Skip to Content
© Ian Allenden | Dreamstime.com
News

Scary flaw: This app was exposing precise user location

Most of our daily activities have found a way to be available online. More so in the last decade, dating has shifted to online apps too. Apps like Tinder and Bumble have exploded in popularity, especially during the pandemic.

But online dating can be a scary experience. Tap or click here for details on a recent deceptive online dating trend. For the most part, users don’t exactly know who they are chatting with, and you certainly don’t want to give out too much personal information.

To make things even scarier, a dating app has been found to have a severe flaw that compromised user’s safety. Here’s what you need to know and how to stay safe.

Here’s the backstory

Dating apps work by showing you recommended matches in or near your geographical area. It will often only show a city or district that you are in and never disclose where you live. It’s based on the premise that a user’s security is of utmost importance.

Online dating app Bumble recently had a flaw discovered that broke that premise. Anybody with a little bit of tech know-how could pinpoint the exact location of a Bumble user. This naturally poses a huge safety concern.

But there is some good news: the flaw was discovered by a software engineer at payments company Stripe, and there’s no evidence it was actively exploited. After demonstrating the flaws’ devastating effects, Bumble has since fixed it.

In a blog post, the security researcher detailed how he managed to exploit the vulnerability in the app and launch a “trilateration” attack. The most shocking thing about the flaw is that anyone could see a users’ exact location and track them throughout their day. Think about how stalkers could exploit this. Yikes!

They mainly did this by tapping into the app’s use of location-based settings. Since Bumble needs to know where you are to show potential matches, the flaw was related to this functionality.

What you can do about it

Thankfully, the vulnerability and potential security risks to Bumble users are fixed. Robert Heaton, the software engineer who found the bug, scored $2,000 for his efforts.

But the best way to prevent something like this from happening in the future is to turn off location-based settings. Just note that could impact the functionality of dating apps, and your experience would be diminished.

You could also use a VPN service like our sponsor ExpressVPN. From traveling across the globe to just going down the street to your favorite coffee shop, your private data is secured and protected with ExpressVPN.

Get the only VPN service that Kim uses on all your digital devices today: ExpressVPN. Get three extra months free when you sign up for one year at ExpressVPN.com/Kim.

Keep reading

7 tips for safe online dating: Protect your privacy while you search for the one

Apps and safety tips from an online dating pro: ‘Stop with the bathroom selfies’

Refer friends, earn rewards!

Why not share your source of digital lifestyle news, tips and advice with others? When your friends and family subscribe to Kim's free newsletters, you earn points toward awesome rewards!

Get rewarded