From 1c84a8e8b6c99eb05274b3b0dcee5bce8a8f2a92 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Mon, 9 May 2022 13:00:46 -0400 Subject: [PATCH] split out private screenshots into a section --- static/features.html | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/static/features.html b/static/features.html index 58a4ef04..7e54eafd 100644 --- a/static/features.html +++ b/static/features.html @@ -85,7 +85,12 @@

Table of contents

@@ -316,11 +321,28 @@ compatible with an OS not including any carrier bloatware apps and disabling various misfeatures such as disallowed tethering, disallowed 2G toggle, etc. -
  • Screenshot EXIF metadata is reduced by not including information on the OS - and OS version so that it's only clear it's an OS including this feature. The - inclusion of timestamps is also disabled by default with an opt-in toggle for - the user to enable it.
    • + +
    +

    Private screenshots

    + +

    GrapheneOS disables the inclusion of sensitive metadata in screenshots.

    + +

    On Android, each screenshot includes an EXIF Software tag with detailed OS + build/version information (android.os.Build.DISPLAY). It's the + same value shown at Settings ➔ About device ➔ Build number. This leaks the OS, + OS version and also usually the device family/model since builds are usually + specific to a family of devices. GrapheneOS completely disables this tag.

    + +

    On Android, each screenshot also includes EXIF tags with the local date, + time and timezone offset. GrapheneOS disables this by default in order to + avoid leaking the time and quasi-location information through metadata that + isn't visible to the user. The date and time are already included in the file + name of the screenshot which is fully visible to the user and can be easily + modified by them without a third party tool. GrapheneOS includes a toggle for + turning this metadata back on in Settings ➔ Privacy since some users may find + it to be useful.

    +