Tinder Hook up App Easily Hacked to Pinpoint Location [VIDEO]


Tinder is a popular dating app used to find, while not necessarily a match made in heaven, at least a date or hook up based on photos of users and a simple profile. The designers claim the Tinder app facilitates “How people meet” and that using their hook up technology makes meeting someone like “real life, only better.” As it turns out Tinder users may have been susceptible to fallout from more than just a technological hook-up gone bad. During most of 2013, they were vulnerable to a hacker exploit that easily allowed users to pinpoint the exact physical location of other users without their knowledge.

On Tinder, after viewing another user’s profile, you can either “like” them or not. If two users “like” each other, then the opportunity to chat comes up and there it is – a date, a hook up, a book club of two, whatever floats the user’s boat. However, since the idea of Tinder is to find someone nearby to hook up with, the profiles of other Tinder users who are geographically close are the ones that show up. The fact that the app could so easily be hacked to pinpoint a user’s actual location raises the creepy stalker factor to high alert.

Include Security is the company that discovered the app hack several months ago and it is the second time that Tinder has had a security issue. While the language explaining the hack is complicated enough, as it turns out a basic knowledge of proxy servers and trigonometry was all that was needed to triangulate the location of another user to within 100 feet.

Although the company claims that the potentially dangerous breach of privacy has been resolved, the statement is couched in with a disclaimer of sorts in that Tinder says it is, “not aware” of any hackers using the exploit. The very nature of a hacker is to hack, not to be caught thus Tinder’s attempt to reassure the casual user may have been effective but techies, geeks and hackers themselves remain skeptical.

In a statement that Tinder released regarding the security breach, they said that Include Security identified an exploit that “theoretically” could have allowed the “calculation” of another user’s “known location.” Include Security specializes in keeping a step ahead of malicious hackers by “taking apart applications” and finding “really crazy vulnerabilities.” In fact, they were able to implement their own hack to the Tinder App called TinderFinder and thus the term “theoretically” as it applies to location mining, seems a bit sketchy.

Include Security has made it clear that they will not be sharing their TinderFinder app saying that the situation represents a “serious vulnerability” and that they in no way wish to help anyone “invade the privacy of others.”

Tinder has declined to explain how they have made the hook up app safer other than to state that they have implemented “remedies” and “enhancements” to the data related to geographical location.

According to Chief Marketing Officer and Co-Founder Justin Mateen, the Tinder app processes approximately 50,000 hook up requests every second and on a daily basis, there are 400 million profile views that include the rating system of “like” or not. Mateen also says the Tinder app hooks up about 4.5 million users a day and apparently some of them have even gotten married.

The demographics of these Tinder app users include children, 13 to 17 years-old who make up approximately 7 percent, and young adults 18 to 24 who make up 53 percent of the market. The fact that children are using Tinder makes the idea of a hack to the app that lets anyone easily pinpoint the location of anyone else without their express knowledge or consent a disturbing and potentially dangerous prospect.

By Alana Marie Burke
Follow me on Twitter


Include Security
Tech Crunch