Pesce, a security analyst for NWN Corporation, an IT firm in Waltham, Mass., said geotagged photos also pose corporate threats.
Let's say an employee with valuable corporate information stored on a home computer or laptop posts geotagged pictures to Facebook and Twitter. A hacker could use the photos to monitor the person's location history and figure out a good time to make a move, he said.
"Thinking about that from a computer security perspective has some interesting implications as to how someone could gain access to corporate IT data," Pesce said.
These security issues aren't just limited to social media. Online classified sites such as Craigslist can also pose problems.
Friedland said some Craigslist users who otherwise make a point to protect their identities online are disclosing the exact locations of their homes through the pictures they post on the site.
People selling couches, desks and other items online might think that they are posting anonymously, but through the photos uploaded to the site, Friedland said, they were able to locate to users within one meter accuracy.
"We found quite a lot of postings where the photos contained geolocation information, some were even anonymized," he said.
Friedland and Sommer will present their findings to the technology community next month at a security conference in Washington, D.C. But Friedland said that there's a takeaway for the non-technical too.
Location-based services, such as Foursquare which can people locate friends and programs that auto-cluster pictures by location, can be helpful and positive, he said. But he emphasized that people need to be careful about what they disclose.
"I think people have to be made aware of the geotagging issue before something really bad happens," Friedland said. "In reality, this is really nice technology. You just have to be aware of it."