Discussion
Loading...

#Tag

Log in
  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Em :official_verified:
Em :official_verified:
@Em0nM4stodon@infosec.exchange  ·  activity timestamp 2 weeks ago

Last year, I wrote this article about dating apps privacy ❤️🔒

It has a focus on queer dating apps for Pride, but I think it contains valuable information for anyone using any dating apps.

If you are currently using a dating app,
or thinking of using one, you might find some useful tips and warnings in there: https://www.privacyguides.org/articles/2025/06/24/queer-dating-apps-beware-who-you-trust/

#HappyValentine #DatingApps #Privacy

KinkKong
KinkKong
@kinkkong@kinkycats.org  ·  activity timestamp 2 weeks ago

@Em0nM4stodon

It's easy: Never, ever use *any* #datingApp. I'm not aware of a good one.

Most are owned by the #MatchGroup. Run. Away. Fast.

No matter, if you are straight, queer, genderfluid, whatever.

Never, ever use *any* fucking #dating app!

#privacy #surveillance #repression #sexuality

  • Copy link
  • Flag this comment
  • Block
Em :official_verified: boosted
BobDaHacker 🏳️‍⚧️ | NB
BobDaHacker 🏳️‍⚧️ | NB
@bobdahacker@infosec.exchange  ·  activity timestamp 2 months ago

🔓 Found critical vulns in Taimi (LGBTQ+ dating app) - all fixed, $10k bounty

What I found:

  • "Expiring" videos didn't expire, URLs stayed valid forever
  • Decrement attachment ID = anyone's private videos
  • Location feature bypassed photo permission checks (why upload a map preview image through the photo system??)
  • Fake system messages (made a Raid Shadow Legends sponsorship lol)

The good news: Taimi actually handled this right. Fast response, $10k bounty, everything fixed quickly. No lawyers, no threats.

This is how disclosure should work. Take notes, Lovense.

Full writeup: https://bobdahacker.com/blog/taimi-idor

#InfoSec #BugBounty #ResponsibleDisclosure #IDOR #Taimi #DatingApp #Security #Privacy #CyberSecurity #LGBTQ

Taimi: Finding Everyone's Private Photos Was Easy, But So Was Getting Paid

How I found critical IDOR vulnerabilities in Taimi that exposed
  • Copy link
  • Flag this post
  • Block
BobDaHacker 🏳️‍⚧️ | NB
BobDaHacker 🏳️‍⚧️ | NB
@bobdahacker@infosec.exchange  ·  activity timestamp 2 months ago

🔓 Found critical vulns in Taimi (LGBTQ+ dating app) - all fixed, $10k bounty

What I found:

  • "Expiring" videos didn't expire, URLs stayed valid forever
  • Decrement attachment ID = anyone's private videos
  • Location feature bypassed photo permission checks (why upload a map preview image through the photo system??)
  • Fake system messages (made a Raid Shadow Legends sponsorship lol)

The good news: Taimi actually handled this right. Fast response, $10k bounty, everything fixed quickly. No lawyers, no threats.

This is how disclosure should work. Take notes, Lovense.

Full writeup: https://bobdahacker.com/blog/taimi-idor

#InfoSec #BugBounty #ResponsibleDisclosure #IDOR #Taimi #DatingApp #Security #Privacy #CyberSecurity #LGBTQ

Taimi: Finding Everyone's Private Photos Was Easy, But So Was Getting Paid

How I found critical IDOR vulnerabilities in Taimi that exposed
  • Copy link
  • Flag this post
  • Block

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.2-alpha.34 no JS en
Automatic federation enabled
Log in
Instance logo
  • Explore
  • About
  • Members
  • Code of Conduct