When you open any link on the TikTok iOS app, it’s opened inside their in-app browser. While you are interacting with the website, TikTok subscribes to all keyboard inputs (including passwords, credit card information, etc.) and every tap on the screen, like which buttons and links you click.
TikTok is spyware, and should be labelled and treated as such.
Always dubious of apps that use an in-app web browser with no option to switch out. I assume most TikTok users don’t care because we now live in an online world where we’re being constantly spied upon, Apparently 40% of kids these days would rather use TikTok than Google; they know TikTok’s spying on them but they don’t care. Every app is spying on them.
Yeah, it would not surprise me at all if TikTok was a rich source of incriminating evidence for law enforcement. A lot of the negative hype has been about how the company is from China, but how many multinationals don’t cooperate with the local LEOs?
And for the “nothing to hide, nothing to fear” crowd, well,
https://www.npr.org/2022/08/12/1117092169/nebraska-cops-used-facebook-messages-to-investigate-an-alleged-illegal-abortion
Everyone has something they need to hide. From the cops, from their boss, from the bigoted old man next door, whatever. And the way things are going here (and worldwide), the number of things most people need to hide will be increasing.
rainbowsocks,
Indeed, it’s foolish to think that private data held by corporations is safe from government snooping. Snowden’s leaks proves government agencies were guilty of massive dragnet spy operations without warrants. Yet no one responsible for the spy programs ever got in trouble or even lost their jobs AFAIK. Instead they made an example of Snowden exiling him for being a whistleblower. – a stark warning to anyone else who might try and do the right thing to warn us about government crimes.
Tiktok has allegedly been connected to chinese government spying even before this.
https://www.forbes.com/sites/zakdoffman/2020/07/25/beware-tiktok-really-is-spying-on-you-new-security-report-update-trump-pompeo-china-warning/
If it’s true, it makes sense why the tiktok app would be designed to do this.
No doubt they’ll deny any government connection, but I think users are owned an explanation as to why the tiktok app contains a keylogger.
When I see articles on Forbes like that, I always wonder how much is FUD. USA is in an economic war with China because the USA is losing influence in the world and benefits by depicting Chinese companies as bad as they can. In that article from 2020 there is no hard evidence of spying. Just like that story about motherboards from China having a spy-chip.
By now it’s extremely difficult to know what is true and what isn’t. However, I do assume that every government or company snoops or tries to snoop. Even ‘the experts at Protonmail’ from the article can’t prevent snooping (they were required to hand over email data on a French political activist about a year ago, despite proclaiming themselves they were in the safe hands of the Swiss law, bru hahaha). Microsoft had to hand over data to the US government on a client that wasn’t American but all data servers hosted by an American company are considered to be falling under American law even if the server resides outside America.
In short, it doesn’t matter in which jurisdiction you are, assume all governments spy. Hell, I’d argue, that if you have to pick between 2 bad things, it’s better to be spied on by a government that’s not within your jurisdiction, than one that is.
Wondercool,
To be fair I did not post that to infer that china is worse than the US, Snowden proved the US government is guilty, but in this particular case the tiktok keylogger could actually be a genuine instance of chinese government spying.
It’s better still to choose services that don’t spy at all, but it is a problem that we don’t actually know what companies are doing behind the scenes. They all say they respect your privacy, but it’s not necessarily true. 🙁
For you as an individual it might be true, for you as a citizen not so much given that the app might be used by the kids of government officials, critical technology (military) companies and used for realtime profilling of sizable part of the population by services of a totaliarian government willing to influence elections in a hostile way.
Don’t all the friendface-type apps log everything, including your contacts, your GPS locations and even your conversations?
You can include Android and iOS on that list as well.
Got GMail? Then the Googlemonster has analysed you better than your shrink.
Just avoid them all where you can.
Only old people use email.
Lets say think of 5 to 10 big IT companies your life depends on and you use them one way or another on a daily basis. Newsflash. All of them are spyware, and should be labelled and treated as such. Newsflash. Majority doesn’t care. And not even you, the caring one, won’t stop using them.
A lot of the problem here is that oligopolies, lack of interoperability, and general consumer- and worker-hostile politics make it very hard to avoid the offending companies. Have non-techie friends? They’re probably on FB Messenger or Discord, getting them onto Signal (let alone Matrix or XMPP/OMEMO) is often wasted effort. Looking for work? Recruiters expect you to have a Facebook and/or LinkedIn account. Working in IT? If you don’t have a smartphone, you will probably be asked to buy one. Remote job? Better companies may provide a work laptop, but cheap ones might just have BYOD and require you to install spyware. It’s not just surveillance vs. convenience, it’s often surveillance vs. unemployment, surveillance vs. homelessness, surveillance vs. isolation.
Can people work to minimize their surveillance footprint? Sure. But at the end of the day, we’re still living in an economy that depends on monetizing our private lives, so like most security problems it becomes more about risk reduction than risk negation.
This war was lost. Hence lets not pretend and try to find excuses. Nobody is fighting anymore. On the contrary people are irritated on why is it taking Metaverse that long. Spyware is the norm today and hence no real reason to single out TikTok. Like lets say complaining about TikTok on Facebook or in a Google sent e-mail using Microsoft Windows, Android or iOS. What is actually going on is not the criticism of TikTok and their practices but being jealous as you are likely too old for TikTok and hence must use FB. The real criticism is never about they all being spyware and should hence not be used. People would fight you on it if you would take their spyware away.
rainbowsocks,
This is very true, often times we’re pressured into signing up for services with terms we strongly disagree with. I’ve encountered this type of coercion from employers and banks where they coerce us to into “agreeing” to terms we absolutely disagree with. Such practices are highly unethical and should be null and void if there were justice.
I’m surprised Apple hasn’t banned this app from its store and warned all users about personal data leakage.
Because at the end of the day, Apple only truly cares about your privacy when they can profit from it. They are likely profiting more from TikTok being on the App Store and on people’s phones than they are keeping their users safe from spying. Imagine how many teens and tweens, and even many adults, would drop the iPhone in a heartbeat if they could no longer use their favorite app.
So the Apple cake is a lie ?
Always has been.