It's a surprise that Tinder launched Tinder Social just now in the US given that's the main source of the leaked data. Tinder Social was (and remains) opt-out in Australia while he was writing the article. Even if Tinder Social is now opt-in in the US, the fact they were dismissive of the vulnerability disclosure is concerning.
Any social network with deteriorating privacy is bad. One where the content can potentially be sensitive is even worse. If you started on a service and it kept becoming more private by default, that's fine - potentially annoying, but fine. If you start on a service and it kept becoming more public by default, then we have a problem.
The fact that Tinder don't realize Tinder profiles may contain sensitive information for a significant portion of their user base is hugely disturbing. As stated in the article, there are so many circumstances beyond cheating that this is still an issue.
Assume for a fictional argument that I was born into a religious family, "no sex before marriage" type of thing, but enjoyed one night stands. One might use Tinder to do so quietly. Tinder didn't allow your friends to see that information before - I assumed I was safe from judgement by my family and their friends. Then Tinder rips that privacy you thought you had away!
Saying that users should have known better is not an excuse. As developers we must operate under the assumption that best practices are likely going to be missed or misunderstood. Tinder violated that in an extreme way in an attempted land grab for a large social market beyond hook-ups and dating.
Disclosure: I'm friends with the author and commented on drafts.
> I assumed I was safe from judgement by my family and their friends. Then Tinder rips that privacy you thought you had away!
Why would you think your profile is "secret" in any way to begin with? It is literally an app that shows you others using it NEARBY yourself. And a highly popular one at that.
The profiles are also public and there is no indication to them being private as far as I've ever read about the app.
One could say that there is an expectation that only other tinder users will discover you. Kinda like going to a bar or a strip club, which are activities that your community may disapprove of. Thus, you only encounter members outside of your community, or community members who are cool with it.
To use the things in the blog post you still need a Tinder account.
A disapproving family member could still go to a bar or open an account to try to find you there. Which you should be aware of because they are both still publicly accessible spaces.
The difference being that they would have to search multiple bars at multiple times of day. Instead we have a large billboard saying "Steve is at this bar and is interested in these types of activity while he's there!".
Have you seen the (now quite ancient) animated evolution of default Facebook privacy settings[1]? It's insane.
It's for this reason that, by default, I assume essentially everything I do online is public. My username is my name, almost everything on Facebook is defaulted to public, etc.
If you live under the assumption that you're never private, you'll never make the mistake of thinking you are.
Any social network with deteriorating privacy is bad. One where the content can potentially be sensitive is even worse. If you started on a service and it kept becoming more private by default, that's fine - potentially annoying, but fine. If you start on a service and it kept becoming more public by default, then we have a problem.
The fact that Tinder don't realize Tinder profiles may contain sensitive information for a significant portion of their user base is hugely disturbing. As stated in the article, there are so many circumstances beyond cheating that this is still an issue.
Assume for a fictional argument that I was born into a religious family, "no sex before marriage" type of thing, but enjoyed one night stands. One might use Tinder to do so quietly. Tinder didn't allow your friends to see that information before - I assumed I was safe from judgement by my family and their friends. Then Tinder rips that privacy you thought you had away!
Saying that users should have known better is not an excuse. As developers we must operate under the assumption that best practices are likely going to be missed or misunderstood. Tinder violated that in an extreme way in an attempted land grab for a large social market beyond hook-ups and dating.
Disclosure: I'm friends with the author and commented on drafts.