It has been discovered that Grindr is guilty of a shocking security breach after a blog called Queer Europe, along with the help of another gay dating app called F*ckr, used a technique called trilateration to hack into the app’s API (Application Programming Interface).
They found that they were able to pinpoint Grindr user’s exact location.
Queer Europe posted a video to Twitter demonstrating how it was done, writing that “applications designed to locate Grindr Users are publicly available online.”
Applications designed to locate Grindr users are publicly available online, and give anyone access to a virtual map on which you can travel from city to city, and from country to country, while seeing the exact location of cruising men that share their distance online. pic.twitter.com/0IumD6laAE
— Queer Europe ?️? (@QueerEurope) September 13, 2018
Upon the discovery, Queer Europe wrote on their website:
“While sitting behind my laptop, I could see in which restaurants he was eating, in which cafes he was drinking, and in which nightclubs he was dancing. I could also see that he went to the gay sauna at 1 am and then slept at a stranger’s house at 3 am. By making it so easy to track individuals with precision, Grindr makes its users extremely vulnerable to harassment and stalking.”
The Inquirer also reported that F*ckr users could “uncover up to 600 Grindr users within minutes.”
This is not the first time the app has been found to have major security flaws, as of March this year it was found that a site called C*ckblocked allowed users to “enter their Grindr info and see who had blocked them on the app.”
The developer of C*ckblocked, Trevor Faden, told NBC that he could then identify user’s locations, even if they had their location settings switched off, and that he could also view deleted pictures, unread messages and email addresses.
Similarly, it was discovered in 2014 that Grindr user’s exact locations could be identified, resulting in Grindr pulling out of countries such as Russia, Nigeria, Egypt, Iraq and Saudi Arabia, where it could be potentially life-threatening to be exposed as gay. Although, Queer Europe reported that it was still available in countries such as Algeria, Turkey, Belarus, Ethiopia, Qatar, Abu Dhabi, Oman, Azerbaijan, China, Malaysia and Indonesia, where being exposed as gay can be just as risky.
Since the exposé, F*ckr has been disabled by its host GitHub, while Grindr CEO Scott Chen made a statement, promising that the app “will continue trying to evolve and improve our platform.”
© 2018 GCN (Gay Community News). All rights reserved.
Support GCN
GCN is a free, vital resource for Ireland’s LGBTQ+ community since 1988.
GCN is a trading name of National LGBT Federation CLG, a registered charity - Charity Number: 20034580.
GCN relies on the generous support of the community and allies to sustain the crucial work that we do. Producing GCN is costly, and, in an industry which has been hugely impacted by rising costs, we need your support to help sustain and grow this vital resource.
Supporting GCN for as little as €1.99 per month will help us continue our work as Ireland’s free, independent LGBTQ+ media.
comments. Please sign in to comment.