#Fail: Tinder Doesn’t Use HTTPS To Secure Photos

According to a security researcher, Tinder, yes that Tinder, lacks basic HTTPS encryption for its photos, enabling any marginally tech savvy person using Wi-Fi to spy on a user’s pics. On top of that, they could also exploit the lack of HTTPS to insert their own images into a user’s photo stream.

Now that’s not the kind of insertion a lot of Tinder fans would be looking for.

There’s also the possibility that embarrassing info could leak out. Which of course would be bad. It’s all explained on this blog post from Israeli cyber security firm Checkmark. It’s a very interesting read and worth the time for any Tinder user to peruse before the swipe left, or right, or whatever you’re supposed to do on Tinder. Checkmark says it alerted Tinder to the vulnerabilities and exploit potential, but the company has yet to respond or fix the security holes. But they did respond to Wired when they started asking questions and said that they’re working on it and that the web app does use HTTPS.

So for those of you who use Tinder, will that make you stop using Tinder for whatever you use it for? Not that there’s anything wrong with using Tinder.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: