☉ The Forensics Desk · Issue No. 01 · Spring 2026

Whatyourphotosreallysayaboutyou.

A self-hosted forensic instrument that reads — and removes — the invisible ledger travelling with every JPEG, PNG, and MP4 you share.

Run it locally→Read the report

0001 — A FIELD GUIDESCROLL FOR THE STORY ↓OPEN SOURCE · SELF-HOSTED · v1.0.0

The quiet ledger inside every photograph.

Every time you take a photograph, your camera writes a second file alongside it — an invisible dossier called EXIF. It records the make and model of the lens, the precise GPS coordinates, the millisecond the shutter clicked, the firmware that processed the image, and increasingly, the AI model that generated it.

For the photographer it is a footnote. For an investigator — friendly or otherwise — it is a confession. The ledger has outed activists, leaked address books, and undermined every claim that an image is "authentic." It has also become the fastest way to spot a Midjourney render in the wild: the software signs its work whether you asked it to or not.

Most consumer apps scrub a fraction of these fields and call the file clean. They are not. EXIF_Gone takes a more honest approach: it re-encodes images from raw pixel data and re-muxes videos with every metadata atom dropped. What survives is the picture itself. Nothing else.

The tool ships as a Docker image you run on your own hardware. No telemetry, no upload, no third party. The container has no network volumes mounted. Every byte you feed it lives in memory, then dies there.

"Removing metadata is the cheapest, most overlooked privacy hygiene you can practise. EXIF_Gone makes it the work of a single click."
— The Field Desk

CHAPTER II · The Threat Landscape

A taxonomy of what your files actually carry.

A single iPhone photograph carries up to 0 distinct metadata fields. Most users see exactly zero of them.

HIGH

GPS coordinates

Location

14.5995° N · 120.9842° E (Manila)

HIGH

Camera serial

Device fingerprint

C02XK1JM9F·2A

HIGH

Owner name

Personal identity

Maria Reyes

MEDIUM

AI generator tag

Provenance

Midjourney v6 · Stable Diffusion XL

MEDIUM

Software / Encoder

Pipeline trace

Adobe Lightroom 14.2 · Runway Gen-3

MEDIUM

Camera make/model

Device class

Apple · iPhone 15 Pro

LOW

Color space

Technical

sRGB · Display P3

CHAPTER III · The Method

Four passes. No heuristics.

Most metadata removers edit the source bytes — they walk the EXIF tree, blank the fields they recognise, and hope the rest is harmless. EXIF_Gone refuses that bargain. Re-encoding from pixels (or stream-copying with metadata disabled) is absolute, not best-effort.

STEP 01

Decode

Images are decoded down to raw pixel arrays via libvips. Videos are demuxed into elementary streams. The original byte container is discarded.

STEP 02

Re-encode / Re-mux

Images are re-encoded by sharp into a fresh container with no metadata pipe-through. Videos are stream-copied through ffmpeg with -map_metadata -1 and -map_chapters -1.

STEP 03

Audit

Before stripping, exifr extracts every field group: EXIF, IPTC, XMP, ICC, GPS, and PNG text chunks. ffprobe extracts container and per-stream tags. You see exactly what was there.

STEP 04

Deliver

The cleaned file is streamed back as a binary download. The buffer is freed. The container forgets it ever existed.

CHAPTER IV · Run It Locally

Pull it. Run it. Forget it.

EXIF_Gone ships as a single Docker image. No accounts, no config files, no telemetry. The container starts in under a minute and answers on port 3000.

View on Docker Hub View on GitHub →

docker-compose.yml

services:
  exif_gone:
    image: vibepointstudios/exif_gone:latest
    container_name: exif_gone
    ports:
      - "3000:3000"
    environment:
      - MAX_FILE_MB=50
      - MAX_VIDEO_MB=500
    deploy:
      resources:
        limits:
          memory: 2G
    restart: unless-stopped

bash

# 1. Pull
docker pull vibepointstudios/exif_gone:latest

# 2. Run
docker run -d -p 3000:3000 \
  --name exif_gone \
  --memory 2g \
  vibepointstudios/exif_gone:latest

# 3. Open
open http://localhost:3000

APPENDIX · Specifications

The full kit list.

A precise, opinionated stack chosen so each layer earns its place. Nothing is here to look modern — only to do its job forever.

Image formats: JPEG · PNG · WEBP · TIFF · HEIC
Video formats: MP4 · MOV · MKV · WEBM · AVI · M4V · 3GP
Image engine: sharp (libvips) re-encode
Video engine: ffmpeg stream-copy re-mux
Metadata parsers: exifr · ffprobe
AI detection: Midjourney · SD · DALL·E · Runway · Kling · Sora · Pika
Storage: In-memory + tmpfs · zero persistence
Network egress: None at runtime
Default port: 3000
Container size: ~ 280 MB (Alpine + libvips + ffmpeg)
Cold start: < 60 seconds
Authentication: None — internal network only