Kirsle.net
UPDATE (June 12 2022): I wrote this blog post originally in 2014 and it's highly likely that Grindr's data folder on Android doesn't look anything like this anymore. I haven't rooted my Android phones in a long time and haven't run Grindr in several years either. I sometimes get emails from people asking for help getting into their Grindr cache -- I can't help you, and don't ask me about this. This blog post is very outdated, Grindr has gone thru several complete re-designs in the last 8 years and they've probably changed everything about their data folder layout.A long time ago, the Grindr for Android app used to store its photo cache on your SD card, but lately they hid them away in the app's private space to make them slightly more difficult to get to. I decided to go exploring using Root Browser and see what I could find out.What you can do if you want to look into this yourself is: root your Android phone, look in your /data/data folder for Grindr's app data, copy it out to your PC and go thru it yourself. The
filecommand on a macOS or Linux terminal can tell what type of file something is regardless of its extension (in this post, many JPEG photos were named with ".1" file extensions instead of .jpeg and Linux easily ferreted this out).Also note that rooting your Android phone may require a factory reset of the phone, so if it's your existing Grindr cache you want to get into, you may be out of luck. Google Pixel phones for example officially support unlocking the bootloader (necessary for flashing custom ROMs and root), but this action forces a factory reset for privacy (e.g. a thief stole your phone and wants to root it, which would let them bypass your lock screen, Google wants the phone to mandatorily reset to factory defaults before it can be rooted). Some phones with shadier root exploits may not need the factory reset. You're on your own either way. Don't ask me for support in rooting your phone or helping you hack Grindr.
When I say "photo cache" I mean the place where Grindr downloads pictures locally so that it doesn't need to keep redownloading everyone's pictures all the time and consuming a lot of unnecessary bandwidth. Grindr caches both profile pictures and pictures received over chat messages. They both go into the same place. So if you have access to that place, you can get high resolution copies of all pictures received over chat and have them on your PC. :)
First of all, you'll need a rooted Android device for this, because the Android OS normally doesn't allow apps to get into each other's private data folders. The Root Browser app is a file browser that's root-aware (so it will prompt for root permission when you attempt to open a folder that ordinarily you can't open without root).
So, without further ado, Grindr's photo cache is located at /data/data/com.grindrapp.android/cache/picasso-cache/. This folder may contain a lot of files, mine had 3,458 and so Root Browser took a while to load that folder. You can copy it somewhere under /mnt/sdcard and then get to your files from a PC that way. Make sure the files are no longer owned by "root" when put in the SD card part, or you may run into issues when accessing them from your PC.
Most of the files in this folder have hexadecimal names that appear to be hashes of some sort, and the names usually come in pairs, one with a ".0" file extension and the other with a ".1", for example one I found on my phone was 4e21d675447678d0493bc8cb41a56e8d.0.
The ".0" file is a plain text file, and most of the ".1" files are the JPEG images. I use Linux, and my file browser automatically identified the types of all the files and showed thumbnail images for all the ".1" files. So, most of the time if you rename one of the ".1" files to have a ".jpg" extension you can see the images under Windows.
Some of the .1 files aren't images though. Some are more text files, and I peeked inside one to see what it was:
$ cat c1749deee81d4fece16d836e177c5852.1
[{"messageId":16970,"title":"Calling All DJs & Bartenders","body":"Are you one of the sexiest DJs or bartenders and able to work a paid event on the afternoon of April 27th in Palm Springs? If so, send us your information and a link to your website to palmsprings@grindr.com or simply tap 'More' to email us directly. ","actionTitle":"More", "dismissTitle":null, "expirationDate":1396853940000, "url":"mailto:palmsprings@grindr.com"}]
These appear to be the broadcasted pop-up messages shown in the app sometimes.
Now, the other interesting files are the ones with the ".0" extensions. These appear to be debug information, and they're basically the full HTTP request dump used to download the ".1" file. Here's what the one looked like for my profile picture (in case the Grindr CDN link stops working and you're curious, it's this picture):
$ cat 4e21d675447678d0493bc8cb41a56e8d.0 http://cdns.grindr.com:80/images/profile/1024x1024/d8dfd4eb2abd9c4d29653587cc87912b393bac97 GET 0 HTTP/1.1 200 OK 14 Accept-Ranges: bytes Content-Length: 72057 Content-Type: image/jpg Date: Fri, 04 Apr 2014 20:09:05 GMT Etag: "98af07f8697f854734874296a90c640f" Last-Modified: Sat, 01 Mar 2014 22:05:22 GMT Server: ECS (lax/2851) x-amz-id-2: [REDACTED] x-amz-request-id: [REDACTED] X-Android-Received-Millis: 1396642144430 X-Android-Response-Source: CONDITIONAL_CACHE 200 X-Android-Selected-Transport: http/1.1 X-Android-Sent-Millis: 1396642144347 X-Cache: HITI edited-out the "x-amz" headers because I'm not sure how secret those are supposed to be.
When browsing through my cache folder I also saw some pictures that weren't profile pics, but were sent over chat messages. These always seem to be the full resolution of the original pic sent, i.e. not thumbnails or anything. The ".0" file looks the same as for a profile picture, except the URL downloaded begins with "http://cdns.grindr.com:80/grindr/chat/" and the server headers respond with a "Content-Type: binary/octet-stream" (which causes a web browser to download the picture to disk instead of displaying it in the browser).
Some of the ".1" files are actually empty (0 bytes), and their .0 files indicate that these are the ad banners (requesting a URL from googleads.g.doubleclick.net). So it looks like whatever system in Grindr is responsible for downloading pictures also sorta deals with downloading ad banners, except it doesn't actually save the banner into the cache folder.
The last somewhat not-very-interesting file in the cache folder is called "journal", and it's a text file. By reading the first couple lines, it appears to be part of libcore.io.DiskLruCache, a bit of Java code that provides a rotating offline cache. This probably means that, if Grindr's cache folder fills up, it will automatically remove old files to make room for new ones, so it can keep its overall disk usage under control automatically. The journal file appears to list the hash names of all the other files in the folder, along with words like "CLEAN", "DIRTY", and "REMOVE".
Back when I was about 16 or 17 years old, I created a gay social networking site named RainbowBoi. I later rebranded it to XYBois before losing interest in it entirely, and now it's called Siikir. Anyway, I decided to dig up my old backups of this site to dig up the picture of the guy I think I'm talking to. It was him.
But poking around at the user profile data for the old sites, I got the idea to try dusting the code off and get it running again on my local web server... just for nostalgia's sake. Get the site up, dos2unix convert all its data files so that I can log into it, and just click around and see how the site used to be back in its day, back from 2005-06.
Throughout this blog post, all the small screenshot thumbnails can be clicked to view the full size.
(the homepage. click for bigger screenshot)
This version of the site was in the middle of being rebranded. The Perl source code that powers the site is also the same code I had written for my old AiChaos site, which you can see here on my archive subdomain. The code is ugly to look at, because I was relatively new to programming.
But newbie as I was, I was apparently quite ambitious. This site was very featureful: it had social networking features (including photo comments and private messaging and search and friend lists), it had helpful articles to read about coming out of the closet and topics like that, it had some public photo albums which were surely pretty popular, it had a "straight-acting" quiz. It even had a chat room, where I had programmed my own chat protocol, client program and server from scratch.
It even had used Image::Magick to scale the user photos down, and calculated ages based on birthdates, and syndicated RSS feeds for display on the site. I definitely knew my stuff back then, even if I didn't have a good coding style down yet.
I miss the days when I used to have this kind of free time on my hands. Whenever I dust off my old projects and play around with them, I keep seeing really ambitious ideas. The code may not be pretty, but it is featureful. I don't create anything nearly this cool nowadays. I just don't have the free time or the motivation to do it.
Maybe this is the consequence of doing what you love as a job. As a software developer, I spend all day long writing code to get paid and by the time I'm done, I don't feel like writing any more code for the day. And then on the weekends I just wanna relax and try to have a social life, or else just watch TV and play videogames.
/sigh
Here are 6 more screenshots of the old RainbowBoi/XYBois.
They're way too much drama.
It seems as though every single guy I meet on any such gay website, automatically seems to assume that I'm going to hookup with them, or date them or be with them forever and ever or something stupid like that. Never mind that I explicitly spelled out that I'm only after friends and chatting on the site in question.
And then they get all stupid and insecure about whether or not I'm interested in them. This happens all the time but here's the last example that really pissed me off.
This Brandon character I met from who-knows-what gay site, I had him on my Yahoo! buddy list and on Facebook. He IM's me on Yahoo saying, "so do you not want me to talk to you". I wonder for a second who this is, and check my chat logs, but this is a new computer and I have no prior chat logs. I say I don't remember him, and he tells me we're facebook friends, so I go check. Not remembering still I just reply, "I have no reason not to want to talk to you."
I then notice I had an older chat open with him from Facebook where, the conversation ended with him saying,
(08:35:56 PM) Brandon: not interested in me? (08:38:45 PM) Brandon: guess not
Yeah, I forgot to reply within 3 minutes and he assumes an answer already. I had seen this earlier, thought it was bullshit (I hate when random strangers on the Internet already start getting this insecure on me), and just ignored it. But now I put two and two together and saw that this is who I'm chatting with now on Yahoo.
So I add, "but I do wanna say I'm not looking for a b/f or a hookup or anything, only friends, is that okay?" -- and he apparently got his ego bruised by this, and tries to attack me, and say "did i ask for any of that? /ok sorry / i wont talk to you anymore / dont assume people wanna hook up and marry you"
I didn't assume. I had his Facebook chat log from earlier in the day. I tell him what he said earlier and how it looks like he wanted to be more than friends, and I paste him the chat logs. He says nothing further, and just deletes me from Facebook.
This is the sort of stupid gay drama bullshit that I do not have time to put up with. Other examples of this is when some guy wants to meet me very quickly, and I reply back saying, "I need to get to know you first before I meet you." If their response to this is, "well what do you want to know?".... this is not the correct answer. That's NOT what I meant. And I'll quit talking to him at this point.
Another example is when a guy starts getting all insecure on me and says something stupid like, "I guess you're not into me, I'll just leave you alone then." Good. If you're gonna act like a little bitch, I didn't wanna talk to you in the first place.
The annoying part about all of this is how widespread it is. It seems that every single guy I chat with on any gay website behaves this way. I don't have the time to put up with this sort of stupid bullshit.
As for the subject of this blog post, it's a joke from the IRC room I've gone to since I was 12 as I was ranting about this exact thing.
[Kirsle] I don't have time for this kinda bullshit [Kirsle] seriously [Kirsle] any ONE guy from any site is so much high maintenance and stress [Kirsle] tons of guys from tons of sites is just too damn much [Admin_Todd] what kind of bullshit do you have time for? [Kirsle] more serious bullshit Todd, not this stupid stuff :P [Admin_Todd] oh ok [MattB] lol [Admin_Todd] Big Bro give Casey some really serious bullshit * Big_Brother gives Casey some really serious bullshit :P [Kirsle] :P [MattB] haha
Siikir.com has just been uploaded to my web server. I said I'd have it up by the new year, and I did. :) It's a gay social network site (see my previous post about it).
Now that it's up I'll mention some of the other features I came up with for it that I haven't seen other sites do, or do correctly.
"Self-moderating" photo system. It's annoying when a site makes you wait 24+ hours for an admin to come by and approve every pic you upload. So on Siikir, I came up with a better way: all public pics go live immediately!
If a user flags your pic as being inappropriate, then it goes into the "Pending Approval" mode and is temporarily taken down until an admin can look it over. If the admin judges that the pic is perfectly fine and not in violation of the rules, it goes back up, and cannot be flagged ever again by other users; it has the admin's blessing. If the picture is indeed in violation of the rules, the admin will have it deleted.
This whole system is full of statistics keeping though, if a user abuses the system and keeps on flagging pictures just to be a pest, the admin can see how many pics they've flagged and how many of those flags turned out to be false. Eventually in a future update I'll be building in a karma system, so that users who consistently upload good pics will require more flags before it goes into "pending approval" mode.
All free. SO annoying when sites ask for money to use some crucial and obvious feature, like replying to messages or seeing who thinks you're hot. Siikir will make its money in other ways, like Google Adsense or a "featured profile" feature to come.
First I should say what my project is. It's called Siikir (pronounced like "seeker"), and it's a gay social network website and mobile app. I'm creating it because I'm disappointed in all the currently existing things that it will be competing with; they all have features that annoy, or else a lack of features that is also annoying.
If any of y'all know me from when I was like 16, that's when I programmed a gay social network site from scratch that I called RainbowBoi; I abandoned it a year later from lack of interest, but the disappointing sites out there today have motivated me to try a second time.
I won't spoil the full list of features just yet, but one of the big ones is that "Grindr stalking" will be much more difficult (if not made impossible) to do with it, than it is on the iPhone app, Grindr.
Grindr is an iPhone app for gay guys where you can locate all the other gay guys near you. Its feature set is rather limited: one profile to a device, you can have one pic, a small set of profile details, you can send messages and pictures to other users and you can bookmark users. Sure, Siikir will be competing with this, but the competition will look like RiveScript vs. AIML; my feature set already surpasses Grindr. But this post isn't about that.
No, it's about Grindr's bookmark feature.
You can boot up Grindr, locate somebody you know (such as an ex boyfriend that you haven't quite gotten over yet), and... bookmark them. Don't send them a message, just bookmark them. This will place them at the very top of your list of guys, forever. And the poor victim has no idea that you've even bookmarked him.
And now you can just silently stalk him ad infinitum. He can't upload a new picture, change his profile or anything without you knowing about it. He can't delete Grindr and reinstall it, because Grindr ties a profile to a device and he'll still be bookmarked on his stalker's phone. He has to be lucky enough to find out what profile is the stalker's and block him to be free.
Siikir will prevent this sort of abuse.
On Siikir, when you locate a profile in a "public" place (like the search results page), the link to view their profile will be temporary (but share-able). The link in your browser URL won't look like "/users/kirsle", but rather something like "/users/hash.432ebc113ac1662=". The URL is encrypted, a random hash that will expire after 15 or 30 minutes or so.
Search result URLs are temporary, but are shareable; if you find somebody you wanna show your friend, you can paste that URL over MSN Messenger; but regardless the URL has been generated by the server and has an end-of-life already ticking down to zero. This URL can't be bookmarked in your web browser, for it won't be there anymore when you try to return to it.
The only way to get a permanent URL, then, is to make contact with the user. Siikir will have a bookmark system, but the user you bookmark will be notified that you have bookmarked them. Sending them a message and saying hello is just as fine. Either way, before you get a permanent link, the user has to also be aware of who you are.
The obvious loophole is that you only need to find somebody who already has the permanent link and just get it from him. Sure. That's why for the extra privacy-conscious individual, they can turn on an optional "Make my profile unlinkable" feature. This will make it so that, even on a user's bookmark or inbox page, the links to your profile (which would've been permanent links) are also temporary. Only, these links cannot be shared on MSN; they are temporary and tied to the session of the end user who sees the link. Search result links can continue to be shared though, but are, of course, still temporary.
I only have a couple key components of the site left to develop and it will go live with a public beta shortly. I plan to have it up and running by the new year. The Android app will follow quickly after the site goes up, followed later by an iPhone version (as soon as I work up the courage to wrestle Apple with their app store procedure).
0.0019s.
