Major Vulnerability In Tinder Dating App Allowed User Tracking

← Back to Stories (view on slashdot.org)

Major Vulnerability In Tinder Dating App Allowed User Tracking

Posted by timothy on Thursday February 20, 2014 @02:26AM from the coming-from-inside-the-building dept.

An anonymous reader writes "Include Security unveiled new research showing that users of the popular online dating app Tinder were at significant risk due to a vulnerability they discovered in the geo-location feature of the application. This vulnerability allowed Tinder users to track each another's exact location for much of 2013. Anyone with rudimentary programming skills could query the Tinder API directly and pull down the co-ordinates of any user. This resulted in a privacy violation for the users of the application." Include Security has posted a video that shows how the the flaw could be exploited, before it was fixed last month.

3 of 23 comments (clear)

Min score:

Reason:

Sort:

tracking by schneidafunk · 2014-02-20 02:36 · Score: 5, Funny

Bug or feature? I thought the whole point of the app was to stalk people. I must have been using it wrong.

--
Some people die at 25 and aren't buried until 75. -Benjamin Franklin
1. Re:tracking by JoeMerchant · 2014-02-20 03:17 · Score: 4, Interesting
  
  One of the old dating websites (in the 1990s), used to tell you how far potential dates lived from you - harmless enough, unless you live in Key West or a similar linear settlement, that gives a really big circle on which the person could live.
  However, if you signed up for 3 (free, no verification required) accounts, and gave your different accounts different addresses around town, you could get three distances to the same potential date, giving a rather accurate estimate of their domicile location.... or, at least whatever they input when they signed up - if they were as paranoid as me, they also had three accounts and none of them had an accurate address.
Re:Welcome to 2 days ago by JoeMerchant · 2014-02-20 03:24 · Score: 4, Interesting

Well established, /. is not the place for breaking news, it's got an older moderation system that wasn't designed to get stuff to the front page quickly, in internet time. Compared to print media, /. is more or less on par with a good daily newspaper's story reporting speed (is there such a thing as a good daily newspaper anymore?)
Reddit is pretty good about bubbling up interesting stuff to the front within an hour or two, though the good AMAs always seem to make the front page just after the host has signed off...
If you want to read about what's going to be on CNN, Fox, et. al. tomorrow, watch the Reuters feeds. The news of the weird stuff usually comes across RSS 5 to 7 days before it makes it out on morning radio shows...
If you need your news faster than Reddit gets it to you, I think you have to be personally present where it is happening.