Dating apps require users to disclose vulnerable information — and phim sex vn co tieng vietnot just someone's romantic dreams. Most times, these apps require personal data like your name, age, and location. In the case of the latter, a new paper details that, for a time, several major apps left user locations able to be exposed by potential adversaries.
In a new paper out of Belgian university KU Leuven, "Swipe Left for Identity Theft," researchers break down potential privacy risks for 15 location-based dating apps (LBDs) with at least 10 million downloads. These days, dating apps are typically location-based in order to help users find matches physically close to them. By needing location, however, it opens users up to potential risks.
SEE ALSO: Daters are changing their app locations to the Olympic VillageAll apps except one used distance between users to measure location. (That exception, TanTan — an Asian dating app — used exact coordinates one-time at the point of matching, and only if they matched.) "However, lacking sufficient protections, the availability of distances can still lead to the inference of a user's location," the paper states. "This is done through trilateration."
Trilateration is the process of determining location by measuring distances between three triangles (or circles, or spheres). There are different types of trilateration apps use to determine location. The authors — Karel Dhondt, Victor Le Pochat, Yana Dimova, Wouter Joosen, and Stijn Volckaert — found that they were able to pinpoint almost an exact location in six out of 15 apps, as TechCrunch reported.
The most common vulnerability was through "oracle trilateration," which the paper explains, "Adversaries use an oraclethat indicates through a binary signal whether a victim is located within proximity, i.e., when they are within a defined 'proximity distance' from the attacker."
Hinge, Bumble, Badoo (which is owned by Bumble), and Hily were susceptible to such trilateration.
A Hinge spokesman told Mashable:
At Hinge, the safety and privacy of our users is always a top priority. Our app is built with a privacy-by-design approach and strictly protects sensitive user data. We are proud of our state-of-the-art bug bounty program and our ongoing dialogue with researchers, which are designed to attract comments so we can make adjustments before any harm happens to our users. We reviewed the feedback from this research team when we received it in early 2023 and immediately took action where appropriate.
A Bumble spokesperson told both TechCrunch and Mashable, "We were made aware of these findings in early 2023, and swiftly resolved the issues outlined. As a global business with members in countries all over the world, we are committed to protecting our users’ privacy and have adopted a global approach to privacy compliance."
This statement applies for Badoo as well, Bumble told Mashable.
Dmytro Kononov, CTO and co-founder of Hily, shared this statement with TechCrunch:
The findings indicated a potential possibility for trilateration. However, in practice, exploiting this for attacks was impossible. This is due to our internal mechanisms designed to protect against spammers and the logic of our search algorithm...Despite this, we engaged in extensive consultations with the authors of the report and collaboratively developed new geocoding algorithms to completely eliminate this type of attack. These new algorithms have been successfully implemented for over a year now.
Grindr was vulnerable to "exact distance trilateration." This can be done when services reveal exact distances to other users. The authors were able to figure out user locations as close as 111 meters (around 364 feet). Exact distance trilateration was possible even when the distance was hidden, such as in Egypt where Grindr hides all user locations for safety reasons.
SEE ALSO: Men found a surprising new way to lie on dating apps"The proximity Grindr offers to this community is paramount in providing the ability to interact with those closest to them, Grindr's chief privacy officer Kelly Peterson Miranda told TechCrunch. "As is the case with many location-based social networks and dating apps, Grindr requires certain location information in order to connect its users with those nearby...Grindr users are in control of what location information they provide."
Finally, the app happn was vulnerable to "rounded distance trilateration," which can be done if an app utilizes a rounded location as a precaution. CEO and president of happn, Karima Ben Abdelmalek, told TechCrunch:
After review by our Chief Security Officer of the research findings, we had the opportunity to discuss the trilateration method with the researchers. However, happn has an additional layer of protection beyond just rounding distances...This additional protection was not taken into account in their analysis and we mutually agreed that this extra measure on happn makes the trilateration technique ineffective.
It appears that for apps with these vulnerabilities, the apps took measures to stop bad actors from determining user location using trilateration, with the exception of Grindr.
According to the paper, Tinder and LOVOO used "grid snapping" to prevent trilateration. Grid snapping is a technique of dividing one's location into a grid of squares. Coordinates (aka where users are) are moved to the center of these squares (Tinder) or the right side (LOVOO) and one's distance is measured from there. Therefore, their actual distance is inaccurate and can't be trilaterated.
Plenty of Fish and Meetic don't access GPS locations. While MeetMe, Tagged, and OkCupid do access this information, they convert it to the nearest town. The authors couldn't reverse engineer the information they needed for TanTan and Jaumo, so they couldn't test this method to find user locations.
The paper shows the importance of caution when using dating apps. As the paper concludes, "We hope that the awareness that we bring of these issues will lead LBD app providers to reconsider their data gathering practices, protect their APIs [application programming interfaces]from data leaks, prevent location inference, and give users control of their data and therefore ultimately their privacy."
Target Free Family Saturday at JANM to Celebrate Hapa Exhibition
Mark Hamill finally got his Hollywood star of fame flanked by stormtroopers
Mark Hamill finally got his Hollywood star of fame flanked by stormtroopers
This princess just became the first British royal to create a personal Instagram
Santa Barbara Obon Making a Comeback
Report: Rex Tillerson learned of firing from Trump's tweet
Chrissy Teigen trolls her friends on Instagram with news of her dog passing away
'The New York Times' profiled the most selfish person in America
50th Anniversary Ikenobo Exhibition at JACCC
Jennifer Lawrence is a germaphobe and thinks 'dick is dangerous'
Tough Love
This good corgi was fat
A dispute between two countries slowed clocks down across Europe by six minutes
Twitter users retweet fake news almost twice as much as real news
Obon Carnival and Dance at Nishi Hongwanji
Guy maps 28 days of Tinder in 1 fascinating chart
Ricky Gervais and 'God' just had a glorious Twitter exchange
A chicken laid a huge egg with another egg already inside it
'Helldivers 2' EAT
LG 15" UT70 LED webOS TV deal: Get $200 off
Melania Trump's new hat helpfully reminds us that she is FLOTUS'Trumping' is the newest and best way to shut things down on TinderPerfect photobomb turns lady into a beautiful butterflyWoman creates board game about arranged marriages based on her experience getting out of oneAlligator swims over fence and enters woman's flooded backyard in TexasThis woman's message exchange with her grandma has gone gloriously viralNorth Korea just released a bizarre propaganda video... of people dancing?Adorable dad stranded by Harvey tags along to daughter's grad school classesThere's a shoplifting subreddit. Morals not welcome.Couple finally completes 40 How Tesla super fans get the add BioWare's beloved Mass Effect series is coming to PS5, Xbox Series X iPhone 12 production might be affected by power chip shortage Can you name the 3 branches of government? This meme offers up some, uh, creative answers. 'Spider 'Little Hope' conjures witchy best for new Dark Pictures game: Review Mariah Carey kicks off the holiday season, those are the rules Zoom's new feature makes sure you'll catch every word of the meeting Twitter continues to label Trump's misinformation about vote count Motorola changes Razr shipping to keep fingerprints off new phones
0.1563s , 8179.78125 kb
Copyright © 2025 Powered by 【phim sex vn co tieng viet】Bumble, Hinge, and other apps had to fix privacy risk, study says,Feature Flash
