Latest in Services

Image credit:

Grindr security flaws risk exposing users' location data

The company behind the gay dating app say they've fixed one exploit, but another remains.
David Lumb, @OutOnALumb
March 29, 2018
Share
Tweet
Share

Sponsored Links

Leon Neal via Getty Images

Two security issues could expose personal data for up to 3 million users of the gay dating app Grindr, according to an NBC OUT report. In the first, a website letting users log in with their Grindr credentials got wide-ranging access to data that isn't publicly available. This includes that user's unread messages, email addresses, deleted photos and real-time location -- even if they've opted out of publicly sharing the latter. But the second simply intercepts unencoded location data going from the app to servers, allowing anyone observing that user's internet traffic to pinpoint their position.

Trever Faden originally discovered the first flaw after creating the website C*ckblocked (asterisk intentional) to scrape data from anyone who logged in with their Grindr username and password. The second would let anyone monitoring web traffic observe the location-pings the Grindr app sends to its servers -- and while that's a creepy thing to do anywhere (like, say, over public Wi-Fi), it's also something that anti-gay governments or groups could use to peek at anyone who might use the service.

We've reached out to Grindr for comment and will add when we hear back. The company assured NBC OUT that the C*ckblock flaw had been fixed (the site was shut down anyway), but the second exploit reportedly remains.

In this article: services
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

The 2020 Engadget Holiday Gift Guide

The 2020 Engadget Holiday Gift Guide

View
The best laptop deals we found for Cyber Monday

The best laptop deals we found for Cyber Monday

View
Scientists might know why astronauts develop health problems in space

Scientists might know why astronauts develop health problems in space

View
The best Cyber Monday tech deals that are worth your money

The best Cyber Monday tech deals that are worth your money

View
Apple's MacBook Air M1 drops to $899 for Cyber Monday

Apple's MacBook Air M1 drops to $899 for Cyber Monday

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr