Tinder confirms fix for two critical vulnerabilities in a long-awaited, almost forgotten letter.
The parent company of Tinder, Match Group, Inc. has announced that it is encrypting all photos sent between the app and its servers. The announcement came in the form of a letter to Senator Ron Wyden, who had earlier written to Tinder expressing concerns over the matter. In the letter, Tinder reassured him that starting from June 19, all user photos sent over Tinder would be encrypted.
Senator Wyden had written his letter to Tinder way back in February, asking the company to encrypt photos on the app. According to a report by The Verge, the company had already done so right after his request but waited to write back to him until it also tweaked a separate security feature that made all swipe data the same size. Apparently, the inconsistent size of the swipe data revealed critical information to security researchers. The company finally replied to him on June 19 when the company thought every relevant vulnerability was covered.
So, um, this is pretty weird. Apparently Senator Wyden just got Tinder to properly encrypt your swipe data, so you can all get it on in private. pic.twitter.com/BniAVUi77Q
— Matthew Green (@matthew_d_green) 29 June 2018
A teacher of Cryptography at John Hopkins University by the name of Matthew Green posted Tinder’s letter to the Senator as a tweet a couple of days ago. In it, he highlighted the part where Tinder confirmed the rectification of both vulnerabilities: lack of encryption for user photos on the app and the inconsistent size of swipe data.
For users, it’s business as usual while swiping faces left and right on the Tinder app; there’s no visual difference at all. The good news is that users should now be able to breathe easy while sharing their photos on the app.
Follow Us
Digit NewsDesk
Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile
