A massive loophole in Grindr that allowed users to see who blocked their account has been closed.
Block.OnGrindr was used by more than 60,000 guys in its first weekend as users flocked to find out who had shunned them on the app.
DC-based developer Trever Faden exposed the massive security flaw in the app, which caused confrontations between partners and friends as they discovered their backed by lists.
Faden explained that the app currently attaches an invisible list of restricted profiles to each user’s account, so the app knows not to display guys to someone that has blocked them.
It would usually remain invisible to guys using the app as normal – but with a little effort it’s possible to retrieve the list of user IDs from the code, and find out exactly who has you blocked.
Grindr has now closed the application programming interface (API) that allowed the loophole.
Users looking to find who blocked them on Grindr are now greeted by a message that reads, “Goodbye C*ckBlocked. The first and only way to see who blocked you on Grindr.
“The API that provided for the data was patched by Grindr on March 23rd, 2018”.
More from PinkNews
|Stars You Didn't Know Were Gay Or Bisexual||The Stars You Didn’t Know Have An LGBT Sibling||The Straight Stars Who Went Gay For Pay|
Users in the US will now be unable to see who blocked them, while UK users have one last recourse.
If you’re in the UK, you still have certain rights to see information a company holds about you, which could mean any data that is held on your profile.
Developer Faden built the web tool called, ‘C**kblocked’, to let people sign into their Grindr accounts and see the list for themselves – and it’s already causing controversy.
Speaking to Queerty, Faden rightly predicted Grindr would close the loophole quickly.
He added: “I assume Grindr will shut it down within a week, or patch the API I’m using so that it no longer displays the data, but I figure in the meantime, its interesting data that could spark some silly conversations.
“Luckily, someone finding out that you blocked them on Grindr isn’t a huge security vulnerability, as much as it is an awkward conversation waiting to happen.
“That said, when you block someone on Grindr, you do assume that information will stay somewhat private.
“Sometimes that is unfortunately just an assumption, as we’ve seen with data breaches in the past at companies like Ashley Madison.
“All of this data is safe, until it’s not, which, in my opinion, just means that if you really want to keep a secret–don’t send it through the internet.”