In the report Bradley Anstis from M86 Security Labs is quoted as saying that, "If your kids use Facebook to upload a photo of their new bedroom to show friends, an attacker could find the co-ordinates for that address."
I've just tested this and the claim appears to be incorrect.
When I uploaded an image that contained GPS coordinates, the result on Facebook was completely stripped of all Exif metadata.
The image I used was one from a collection available from SpatiaLite's site.
|This file (DSCN0010.JPG) contained metadata,|
including GPS coords.
|The uploaded file is stripped of all metadata.|