Monthly Archives: June 2015

Panda Security

Tinder, the app where you can have your heart stolen, but also your information and your pictures

Leave a comment

tinder contact

To find a ‘match’ in Tinder we have to share personal information with other users. If you don’t have at least one picture and you don’t describe yourself a bit, how will anyone know if they are interested in you? The same happens when you visit other profiles.

However, each person can decide what to make public and what not. At least in theory, because a recent study by the University of South Australia questions the privacy of the eight most popular dating apps in Google Play, including Tinder and Grindr.

The research done by these computer security experts shows how easy is to access the data stored in these tools (hidden from the rest of the community), as email addresses and private messages exchanged with other users.

The first thing they did was to create a fake profile on each of the dating apps and from a cell phone try to steal other users’ information. They became cyber thieves for research purposes intercepting the network’s traffic data and tracking the apps supposedly private directory.

For major concern, they discovered that all these apps had huge security gaps which made them vulnerable to these kinds of attacks, achieving their goal: they obtained personal information of many profiles and saved it in their phone.

tinder match

In Tinder, which has over 50 million customers, they stole the pictures of all the profiles they visited with their fake account. In addition, they obtained their Facebook ID (a different sequence of numbers and letters assigned to each person), and with it they were able to identify every one of the accounts in the social network and access them.

If we take a look at Grindr, the findings are even more alarming. The research team amassed amounts of personal information of the different users they had visited with their fake account; from their birthdate to the distance between them and the owner of the last profile they viewed, through a complete record of all sent and received emails and their email account.

In light of the results, the authors warn us to be careful with the applications we choose for meeting people. They also recommend developers to add more strict security measures to prevent attacks, like the ones the researchers performed without many difficulties.

In addition, they claim that the cell phone is the cybercriminals’ main target: most users, regardless of their age and sex, have one. In them we store personal information which not even friends or family know.

This is not the first time a research questions Tinder’s security level. In 2013, another research team founded that is possible to know the longitude and latitude where a user is due to another vulnerability in the tool.

The post Tinder, the app where you can have your heart stolen, but also your information and your pictures appeared first on MediaCenter Panda Security.

Avira

What Can Siri Help You With Today?

Leave a comment

This post is about cool things you can do with Siri, and some you might wish it didn’t do. Stick with me to the end of this post, and I’ll even share with you a funny video of what Siri “really” looks like…

“Siri, please save my iPhone from the messages of death”

This somewhat melodramatic title was posted on TheRegister and reports incoming messages that trigger a bug in the iOS, inducing applications to crash…

The solution?

Apple suggests Siri as a temporary fix (full instructions here). One of the options includes asking Siri to “reply to the malicious message”. That’s right – if you’re being picked on by a big bad hacker who is sending you “messages of death”, get big sister Siri to reply with a digital tongue-lashing – sweet!

“Siri, please turn on the light, switch on the stero and start my car”

Back in 2014, there was excitement surrounding the application called GoogolPLex, which hooked up a hacked version of Siri to the Internet of things. Suddenly you could use Siri for all sorts of applications, as seen in this video:

What’s particularly clever, is the name: “GoogolPlex, turn on the lights” is actually understood by Siri as “Google, please turn on the lights”. Then, instead of running a Google search, GoogolPlex redirects the requests to its servers and uses API’s that interact with your hardware to process your requests.

GoogolPlex, beam me up!

Siri, stop recording our conversations…

You love using Siri? She is a great listener (granted, with dubious hearing). However, if you’re also a staunch believe in privacy, you might want to reconsider what it is exactly you tell your beloved assistant. As reported in this post, all voice recordings are stored for 6 months, after which time they keep the recording for another 18 months but delete the number associated with it… In case you’re now thinking of switching to Microsoft’s equally friendly Cortana, the policy is very similar…

.
And now, for a look at what Siri looks like, as seen in Raj’s vivid imagination (from the Big Bang Theory):

The post What Can Siri Help You With Today? appeared first on Avira Blog.