Learn
All Basics Text and content URL tracking Metadata Network Accounts and operation Behavioral correlation Past information and search Past information and removal Journalists Whistleblowers Activists Individuals By situation Publishing workflow Final checks
284 articles Category: All
What is anonymity? What Is DNS? What Is an IP Address? What Is a Protocol? Anonymity for Whistleblowers How Whistleblowers Should Think About Anonymity What to Check Before Whistleblowing Anonymity Check Before Whistleblowing Author Information in Documents, PDFs, and Office Files Posting Times to Avoid in Whistleblowing Pre-Publication Checklist for Whistleblowers What Whistleblowers Should Check Before Using Information Submission Tools The Threat Model to Think About First in Whistleblowing Hiding your IP is not enough for anonymity Five correlation patterns that break anonymity What is URL tracking? Unknown URL Parameters How URLs Can Break Anonymity UTM Parameters Removing image metadata How to Think About Identification Risk How Images Can Break Anonymity Risk of Identity Inference From Backgrounds, Reflections, and Text in Images When Your Photo Is Used on a Company Site or Someone Else's Site Risks From Image Search, Face Images, and Icons How to Check Past Information With Image Search Pre-Publication Checklist for Individuals How to Inspect Documents Before Publishing IP address basics Reply risks and post-publication handling after reporting How journalists should think about anonymity Anonymity for journalists Contact methods and account separation for journalists Communication traces left by contact with sources Pre-publication checks for photos, video, and audio materials Checking metadata in reporting notes, recordings, and photos Pre-Publication Checklist for Journalists What Journalists Should Check Before Publishing Risks From Publication Timing and Location Information Publication Workflow for Protecting Sources and Yourself Risk of Source Inference From Published Stories Anonymity for Protecting Sources Threat Model for Protecting Sources Why personal stories, timelines, and expertise can reveal identity Metadata left in submissions and file sharing Checking SVG metadata SVGO and manual XML checks What Is Tails? What Is Whonix? Differences Between Whonix, Tails, and Qubes OS TCP/IP Basics The Difference Between TCP and UDP What Is Technical Information Correlation? What Is a Trust Model? What Is TLS? Basics for Making Routine Places Harder to Infer Risks From Location Information and Routine Places Why login state breaks anonymity How to Review URLs Manually What Is Metadata? Basics of EXIF and GPS Information What is a mixnet? How to Think About Mixnets and NymVPN Cautions About Mobile Networks and Anonymity Correlation Risk When Posting Across Multiple Sites Network Basics to Know Before Thinking About Anonymity What Is a Network Layer Model? Correlation Between Communication Time and Behavior Patterns Correlation Between Posting Time and Daily Rhythm Time Zone and Language Setting Risks Timing Correlation Between Events and Logs Packet and Routing Basics What Is NymVPN? What Is NymVPN?: Differences From VPNs and Tor Risks From Location Information, Movement History, and Routine Places What Is Place Correlation? Place and Time Clues How to Blur Place Names, Workplaces, Schools, and Routine Places Risk of Identity Inference From Past Social Media Posts Cases Where Past Posts Connect to Current Anonymous Activity Checking Old Blogs and Old Profiles How to Deal With Past Personal Information You Do Not Want Known Risks From Old Handles and Search Results How Old Images Affect Current Anonymity Anonymity for Ordinary Individuals Past Information Ordinary Individuals Should Check First Leakage of Personal Information Personal Information Left in Filenames How to Check Personal Information Left in Search Results Steps to Reduce Past Information Search Behavior Risks Cases Where Search Terms or Personal Information Remain in URLs Information Left in Translation URLs and Search URLs Checking Personal Information Left in Search Results How to Think About Reducing Information From Search Results What Is the Wayback Machine? Risks From the Wayback Machine and Archives Risks From Information You Cannot Delete After Publishing What to Pause and Check Before Anonymous Activity PDF Metadata Risks Invisible Risks Left in PDFs Preparation for People Starting to Post Anonymously Removing PDF metadata Metadata in Office files Video and audio metadata Identification risk from writing style Identification From Occupation and Affiliation Author Information in Office Files Metadata Risks in Office and PDF Files When Offline Protection Is Strong for Online Activity What Is OPSEC? Risks From Organization-Specific Language The OSI Reference Model and the TCP/IP Model How OSINT Breaks Anonymity What Is OSINT? What Are Port Numbers and Sockets? How to use Anonymity Sense The difference between HTTP and HTTPS Risks of reusing icons and profile images ID3 tag risks What is account correlation? Account separation basics What is account separation? Reply, backlash, and tracking risks after publishing Anonymity for activists How activists should think about anonymity Activist anonymity check Behavioral correlation activists should watch for Separating devices, browsers, and network environments Separating activist accounts and personal accounts Pre-publication checklist for activists Social media operation and account separation Surrounding information visible in photos and videos After posting Identification risk from replies after publication Why personal information becomes dangerous in the AI surveillance era Information that remains in AI-generated images Why the barrier to identification is lower in the AI surveillance era Text Anonymization in the AI Era Clues in Text That Can Suggest Identity How Text and Speech Can Break Anonymity Why Identity Can Be Inferred From Writing Style Topic Correlation What Is Tor? Tor Browser Basics What Is a VPN? Checks When Using a VPN Cautions When Using a VPN Why VPNs and Tor Alone Are Not Enough for Anonymity Differences Between VPN, Tor, and Proxy The Difference Between VPNs and Tor What Is a WebRTC Leak? What Can a Website See When You Access It? What to check if you are already posting anonymously Anonymity is not a "hiding technique," but judgment that reduces correlation Causes of anonymity failure The history of anonymity How to protect anonymity in a surveillance society Anonymity is determined by practice, not technology alone Anonymity is determined by services and practice The principles of anonymity Anonymity is not a tool for wrongdoing, but a technology that protects people Final Go/No-Go Check Before Publishing How to Choose Anonymous Communication Tools Cautions When Sharing Files Anonymously What Is Anonymous Practice? Final Checklist Before Anonymous Activity Operational rules for continuing anonymous activity Long-term operational habits Why One Mistake Can Break Long-Term Operation What is a browser fingerprint? Browser fingerprint defenses Browser fingerprinting basics How a browser displays a web page What Are Servers and Clients? Risks of Shortened URLs and Redirects Signs You Should Pause Before Publishing Risks From Social Media Posts and Search Results Risks from comments and tracked changes Common patterns that break anonymity Common failures What are communication logs? Basic Principles of Anonymous Practice How to Choose an OS or Environment for Anonymous Use Time Rules for Anonymous Posting Risks of Reusing the Same Image or Username Risks of Repeating the Same Posting Time Risks of Continuing to Use the Same Writing Style How to Separate Writing Style Between Real-Name and Anonymous Accounts Risks From Screenshots and Archives Risks From Screenshots, Screen Sharing, and Notifications Overview of services that support anonymity Overview of anonymous submission tools What Is OnionShare? Cautions When Passing Files With OnionShare What Is SecureDrop? What to Check Before Using SecureDrop What to check before choosing a username for an anonymous account Information that remains on archive sites and removal requests Anonymity checks when you have no plan to publish now What not to do after posting Precautions to avoid exposing family and friends What to check before transferring files anonymously Before posting Before sharing a link Before uploading a file Before writing Threat models for beginners Threat Models and Trust Models How to generalize proper nouns safely How to generalize region, workplace, and school information Risks of bringing real-name information into an anonymous environment Metadata that browsers can and cannot remove Identification risk from cameras, microphones, and notifications What is a CDN? What to check before publishing photos Children's photos and AI-era risks Cautions when choosing where to consult or submit How to clean a URL before sharing What to check before cleaning up old accounts Risks of cloud history and file sharing Cloud history and file creation environments Risks of cloud history, sharing history, and edit history Risks of cloud sharing links Risks of sending files through Google Drive, Dropbox, and social media DMs What is content correlation? Risk that a whistleblower can be inferred from the content Differences between cookies, sessionStorage, and localStorage Risks of cookies, localStorage, and IndexedDB Crossposting risk Data broker risk What is a deepfake? How PCs and smartphones communicate Device and browser separation Direct identifiers in personal information What is a DNS leak? Author and organization information left in document files Separating email addresses, phone numbers, and recovery methods Risks of event participation and posting time EXIF and GPS checks before publishing photos What is ExifTool? How to check metadata with ExifTool Why face photos, voices, and routine places can be misused Checking information that links to family, work, and school Thinking about metadata removal with FFmpeg GPS and Time Risks in Videos Risks From Voice, Ambient Sound, and Background Sound Metadata in PDF, Office, video, and audio files What to check first after an anonymity failure What is GlobaLeaks? Group chat and contact risks Hidden text and XML comments What does it mean to hide a network route? How the internet connects Specific Clues in Post Content Pre-Publish Checklist Checklist for Reviewing Text Before Posting Risks in Printouts, Scanned Images, and Photos The difference between anonymity, privacy, and security Why Anonymity Cannot Be Guaranteed Why Anonymity Literacy Is Needed Now Why You Must Not Leave "Not sure" Unresolved Why Information Is Hard to Remove Once Published What are private IP addresses and NAT? What is profiling? Digital checks before protests and civic activity How Routine Places Are Inferred From Public Information Public Wi-Fi and Anonymity qpdf / MAT2 Guide What Is Qubes OS? Risks of Searching for Anonymous Activity From a Real-Name Account Why Separate Real-Name and Anonymous Environments Why Separate a Browser for Anonymous Use Operating Without Mixing Real-Name and Anonymous Personas Why You Must Not Mix Real-Name Login and Anonymous Activity Checking Metadata in Files You Receive Why Replies and DMs Can Break Anonymity What to Do When You Notice a Risk After Publishing How to Review Old Posts The Roles of Wi-Fi, Routers, and ISPs How to Recheck Metadata After Removal Anonymity Is Never Perfect, But You Can Reduce the Gaps Regular Review Regular Self-OSINT Checks
Metadata
Thinking about metadata removal with FFmpeg FFmpeg is a widely used tool for audio and video conversion, re-encoding, and metadata processing.
In the context of anonymity, it can be a candidate for regenerating video or audio before publication and reducing unnecessary metadata.
However, using FFmpeg does not automatically make a file safe.
Even if you remove metadata, voices, background sounds, text in the video, faces, reflections, and the time of publication remain.
This article organizes how to think when using FFmpeg and what to check after metadata removal.
What is FFmpeg? FFmpeg is a project used for audio and video conversion and processing.
On the official site, you can check project information, documentation, and download information.
URL : https://ffmpeg.org/
It is used for video and audio format conversion, re-encoding, audio extraction, metadata processing, and similar tasks.
The reason to introduce it for anonymity is that it can process files locally.
You can process files on your own device without uploading them to an external conversion site.
What FFmpeg can handle FFmpeg can process audio and video containers and streams.
However, it does not judge every piece of information related to anonymity.
What it can handle What it cannot handle Re-encoding Judging the meaning inside video Changing container information Detecting signs, reflections, faces, and text Removing or extracting audio Judging voice identification risk Processing metadata Removing publication times or communication logs Format conversion Separating accounts or cloud history
FFmpeg is a powerful processing tool.
The anonymity judgment still has to be made by a person.
Metadata removal and re-encoding have different purposes With FFmpeg, you may combine processing that reduces metadata with processing that re-encodes video or audio.
However, these two things do not mean the same thing.
Process Purpose Caution Metadata removal Reduce titles, creation information, tags, and similar data Recheck the information you wanted to remove and any newly attached information Re-encoding Recreate video or audio New encoding information may be attached Audio removal Remove voices and ambient sound Information inside the video remains Clipping Keep only the needed part Backgrounds and sound remain even in the clipped section Format conversion Change to another format Content risks remain even if the format changes
You cannot say "it is safe because it was re-encoded."
After re-encoding, check both metadata and content.
What to check before processing Before processing with FFmpeg, check the original file.
Check Reason Copy the original file Do not mix the original and the publication version Check metadata Understand what you want to remove Check the video Look at backgrounds, reflections, text, and faces Check the audio Listen for voices, conversations, and ambient sound Look at the filename Check whether dates, places, or names remain
If you do not know what is in the file before processing, you cannot judge what disappeared after processing.
Check metadata with ExifTool or a similar tool, regenerate with FFmpeg if needed, and check again.
ExifTool official site:
URL : https://exiftool.org/
Recheck after re-encoding After re-encoding with FFmpeg, always check again.
Re-encoding may reduce old metadata, but new encoding information or creation times may also be attached.
Check Reason Metadata Whether old or new information remains Video Whether backgrounds or text remain after processing Audio Whether muting or replacement worked correctly Filename Whether a name containing original information remains Playback check Whether there is damage or unintended content
"Processed" and "became safe" are different.
You can make a publication judgment only after checking the processing result.
Whether to remove audio For video anonymity, whether to keep audio is important.
Voices, conversations, ambient sound, and announcements become strong clues.
Audio state Judgment Your own voice is included Consider voice alteration, removal, or not publishing Nearby conversations are included Be careful because this can involve other people Station or store sounds are included The location may be inferred Notification sounds are included The app or device environment may be revealed Unnecessary audio It may be acceptable to remove it
Even if you remove audio, information visible from the video remains.
Check video and audio separately.
Avoid mixing up processed files Video processing increases the number of files: original files, in-progress files, and files for publication.
If you mix them up here, you may accidentally publish the original file as-is.
File Handling Original file Store as the original and do not publish it Working file Manage it as a file in the middle of processing Publication file Use only a file whose metadata and content have been checked Check results Do not leave them in a real-name environment more than necessary Unneeded files Do not casually leave them in cloud sync
Pay attention to filenames too.
A name such as home_near_station_original.mov leaks information even if metadata is removed.
Give files for publication names that are not too closely related to the content.
Why not use external conversion sites Video and audio conversion sites are convenient.
However, if you upload a file where anonymity matters to an external site, the file, source IP address, time, and browser information are handed to that site.
For high-risk files, prioritize local processing.
Even with local processing, consider device and storage-location safety separately.
If you work on a workplace device, school device, shared PC, or cloud sync folder, other traces may remain.
Cases FFmpeg alone cannot solve In cases like the following, processing with FFmpeg alone is not enough.
Many faces or name tags appear in the video Names or places are mentioned many times in the audio The shooting location is easy to identify from the background Internal materials or screen notifications are visible The publication time itself indicates participation or behavior In these cases, you need judgments such as not publishing, recreating the content, using still images, explaining in text, or waiting, rather than just re-encoding.
In anonymity work, separate problems that tools can process from problems that can only be solved by a publication judgment.
Where to check the processed video Pay attention to the environment where you check the processed video.
If you upload it for checking to a cloud or video service where you are logged in with a real-name account, the account and file become connected at that point.
Check locally as much as possible.
Even when you need to check with an external service, use it only after understanding what is handed to the service side.
Summary FFmpeg is a powerful tool used for audio and video conversion and re-encoding.
For anonymity, it helps process video and audio locally and reduce unnecessary metadata and audio.
However, FFmpeg does not automatically judge anonymity.
Even if you remove metadata, backgrounds, reflections, text, faces, voices, ambient sound, and the time of publication remain in the video.
Check before processing, recheck after processing, and finally judge whether the content is acceptable to publish.
Related tools Archive check
Wayback Machine An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
URL : https://web.archive.org/
Metadata inspection
ExifTool An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
URL : https://exiftool.org/
Metadata removal
MAT2 An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
URL : https://0xacab.org/jvoisin/mat2
Audio and video
FFmpeg An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.
URL : https://ffmpeg.org/
Related articles Metadata Video and audio metadata Metadata How to Recheck Metadata After Removal Metadata Removing image metadata Metadata How Images Can Break Anonymity Metadata Risk of Identity Inference From Backgrounds, Reflections, and Text in Images Metadata Metadata left in submissions and file sharing
Back to article list