Grindr and other gay dating apps continue to expose the exact location of their users.
That’s according to a report from BBC News, after cyber-security researchers at Pen Test Partners were able to create a map of app users across the city of London — one that could show a user’s specific location.
What’s more, the researchers told BBC News that the problem has been known for years, but many of the biggest gay dating apps have yet to update their software to fix it.
The researchers have apparently shared their findings with Grindr, Recon and Romeo, but said only Recon has made the necessary changes to fix the issue.
The map created by Pen Test Partners exploited apps that show a user’s location as a distance “away” from whoever is viewing their profile.
If a person on Grindr shows as being 300 feet away, a circle with a 300-foot radius can be drawn around the user looking at that person’s profile, as they are within 300 feet of their location in any possible direction.
But by moving around the location of that person, drawing radius-specific circles to match that user’s distance away as it updates, their exact location can be pinpointed with as little as three distance inputs.
Using this method — known as trilateration — Pen Test Partners researchers created an automatic tool that could fake its own location, generating the distance info and drawing digital rings around the users it encountered.
They also exploited application programming interfaces (APIs) — a core component of software development — used by Grindr, Recon, and Romeo which were not fully secured, enabling them to generate maps containing thousands of users at a time.
“We think it is absolutely unacceptable for app-makers to leak the precise location of their customers in this fashion,” the researchers wrote in a blog post. “It leaves their users at risk from stalkers, exes, criminals and nation states.”
They offered a couple of solutions to fix the problem and prevent users’ location from being so easily triangulated, including limiting the exact longitude and latitude data of a person’s location, and overlaying a grid on a map and snapping users to gridlines, rather than specific location points.
“Protecting individual data and privacy is hugely important,” LGBTQ rights charity Stonewall told BBC News, “especially for LGBT people worldwide who face discrimination, even persecution, if they are open about their identity.”
Recon has since made changes to its app to hide a user’s precise location, telling BBC News that though users had previously appreciated “having accurate information when looking for members nearby,” they now realize “that the risk to our members’ privacy associated with accurate distance calculations is too high and have therefore implemented the snap-to-grid method to protect the privacy of our members’ location information.”
Grindr said that user’s already have the option to “hide their distance information from their profiles,” and added that it hides location data “in countries where it is dangerous or illegal to be a member of the LGBTQ+ community.”
But BBC News noted that, despite Grindr’s statement, finding the exact locations of users in the UK — and, presumably, in other countries where Grindr doesn’t hide location data, like the U.S. — was still possible.
Romeo said it takes security “extremely seriously” and allows users to fix their location to a point on the map to hide their exact location — though this is disabled by default and the company seemingly offered no other suggestions as to what it would do to prevent trilateration in future.
In statements to BBC News, both Scruff and Hornet said they already took steps to hide user’s precise location, with Scruff using a scrambling algorithm — though it has to be turned on in settings — and Hornet employing the grid method suggested by researchers, as well as allowing distance to be hidden.
For Grindr, this is yet another addition to the company’s privacy woes. Last year, Grindr was found to be sharing users’ HIV status with other companies.
Grindr admitted to sharing users’ HIV status with two outside companies for testing purposes, as well as the “last tested date” for those who are HIV-negative or on pre-exposure prophylaxis (PrEP).
Grindr said that both firms were under “strict contractual terms” to provide “the highest level of confidentiality.”
But the data being shared was so detailed — including users’ GPS data, phone ID, and email — that it could be used to identify specific users and their HIV status.
Another insight into Grindr’s data security policies came in 2017 when a D.C.-based developer created a website that allowed users to see who had previously blocked them on the app — information that is normally inaccessible.
The website, C*ckBlocked, tapped into Grindr’s own APIs to display the data after developer Trever Faden discovered that Grindr stored the list of who a user had both blocked and been blocked by in the app’s code.
Faden also revealed that he could use Grindr’s data to generate a map showing the breakdown of individual profiles by neighborhood, including information such as age, sexual position preference, and general location of users in that area.
Grindr’s location data is so specific that the app is now considered a national security risk by the U.S. government.
Earlier this year, the Committee on Foreign Investment in the United States (CFIUS) told Grindr’s Chinese owners that their ownership of the dating app was a risk to national security — with speculation rife that the presence of U.S. military and intelligence personnel on the app could be to blame.
That’s in part because the U.S. government is becoming increasingly interested in how app developers handle their users’ personal information, particularly private or sensitive data — such as the location of U.S. troops or an intelligence official using the app.
Beijing Kunlun Tech Co Ltd, Grindr’s owner, has to sell the app by June 2020, after only taking total control of it in 2018.