Tinder's Lack of Encryption Lets Strangers Spy on Your Swipes

Tinder's mobile apps still lack the standard encryption necessary to keep your photos, swipes, and matches hidden from snoops, a security firm reports. From Wired: On Tuesday, researchers at Tel Aviv-based app security firm Checkmarx demonstrated that Tinder still lacks basic HTTPS encryption for photos. Just by being on the same Wi-Fi network as any user of Tinder's iOS or Android app, the researchers could see any photo the user did, or even inject their own images into his or her photo stream. And while other data in Tinder's apps are HTTPS-encrypted, Checkmarx found that they still leaked enough information to tell encrypted commands apart, allowing a hacker on the same network to watch every swipe left, swipe right, or match on the target's phone nearly as easily as if they were looking over the target's shoulder. The researchers suggest that lack of protection could enable anything from simple voyeuristic nosiness to blackmail schemes.

better:

[supernova87a]

Maybe if you've got a stalker watching who you swipe on Tinder, you should ask him/her out on a date instead? Problem solved.

Re:who gives a shit

[Oswald+McWeany]

If you are using the Internet you aren't taking privacy seriously.

That's why I never use the internet. I especially don't use it to post comments to a forum where anyone else might see my opinions on things.

Re:who gives a shit

[110010001000]

If you are using closed source software you REALLY shouldn't be concerned about privacy, because the software could literally be doing anything.