Rutrow! Gay hookup app Grindr has been compromised by a hacker based in Sydney, Australia, reports the Sydney Morning Herald.
The hacker found a frighteningly easy way to log in as a user other than yourself, impersonate them, and steal any and all revealing pictures that had been exchanged in “romancing” sessions.
Now Grindr CEO Joel Simkhai and his underlings are scrambling to put out a patch that blocks the security loophole. “We are certainly aware of a lot of these vulnerabilities and they will be fixed as fast as humanly possible,” he said.
But did they really know these obvious chinks in the force-field existed? Wouldn’t they have already fixed such errors in the almost 3 years the app’s been out?
An expert in the matter said that the hacking merely overcame embarrassingly low-grade security. The expert said Grindr and its pointless straight cousin Blendr “had no real security,” calling them “very poorly designed … [with] poor session security and authentication.”
Apparently the hacking website had been up and running for months before it got shut down last Friday, and any ol’ Internet Joe Schmo could access it.
The website, registered on July 14 last year, allowed the hacker to search for any Grindr user regardless of their location, and capitalised on the vulnerabilities to offer other services not designed by the apps.
Material seen by this website suggests that a number of Australian users had their Twitter profiles linked to Grindr profiles on the web page, making it easier to find users.
At one point, according to sources who saw the website before it was taken down, it listed users’ Grindr pseudonyms, passwords, their personal favourites (bookmarked friends) and allowed them to be impersonated, and thus have messages sent and received without their knowledge. At one point, the website also allowed users’ profile pictures to be replaced.
Triple S
Please don’t think Australians are like this as a whole. Most of us are really nice people and WON’T do this kind of crap. If you already knew that Australians weren’t like this, then fantastic!
Forreal
people still use grindr? sad.
jj
never take your cock shots in the same room that you take your face pics and voila! no one can link the two.
Triple S
Funny; I thought it said “Evil Aussie”. I must’ve been hallucinating…
soakman
@trope S
I know Australians too but you guys are human like everyone else. Where was the sympathy when we told the rest of the world not all Americans were dumb rich blondes or like George Bush? Not overseas, I was there.
mattsy
did u say chinks?
marc
Easy prevention …. DON’T POST COCK PICS!
Anyone else notice the recent dramatic increase in video sites that are allowing people to post videos that they clearly have screen captured from video chat sites?
so …… DON”T SHOW YOUR COCK ON VIDEO
Way too many assholes who will exploit what you do online.
jason
I think the assholes are the ones who are posting videos of their dicks. What dick-heads!!!
If this doesn’t prove that gay men are sex-obsessed idiots, nothing does.
B
No. 7 · marc “Easy prevention …. DON’T POST COCK PICS! Anyone else notice the recent dramatic increase in video sites that are allowing people to post videos that they clearly have screen captured from video chat sites?”
If they screen captured your video and posted it, you are legally the copyright owner and can send the site a DMCA takedown notice, just like the movie studios do, and use the same legal remedies. Of course, it would make a mess – maybe enough of a mess that Congress would reconsider if the DMCA is a good idea in the first place. If you need legal advise, maybe Corbin Fisher or whatever the name of that porn outfit is can give you a referral to the lawyers they use.
My guess – Congress’ll figure it is a good law as long as the ueber rich folks and their businesses use it, and figure it is a bad law if average people start using it, especially when the court system grinds to a halt.
Looks like something else to “occupy”!
Mike UK
@jason: so you’re a sex obsessed idiot then Jason!!!
SM
@mattsy
did u say chinks?
lmao