Your Neighbors Are My Spies: Location and other Privacy Concerns in GLBT-focused Location-based Dating Applications
Colluding Trilateration in Grindr
Abstract
Trilateration is one of the well-known threat models to the user’s location privacy in location-based apps; especially those contain highly sensitive information such as dating apps. The threat model mainly bases on the publicly shown distance from a targeted victim to the adversary to pinpoint the victim’s location. As a countermeasure, most of location-based apps have already implemented the “hide distance” function, or added noise to the publicly shown distance in order to protect their user’s location privacy. The effectiveness of such approaches however is still questionable. Therefore, in this paper, we investigate how the popular location-based dating apps are currently protecting their user’s privacy by testing three popular GLBT-focused apps, such as Grindr, Jack’d, and Hornet. We found that Jack’d has the most privacy issues among the three apps. As one of our findings, we also show how the adversary can still figure out the location of a targeted victim even when the “show distance” function is disabled in Grindr. Without using sophisticated hacking techniques, our proposed model (called colluding-trilateration) is still very effective and efficient at locating the targeted victim, and of course in a so-called “legal” manner, because we only utilize the information that can be obtained just as same as any other ordinary user. In case of Hornet, although it has adopted location obfuscation in its system, we were not only able to discover its noise-adding pattern by conducting empirical analysis, but also able to apply the colluding trilateration used in Grindr to locate the targeted victim regardless of the location obfuscation. Our study thus raises an urgent alarm to the users of those location-based apps in general and GLBT-focused dating apps in particular about their privacy. Finally, the paper concludes by suggesting some possible solutions from the viewpoints of both the LBS provider and the user considering the implementation cost and the trade-off of utility.
