Grindr marks the end of an era this week by permanently disabling the app’s “distance” option, which allows users to see exactly how far away other users may be.
The decision to increase privacy protection for all its users comes in direct response to recent allegations that a bug in the app’s system allows tech-savvy users to pinpoint the exact location of users nearby.
The security loophole had been exposed as early as June, when users around the world started noticing messages from anonymous “bot” users informing them of their compromised privacy. Though Grindr doesn’t specifically mention the allegations, the company acknowledges a problem in a statement released to America Blog:
“In light of recent security allegations surrounding a user’s specific location, Grindr has made modifications to no longer show distance information for users. Grindr will continue to make ongoing changes to keep all users secure, as necessary.”
For the average user, turning on the app’s “distance” option wasn’t a major privacy concern. Although it calculated the estimated distance between users, the distance wasn’t guaranteed to be exact and did not indicate which direction users were in relation to each other.
The option to disclose specific distance appealed to many users who used the app to find others in specific areas. As a user in New York City, I personally found that displaying specific distance often inadvertently exposed what neighborhood other guys were in.
But the distance option has become increasingly dangerous for users in countries where being gay may be illegal or a prompt for violence. AB notes that the “European user” who discovered the security flaw also found that the distance option didn’t even need to be turned on for him to find the exact location of other users by manipulating Grindr’s servers.
Editor John Aravosis explains:
The European Grindr user was able to spoof his location to Grindr’s servers, and by doing so three times in three different virtual locations, he was able to triangulate the near-exact location of every Grindr customer who was online at that moment.
In response to the disclosure of the location of 600,000 users, Grindr has turned off its “distance” function. Grindr initially released a statement claiming that the security breach was not a glitch, but rather a feature that Grindr stood behind: “We do not view this as a security flaw.”
But as the exact location of more gay men were exposed, including one at the Republican National Committee headquarters in Washington, DC, a second at the British House of Commons, and a third inside the Russian Kremlin, Grindr finally relented.
You can check out some incriminating maps over at AB, which the anonymous European privacy advocate submitted to show the exact location where some gay men are using Grindr in Russia, and even one lone gay inside the Republican National Committee headquarters in D.C.
Grindr hadn’t mentioned when the new changes will take effect, but at time of posting, my account still displays distance. An update for the app that was released yesterday morning doesn’t indicate any update or patch to the security loophole:
The major security breach is only the most recent complaint brought against the app by disgruntled users.
Previously, at least two lawsuits involving sexual misconduct with minors have dirtied Grindr’s hands — security aside, some users believe the app doesn’t do a good enough job at vetting its users and making sure all are of age to use it.
This year alone, we’ve reported two cases in which Grindr users were murdered (and one attempted murder) after meeting men on the app. Obviously Grindr is not directly responsible for the actions and intent of its users once they meet, but Grindr’s complaint history clearly shows that privacy and protection should be their primary concern moving forward.
Do you feel safe using Grindr?
Ummmm Yeah
No. Now they can all sneak up on you, instead of just the one guy that knew how to do it before.
barkomatic
This is media sensationalism IMO. Gay men get beaten and killed after meeting people in bars and other places as well. Why not give users the option to turn off their relative distance to each other? I think Grindr has become a popular “boogeyman” in gay culture and a way to look down on others–even though the haters secretly engage in the same behaviors.
money718
Geez…what an overreaction
Blackceo
Oh no. How will the gays who hookup online survive?
vive
@Blackceo, well, users will still be sorted by distance, with the closest ones first, I assume.
Bfrenz
Lol. I found a guy few blocks away by Grindr,well I never had contacted nor he.. nothing to lose.
Larry
I feel safe using any app with location, many give your EXACT location. I have a brain to counteract anyone who is stupid enough to show up by surprise. When are gay men just going to leave the app? It is the worst one on the market, but like Apple, cons people into using it. You could no dream up an app that had fewer features.
vive
@Larry, well, I think the point is that in many countries you are not safe as a gay man. I agree that Grindr sucks, though. I think it has enough “features” but it is terribly bug-ridden and unstable, and their censorship policies to appease Apple are beyond ridiculous – for example, perfectly decent shirtless pictures routinely get cropped above the navel for no reason that makes any sense.
Michael
The last straw. I just deleted grinder from my iPhone and iPad. Yea!
damon459
I was never worried at home since every locations service get’s my actual location total wrong, in fact it lists my home being 8 houses down and 1 block over. Even my tomtom couldn’t find me house, so ya not worried at all.
1copaseticsoul
I’m confused. Because my distance feature disappeared a week ago and I just updated the app and the distance feature is back. Am I missing something here?!?!
spanky
My distance feature was not functioning for a couple days.Grindr just sent out an update now it works again? Lol
spanky
@1copaseticsoul: Mee too but it was crashing alot also…………..
Billy Budd
This is wrong and a setback.
ktwbc
if ($distance < 1km) echo "1km";
problem solved.
Good lord, people, this isn't rocket science, it's code.
Ryan26pdx
Jeezus. People could just be accountable for their actions…it’s not like the distance feature is a secret.
onthemark
If you work at the Republican Nat’l Committee or the Kremlin and you use Grindr, you are probably a thrill-seeker type. You probably like to be spanked and get CBT (and I don’t mean Cognitive Behavioral Therapy). Try Recon instead.
If you work at the British House of Commons and you use Grindr, does anyone mind?
vive
@ktwbc, that wouldn’t be good enough, since one can triangulate exact position from more than one kilometre away, unless of course ALL distances are rounded off to, say, the nearest kilometre. But then, what about rural areas where knowing the distance to the nearest kilometre might well be enough information to identify someone? So rounding is not a secure solution.
But since results are still ordered by distance, it is still easy for two “spies” in communication to triangulate the exact distance of someone. So as long as the ordering by distance stays the way it is, Grindr is no more secure than it was. To make it more secure, the ordering would also have to be randomized.