The researchers say the reason for the location leak is a data called “EXIF”, which is attached to images taken with digital cameras or smartphones. If the latter devices had built-in GPS, EXIF information could include the detailed geolocation where the pictures had been made. This could be a real nightmare for the careless or less tech savvy dark web vendors.
“These are very exact data points — if you drilled down, they could help you pinpoint a house,” Rose said.
The Harvard seniors researched all drug listings on dark net markets that had the geolocation turned on and created an interactive map. They altered the exact locations by roughly a mile for privacy reasons. This geotagged map shows Rose’s and Lisker’s findings, the different colors show different dark web markets:
The duo started their research last fall as part of a project for privacy and technology. Lisker and Rose based their findings on the Black-Market Archives website, created by Gwern, a famous researcher in the dark net community. Gwern acquired the data for his site by scraping popular dark net sites. The Harvard seniors wrote a computer script, which made their job much easier; they found nearly 7.5 million images, 2300 from them included geolocations. Although, only 229 of them were unique.
According to Rose, this data shows that only a very slight percentage of the sellers forgot to delete the geolocations from their images. However, he added he was surprised when he had seen that most geo-tagged pictures were coming from the most popular dark net markets. Rose thought those websites had scripts that would automatically remove location info.
For example, the Harvard researchers found out that 52 unique geotagged images were posted to Agora, which was one of the most popular dark net markets at the time until it went offline last year. A weird thing though, photos with location data suddenly disappeared from the Agora archives on March 18, 2014.
“We figured they must have realized, ‘Oh no, we have this really big problem,’ ” Rose commented.
Geotagged images show both the failure of the sellers and the market admins. The website could have easily built in an algorithm that removed such data. Vendors have two options: either just remove the burning info or replace it with fake location data.
In many cases, the researcher duo found multiple images tagged with geolocations that were just partly separated from each other.
“This suggests the behavior of sellers who are careless on a regular basis, rather than the occasional forgetfulness of not stripping data or purposeful manipulation,” Rose and Lisker wrote in their post on Medium.
Since they found only 229 unique pictures from almost 7.5 million, Rose and Lisker think that hunting dark net drug dealers by geotagged images is not an efficient method for law enforcement authorities.