Gay Dating App Grindr' Exposed Millions of Users’ Location'
A tech company CEO has exposed two major security flaws in the gay dating app Grindr which could have placed its 3 million daily users at risk by sharing their location data against their will.
Grindr is the world's largest dating app for gay, bixsexual, transgender and queer people according to its website. Trever Faden, founder of property management company Atlas Lane, discovered a flaw in Grindr’s Application programming interface (API) that allowed users to find data that was previously unavailable, including deleted photos, which users had blocked them from and the location data of users who had opted out of sharing such information.
Faden exposed this flaw and established the (now-defunct) website C*ckblocked which would sift through users' metadata along with their username and password. “One could, without too much difficulty or even a huge amount of technological skill, easily pinpoint a user’s exact location,” he explained to NBC.
Faden also discovered a second flaw in the app in which user data was sent unencrypted over the internet. Grindr claims it does encrypt user data and obscures user location despite not specifically denying accusations in the current leak in its statement published on Twitter. RT.com has contacted Grindr for additional comment.
Read more from RT here