Data dating episode Sex chat online by webcams without registration
The study showed that many dating apps do not handle users’ sensitive data with sufficient care.
That’s no reason not to use such services — you simply need to understand the issues and, where possible, minimize the risks.
Our experts studied the most popular mobile online dating apps (Tinder, Bumble, Ok Cupid, Badoo, Mamba, Zoosk, Happn, We Chat, Paktor), and identified the main threats for users.
The result of the analysis is less than encouraging: Eight of the nine applications for Android are ready to provide too much information to cybercriminals with superuser access rights.
Tokens are valid for 2–3 weeks, throughout which time criminals have access to some of the victim’s social media account data in addition to full access to their profile on the dating app.
Regardless of the exact kind of data the app stores on the device, such data can be accessed with superuser rights.
Almost all online dating app servers use the HTTPS protocol, which means that, by checking certificate authenticity, one can shield against MITM attacks, in which the victim’s traffic passes through a rogue server on its way to the bona fide one.
The researchers installed a fake certificate to find out if the apps would check its authenticity; if they didn’t, they were in effect facilitating spying on other people’s traffic.Tinder, Bumble, Ok Cupid, Badoo, Happn, and Paktor all store messaging history and photos of users together with their tokens.