As our researchers found out, one of the most insecure apps in this respect is Mamba. The analytics module used in the Android version does not encrypt data about the device model, serial number, etc.
There was a problem providing the content you requested
Such data is not only viewable, but also modifiable. However, our researchers were able to intercept Zoosk data only when uploading new photos or videos — and following our notification, the developers promptly fixed the problem. When using the Android versions of Paktor, Badoo, and Zoosk, other details — for example, GPS data and device info — can end up in the wrong hands. It turned out that most apps five out of nine are vulnerable to MITM attacks because they do not verify the authenticity of certificates.
1. OkCupid
And almost all of the apps authorize through Facebook, so the lack of certificate verification can lead to the theft of the temporary authorization key in the form of a token. Regardless of the exact kind of data the app stores on the device, such data can be accessed with superuser rights. This concerns only Android-based devices; malware able to gain root access in iOS is a rarity.
The result of the analysis is less than encouraging: Eight of the nine applications for Android are ready to provide too much information to cybercriminals with superuser access rights.
As such, the researchers were able to get authorization tokens for social media from almost all of the apps in question. The credentials were encrypted, but the decryption key was easily extractable from the app itself.
Tinder, Bumble, OkCupid, Badoo, Happn, and Paktor all store messaging history and photos of users together with their tokens. Thus, the holder of superuser access privileges can easily access confidential information.
If not stealing, then extorting. Alexandra Golovina 3 posts. Are dating apps safe? October 25, Privacy Special Projects. Unprotected data transfer Most apps transfer data to the server over an SSL-encrypted channel, but there are exceptions.
Researchers: Redesign dating apps to overcome racial bias
Superuser rights Regardless of the exact kind of data the app stores on the device, such data can be accessed with superuser rights. Letting users search, sort and filter potential partners by race not only allows people to easily act on discriminatory preferences, it stops them from connecting with partners they may not have realized they'd like. Users who get messages from people of other races are more likely to engage in interracial exchanges than they would have otherwise. This suggests that designing platforms to make it easier for people of different races to meet could overcome biases, the authors said.
The Japan-based gay hookup app 9Monsters groups users into nine categories of fictional monsters, "which may help users look past other forms of difference, such as race, ethnicity and ability," the paper says. Other apps use filters based on characteristics like political views, relationship history and education, rather than race.
Dating apps change how people think about intimacy | Life + Entertainment | www.mfarrow.com
In addition to rethinking the way searches are conducted, posting policies or messages encouraging a more inclusive environment, or explicitly prohibiting certain language, could decrease bias against users from any marginalized group, including disabled or transgender people. For example, Grindr published an article titled "14 Messages Trans People Want You to Stop Sending on Dating Apps" on its media site, and the gay dating app Hornet bars users from referring to race or racial preferences in their profiles.
Scientists find increase in asteroid impacts on ancient Earth by studying the moon University of Toronto Another piece of Ebola virus puzzle identified Texas Biomedical Research Institute Long periods of undisturbed sleep during pregnancy may be associated with stillbirth Michigan Medicine - University of Michigan Stress fracture?