Dating Apps Expose Users' Locations to Stalkers

A recent study has uncovered significant vulnerabilities in the design of several popular dating apps, including Bumble and Hinge, which could allow malicious users to track victims' locations with alarming precision, down to just 2 meters. The research identified that apps such as Badoo, Grindr, and happn also shared this critical flaw, which stems from their use of exact location data for filtering features, despite not displaying precise locations on user profiles. The researchers employed a technique known as "oracle trilateration," which utilizes three known points to determine a target's location. This method, akin to GPS technology, enables an attacker to triangulate a victim's position based on proximity distances. Karel Dhondt, one of the researchers, expressed surprise that these vulnerabilities persisted in widely used applications, highlighting a concerning oversight in app security. In response to the findings, representatives from the affected apps confirmed that they have since implemented changes to their distance filtering systems to mitigate these risks. Bumble's vice president of global communications, Gabrielle Ferree, stated that the company promptly addressed the issues after being informed in early 2023. Meanwhile, Grindr acknowledged the potential risks but defended its proximity feature as essential for connecting users within the LGBTQ+ community, emphasizing that users have the option to disable location visibility. While the vulnerabilities have been addressed, the research serves as a reminder of the ongoing challenges in ensuring user safety within location-based social networks and dating applications.