Contents
ExifTool and mat2 are the power-user tools that clear the entire metadata block across formats in one pass, but a full strip still removes only the tag, not the device fingerprint the file carries in its own pixels or samples.
What ExifTool and mat2 actually do
ExifTool, written by Phil Harvey, reads and writes the metadata block across nearly every container you are likely to hold: EXIF, IPTC and XMP in images, ID3 in MP3, the atom tables in MP4, and the tags inside PDF. Run it over a file and it can clear the whole block in a single pass, which is why it is the default tool for anyone who wants every field gone rather than the handful a photo app happens to expose. mat2, the Metadata Anonymisation Toolkit, takes a stricter approach: it works from a whitelist, keeping only the fields a format genuinely needs and discarding everything else, and it writes to a copy by default so the original is left untouched. For a power user the practical division is simple: ExifTool is the microscope and scalpel, mat2 is the privacy cleaner. Between them they cover the two things you actually want, total coverage across formats and a clean copy that was never a lossy round trip. The reason to prefer them over a photo app’s built-in clear-location button is coverage: the app clears the one field it exposes, while a full strip also clears the fields you never see, the embedded thumbnail that can still show the original framing, the XMP edit history that lists every prior change, and the maker-note block a manufacturer packs with its own data.
Both are public, both are auditable, and neither is a secret weapon. That matters, because the real limit of these tools is not how much of the tag block they remove. It is how little of the file the tag block was in the first place.
A strip clears the container, not the signal
Deleting the metadata removes the label a file carries about itself. It does not touch the evidence the file carries inside its own pixels or samples. A camera or a microphone leaves a physical fingerprint in the content it records, and that fingerprint is in the signal, not the header, so it survives a metadata wipe and even a re-save.
For audio, the device signature is well documented. Hanilci and colleagues, writing in IEEE Transactions on Information Forensics and Security, identified the brand and model of fourteen cell phones from recorded speech at 92.56 and 96.42 percent accuracy, because each device “introduce[s] a convolutional distortion on the input speech, hence leaving its own tell-tale footprints.” Qamhan and colleagues later pushed source-microphone identification to between 97.6 and 99.98 percent using a transformer model. And Cuccovillo and colleagues found that cleaning a recording first, rather than hiding the signature, sharpens it: spectral denoising gave “an average accuracy increase of about 25%” for microphone classification. Buchholz, Kraetzer and Dittmann had shown the principle back in 2009, identifying microphones from their recordings at up to 93.5 percent accuracy.
Images behave the same way. Lukáš, Fridrich and Goljan proposed “a new method for the problem of digital camera identification from its images based on the sensor’s pattern noise”, the PRNU fingerprint. It lives in the pixel values, so ExifTool or mat2 can delete every EXIF field and the sensor pattern is still there for anyone who compares it against a reference.
The C2PA twist
There is one more thing a full strip does that is easy to miss. If a file carries a C2PA manifest, the cryptographic provenance record some cameras and generators now attach, then editing the file at all breaks the signature. That is by design and it is complete: any change to the pixels or samples invalidates the binding. But an invalidated binding is not a blank slate. To a C2PA-aware reader it says the file was touched after it was signed, which is a different and louder signal than a file that never carried a manifest at all. If you want to understand how C2PA signing and verification work before you decide whether to break one, see what C2PA Content Credentials are.
Where to go next
ExifTool and mat2 are the right tools for the job they do, which is removing the tag block cleanly and completely. Just do not mistake that for anonymity. The tag is the label; the signal is the evidence. For the audio side of this in detail, see remove metadata from an audio or MP3 file and, for the part a strip cannot reach, strip ENF and microphone fingerprint from audio. If your real question is whether a specific file has been tampered with or what it can still be traced to, that is a forensics question, see what forensics can learn from a file.
Sources
- Buchholz, Kraetzer, Dittmann (2009). Microphone Classification Using Fourier Coefficients. Information Hiding.
- Hanilci, Ertas, Ertas, Eskidere (2012). Recognition of Brand and Models of Cell-Phones From Recorded Speech Signals. IEEE Transactions on Information Forensics and Security.
- Qamhan, Alotaibi, Selouani (2023). Source Microphone Identification Using Swin Transformer. Applied Sciences.
- Cuccovillo, Giganti, Bestagini (2022). Spectral Denoising for Microphone Classification. ACM International Conference on Multimedia Retrieval.
- Lukáš, Fridrich, Goljan (2006). Digital Camera Identification from Sensor Pattern Noise. IEEE Transactions on Information Forensics and Security.