Establishing Digital Trust: Don't Sacrifice Security for Convenience
According to the Sydney Morning Herald, a security vulnerability has been discovered that allows hackers to access the user names and passwords for members of Grindr, a location-based mobile app for gay users.
"The bug, discovered by an unnamed Australian hacker, allows unauthorized users to exploit the app's sign-in feature -- which asks for a password hash rather than a password or user name -- to access members' profiles, view and share their explicit photos and impersonate them to send chat messages," writes SecurityNewsDaily's Matt Liebowitz.
"With more than half-a-million registered users, Grindr, a free app for Android, iPhone and Blackberry launched in 2009, makes use of a smartphone's GPS to display a grid of all the men in the vicinity based on location," Liebowitz writes. "The grid includes the user's picture and how far away he is; tapping on a picture displays a brief profile (name and personal details), with the option to chat, send photos or share location."
Go to "Hacker Finds Flaw in Gay-Dating Smartphone App" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.