HighThere!, the dating app for connecting weed smokers, could unintentionally be sharing the information of its users with the police, a cybersecurity firm has revealed.
When creating an account on the app, HighThere! asks users for access to their location, as well as other details about their smoking habits, such as their preferred consumption method, which is used to generate appropriate matches.
However, when analysing just how secure the information on the app is, security firm Synack found that anyone with a basic understanding of computer science would be able to access the names, images, smoking habits and – most alarmingly – the location of each user.
This company’s investigation found that the identity and locations of any visible HighThere! profile could be obtained simply by looking at the data the app sends through a home router.
The Synack team concluded that the stoner dating app was using “student project level” security, and was effectively transmitting large, unencrypted caches of data about its weed-smoking users, which could be accessed by almost anybody.
And given the nature of the app, having such a low level of user privacy makes it potential haven for police looking to track down both suppliers and consumers of cannabis, putting users at risk of more than just spam messages.
Synack’s Vice President of Operations, Tony Gambacorta, told Mic: “This is maximum fun for law enforcement – an incredibly useful tool.
“God bless the criminal who advertises where he is and what he’s doing.”
Responding to these claims, HighThere! told Mic: “HighThere! considers user privacy as a top priority. And for the past several months, we have been working diligently to enhance our current measures of protecting data.
“This work will be completed in the very near future, with an upcoming release that will include industry standard encryption, throughout all levels of the application.”
The app currently has 150,000 users, and is available on both Android and iOS devices.