[ad_1]
Tinder can be known primarily as a millennial hookup app Thanks to a little pressure from a 69-year-old baby boomer, married, dating service is safer. The parent company Tinder Match Group announced this week in a letter to Oregon Democrat Ron Wyden that it will finally encrypt the photos uploaded by its users.
The change, which has been in effect for some time, but was made without any fanfare of Tinder itself, gives a little more confidence to users who worry about their privacy while not having requiring no direct action. You can now rest assured that your photos will be encrypted as they are transmitted between the application and Tinder's servers.
According to the letter spotted by The Verge sent by Jared Sine, General Counsel of Match Group, Tinder began to encrypt photos on February 4, 2018. This change comes after a number of reports that have highlighted the problem. lack of security measures taken to protect the data of Tinder users.
Last January, researchers from Ismari security company Checkmarx discovered that Tinder had failed to perform basic encryption on the photos. Theoretically, an attacker could perform a man-in-the-middle attack by connecting to the same Wi-Fi network as someone using Tinder and intercepting the images that came from the application. This includes images of potential matches. An attacker could even inject his own photos into the app, which could lead to very annoying encounters when a person's match does not look anything like his or her photo.
At the time, the researchers also pointed to an attacker to determine exactly what a Tinder user did by looking at the encrypted data, including how they slipped. While the data packets containing this information were encrypted, they were transmitted to different numbers of bytes that were relatively easy to discern from each other. For Wired a left sweep to reject a potential mark was 278 bytes, a right sweep of 374 bytes and a match of 581 bytes
This too has been corrected, by group of match. In letter addressed to Senator Wyden, the company's attorney stated that as of June 19, 2018, scan data and other actions were completed so that they appear all of the same size when they are transferred, countering any spying.
Wyden, a regular advocate of best security practices, hunted down Tinder for making the changes in February. He noted in a letter sent to the company that Tinder was already using HTTPS encryption on its website and should extend the protection to its application, which is much more popular.
"I urge Tinder to address these serious security breaches. Thus, to slip right into the privacy of the user and security," writes Wyden. 39; is a match!
[ad_2]
Source link