Dating apps require users to disclose vulnerable information — and Lina Romay Explicit sex movie El ojete de Lulu (1986)not just someone's romantic dreams. Most times, these apps require personal data like your name, age, and location. In the case of the latter, a new paper details that, for a time, several major apps left user locations able to be exposed by potential adversaries.
In a new paper out of Belgian university KU Leuven, "Swipe Left for Identity Theft," researchers break down potential privacy risks for 15 location-based dating apps (LBDs) with at least 10 million downloads. These days, dating apps are typically location-based in order to help users find matches physically close to them. By needing location, however, it opens users up to potential risks.
SEE ALSO: Daters are changing their app locations to the Olympic VillageAll apps except one used distance between users to measure location. (That exception, TanTan — an Asian dating app — used exact coordinates one-time at the point of matching, and only if they matched.) "However, lacking sufficient protections, the availability of distances can still lead to the inference of a user's location," the paper states. "This is done through trilateration."
Trilateration is the process of determining location by measuring distances between three triangles (or circles, or spheres). There are different types of trilateration apps use to determine location. The authors — Karel Dhondt, Victor Le Pochat, Yana Dimova, Wouter Joosen, and Stijn Volckaert — found that they were able to pinpoint almost an exact location in six out of 15 apps, as TechCrunch reported.
The most common vulnerability was through "oracle trilateration," which the paper explains, "Adversaries use an oraclethat indicates through a binary signal whether a victim is located within proximity, i.e., when they are within a defined 'proximity distance' from the attacker."
Hinge, Bumble, Badoo (which is owned by Bumble), and Hily were susceptible to such trilateration.
A Hinge spokesman told Mashable:
At Hinge, the safety and privacy of our users is always a top priority. Our app is built with a privacy-by-design approach and strictly protects sensitive user data. We are proud of our state-of-the-art bug bounty program and our ongoing dialogue with researchers, which are designed to attract comments so we can make adjustments before any harm happens to our users. We reviewed the feedback from this research team when we received it in early 2023 and immediately took action where appropriate.
A Bumble spokesperson told both TechCrunch and Mashable, "We were made aware of these findings in early 2023, and swiftly resolved the issues outlined. As a global business with members in countries all over the world, we are committed to protecting our users’ privacy and have adopted a global approach to privacy compliance."
This statement applies for Badoo as well, Bumble told Mashable.
Dmytro Kononov, CTO and co-founder of Hily, shared this statement with TechCrunch:
The findings indicated a potential possibility for trilateration. However, in practice, exploiting this for attacks was impossible. This is due to our internal mechanisms designed to protect against spammers and the logic of our search algorithm...Despite this, we engaged in extensive consultations with the authors of the report and collaboratively developed new geocoding algorithms to completely eliminate this type of attack. These new algorithms have been successfully implemented for over a year now.
Grindr was vulnerable to "exact distance trilateration." This can be done when services reveal exact distances to other users. The authors were able to figure out user locations as close as 111 meters (around 364 feet). Exact distance trilateration was possible even when the distance was hidden, such as in Egypt where Grindr hides all user locations for safety reasons.
SEE ALSO: Men found a surprising new way to lie on dating apps"The proximity Grindr offers to this community is paramount in providing the ability to interact with those closest to them, Grindr's chief privacy officer Kelly Peterson Miranda told TechCrunch. "As is the case with many location-based social networks and dating apps, Grindr requires certain location information in order to connect its users with those nearby...Grindr users are in control of what location information they provide."
Finally, the app happn was vulnerable to "rounded distance trilateration," which can be done if an app utilizes a rounded location as a precaution. CEO and president of happn, Karima Ben Abdelmalek, told TechCrunch:
After review by our Chief Security Officer of the research findings, we had the opportunity to discuss the trilateration method with the researchers. However, happn has an additional layer of protection beyond just rounding distances...This additional protection was not taken into account in their analysis and we mutually agreed that this extra measure on happn makes the trilateration technique ineffective.
It appears that for apps with these vulnerabilities, the apps took measures to stop bad actors from determining user location using trilateration, with the exception of Grindr.
According to the paper, Tinder and LOVOO used "grid snapping" to prevent trilateration. Grid snapping is a technique of dividing one's location into a grid of squares. Coordinates (aka where users are) are moved to the center of these squares (Tinder) or the right side (LOVOO) and one's distance is measured from there. Therefore, their actual distance is inaccurate and can't be trilaterated.
Plenty of Fish and Meetic don't access GPS locations. While MeetMe, Tagged, and OkCupid do access this information, they convert it to the nearest town. The authors couldn't reverse engineer the information they needed for TanTan and Jaumo, so they couldn't test this method to find user locations.
The paper shows the importance of caution when using dating apps. As the paper concludes, "We hope that the awareness that we bring of these issues will lead LBD app providers to reconsider their data gathering practices, protect their APIs [application programming interfaces]from data leaks, prevent location inference, and give users control of their data and therefore ultimately their privacy."
Topics Apps & Software Privacy
CPU Price Watch: 9900K Incoming, Ryzen Cuts
Poem: “After the Loss of a Limb,” Elena Wilkinson, 1974
“Nasty Girl”: Part 2—Continuing the Reluctant Exegesis
Road Trip, 12 Cadillacs: A Letter from Patrick Leigh Fermor
Episode 4: The Wave of the Future
Solve These Word Puzzles and Win a Free Subscription
In France, Rereading Old Diaries
This Disturbing 1936 Cartoon Tells Springtime’s Origin Story
Today's Hurdle hints and answers for May 5, 2025
When Houdini Hired Lovecraft to Write for Him
TikTok wants me to host a dinner party. Is that an actual recession indicator?
Read an Interview with Paul Beatty, NBCC Fiction Winner
The Night Men with Their Rude Carts, and Other News by Dan Piepenbring
Road Trip, 12 Cadillacs: A Letter from Patrick Leigh Fermor
Is it 'Thunderbolts*' or *The New Avengers'?
Painting a Poem—Diane Szczepaniak’s Watercolors & Wallace Stevens
On Delmore Schwartz’s “The Heavy Bear Who Goes With Me”
Not Sorry: An Interview with Jeremy M. Davies
Amazon requires sellers to use more efficient packaging, or pay up
Dorothy Parker’s House
Report alleges Russia tried to use an American tech entrepreneur to hack targetsUber adds calendar shortcuts to set destinations fasterI wrote Obama's farewell address for him and here is the textWindows privacy control is about to get much betteriPhone scammer gets 16 months' jail after running a sham sale onlineMark Zuckerberg just nabbed Uber's head of policy for his charity workNYC toilets are rated by poop emoji on this InstagramExtraordinary storms blitz West with 100Samsung's foldable phone could transform into a 7Mark Zuckerberg just nabbed Uber's head of policy for his charity work'This Is Us' Spoilers: Is Toby Dead or Alive?Facebook has unveiled its Snapchat Discover cloneWith 150 million daily active users, Instagram Stories is launching adsTelegram claimed to be compromised in Trump leak dossierMark Zuckerberg made a Facebook employee 3DBumble's new video option will make dating even harderTwitter is showing some users tweets from people they don't follow (Updated)Now you can wear India's new currency notes printed on your sariTaco Bell's newest creation may be the grossest fast food invention yetExtraordinary storms blitz West with 100 Watch: Dorothy Parker “Reads” by Sadie Stein Austen's Ring, Hemingway's Endings by Sadie Stein A League of Their Own by Margaret Eby Reading Dogs, Biblical Judges, Myers What We’re Loving: Toomer, Kusama, and Train by The Paris Review Watch: Issue 201 in Action! by Noah Wunsch TPR vs. The Nation; or, The Evening Redness in Lower Manhattan by Cody Wiewandt This Side of Paradise by Rachael Maddux Salinger Foods, Austen Portraits by The Paris Review Harvard and Class by Misha Glouberman TPR Softball: Failure’s No Success at All by Cody Wiewandt Tapes on Books: Mrs. Dalloway by Christine Muhlke and Leanne Shapton Sacred Texts, Caravaggio, and Some Pigs by Sadie Stein What We’re Loving: Giant Dollhouses, Literary Art, Sade by The Paris Review Welcome, Thessaly! by Sadie Stein See You There: Paris Review at the Strand, Tomorrow! by Sadie Stein Win a Bicycle! by Lorin Stein TPR vs. High Times: Smoke ’Em If You Got ’Em by Cody Wiewandt Jane Austen, The Video Game; Katniss, the Baby. by Sadie Stein This Saturday: Help St. Marks Books Relocate by The Paris Review
2.3546s , 10141.7734375 kb
Copyright © 2025 Powered by 【Lina Romay Explicit sex movie El ojete de Lulu (1986)】,Inspiration Information Network