Sci-tech

Dating site security flaws fixed

Dating site security flaws fixed”

"Every maker and user of a dating app should pause for a moment to reflect on what more can be done around security, especially as we enter what could be an imminent cyber pandemic", Oded Vanunu, head of Products Vulnerability Research at Check Point said in a statement. It is always advised to use strong passwords and to not give away too much personal information on a dating app.

The vulnerabilities if exploited would have exposed user data including their stated characteristics, pictures, and other details.

During the reverse engineering process, Check Point researchers discovered that the app is opening a WebView (and enables JavaScript to execute in the context of the WebView window) and loads remote URLs such as https://OkCupid.com, https://www.OkCupid.com, and more.

In addition to dating preferences and messages, the flaws also opened a way to glean other intimate information related to the victim, including their age, location, religion, sexual orientation as well as professional background and the kind of lifestyle they prefer.

More news: Lingard reflects on difficult season with Utd

Researchers said, to carry out an attack, hackers would first generate a malicious link containing a payload and then send it to an unsuspecting OkCupid user.

CheckPoint revealed its findings to OKCupid, and developers have actually repaired the flaws within 2 days. Luckily, OKCupid says no users were affected by the vulnerabilities. However as CheckPoint explains, this is a reminder that, while dating apps consist of sensitive and personal info, they might not be as safe as we 'd like. Both those loopholes could be combined to let a hacker send specially crafted links to users and steal their personal data. "How easily can someone I don't know access my most private photos, messages and details?" Bumble asks users to verify their identities with selfies. Earlier this year, a study accused Grindr, OKCupid and Tinder of sharing sensitive data.

Check Point Research spotted some vulnerabilities on the OkCupid app that may have "allowed attackers to" control an account to some degree. OKCupid particularly was implicated of sending information on substance abuse, ethnic background and political views to the analytics firm Braze.

"Not a single user was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours", OkCupid responded to Check Point on its discovery.



Like this

loading...
loading...

Latest


01 August 2020
Ellen Degeneres Show producers accused of sexual misconduct
If not for COVID, I'd have done this in person, and I can't wait to be back on our stage and see you all then. Ellen DeGeneres has apologised to her staff amid allegations of a toxic work environment on her talk show .

01 August 2020
Rep. Jordan questions Dr. Fauci on how protests are contributing to pandemic
That includes the need to wear masks, avoid crowds and practice good hand hygiene, he said. As a result, the United States' baseline of transmission was higher than Europe.

01 August 2020
COVID-19 app, backed by federal government, now available
Canadians can download the app to their mobile phones, which will use bluetooth technology to exchange signals with nearby phones. The government describes it as an exposure notification app - not a contact-tracing app - as it does not track personal data.

01 August 2020
Ghislaine Maxwell Loses Late Bid to Block Deposition's Release, Quickly Appeals
Maxwell's deposition transcript is substantially outweighed by the compelling interest in ensuring her right to a fair trial". The late financier has previously been linked to a host of high-profile business leaders, scientists, royals and politicians.

01 August 2020
Is CDC Study of Summer Camp Outbreak A Harbinger of Schools Reopening?
High Harbour Camp closed after a teen counselor tested positive for COVID-19, McClatchy News previously reported. After excluding out-of-state attendees, researchers examined data from 597 Georgia residents at the camp.

01 August 2020
British Grand Prix: Hulkenberg to stand in for Perez at Silverstone
He arrived at Birmingham Airport at 7pm from Cologne in Germany on Thursday night before travelling down to Northamptonshire. Perez said the positive test was a hard thing to stomach given the competitiveness of Racing Point's 2020 auto .

01 August 2020
DeGeneres apologizes to show's staff amid workplace inquiry
In it, she says that when The Ellen DeGeneres Show started she told everyone it would be "a place of happiness ". After the allegations were made, WarnerMedia launched an investigation into what is happening at the show .

01 August 2020
Ireland reports highest daily number of COVID-19 infections since May
The R number for the coronavirus reproductive rate in Northern Ireland is at between 0.5 and 1, the Department of Health said. It is the second largest increase in the county since June 1st when a total of 37 new cases were confirmed on the one day.

31 July 2020
Italy's far-right leader Salvini loses his parliamentary immunity
Salvini's resistance League celebration remains the most popular in Italy, but it's been slipping in opinion polls. More than 100 migrants were stuck on the Spanish rescue ship Open Arms for 19 days off the isle of Lampedusa.

31 July 2020
3 dead from COVID-19 in one week
According to the health department, there have now been 142 confirmed cases in the three-county region. That includes 244 news cases from Allegheny County and 130 new cases from Philadelphia County.