Allows users to locate Security Flaw In Gay Dating App
Ensuring safety and security of our users is of paramount importance to us and will continue to be our top priority. The company also used Twitter to warn users against sharing their information with third parties. Sections U. The location tracking isn't really that reliable, even if they're using those numbers, that's a setting that you can hide so it isn't displayed, and it only updates when I'm on Grindr, which means I'm aware of when it's tracking me and usually I'm in a situation where I more or less don't mind.
Where to watch. Concerns about security leaks at Grindr, in particular, came to a head in , when it was revealed the company was sharing users' HIV status to third-party vendors that tested its performance and features. Colby Moore, the researcher who uncovered the initial flaw, provided a list of simple behind-the-scenes fixes that Grindr could make, which would make precise location tracking like this impossible.
Latin straight gay for pay
- Sections U. Accept cookies.
- But in my study, I also found personal data is accessible too.
- HPE issued an emergency safety notice saying
- Faden also discovered a second flaw in the app in which user data was sent unencrypted over the internet. If I say I'm five miles here, five miles there within a matter of 10 seconds, you know something is false.
So I created "GrindrMap" and made this "feature" available to anybody. You can arrange meetings only by messaging the people who appear to be near you. Once they did so, Faden was able to gain access to a trove of user data that is not publicly available on user profiles, including unread messages, email addresses, deleted photos, and the location data of users, some of whom have opted to not share their locations publicly.
The company did not change access to any of the other data. Faden found that he could find the location of users who had opted out if they connected their Grindr profiles through his third-party website. Two independent cybersecurity researchers, neither affiliated with Faden nor Grindr, backed up Faden's claim.