For anyone in that neighborhood, my cat photo would appear on their Grindr screen as one among hundreds of avatars for men in my area seeking a date or a casual encounter.
Within fifteen minutes, Hoang had identified the intersection where I live. In fact, the outline fell directly on the part of my apartment where I sat on the couch talking to him.
But after a slightly longer hunting process, Hoang was still able to identify my location.
The location tracking attack in particular would seem to work with any app that lists users' locations in order of proximity.(That's the simpler but slightly less efficient method Hoang used to pinpoint my location.)To respond to Grindr's obscuring of the exact distance between some users, the Kyoto researchers' used a "colluding" trilateration attack.They spoofed the location of accounts under their control and placed those fake users in positions that reveal narrow bands in which the victim "V" must be located.Grindr's competitors Hornet and Jack'd offer differing degrees of privacy options, but neither is immune from the Kyoto researchers' tricks.Hornet claims to obscure your location, and told the Kyoto researchers that it had implemented new protections to prevent their attack.If Grindr or a similar app tells you how far away someone is—even if it doesn’t tell you in which direction—you can determine their exact location by combining the distance measurement from three points surrounding them, as shown in the the image at right.