reviews but the average reviewer doesn’t flash firmware. In addition, many devices are popping up all the time so that it may be some time before some hacker opens up the device to find out.

I was in Aldi’s a few days after Christmas and saw a package of two outlet plugs branded “atomi” and marketed as WiFi-enabled Christmas light timers:

The package was marked down to $12. One was an indoor plug with two 2.4 integrated USB ports as shown above, the second was a heavy duty black outdoor plug:

 

A quick search revealed that Amazon was selling the inside plug alone as the “Atomi Smart Wifi Plug” for $20.

 

 

The biggest question was were they able to be flashed with Tasmota ? Based on the little known name I guessed these were probably ESP8266 type chips but none of the reviews mention being able to flash the device firmware. A google search did not reveal anybody flashing either of these plugs.

 

 

Looking at the back of the package reveals that the plugs are ETL certified for the United States (equivalent to UL approved, good!) with an Intertek Number of 5001673.

 

 

There was no FCC ID but the bar code stated it was “13820-Smart Plug Holiday Pack”.

 

 

Going to the Intertek website for ETL Listed Products and typing in “5001673” revealed nothing. But plugging in the model number “13820” produced a couple of listings with the first being by “SHENZHEN FENERGY TECHNOLOGY CO., LTD” conforming to  a UL standard.

 

After some googling to find the FCC ID number, I tried “fcc model AT1217 SHENZHEN FENERGY TECHNOLOGY CO., LTD. – Shenzhen, Guangdong CHINA” and came up with the listing.

Photos and other information confirmed it was the same plug:

 

There’s also a “Letter of Declaration Model Difference” stating that AT1217 and At1249 models are the same (google reveals that AT1249 is sold at Home Depot also as an Atomi Smart Wifi Plug )

 

Clicking on the “internal photos” link in the FCC document shows the inside of the plug and reveals this interesting photo:

And another photo of the other side of the chip showing the four contacts required to flash:

 

 

Here’s a drawing found online:

So I bought the outlets, brought them home and opened up the interior one (removed the four screws on the bottom and wedged open the case).  I found the TYW2ES chip but the contacts were oriented down and not exposed: 

 

A quick google of “TYWE2s” shows a tutorial on the Tasmota website flashing an outlet having the same wifi module using the hard wired method.  I tried to grind through the bottom of the white outlet with a rotary tool to expose the contacts ( a dangerous and unnecessary [as explained below) step – do NOT do this!):

 

 

 

and to flash it with an FTDI usb/serial tool.  But since I didn’t want to take the time of properly soldering the contacts and/or using a jumper, it was an exercise in frustration. I finally remembered that there were some successful OTA (over the air) methods of flashing these chips, did a google search and found TUYA Convert. I quickly confirmed that the TYWE2S chip is a TUYA and proceeded to flash using the TUYA Convert instructions. Since you need to do this in Linux, I first tried running TUYA Convert in Windows’ WSL but kept getting an error questioning whether my Wifi adapter could be used as an access point. I then ssh’d in to a headless Raspberry Pi I had in the other room and ran the scripts on that machine.  I got the same error.

 

 I then found this note on prerequisite steps for  a pi, followed those steps, then the main installation steps, and it worked like a charm!

Here is the linux session running TUYA Convert:

Both outlets were easily flashed within 30 minutes without attaching any wires or having to open the devices!

 

The Configure Module in Tasmota should be set as follows to allow the manual switch on the plugs to work: