Privacy, Vulnerability Management

Location-pointing vulnerability prevalent in dating apps

Smartphone with map, 3D Map pins, GPS, navigator pin checking points, 3D World Map icon, technology and application mobile smart phone with mobile, delivery tracking, transportation, generate by AI

(Adobe Stock)

Widely used dating apps Bumble, Hinge, Grindr, Baoo, happn, and Hily were found to have design vulnerabilities that could enable malicious users to identify other users' locations down to two meters through oracle trilateration, TechCrunch reports.

While all of the identified apps shared exact locations for their "filters" functionality, such an issue has already been addressed by the apps through the rounding up the exact coordinates that rendered oracle trilateration techniques ineffective, according to a study from KU Leuven researchers. Immediate remediation of the flaw was noted to have been conducted by Bumble early last year, while Hily reported looking into the issue. "...[W]e engaged in extensive consultations with the authors of the report and collaboratively developed new geocoding algorithms to completely eliminate this type of attack. These new algorithms have been successfully implemented for over a year now," said Hily co-founder and Chief Technology Officer Dmytro Kononov.

Related

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

AnonymizationBiometricsBuffer OverflowCertificate-Based AuthenticationChallenge-Handshake Authentication Protocol (CHAP)Digest AuthenticationDigital CertificateDiscretionary Access Control (DAC)GeolocationIdentity Theft

You can skip this ad in 5 seconds