Security Flaw Causes Tinder to Reveal Users’ Exact Location

TinderTinder, the popular dating app that allows you to “swipe” through the profiles of local singles in your area, is facing a bit of a hiccup.

A Toronto-based security firm called Include Security was able to track down Tinder users’ locations nearly exactly, down to a 100-foot radius, CBS News reports. That means a major flaw in the app’s design made it possible for users’ sensitive location data to be known for between 40 and 165 days. Even in an age where privacy is becoming less and less relied upon, that’s a pretty big vulnerability for the folks who’ve downloaded and used the app on their smartphones and other mobile devices.

Researchers at Include Security, a so-called “white hat hacking company,” first discovered the flaw last October. The Tinder app works by connecting to your Facebook profile and allowing you to view others who are connected in your immediate geographic area down to the nearest mile. But as the Include team found, the reality was something much more precise.

“Towards the end of 2013, we found a vulnerability that lets you get exact latitude and longitude co-ordinates for any Tinder user,” Include hacker Max Veytsman wrote on the company’s blog.
Tinder itself has remained relatively quiet about the issue, extending a polite but brief “thank you” to Include when the problem was first brought to its attention. But that was in October. Include inquired again in November and December to see if Tinder would fix the issue but got no response.

As of January 1, however, the problem seems to have been resolved.

This isn’t the first issue Tinder’s had with security, either. Last July, Tinder CEO Sean Rad told Quartz.com that a problem had caused its users’ longitudes and latitudes to be revealed for a few hours. The truth, however, was closer to a few weeks. In November, too, Quartz reported on a glitch that allowed Tinder users’ code to be manipulated and their email addresses easily obtained.

Though it’s maintained a reputation as more of a “hookup” app than a true dating service, Tinder is part of the larger fabric of the online dating world. And according to statistics from 2012, 40 million people are currently connected into that world, making it one of the most profitable on the planet.“We prefer to teach men how to approach women in real life, because women’s standards go up online,” explains Dan Bacon, Expert Dating Coach at The Modern Man . “They ask for, and expect, things that they wouldn’t expect when meeting men in real life. This makes it difficult for the average guy to find himself a nice girlfriend. There’s a great TV show called Catfish on MTV that shows how people impersonate more attractive individuals while dating online all the time, meaning that a man may not know who he is talking to in reality at any point while using online dating services.”

In regards to Include’s discovery, a spokeswoman for Tinder said the problem was resolved within two days of having it brought to the company’s attention. But Include’s founder, Erik Cabeta, says there’s no chance that’s actually the case. No matter who’s correct, you might want to think twice before you decide to swipe left or right on Tinder in the future.

Sources:
http://visual.ly/logic-online-lovin%E2%80%99-does-online-dating-work
http://www.businessweek.com/articles/2014-02-19/new-tinder-security-flaw-exposed-users-exact-locations-for-months
http://www.cbsnews.com/news/tinder-dating-app-security-flaw-exposed-users-exact-locations/

Leave a Reply

Your email address will not be published. Required fields are marked *