An anonymous person is warning Grindr users that alleged security flaws in the app could allow people to know their exact location and has claimed that the company has been aware of the problem for months.
‘This year's "WTF? Why am I still using Grindr"-moment comes with the fact that it's possible to locate every single user and perform a sender spoof using the chat,’ the anonymous person posted to Pastebin.com on 16 August .
‘I know officials at Grindr have been informed several times within the past months about these issues, which would seem to imply that the concept of "social responsibility" is lost upon Grindr.
‘While you may live in a country where using Grindr is no big deal, there are countries like Sudan and Yemen where anti-gay laws have been enacted with severe consequence, e.g. the death penalty. Knowing that Grindr users in countries such as these are being put unnecessarily at a high risk should be reason enough for Grindr to change its system.
‘Even without the such a risk [sic]: Would you want it to be possible for someone to show on a map, exactly where you are to the point where they could tell if you were using Grindr in the bathroom or on the couch?
‘Geo-based (dating) apps use the location of every user to show distances to each other. Using the same process as GPS satellites, it is possible for a malicious entity to perform a lateration, sending distance-requests from three different points and using the responses to calculate the exact position of a particular user.’
The anonymous person provided a video showing how he or she claimed was possible to locate individual Grindr users around the world to illustrate how governments or police forces in hostile countries could potentially track down users of the app.
He or she also claims to have messaged 100,000 users in 70 countries with laws criminalizing homosexuality to alert them about the issue.
However, despite the apparent issue being made public for a week now, Grindr has not addressed the claims via its official blog or social media accounts.
It is unlikely that anyone without significant IT skills would be able to track individual users.
Grindr celebrated the 5 year anniversary of its initial launch in March of this year, telling users, ‘thanks again for helping make Grindr the app it is today.’
Grindr responded to GSN, saying the security of their users is their priority.
'We don’t view this as a security flaw,' said a spokesperson for Grindr.
'As part of the Grindr service, users rely on sharing location information with other users as core functionality of the application and Grindr users can control how this information is displayed.
'For Grindr users concerned about showing their proximity, we make it very easy for them to remove this option and we encourage them to disable ‘show distance’ in their privacy settings. As always, our user security is our top priority and we do our best to keep our Grindr community secure.'