#privacy

Is Grindr Usage Putting You At Risk? Shocking Video: People Can Find Your Exact Location.

Grindr is amazing.  It gives you the ability to see that you are not the only person lin your town looking for a quickie, excuse me, a date. In most major cities in the nation, you can see three to five pages of men less than 900 feet away.  Some Grindr users do not wish to have their distance from you shared, which is their own choice for whatever reasons, but don't we just look at the man before and after him and guess his distance? Now picture yourself in a nation where being gay is illegal and the punishment is death. Do you think it would be benificial to have your location shared?

Grindr removed the distance location feature back in 2014 but soon reinstated it after receiving user complaints (September 2014 Grindr Reinstates Distance Feature On App).  Was this a good idea?  I am sure 'Merikans thought so, but what about users in other nations?

September 2014 Grindr Warns Egyptians About Risks Of Using The App, we shared:

Grindr was under criticism this summer for a design feature that might allow the network to be used to pinpoint the exact location of users. The English-language Egyptian publication the Cairo Scene published a story on September 2 that said Grindr was a primary tool for these schemes, but the story included no evidence of documented cases and human rights activists in Egypt say they know of no confirmed cases of entrapment through Grindr or other social media applications designed exclusively for mobile phones.

Other apps have worked with certain regions of the world to protect app users in our November 2017 Exclusive Interview with Coley Cummiskey: The Man Behind the Creation & Success of GROWLr, we learned of his work with protecting GROWLr app users.

One of the main things we do is that the app has the option to hide your location.  That’s not just on the profile but behind the scenes, too. If you select that option, there will be no internal data regarding your location, no latitude, no longitude, nothing. We are used in some of those nations that are using the apps to track down people.  We had a gay advocacy group from the Middle East work with our app to identify and establish safety measures. They actually traveled to me here in Seattle to meet.  It was so important to them and we definitely worked with them and were excited and honored to do so.  It was a great experience. And the Middle East is one of our more popular areas.

That interview was shortly after October 2017 when we posted: Egyptian Authorities Are Using Grindr To Lure & Arrest Gay Men and then in April 2018  Grindr is sharing your HIV Status as well as other personal info!

What is the status of Grindr user location information?   Take a look at this horrific video shared on QueerEurope's Twitter account that made my jaw drop.

Earlier in the year it was revealed that a security flaw made it possible to determine not only the location, but also the HIV status of Grindr users. Months down the line, Grindr is still exposing the precise location of its users by failing to block third-party access to a private API.

Using a trilateration technique, and exploiting the fact that Grindr lets users know -- with some degree of accuracy -- how far away they are from others, it is very easy for just about anyone to build a tool that shows precise locations.

...

The Grindr API allows unofficial apps like Fuckr to make 600 API request every second, making it possible to quickly track the locations of numerous people. But more than this, it is also possible to cross-reference the Grindr database and pull up a huge amount of information about users, all of which can be posted on an interactive map. - QueerEurope.com

Imagine that guy that you just cannot shake from another app finds you on Grindr and physically hunts you down. Imagine the police using this in anti-LGBT nations to hunt down fellow queer folk.

Definitely check out more at QueerEurope.com as they go into more detail about how to triangulate Grindr users. 

Does this make you feel safe? 

h/t  :  betanews.com, QueerEurope.com

Scruff's CEO Talks About Two Major Alterations to the Hookup and Dating App

The Advocate has shared excerpts of an email from Scruff’s CEO and cofounder Eric Silverberg about two major changes that just hit the site.

Since August 17, the app no longer features programmatic advertising (third-party ads that target users via data provided by the app), and the app no longer requires you to provide your race/ethnicity.

According to The Advocate, Scruff’s advertising will now incorporate partnerships with “LGBTQ nonprofits, health, and advocacy groups, as well as lifestyle and travel companies.”

“Scruff members can be assured that their data will be used only to help them meet and connect with other guys,” Silverberg told the mag, “not to target shady advertising for products or apps nobody would want or use anyway.”

“Though this decision will cost Scruff revenue in the short-term, we believe it is the right long-term decision because it creates the best experience for our community.”

The E.U.’s General Data Protection Regulation went into effect in May 2018. This made programmatic advertising “impossible” in Europe, says Silverberg. "It didn’t feel ethical for us to hold U.S. [and international] users to a different, arguably lower standard of privacy than E.U. users.”Your Scruff account and your Facebook account can’t communicate anymore, either. Silverberg told The Advocate that this is because of the controversy surrounding Facebook data and the 2016 presidential election.

It sounds like Scruff is doing what needs to be done to steer clear of the kind of poor publicity that Grindr has been experiencing. Grindr, the most popular gay hookup app, has been in all kinds of hot water this year— for poor security, the sharing of users’ private info with third parties, the fact that in some areas it’s basically just a market for crystal meth… the list goes on.

Scruff has over 12 million members in 180 countries. By comparison, Grindr is available in 192 countries, and has amassed over 27 million users worldwide.

For more about the new changes to Scruff, as well as Silverberg’s thoughts on Grindr’s new “Kindr” initiative, head over to The Advocate.

Grindr is sharing your HIV Status as well as other personal info!

According to extrapolated data from a research analysis, it has been revealed that Grindr is sharing your HIV status (among other sensitive data) with two other independent companies. This news has been independently verified by BuzzFeed News and confirmed by cybersecurity experts who analyzed data captured by the Norwegian nonprofit SINTEF.  

Apptimize and Localyptics, the two companies in question, seek to help other mobile companies including Grindr optimize their apps. It’s been confirmed they receive private and personal information from Grindr profiles such as HIV statuses, “last tested dates,” and more.

According to Antoine Pultier, a researcher at SINTEF, the nonprofit that first identified the data breach, specific users and their HIV status could be identified because HIV information is sent together with other user data such as GPS location, phone ID, and email. Pultier specified that the HIV data on Grindr is linked with other information and it may be due to incompetence from some developers that happened to send along all information including private and personal data.

The app, which offers free ads for HIV-testing sites and debuted an optional feature that would remind users to get tested every few months, is now being called into question for how seriously it takes its users data.

SINTEF’s analysis also showed that Grindr was sharing additional user information like their precise GPS position, “Tribe” (meaning what gay subculture they identify with), sexuality, relationship status, ethnicity, and phone ID to other data collectors and advertising agencies. Some of which was sometimes shared via “plain text,” which can be easily hacked from outside sources.

“It allows anybody who is running the network or who can monitor the network – such as a hacker or a criminal with a little bit of tech knowledge, or your ISP or your government – to see what your location is,” Cooper Quintin, a senior staff technologist and security researcher at the Electronic Frontier Foundation, told BuzzFeed News.

“When you combine this with an app like Grindr that is primarily aimed at people who may be at risk – especially depending on the country they live in or depending on how homophobic the local populace is – this is an especially bad practice that can put their user safety at risk,” Quintin added.

Under the app’s HIV status category, users can select from a variety of statuses, which include whether the user is positive, positive and on HIV treatment, negative or negative and on PrEP. The app also links to a sexual health FAQ about HIV and how to get PrEP in your local area.  

Following the disclosure of HIV status, questions are now being raised about Grindr’s privacy policy, which states:

“You may also have the option to provide information concerning health characteristics, such as your HIV status, or Last Tested Date. Remember that if you choose to include information in your profile, and make your profile public, that information will also become public.”

However, despite this, the average person may not comprehend or fully consider what they’ve agreed to when signing up. A few experts are now arguing that Grindr should be more specific in its user agreements about how its using their data.

“What the law regards as informed consent is in almost all instances uninformed consent,” Ben Wizner, director of the ACLU Speech, Privacy, and Technology Project, told BuzzFeed News. “I hope that one small silver lining here will be that users and citizens will realize that there are enormous loopholes in the privacy regime and that personal information is bought and sold freely on a global market.”

 

h/t: BuzzFeed