Anyone can spy on you if you’re a Tinder user
Here is how to protect against this flaw.
Everybody heard about Tinder, and some might just use it right now.
For those who don’t know what Tinder is, we will easily tell you: it is a dating and hookup app. Or if you want a more sophisticated view over Tinder we will let its officials explain it to you:
“The people we meet change our lives. A friend, a date, a romance, or even a
chance encounter can change someone’s life forever. Tinder empowers users around the world to create new connections that otherwise might never have been possible. We build products that bring people together.”
The app is straightforward to use, after registration Tinder will let you customize your profile and after it will transmit your location and info about your life to its servers. Based on location, lifestyle info and other search option that user provides, Tinder will show some other users profile images that you are allowed to like by swiping right or not by swiping left. If two users swipe left at each other profile pictures Tinders enable them to chat and probably meet.
All those interactions create a huge data flaw through their servers around 1,5 billion swipes are made by day which ends up creating 1 million dates per week.
You probably believe that Tinder has an excellent cyber defense protecting your data that is in transit between servers and other users devices to offer its users only the best confidentiality and integrity.
Confidentiality and integrity that every user wants to have it intact and untouched by any cybercriminal or stalker who might want to see what you were up to and who you like or not.
Our cybersecurity team just investigated Tinders defense systems and security. If Tinder is used through a web browser, all the traffic is sent via HTTPS which is good for users privacy and integrity.
Sadly, our team discovered that is not the case if a user decides to use Tinder app, which most of them use it.
If Tinder is used inside of a browser, it will download all the images trough port 443 HTTPS from images-ssl.gotinder.com. The images-SSL domain is stored in Amazon’s cloud which communicates only through TSL that means it will connect and receive commands only trough HTTPS, not through HTTP.
It’s not the case for Tinder’s mobile app that fetches images trough non-SSL domain that starts with http://images.gotinder.com, which means all the pictures you see can be sniffed or modified by a hacker or a stalker that uses the same Wi-Fi as you.
And this is not all, our researchers discovered, that by comparing packets length it is possible to find if a user like an image or not.
Now you might wonder what should I do not to get spy while using Tinder in public locations.
The most straightforward method is to stick to your mobile data use if you want to keep using Tinder app with no worries, if this is not possible use Tinder from browser when the connection is on a public Wi-Fi, also remember that there are many ways in which your device can be compromised, and for that it is strongly recommended the use of a security software.
Regular users are the most affected by malware this day because most of them do not care about what antivirus they have installed in their systems.
Users can download antivirus developed by our company directly by clicking the download banner from the end of the page.
Our free download antivirus can help users to protect their Mac or Windows devices against malware and adware.
We offer a free antivirus one day license to all our users who want to test the full power of our antivirus solution.
Our antivirus can detect a vast spectrum of threats, from dangerous malware to nasty browsers extensions used for mining the crypto-currency.
The antivirus our company is offered is a certified product of OPSWAT.
Most of the companies don't care about cybersecurity until they suffer a breach.
A healthy company must perform a penetration test from time to time. The penetration test must execute against all the assets of the company, including the workers who are the most vulnerable to the social engineering attacks.
A penetration test can be done either by a security specialist from inside of the company or by hiring an external cyber security company who can take care of everything.
Besides penetration test, a company must have a minimum healthy cybersecurity system installed like antivirus or firewall.
CyberByte company can perform various penetration tests on all the spectrum of PCI/DSS compliance to the red team, perimeter testing, and social engineering.
We also provide services to employee profiling and cyber threat monitoring, since most of the data breaches this day come from the inside of the company.
To check our penetration test services go to the Services tab from the main menu.
Windows users can download free antivirus solution CyberByte by clicking the banner. The free antivirus will help you to know if your PC is infected. Windows free antivirus of CyberByte is an awarded software for malware detection.
Mac / MacOS / OS X users can download free Mac antivirus solution CyberByte by clicking the banner. The free antivirus will help you to know if your Mac is infected. MacOS / OS X free antivirus of CyberByte is an awarded software for malware detection. The free antivirus for Mac is available for new MacOS and older OS X versions.
Features of CyberByte™ antivirus:
- Protects you from all kind of threats
- CyberByte™ custom detection engine includes Mac and Windows malware protection and detection
- Fastest scanning times in the market
- Crypto Mining rogue extensions/malware detection
- Ransomware detection - don’t negotiate with ransomware cyber terrorists – keep your Mac and Windows safe
- Active live protection from background
- Certified Threat Detector by OPSWAT
- Easy to Install
- Easy to Manage
- Incredible value for money
Invisible, protecting you from behind the scenes - You will not feel it is installed on your computer, easy on the resources, like a protection software should be.
Original technology that combines behavioral heuristic analysis with powerful signatures database – the CyberByte™ Protection Engine delivers top of the line protection in an instant.
Fastest scanning times in the market – your time is precious, but also so is your digital life – CyberByte™ delivers fast scanning saving both time and your valuable data.
Don’t negotiate with ransomware cyber terrorists – keep your Mac safe and don’t ever end up paying for what is already yours.
Protect others as well – the CyberByte™ Protection Engine not only detects the threat but stops it from spreading to other Macs or Windows machines.
Don’t let strangers use your resources – more than 80% of the attacks are crypto mining driven. Are you sure your computer is not mining for crypto while you read this text?
Our malware protection will continuously look after your device providing the best security against viruses. Give us the chance to prove it by downloading the antivirus for your device.
CyberByte Antivirus is a certified product by OPSWAT (OPSWAT is a San Francisco-based software company that provides solutions to secure and manage IT infrastructure. Founded in 2002, OPSWAT delivers solutions that provide manageability of endpoints and networks, and that help organizations protect against
zero-day attacks by using multiple antivirus engine scanning and document sanitization.
To learn more about OPSWAT’s innovative and unique solutions, please visit http://www.opswat.com).
CyberByte Antivirus comes in two flavors:
MacOS Version - the free download Mac antivirus available on our website (https://mac.cyberbyte.org)
Windows Version - the free download Windows antivirus available on our website (https://pc.cyberbyte.org)
The procedure is simple:
Just free download antivirus from CyberByte website either for Mac or Windows.
Install it using the antivirus installer package.
Windows and Mac users will free malware scan their devices. The scan duration depends on how many files the end user has.
CyberByte antivirus will show if any files are infected after the scan is finished.