Tinder user photos are now encrypted
In January, a security firm discovered that photos exchanged on Tinder weren’t encrypted. If the firm connected to the same network as someone using the dating app, pics could be intercepted on their way between the app and the service’s servers. Senator Ron Wyden (D-OR) wrote to the company shortly thereafter expressing concern over the vulnerability, but today Tinder wrote back assuring him that all photos are now encrypted, allowing you to upload your lovely or lascivious images securely.
So, um, this is pretty weird. Apparently Senator Wyden just got Tinder to properly encrypt your swipe data, so you can all get it on in private. pic.twitter.com/BniAVUi77Q
— Matthew Green (@matthew_d_green) June 29, 2018
Why wait so long? According to the above letter sent to Sen. Wyden, Tinder encrypted photos by February 4th, but waited to announce it until they’d fixed another issue. See, when the security firm sat on the same network as a Tinder user, they could see data transferred — and discovered the actions to swipe left and right weren’t the same size, effectively clueing them in on user behavior. The company waited to reply to Wyden until it had adjusted the swipe data to be of identical size, a fix implemented on June 19th.
(14)
