Grindr is the world's most popular gay hookup app, used by 500 million men in 192 countries. But a new alleged security flaw is putting the lives of users in places like Russia, Iran, and North Korea at risk. Patrick Abboud reports.
Wednesday, September 10, 2014 - 19:30

Since launching in March of 2009, Grindr has revolutionised the search for Mr Right Now. It's geo-location technology tells users how close they are to each other, allowing men to message others based on how close they are. Never has it been easier to find someone of interest in proximate distance.

Grindr is the most popular gay app community, with more than 500 million users in 192 countries. Some of those countries are known to have a culture of discrimination and violence against the LGBTQI community; in many homosexuality is still illegal and has carries severe criminal repercussions, up to and including death. The app is particularly popular in these communities; it creates a much safer space than approaching a man for sex in country like Iran or Russia.

However, a new security flaw could be putting lives at risk. An anonymous 'tipster' has exposed that specific location data can be extrapolated by querying Grindr's servers from three different places and triangulating the information received.

The location data is so precise, it can tell if someone is trawling Grindr from their couch or their bedroom.

The unknown user has tweeted several maps pinpointing where users are under threat.

The reason this alleged breach is so dangerous is that more than 90 per cent of Grindr users have enabled location services; its use of geolocation was one of its groundbreaking features. This means that nine out of ten users can have their locations deciphered, which makes using the app particularly risky for those living in countries with no LGBTQI rights.

Through the security glitches the exact location of more than 600 000 Grinder users was discovered in 131 countries. 2,311 users were found in Russia where anti-gay violence is rife. 349 men were identified in Iran where the death penalty is enforced. 926 men in Turkey, 622 men in Egypt, and 753 in China; all countries with track records of extreme homophobia. 134 Grindr users were also located in North Korea, a country where fear of persecution has made the gay movement completely invisible.

There are already some reports from Egypt linking this alleged security breach to arrests of several members of the LGBTQI community. In Iran, authorities have reportedly used Grindr's geolocation to round up 200 users.

The tipster's been messaging Grindr users in many of these countries warning them of the threat, and also circulating this note:

"I know officials at grindr have been informed several times within the past months about these issues, which would seem to imply that the concept of “social responsibility” is lost upon Grindr. While you may live in a country where using Grindr is no big deal, there are countries like Sudan and Yemen where anti-gay laws have been enacted with severe consequences[3], e.g. the death penalty. Knowing that Grindr-Users in countries such as these are being put unnecessarily at a high risk should be reason enough for Grindr to change its system. Even without the such a risk: Would you want it to be possible for someone to show on a map, exactly where you are to the point where they could tell if you were using Grindr in the bathroom or on the couch?"

Grindr initially said they do not view this as a security flaw, explaining that users have the option to turn the 'show distance' feature of the app off. There was no representative of Grindr available for internew but they sent us this statement.

"Thanks for reaching out. Our latest blog reflects our approach to safeguarding the security and privacy of Grindr users. However, we will continue to evaluate and make ongoing changes as necessary to protect our users."

Their blog post dated September 5 explained that the company is taking proactive measures to keep users safe in places with a history of violence against the gay community.

The app currently displays a message explaining that they have removed the 'Show Distance' function completely in certain regions.

"Zero Feet Away?

I bet you're wondering why the distance isn't showing on that hot guys profile?

Well I can tell you that its not just your device that's missing these vital stats, in an ongoing effort to protect our users we are making some changes on the servers.

Your distances will return in the next few days."


Additional footage courtesy of The Grindr Guide.