[qnsi]

I am not very knowledgable about security bounties, but 2k seems laughably small. Every female using the app was gravely in danger because of this bug. There are a lot of creeps on dating apps. That it got awarded just 2k and no resignation of CTO is a joke

[cronix]

> Every female using the app was gravely in danger

You left out a very important key word, "potentially." The article did not say a single person out of millions using Bumble was actually attacked via this method.

[s5300]

Gravely in danger, for all 18+ (within the US at least) is a bit of a stretch.

You can find the current/last known address of nearly any registered voter with a simple Google search. I'm not exactly sure why or how, but you can.

There are also services, that aren't exactly expensive, in which you can buy the phone number or address of nearly everybody in the U.S.

If you think being able to triangulate and pinpoint the location of somebody via a dating app constitutes grave danger... Well, there are much graver dangers that can't be fixed by any $ bounty all around us.

I'm not trying to say that what happened with Bumble isn't bad, and it makes the company look somewhat foolish, but in 2021, finding the location of somebody in most developed countries, aside from your ultra secure OPSEC average HN user, is quite a simple task.

[mdaniel]

I agree with the sibling comment that the key word is "potentially," but disagree with your sentiment that "I haz whitepages, game over" since the difference is that ones voter record address does not travel with them everywhere in their purse/pocket

To further illustrate the point, I believe trips to Tahoe are a non-trivial source of hookups, but being able to follow a potential match back to their chalet is not something anyone would voluntarily opt-into

[istorical]

Crime is not difficult. Every woman is already in danger. As is every human. Every animal. The world is dangerous.

If level of danger caused by a company was proportional to punishment, then every gun or tobacco (secondhand smoke) or fossil fuel company would have to have everyone in the org resign effective immediately.