News
Grindr security flaw exposes user location data
the breach put more than three million daily users at risk

(Logo courtesy of Grindr)
More than three million of Grindr’s daily users were temporarily put at risk because of a major security flaw in the app that was exposed by a third-party site.
C*ckblocked, a now-defunct site that allowed Grindr users to view who blocked them by entering a Grindr user name and password, was able to access user information from Grindr’s Application programming interface (API). The information included email addresses, deleted photos, personal messages and the location of users.
Trever Faden, founder of C*ckblocked, told NBC that it would be easy for anyone to access a user’s private information.
“One could, without too much difficulty or even a huge amount of technological skill, easily pinpoint a user’s exact location,” Faden told NBC.
In a separate security issue, Faden claimed that Grindr users’ location, which must be inputed directly into the app and not via a third-party site, was not encoded and could be accessed by anyone monitoring public online traffic.
Faden emphasized that the ability to find a user’s location was “a feature, not a bug.”
NBC reports that two independent cybersecurity researchers confirmed the security flaw.
After Faden informed Grindr of the security issues, Grindr blocked the flaw that allowed third-party sites like C*ckblocked to receive data.
Grindr released a statement advising users not to use their username and password for other sites.
“Grindr moved quickly to make changes to its platform to resolve this issue. Grindr reminds all users that they should never give away their username and password to any third parties claiming to provide a benefit, as they are not authorized by Grindr and could potentially have malicious intent,” the statement reads.
However, Grindr denied that user location isn’t encoded.
“Grindr is a location-based app. Location is a critical element of our social network platform. This allows our users to feel connected to our community in a world that would seek to isolate us. That said, all information transmitted between a user’s device and our servers is encrypted and communicated in a way that does not reveal your specific location to unknown third parties,” Grindr’s Chief Technology Officer Scott Chen told the Huffington Post.
The company also released a statement on Twitter to inform users that the problems have been addressed and to be safe using their service.
As a company that serves the LGBTQ community, we understand the delicate nature of our users’ privacy. Ensuring safety and security of our users is of paramount importance to us and will continue to be our top priority. pic.twitter.com/vD2zXqxSr0
— Grindr (@Grindr) March 29, 2018
The flaw is similar to the one in the Facebook/Cambridge Analytica scandal, which allegedly exposed the personal data of 50 million users.
North Carolina
Authorities investigate officer-involved shooting outside Asheville gay bar
Incident took place near Shakey’s on Wednesday
An officer-involved shooting outside of a gay dive bar, Shakey’s, in downtown Asheville, N.C., left one man dead Wednesday.
The bar released a statement the following morning regarding the incident, stating that bar staff had asked a patron to leave earlier in the night citing concerning behavior. The bar said that later the man was spotted with a gun in the parking lot.
The bar proceeded to call 911, locked the doors to the establishment, and followed dispatcher instructions on how to keep patrons of the bar safe while officers arrived. These protocols included getting patrons away from the windows and staying low to the ground.
According to Shakey’s, shots were fired outside of the business. When the Asheville Police Department officers arrived, they fired back. The individual died from their injuries, according to the police.
“Because of everyone’s quick actions, cooperation, and concern for one another, every customer and every employee inside Shakey’s made it home safely. We are incredibly thankful,” Shakey’s said on their Instagram page. They thanked Asheville police, emergency dispatchers, EMS, and all first responders who were on scene.
On Thursday, a spokesperson for the North Carolina State Bureau of Investigation, Chad Flowers, stated that the suspect involved in the shooting was Arturo Castillo Palomar.
The Washington Blade reached out to the North Carolina State Bureau of Investigation for a comment regarding the possibility of the event being considered a hate crime. They said the issue is currently under investigation and that the findings would be turned over to the district attorney for review.
Baltimore
Popular Mount Vernon gay bar Leon’s to temporarily close after owner’s death
Ron Singer passed away on July 7
By WESLEY CASE | Leon’s Backroom, Baltimore’s oldest gay bar, temporarily shut down after service on Wednesday night, according to a post on the business’s Instagram page.
The announcement comes a little more than a week after the death of the Mount Vernon bar’s owner, Ron Singer, who died at 66 on July 7.
The rest of this article can be found on the Baltimore Banner’s website.
The Comings & Goings column is about sharing the professional successes of our community. We want to recognize those landing new jobs, new clients for their business, joining boards of organizations and other achievements. Please share your successes with us at [email protected].
Congratulations to Stuart Ortel and Scott Marker, and Dave Lyons and Rick Hardy, on the recent opening of their garden center on Route 1 in Rehoboth Beach, in the former Farmer Girl site. It is called Bay Laurel Home and Garden and debuted earlier this year. The four owners are all well known to the denizens of Rehoboth Beach.
Stuart and Scott have been active members of the Rehoboth Beach community since 1999. Stuart is a landscape architect, and has established relationships with many local folks in the building and landscape industry. When this opportunity for Bay Laurel Home & Garden presented itself, and they had the perfect team of people in place, he and Scott were committed to making it a reality. So, when Scott and Stuart introduced this opportunity to create a new garden center to Dave and Rick, they embraced the chance to cultivate a business where beautiful plants, inspiring home and garden products, and outstanding customer service come together. Dave and Rick knew about owning a business in Rehoboth as they previously owned Coho’s Market, where they discovered firsthand the value of serving their community, and the rewards of running a locally owned business.
The garden center launched with a refreshed brand identity, updated merchandising, and expanded product lines, all designed to create an inspiring and welcoming environment for your home. Bay Laurel Home & Garden offers a beautifully appointed garden center and curated home and gift shop.
The new center features a full nursery with annuals, perennials, shrubs, trees, and seasonal selections; a garden center offering pottery, fountains, and garden ornamentation, and essential tools and garden supplies. It has a garden shop featuring unique indoor/outdoor furnishings and accessories, and a gift shop featuring botanical and coastal style items for home and entertaining.
-
Maryland5 days agoParents sue Anne Arundel schools, allege officials hid child’s gender transition
-
South Carolina5 days agoWho might replace Lindsey Graham? The contenders and their LGBTQ records
-
National4 days agoDemocrats are trying to disqualify trans candidates. Here’s how
-
Photos5 days agoPHOTOS: Emerald City Pride
