Usa nude online dating
Almost all online dating app servers use the HTTPS protocol, which means that, by checking certificate authenticity, one can shield against MITM attacks, in which the victim’s traffic passes through a rogue server on its way to the bona fide one.The researchers installed a fake certificate to find out if the apps would check its authenticity; if they didn’t, they were in effect facilitating spying on other people’s traffic.The study showed that many dating apps do not handle users’ sensitive data with sufficient care.
And almost all of the apps authorize through Facebook, so the lack of certificate verification can lead to the theft of the temporary authorization key in the form of a token.That’s actually the app’s main feature, as unbelievable as we find it.Most apps transfer data to the server over an SSL-encrypted channel, but there are exceptions.Happn, in particular, uses Facebook accounts for data exchange with the server.
With minimal effort, anyone can find out the names and surnames of Happn users and other info from their Facebook profiles.
Tokens are valid for 2–3 weeks, throughout which time criminals have access to some of the victim’s social media account data in addition to full access to their profile on the dating app.