A recent security breach at the dating app Raw has put user data at risk, according to TechCrunch. Personal details like display names, birthdays, and specific location data were exposed, which had enough accuracy to pinpoint users’ locations on the street.
Launched in 2023, Raw aims to foster genuine connections by requiring users to upload daily selfies. Though it doesn’t share exact user stats, it has garnered over 500,000 downloads on Google Play.
The timing of this breach is notable, as Raw recently announced an innovative wearable called the Raw Ring. This device promises to monitor partner’s heart rates and provides alerts for potential infidelity using AI. However, this concept raises concerns about emotional surveillance, a topic discussed by experts across various fields. According to Dr. Maya Johnson, a psychologist specializing in relationships, “Tracking a partner’s emotions can lead to mistrust and create more harm than good.”
Despite claiming to use end-to-end encryption—an essential security feature—TechCrunch found no evidence of this during their testing. Instead, the app exposed user data openly to anyone with internet access.
After TechCrunch alerted Raw about the vulnerability, the company quickly worked on a fix. Marina Anderson, co-founder of Raw, stated that all exposed data points have been secured. However, when asked about a third-party security audit, Anderson admitted the company hadn’t conducted one yet. She mentioned, “Our focus remains on building a high-quality product.”
The duration of the data exposure remains uncertain, but the investigation is ongoing. Anderson noted that while they use encryption during data transfer, they still need to clarify their security measures moving forward.
TechCrunch identified the vulnerability through a simple test. They set up the app on a virtual Android device, using dummy data, and monitored the network activity. This led them to discover that the app was not properly safeguarding user information. In essence, anyone could access data from other users simply by altering a specific link.
This type of issue falls under the category of Insecure Direct Object References (IDOR). An IDOR vulnerability is like having a master key that opens every mailbox on a street, potentially exposing vast amounts of personal data. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the risks associated with IDOR vulnerabilities, urging developers to implement stricter authentication measures to prevent such issues.
Post-fix, the Raw app no longer allows public access to user data through browsers, but the incident raises critical questions about user privacy and security in the fast-evolving world of tech.
To protect personal information, always be aware of the apps you use and their privacy policies. Regular updates on security practices can help ensure user safety.
Source link
cybersecurity,dating app,Exclusive,privacy
Related Posts
Protecting Maine Lakes: The Alarming Impact of Algae Blooms and Invasive Plants
Sale of Vivo X200, X200 Pro with up to 16GB RAM, 32MP selfie camera starts from today, know offers and specifications
Grand Canyon University Dominates Rutgers: A Thrilling Doubleheader Sweep!
Navigating the Future: Confronting Climate Change Challenges and Solutions
Beat Brain Fatigue: How Running Can Help You Overcome Digital Overload
Could ‘Poppy Seeds’ and ‘Leopard Spots’ on Mars Reveal Clues About Ancient Microbial Life?
Game-Changer: How Innovative Strategies Are Safeguarding Rare Species from Extinction
Unlocking Potential: Why Caesars Entertainment, Inc. (CZR) Could Be Your Next Winning Investment
Discover the Ultimate Collaboration: A Chicago Artist Teams Up with Cannabis Lifestyle Brand for Unforgettable Creativity
Rich live in different time, luxury watches fly off shelves – Newz9
Boosting Food Security and Livelihoods: SRTF Approves Three Game-Changing Projects for Agriculture in Syria [EN/AR]
Ne-Yo’s Dynamic Love Life: How He and His Four Girlfriends Are Thriving Together
The affirmative action verdict: How it is reshaping campus DEI Programs in the US – Newz9
Delta Flight Incident: Initial Report Reveals High Descent Rate in Toronto Plane Flip-Over
Ex-FDA Communications Team Raises Concerns Over Potential Public Health Risks
Exciting Game 2 Lineup Reveal: St. Louis Blues Take on Winnipeg!
Fastest hundreds to highest total: BCCI’s domestic focus pays off as players rewrite record books | Cricket News – Newz9
Discover 5 Exciting Ways John Mulaney’s Netflix Talk Show is Revolutionizing Late Night Entertainment!
Diablo Hackers Shatter 15-Year-Old Speedrun Record: Discover the Secrets Behind Their Stunning Achievement – IGN
Discover the Original Microsoft Source Code Released by Bill Gates: A Glimpse into Tech History!
![Boosting Food Security and Livelihoods: SRTF Approves Three Game-Changing Projects for Agriculture in Syria [EN/AR]](https://i3.wp.com/reliefweb.int/sites/default/files/styles/large/public/previews/02/d4/02d40586-5947-41ce-9162-f08ba679c358.png?w=480&resize=480,480&ssl=1 "Boosting Food Security and Livelihoods: SRTF Approves Three Game-Changing Projects for Agriculture in Syria [EN/AR]")
