Mastodawn

New, by me: Dating app Raw (which this week said it's planning to release a hardware wearable for tracking partners' emotions) claims to use end-to-end encryption.

But when we tried the app this week, I found it was exposing users' location data and personal information to the web — no password needed.

https://techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information

Exclusive: Dating app Raw exposed users' location data and personal information

The app claims it uses end-to-end encryption, but spilled its users' dating preferences and granular location data to the open web.

TechCrunch

Show thread

Zack Whittaker May 2

After hearing about Raw's planned wearable (which sounds rife for abuse), I tested the Raw dating app using dummy data and a network traffic analysis tool (Burp Suite, ftw). Within a few minutes, I found Raw's servers were publicly exposing users' profile data — and granular location — to the web.

After contacting the Raw's co-founder, the bug was fixed. When I asked, the company confirmed it hadn't asked for a third-party security audit of its app.

https://techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information

Exclusive: Dating app Raw exposed users' location data and personal information

The app claims it uses end-to-end encryption, but spilled its users' dating preferences and granular location data to the open web.

TechCrunch

Show thread

Lee Holmes

@zackwhittaker You're awesome. It is incredibly rare that a reporter is deep enough into their beat that they can break their own stories. Keep kicking ass :)

Show thread

Zack Whittaker May 2

@Lee_Holmes thank you, Lee, this really means a lot.

Show thread

AnneH May 2

@Lee_Holmes @zackwhittaker Seconded