Grindr can tell anyone your exact location to room-level accuracy

milkboys Apps & Games, News & Articles 5 Comments

The developers of gay hook-up app Grindr have always claimed that the geo-locating functionality is vague enough to be convenient rather than unnerving. That may be true of the app itself, but the data it provides third parties can be easily exploited, according to an investigation by Queer Europe.

The site found that using a third-party app – the unimaginatively named “Fuckr” – users can uncover up to 600 Grindr users within minutes. That may sound similar to the main app, except that Fuckr deobfuscates the location, bringing it to an accuracy of 2 to 5 meters (6 to 16 feet). Given the app can also leach the photo, this is an early Christmas present to stalkers, opening to the potential to tie down users to a single room of a house.

It works through trilateration. In-app, Grindr will tell you that someone is “X feet away”, but by creating virtual accounts around the target, and then moving them closer and further away, a third-party app is able to get a more exact figure from the original data. Because Fuckr has access to Grindr’s private database, this is just scratching the surface of the information it can draw out: body type, ethnicity, HIV status, last HIV test date and the kind of sensitive sexual information you’d be unlikely to garner from a LinkedIn leak.

But it’s not just the stalking concerns which are a real problem here. Although Grindr has disabled location tracking in countries where gay men face persecution like Russia, Nigeria, Egypt, Iraq and Saudi Arabia, there are plenty of nations where it’s still enabled. In other words, gay men and trans people with Grindr accounts in Qatar, Turkey, Algeria, Abu Dhabi and the United States could be pinpointed by those looking to harass, arrest or much worse..

GitHub, which hosted the app’s repository, has disabled public access to Fuckr, but that doesn’t stop the main issue: the API is alarmingly open to abuse, and a private API in the wrong hands ceases to be private. For the time being, it’s best to disable location services for Grindr until the company gets its privacy house in order. Please stay safe.

Comments 5

  1. Sadly, knowing this is also no good when the building management in the place you live at starts aggressively hindering the enjoyment of living there. (where the male folk who are having issues with management are on grindr, and the females are either co-habiting or are single….)

    One story from like 5-6 years ago however is absolutely on the happy end side. One writer/blogger ended up in a situation where a friend of a friend was in danger during a pride event. The cops and cousin(?) managed to gather enough people to use triangulation to figure out where this individual was to keep them safe.

  2. “For the time being, it’s best to disable location services for Grindr until the company gets its privacy house in order.”

    Better yet, don’t even download/install/USE these apps until the privacy issue is resolved.

  3. As noted elsewhere, nobody uses Grindr anymore. It’s literally the worst-of-category app. This is why we’re seeing it go SJW in a desperate attempt to make people forget why it is trash (just like Nike).

Leave a Comment