Connect with us

News

Grindr security flaw exposes user location data

the breach put more than three million daily users at risk

Published

on

Grindr, social media app, gay news, Washington Blade

(Logo courtesy of Grindr)

More than three million of Grindr’s daily users were temporarily put at risk because of a major security flaw in the app that was exposed by a third-party site.

C*ckblocked, a now-defunct site that allowed Grindr users to view who blocked them by entering a Grindr user name and password, was able to access user information from Grindr’s Application programming interface (API). The information included email addresses, deleted photos, personal messages and the location of users.

Trever Faden, founder of C*ckblocked, told NBC that it would be easy for anyone to access a user’s private information.

“One could, without too much difficulty or even a huge amount of technological skill, easily pinpoint a user’s exact location,” Faden told NBC. 

In a separate security issue, Faden claimed that Grindr users’ location, which must be inputed directly into the app and not via a third-party site, was not encoded and could be accessed by anyone monitoring public online traffic.

Faden emphasized that the ability to find a user’s location was “a feature, not a bug.”

NBC reports that two independent cybersecurity researchers confirmed the security flaw.

After Faden informed Grindr of the security issues, Grindr blocked the flaw that allowed third-party sites like C*ckblocked to receive data.

Grindr released a statement advising users not to use their username and password for other sites.

“Grindr moved quickly to make changes to its platform to resolve this issue. Grindr reminds all users that they should never give away their username and password to any third parties claiming to provide a benefit, as they are not authorized by Grindr and could potentially have malicious intent,” the statement reads.

However, Grindr denied that user location isn’t encoded.

“Grindr is a location-based app. Location is a critical element of our social network platform. This allows our users to feel connected to our community in a world that would seek to isolate us. That said, all information transmitted between a user’s device and our servers is encrypted and communicated in a way that does not reveal your specific location to unknown third parties,” Grindr’s Chief Technology Officer Scott Chen told the Huffington Post. 

The company also released a statement on Twitter to inform users that the problems have been addressed and to be safe using their service.

The flaw is similar to the one in the Facebook/Cambridge Analytica scandal, which allegedly exposed the personal data of 50 million users.

Advertisement
FUND LGBTQ JOURNALISM
SIGN UP FOR E-BLAST

Baltimore

Ron Singer, owner of popular Mount Vernon gay bar Leon’s, dies

66-year-old’s funeral to take place Friday

Published

on

Leon’s Backroom Bar in Mount Vernon. (Photo by Jessica Gallagher for the Baltimore Banner)

By CAYLA HARRIS | Ron Singer, the owner of Baltimore’s popular gay bar Leon’s Backroom, died Tuesday, the venue announced in a social media post. He was 66.

“For more than 20 years, Ron made Leon’s a place so many people were proud to call home,” the post reads. “He will be deeply missed.”

The Mount Vernon bar, typically open from 4 p.m. to 2 a.m. daily, is still open Thursday, but doors will close at midnight so staff can attend his funeral Friday morning. Services are scheduled to begin at 9:30 a.m. at Sol Levinson’s Chapel.

The rest of this article can be read on the Baltimore Banner’s website.

Continue Reading

Egypt

Egyptian authorities refuse to allow gay cruise to dock in country

Scarlet Lady earlier this week blocked from visiting Turkey

Published

on

Alexandria, Egypt (Photo by javarman/Bigstock)

Egyptian authorities have refused to allow a gay cruise to dock in the country.

The Scarlet Lady, a Virgin Voyages ship that Atlantis Events chartered, was to have docked in Alexandria, a port city on the Mediterranean Sea. The Washington Blade obtained a letter that Atlantis Events President Rich Campbell sent to passengers on Thursday, hours before the cruise was to have arrived.

“Early this morning, we were informed that Scarlet Lady has been denied entry into Egyptian waters and, as a result, will no longer be able to call in Alexandria today,” he wrote.

“I know how much this visit meant to so many of you,” added Campbell. “We successfully sailed a similar itinerary last year, so we were surprised by this unfortunate decision.”

Campbell noted “both the Atlantis and Virgin Voyages teams worked tirelessly to make this call in Alexandria a possibility.”

“This news came as a surprise to all of us, and we’re just as disappointed as you are,” he said.

The 10-day cruise left Athens on July 5. It is scheduled to end in Trieste, Italy, on July 15.

The ship had been scheduled to dock in Kusadasi, a Turkish resort town on the Aegean Sea, and Istanbul earlier this week. Turkish authorities refused to allow it in the country.

Former Tempe, Ariz., Mayor Neil Giuliano, who is an LGBTQ+ Victory Institute board member, is among those on the cruise.

“Just a few hours before arriving in Alexandria, Egypt — a city founded by and named for one of the ancient world’s best-known homosexuals — government authorities rescinded permission for our ship of 2,000 gay men to enter Egypt,” wrote Steve May, who is also on the ship, on Thursday in a Facebook post.

Alexander the Great founded Alexandria in 331 B.C.

“As with Turkey, we have been sent away not because of what we did, but because of who we said we are,” said May. “‘I am what I am’ is too much liberty for some to bear. So it was in the United States as well not long ago, where even I ended up as a convicted homosexual after a military trial in 2001 for saying ‘I am gay.’ This is just a reminder that for all the progress we have made, our freedom is never secure — for any of us, regardless of who or how we love. Back to Europe!”

Discrimination and persecution based on sexual orientation and gender identity is commonplace in Egypt. The Egyptian Football Association, along with the Football Federation Islamic Republic of Iran, objected to playing in the World Cup’s “Pride Match” that took place in Seattle on June 26.

Continue Reading

Florida

Former Fla. gubernatorial candidate Andrew Gillum arrested on drug charges 

Democrat narrowly lost to DeSantis in 2018, later came out as bisexual

Published

on

Andrew Gillum in 2020. (Photo public domain)

Andrew Gillum, the former Democratic nominee for governor of Florida and former mayor of Tallahassee, was arrested on drug possession charges in Alabama last week.

Police in Daphne, Ala., said they pulled Gillum over for erratic driving and found marijuana and methamphetamine in his vehicle. He was charged with possession of marijuana and unlawful possession of a controlled substance, according to the Daphne Police Department. Jail records show he was arrested on July 2 and released on July 3, the Associated Press reports.

Gillum, the first Black nominee of a major political party for governor in Florida, lost the 2018 election to current Republican Gov. Ron DeSantis in a highly contentious race.

Once considered a rising star in national politics, Gillum served in Tallahassee’s local government, first as a city commissioner and then as mayor of Florida’s capital from 2014- 2018.

The Daphne Police Department said officers stopped Gillum’s vehicle around 10:45 p.m. and initiated a probable cause search after one officer noticed a glass pipe on the center console.

During the search, officers found several rolled marijuana cigarettes and three packages containing a substance that tested positive for methamphetamine, police said.

The day after his arrest he was charged with possession of dangerous drugs, use or possession of drug paraphernalia, and possession of marijuana.

In 2020, Gillum was involved in a similar incident when he was found in a Miami Beach, Fla., hotel room with a man identified as an escort who had apparently overdosed on drugs. Police also found three bags of suspected crystal methamphetamine in the room. The man survived, and no one was ever charged with a crime.

Later that year, Gillum came out as bisexual during an appearance on “The Tamron Hall Show,” where he discussed his struggles with drug and alcohol addiction and his decision to seek treatment following the 2020 incident.

In the same interview he shed light onto this, saying his substance use was a byproduct of the emotional struggles he experienced after losing the 2018 gubernatorial race to DeSantis.

This is not the first time Gillum has faced legal scrutiny.

During his 2014 mayoral campaign, he faced allegations of misconduct after hiring private equity investor Adam Corey as his campaign treasurer, raising questions about a potential conflict of interest. However, the FBI ultimately concluded there was no conflict of interest.

Continue Reading

Popular