Menu
Millions of Tinder users left open to GPS security flaw

Millions of Tinder users left open to GPS security flaw

New research reveals a vulnerability which allows strangers to pinpoint a user’s exact location

A new flaw in popular dating app, Tinder, has left millions of users open to being tracked by anyone with a ‘rudimentary’ technical backround.

New research from New York-based computer security firm, Include Security, has revealed a vulnerability which allows strangers to pinpoint a user’s exact location, a huge privacy violation for its users and the perfect way to end up with an unwanted visitor on your doorstep.

To demonstrate and test the vulnerability, researchers built a private app called TinderFinder which uses triangulation to discover users’ exact locations.

Include Security managing partner, Eric Cabetas, said his firm found a way to use the data that Tinder sent across the network to find the exact locations of users within 30m.

“This is not something the users can see, this is behind the scenes data,” he said.

“Tinder was sending really accurate distance information.”

Cabetas said his firm, which was commonly employed to test security of Apps, informed Tinder of the vulnerability in October last year and suggested a fix for it.

It was fixed in January leaving users open to privacy violation for more than three months.

“It’s pretty straightfworward process and anyone with a rudimentary technical background could figure out how to do it within an hour or two,” he said.

“We escalated it to their CEO and they acknowledged it and said thanks for letting us know.

"Every three or four weeks we would contact them and I can only say we saw a couple of ignored emails and very brief non descriptive replies.

“This issue is no longer reproducible on Tinder.”

Cabetas said all location aware apps had the potential to be vulnerable.

“The main message is you really need to get these things looked by a security specialist,” he said.

“If you put these apps out and put your users at risk they are not going to be very happy.

“The most you can do as a consumer is demand there are security experts looking at developers’ apps.”

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags nclude Security managing partnerinclude securitytinderEric Cabetas

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments