This story has been picked up by a number of media outlets, including Der Spiegel[German language article], The Verge, Huffington Post, The Week and Naked Security.
The Verge had this take on some of the details of the hack and the ensuing fall-out:
...over the last few weeks, a California-based computer engineer — we’ll call him Patrick — has pitted heterosexual male against heterosexual male. Patrick’s program identifies two men who "like" one of his bait profiles (the first used prominent vlogger Boxxy's image; the second used an acquaintance who had given Patrick consent) and matched them to each other. The suitors’ messages — some aggressive, others mundane, but all of them unabashedly flirtatious — are then relayed, back and forth, to one another through the dummy profile.
Tinder is notoriously vulnerable to hacks: in 2013, a loophole in the app could be harnessed to reveal users’ locations to within 100 feet. Last summer, Valleywag reported on a number of techies who tweaked the system to automatically "mass-like" every girl they come across.
Patrick was a Tinder user (in fact, it's where he met his current girlfriend) and says that female friends of his would often complain about the messages they received on Tinder. "The original idea was to throw that back into the face of the people doing it to see how they would react." Initially, he set out to build a Twitter bot that tweeted every first message a female friend received, but then he looked into Tinder’s API and found it had little safeguard from more extensive tweaks. "Tinder makes it surprisingly easy to bot their system. As long as you have a Facebook authentication token, you can behave as a robot as if you were a person."
I remember when people would do this to each other on Usenet in alt.soc.sex chat rooms. My buddy Dave would trek to the computer cluster on the main quad to do it when he was bored; he would put himself in stitches and occasionally return very, very disturbed.
(Score: 5, Insightful) by ikanreed on Monday March 30 2015, @02:42PM
I really dislike the way so many things use Facebook as a login these days. I appreciate the value that gives the developer, but the de-facto standard of letting one company manage everyone's identity is terrifying. I'm afraid that at some point it'll be so assumed that not having a Facebook profile will make it impossible to do something that matters someday.
My sincere hope is that Facebook will collapse and die before that happens.
(Score: 0) by Anonymous Coward on Monday March 30 2015, @02:46PM
I don't have a facebook.
(Score: 0) by Anonymous Coward on Monday March 30 2015, @03:31PM
> I don't have a facebook.
I don't have a face, you insensitive clod!
(Score: 2) by Daiv on Monday March 30 2015, @05:29PM
AC, like myself, don't have Facebook accounts. It's been more and more noticeable of late when small businesses think having a Facebook page is the same as having a proper website. The scores of contests and programs that require you to participate via Facebook is also astounding.
At first, it was annoying. But now it's funny. In 10 years, I hope Facebook goes the way Geocities.
(Score: 0) by Anonymous Coward on Tuesday March 31 2015, @08:37AM
Yeah, funny like the holocaust.
(Score: 2) by davester666 on Monday March 30 2015, @05:55PM
Are you sure? Some people call it a "photo album".
(Score: 4, Interesting) by Kell on Monday March 30 2015, @03:04PM
Already some employs consider suspicious to not have a Facebook profile. Although I'd never choose to work any place where people take that view, in some senses it's already impacting us in ways that matter.
Scientists ask questions. Engineers solve problems.
(Score: 2) by ikanreed on Monday March 30 2015, @06:48PM
+1 horrifying.
(Score: 3, Insightful) by Grishnakh on Monday March 30 2015, @03:07PM
Patrick was a Tinder user (in fact, it's where he met his current girlfriend) and says that female friends of his would often complain about the messages they received on Tinder.
Tinder is not like other dating sites at all. On other sites I've used, any user can message any other user, at any time, unless they're been specifically blocked. So women will tend to get a lot of rude and unwanted messages from strange men.
On Tinder, you have to "like" someone, AND they have to "like" you, before either of you can message the other. No one can randomly message you.
So if you're getting rude messages on there, it's partly your own fault, because you enabled these men to message you. Maybe you should examine what kind of men you're "liking". Or maybe you should actually look at their profile (there is a place to write a small bio, plus put other photos) before right-swiping, instead of only going off a single photo. If you were more selective about the men you right-swiped, you might not have such a problem with this.
(Score: 2, Insightful) by Anonymous Coward on Monday March 30 2015, @03:25PM
> Or maybe you should actually look at their profile (there is a place to write a small bio, plus put other photos)
> before right-swiping, instead of only going off a single photo.
Stupid women, they don't even look to see if men checked the "I am a pig" box on their profiles!
While a trivial bio section and a handful of user-curated photos can reveal if someone is a douche, that doesn't mean they will with any reliability. It isn't like there is a law that forces all douches to wear ed hardy shirts.
(Score: 2, Disagree) by Thexalon on Monday March 30 2015, @05:28PM
There is actually a technical solution to this, but it's not one that any dating site has implemented to the best of my knowledge: Add a percentage of users that have blocked a messenger. So, for example, if somebody is basically spamming everybody with a particular gender and age in a particular geographic region, eventually, all of his messages will be flagged with "97% of people who got his messages blocked him". You could even include a feature that automatically filters out anybody above a certain rejection threshold.
The math of dating sites are pretty clear by now: There's a bunch of single guys, ranging from great partners to downright dangerous (and I don't mean "dangerous" persona, I mean murder-you dangerous). There's a bunch of single gals, also ranging from great to dangerous. Because a lot of people are stuck in the 1950's, they assume that men should initiate contact if they're interested. The great guys initiate with a few people, get a "yes" fairly quickly, go on a few dates until they find a fairly good partner for them, and are no longer single. The not-great guys, on the other hand, initiate, and then initiate again, and keep getting rejected but usually don't know why (or don't have the character to think that "hey, maybe I should get a job and/or hit the gym"), so the same pool of hundreds or even thousands of guys start basically spamming every woman on the site looking for the one that's an easy lay. So to every woman, the perception is that there are a few gems and hundreds of morons in the online dating world.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 2) by vux984 on Monday March 30 2015, @05:56PM
So basically your thesis is that dating sites have a steady stream of people joining them; males and females. The generally 'compatible' people are fairly quickly paired off with other generally 'compatible' mates and leave the pool. However, there is also a steady stream of generally incompatible people joining the site; and these people do not pair off leave - they just accumulate. And as result over time their proportion of the total pool gets increasingly larger; and the site becomes increasingly less useful.
(Score: 2) by Thexalon on Monday March 30 2015, @07:32PM
It's more like the phenomenon of trying to recruit a good employee: The same 500 bad potential employees in town are always unemployed and are going to apply to every single job posting, while most of the good potential employees are happily employed, and you'll only see a few if any of their resumes. So from the point of view of the hiring manager, the world is mostly made up of idiots, even though that's not actually the case.
The bad apples leave the online dating site when and if they find an easier way to get laid, or when they get too old to care about the game any longer.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 1) by Noble713 on Tuesday March 31 2015, @09:53AM
You are partly right, but I would argue that not all of the "great guys" "find a fairly good partner and are no longer single". You're forgetting about the playboys. The sort of men that women will compete for but who aren't interested in settling down (at least presently). These men consistently fish for (and successfully acquire) new women. They receive comparatively-high response rates from women (in person and online) and generally leave positive impressions with the women who date them (even if they date a woman and throw her away after a few months).
I often tell my side-pieces (when they realize they aren't my main girl) that there are 3 types of foreign men in Japan, but really it applies anywhere:
1. Men already in committed monogamous relationships. You'll never meet them because they are off the dating market.
2. Losers that *nobody* wants to date.
3. "Single" playboys. Chances are if you meet a hot guy who's really interesting, educated, has a decent job/career.......it's almost guaranteed he's already in a sexual relationship with 1 or more other women. Accept the fact that you'll have to share him, ramp up your efforts to earn exclusivity, or lower your standards and settle for one of the lames in Category 2 (above).
(Score: 0) by Anonymous Coward on Tuesday March 31 2015, @12:20PM
uuuummmmm-uh! Sociopath cock is the best kind of cock!
(Score: 5, Funny) by Grishnakh on Monday March 30 2015, @03:12PM
...when I was in high school, a friend of mine and I used to so something a bit like this just for giggles. We each had two phone lines (this was before cellphones became common and affordable), so that we could spend plenty of time online back in the days of 2400bps modems. For pranks, we'd call up two different people, put them into a conference call together, and mute our phone, so that they'd talk to each other. Sometimes we got some funny results, like calling two different pizza places (Papa John's and Domino's, for instance), and listening to them argue about who called who.
(Score: 3, Funny) by TheGratefulNet on Monday March 30 2015, @04:09PM
extra credit: merge in a periodic BEEP sound. let them think they are being recorded. delay the first beep for 30 seconds so that they are not initially aware of the plot ;)
"It is now safe to switch off your computer."
(Score: 2) by wonkey_monkey on Monday March 30 2015, @03:21PM
Sending and receiving messages seems like a reasonable thing for an API to allow you to do.
Relaying messages could almost as easily be done manually, or with various other levels of automation, even without API access.
systemd is Roko's Basilisk
(Score: 0) by Anonymous Coward on Monday March 30 2015, @03:29PM
> Is this really a hack?
Yes. This use was not the intended design thus it qualifies.
Difficulty does not determine whether or not something is a hack.
(Score: 2) by wonkey_monkey on Monday March 30 2015, @04:29PM
This use was not the intended design
Yes it is. The intended design is to allow you to read messages and send messages, and that's all that's happening.
systemd is Roko's Basilisk
(Score: 1, Disagree) by Anonymous Coward on Monday March 30 2015, @04:52PM
Literalism for the lose!
(Score: 1, Funny) by Anonymous Coward on Monday March 30 2015, @03:23PM
What the hell is tinder?
(Score: 3, Informative) by ikanreed on Monday March 30 2015, @03:47PM
How old are you?
I'm (almost) 30, completely divorced from both youth culture and social media, and I heard people babbling about tinder years ago.
It's a dating app that works like this:
* You create a profile
* It starts automatically showing profiles of the opposite sex in order of distance from your current location
* You swipe right for those you like, left for those you wouldn't give a chance
* If both you and the other swipe right, you can talk to each other.
(Score: 2) by tynin on Monday March 30 2015, @04:05PM
I'm in my 30s and happily married for a good long while, and I've not heard of it. Of course, I can read for comprehension so it made sense what it was. That said, I think this XKCD is highly applicable [xkcd.com] to the parent poster.
(Score: 2) by ikanreed on Monday March 30 2015, @04:50PM
That cartoon specifically exempts people over 30. Sorry.
(Score: 0) by Anonymous Coward on Monday March 30 2015, @04:53PM
The apology is nice, but we both know what you did. [xkcd.com]
(Score: 3, Insightful) by Phoenix666 on Monday March 30 2015, @08:52PM
Well it's like every other dating app/site that's come up over and over since the days of Usenet. The difference is geolocation, or rather, a GPS-enabled interpretation of proximity. One important addition is that Tinder requires your Facebook ID, so that everyone you know will know that you are on Tinder looking for hookups. Is that worth it to you? If you're 20, perhaps. If you're even a little bit older than than, likely not.
Washington DC delenda est.
(Score: 2) by kaszz on Monday March 30 2015, @09:38PM
There's a few other differences too:
* Cheap internet connection
* Mobile terminals
* Graphics (not 9600 bps tty)
* Low knowhow barrier to entry that allows a lot of morons to be online (as long as they stay in fluffy GUI walled garden)
* Quantity of users that opens up new probability opportunities, along with different demographics
* More instructions per second per US$ (and storage to dump all results)
Why not?
(Score: 2) by gidds on Tuesday March 31 2015, @01:17PM
Your ideas are intriguing to me and I wish to subscribe to your dating site.
[sig redacted]
(Score: 0) by Anonymous Coward on Monday March 30 2015, @03:29PM
But isn't this a staple of sitcom comedy writing, the girl tricking her suitors into flirting with each other?
(Score: 3, Informative) by wonkey_monkey on Tuesday March 31 2015, @09:40AM
Err, no. No it is not.
systemd is Roko's Basilisk
(Score: 2) by morgauxo on Monday March 30 2015, @04:19PM
Back in college a friend of mine and I used to use AOL free preview discs for this. It wasn't really a dating thing but you could search by age/sex/location in the messenger. We had a third friend who was allways actually finding dates that way. We would have some beers and then make up fake profiles and say all sorts of crazy things to people and yet they would still be interested. Once bored we would have our characters come out as the opposite of whatever sex we had claimed they were to begin with. Oh the angry responses that got! Fun times! :-)
(Score: 3, Funny) by tangomargarine on Monday March 30 2015, @04:29PM
I don't really see what the point of this "hack" is. What is being demonstrated? "It's funny to make fun of heterosexual people"?
Person A lies to Person B semi-anonymously. Person B gets mad but can't retaliate. 90's IRC called: it wants its news back.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 0) by Anonymous Coward on Monday March 30 2015, @05:26PM
The point is to make fun of things such as "Tinder".
(Score: 2, Funny) by Anonymous Coward on Monday March 30 2015, @06:41PM
90's IRC called: it wants its news back.
Oh my god! Did you warn them? About the 2000 US Presidential Elections and the World Trade Center?
(Score: 2, Funny) by ghost on Monday March 30 2015, @05:06PM
(Score: 2) by kaszz on Monday March 30 2015, @09:42PM
Now Tinder is one thing. Connecting two telemarketers.. hilarious? :P
(use landline/mobile to VoIP to another user with VoIP to landliine/mobile hotline)
(Score: 0) by Anonymous Coward on Tuesday March 31 2015, @03:31AM
Along the same lines, a friend used to live in an area heavily canvassed by different religious groups. He politely saved information from one and then rabidly proselytized to the next one, using the handouts from the previous group.