When it comes to thousands of users seeking a special someone through one of the largest online online dating sites, the appreciate fest may be arriving at an-end. OkCupid is actually placing customers’ confidentiality in peril by neglecting to support protected access to their whole websites through HTTPS. Every OkCupid email, speak treatment, research, clicked back link, web page viewed, and login name are transmitted on the internet in unencrypted plaintext, in which it could be intercepted and study by anyone from the network.
Screen chance from OkCupid Services Community Forum. While passwords after inital signup are not sent in the clear, there are other extreme safety issues with OkCupid.com.
“HTTPS” is actually regular internet encoding that ensures records sent and gotten on the net is encoded instead of as plaintext. OkCupid cannot facilitate HTTPS throughout the site, which means that while OkCupid does not drip passwords entered during visit over plaintext, it does leak a lot of some other delicate facts. OkCupid’s troubles to offer HTTPS support potentially exposes:
- Email content material from within OkCupid
- Contents of on line chats on OkCupid
- Searches executed on the website
- Every special web page viewed, thereby all users looked at
- Contents of “hidden” questions–questions a person responds to being improve match outcome however represents as “private” so other people cannot see his / her response