Sign in with
Sign up | Sign in

Tinder Hack Pinpointed Users to Within 100 Feet

By - Source: Tom's Guide US | B 0 comment
Tags :

Tinder is a zippy way to find cute singles in your area, and to let them find you. It's nice to know when an attractive someone is nearby, but a recent security flaw could have let malefactors cut a little too close for comfort and locate Tinder users to within 100 feet of their locations.

Brooklyn consulting firm IncludeSecurity, announced the vulnerability, which has already been fixed, in a blog posting yesterday (Feb. 19). Although exploiting the vulnerability required a fair amount of hacking know-how and the creation of a separate app, IncludeSecurity's researchers successfully triangulated Tinder users' positions with stunning accuracy.

MORE: 10 Best Dating Apps

Tinder is a very simple dating app in which users post flattering photos of themselves and look at other users within a close vicinity (say, 10 miles). Swiping right on a user's photo "likes" them, whereas swiping left gives them a pass. If two users like each other, they can send messages back and forth.

Since proximity is a key factor in Tinder, the app makes use of a mobile device's built-in GPS functionality. This means that if you have a specific person in mind, you can trick Tinder into revealing his or her location. (This also means that finding someone to stalk on a whim is not so easy.)

This past fall, the IncludeSecurity experts created a secondary app called TinderFinder, which used three fake Tinder accounts to query a user's relative location. By corroborating data from all three accounts, TinderFinder could pinpoint a target to within 100 feet. All you needed to know is about your target was his or her name and home city.

Knowing that a mark is within 100 feet is not that useful in an office building, but could potentially create some dangerous situations in an unpopulated public place, or a private residence.

To Tinder's credit, the company patched the vulnerability about two months after being informed of it. IncludeSecurity says it will never release TinderFinder to the public, as it would be trivially simple for malefactors to find users with unpatched versions of Tinder.

There's also no evidence that anyone aside from security researchers exploited this flaw. Even if you've used Tinder for a long time, you have no reason to worry that anyone's ever tracked you down via the program.

In the meantime, make sure you update Tinder by going to the iOS App Store or the Google Play Store, then resume swiping until you find someone who tickles your fancy.

http://www.youtube.com/watch?v=3E2DwdS_PvQ

Follow Marshall Honorof @marshallhonorofand on Google+. Follow us @tomsguide, on Facebook and on Google+.

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS