John McAfee Exclusive Reveals His Location in iPhone EXIF Data

Some time ago, the website posted an article with the somewhat full of themselves title “We Are With John McAfee Right Now, Suckers”. In it, they reveal how they have been traveling with John for the better part of the week.

The one thing that didn’t occur to them was the photo included in the article was taken with an iPhone which, as most of us know, embeds geolocation data in every shot. As soon as they realized that fact (or more likely, someone told them), the photo was replaced. The new one has the geo data removed.

I was able to get my hands on the original and analyzed the stored EXIF metadata to get the exact GPS coordinates at which the image was shot. Lo and behold, it sounds like Mr. McAffee is hanging out in Rio Dulce in Guatemala.

People getting tracked down by using EXIF data stored in pictures happens more often than many realize. There are, for example, services which scan photos found online to retrieve camera serial numbers and using stored GPS data, follow that specific camera around. If your photo equipment ever disappears from the back of your car, this may not be a horrible way of tracking it down. Sound familiar? It works for finding people too. You have to work hard to stay private in the UK these days.

Update 1: All signs point to John McAfee really being in Guatemala. He has no also hired a local attorney. Sounds like the people at have learned from their mistakes and erased all EXIF data.

Update 2: Several days later, McAfee is claiming the EXIF data was fake and intentionally manipulated. That is hard to believe. Why would he reveal that information? removing the info from the image soon after it was found is also too big of a coincidence to ignore. If you wanted to mislead people, you certainly wouldn’t do either: say information has been doctored or remove it. Things just don’t add up.

Digital Privacy Isn’t Taken, It Is Given Away

Open Source Data & Surveillance

With the Edward Snowden privacy leak a few years back, there is an important factor we’re all missing. It isn’t the government agencies that collect the data. They are merely consumers and harvesters of it. The data comes from corporations that have been gathering it for years, data that we have freely given them in exchange for convenience and vanity. We are the victims and the perpetrators.

I know a little bit about this, as I have utilized a combination of tools that track stolen devices as well as leveraged open source data to assist law enforcement to gather additional information about suspects. By “open source” I am referring to the term law enforcement uses to define data that is open and available to the public. I didn’t need top secret NSA clearance, it is information people put up freely and made public and when doing so left additional invisible traces of data (“meta-data”) embedded in files and messages that helped paint a more detailed picture.

Personal data mining

The Cloud Is a Database of You

Every email, phone call, text message, tweet, Facebook post, photo upload, check-in, online purchase is another entry into the big online database of you. However, that is just the data you know about, underneath there lies more layers of logged and stored data of which many are not aware. That information can provide just as much insight into our lives as the more opaque data with which we are accustomed to dealing.

This data all exists in isolated islands, however, when there is a data breach, or a government agent gets a piece of information such as an IMEI number, IP address, MAC address or email, it can then tie pieces of information together.

Personal data stored in the cloud

Dude Where’s My Data?

We didn’t sell our soul to the Internet. We simply imported it. We have exchanged our digital privacy for convenience, speed and artifice. It doesn’t matter if it is wrong or right, ethical or unethical. It’s the big data elephant in the room. It exists and will continue to grow, and more importantly, organizations will do a better job of making sense of it and creating individual profiles. Although a fun intellectual exercise there is no way off this grid. You are no longer in full control of your digital destiny. True digital privacy is dead.

I will be writing additional posts on this topic over the coming months, bringing in real-life examples and discussing how corporations, governments, and hackers alike leverage data and technologies to invade our privacy for fun, profit, and control. I will also discuss ways we can begin to reclaim some of our digital privacy along the way.