If you decide to sign up for a dating site, consider taking a few steps to make it harder for a dating site to easily identify you.
While there haven’t been reports about a hack of the straight-themed sister app, Blendr, security experts speculate that it suffers from a similar vulnerability. While this isn’t the case for every online dating site, Ok Cupid profiles are public by default and indexed by Google.For right now, we have to agree with Sophos security: if you’ve got a Grindr or Blendr account, you should close it at least until the security vulnerability is addressed; then keep an eye on the Grindr blog for news of a security update. It’s a simple privacy setting, but it can trip up even advanced users, as Wikileaks' Editor-in-Chief Julian Assange learned last year when his publicly-accessible Ok Cupid profile was discovered.Even something as small as a unique turn of phrase could show up in search results and bring casual visitors to your page.Some people don’t mind having an online dating site publicly indexed and searchable, but if you find the thought disquieting, then dig into your privacy settings and make sure that your profile is only viewable to other logged-in users on the site. Photo identification services like Tin Eye and Google Image Search make it a trivial matter to re-identify photos that you’ve posted online.Here are six sobering facts about online dating services and a few suggestions for routing around the privacy pitfalls. Your dating profileincluding your photos—can hang around long after you’ve moved on.
Whether you signed up on a lark or maintained an active profile for several years, your online dating profile can be lurking around long after you’ve cancelled the account.
But in Bonneau’s experiment with 16 popular websites, removing the photo from the main website didn't always remove it from the Content Delivery Network; in those cases, anyone who still had the destination URL would be able to view the photo.
This means that Content Delivery Networks can maintain caches of sensitive photos even after users “delete” them, leaving photos vulnerable to being rediscovered or even hacked in the future.
The vulnerability allows an attacker to impersonate another user, send messages on his behalf, access sensitive data like photos and messages, and even view passwords.
Grindr acknowledged the vulnerability on January 20th and promised a mandatory update to their software “over the next few days.” To date, Grindr's blog and Twitter profile do not mention a security fix for the flaw.
Using data from social networking sites sold to advertisers, Stanford researcher Arvind Narayanan demonstrated that it’s hard to truly anonymize data before it’s packaged and sold.