Reader comments · Tipster alerts Grindr users of location-based security breach - PinkNews · PinkNews


Tipster alerts Grindr users of location-based security breach

  • rg

    the possibility of triangulating actual location from location based apps should have been obvious to anyone who’s ever studied geometry, and I’m struggling to understand how auth would help. even if you required authentication one could still spoof gps location and obtain the information. an actual fix would be to add a degree of inaccuracy to the reported location, but even then, given enough time, a determined attacker could probably identify a home location statistically from repeated measurements.

    • psjw12

      Yes rg you’re perfectly correct. Most applications work by sending their location and send results back of users distance. Simple geometry gives you their exactly location. I’m amazed they’ve now only made a thing of it!

    • babbo natale

      Good comment! Let me add that even if not showing distance, but only showing guys in order based on distance, the position computation can be made, by adding a fake movable reference profile.

  • Jason Peil

    Basically if you want to be found, post your personal data online. Don’t be fooled.

  • psjw12

    I’m very surprised that it’s taken this long for the article to get to the press. I found this flaw on grindr when it first came out in beta. Grindr app sends web requests which contain your own current location to the server which responds with a list of nearby users and their distance. Repeat twice more and you’ve got their location.
    There’s no point in hiding your distance because Grindr still sends it in web request, with a little flag that says ‘don’t show my distance’ which only the client application will listen too. How do you think Grindr still sorts guys by distance?

  • Balance

    Would it be feasible to ban aps (and mobile phone companies) from measuring this data so exactly? If it were possible to put “blunter” sensors at the antennae or in the mobile device, maybe we would all be a bit safer. The law could then make it illegal to collect date more accurate than say to a quarter of a mile and then the triangulation might only give you something to the nearest eighth of a mile? I’m no techie, so I don’t know if this is possible (yet) but it should be done by law to protect the technologically innocent from gangsters.

    • Balance

      It may be possible by simply restricting the number of decimal places that can be stored in the fields in the database. Also I remember that when 3G came out, people said it was more accurate. So what physically changed from 2G?

  • banana


    • banana

      Though I will agree “…the concept of ‘social responsibility’ is lost upon Grindr.” is so incredibly accurate

  • Garry

    This doesn’t concern me as I’ve yet to meet someone from Grindr I believe to be capable of geometry.

    I might have washed my scornflakes down with haterade this morning though…

  • babbo natale

    Hey, I am happy this is the first site where in the comments somebody knows a little geometry! I spent the last 20 minutes posting comments to american sites to explain this!

These comments are un-moderated and do not necessarily represent the views of PinkNews. If you believe that a comment is inappropriate or libellous, please contact us.