r/technology Aug 19 '22

TikTok's in-app browser has code that could be used to track data like passwords and credit card numbers — and Apple should ramp up security to prevent it, a researcher says Security

https://www.businessinsider.com/apple-tiktok-track-sensitive-user-data-passwords-app-store-report-2022-8?utm_source=feedly&utm_medium=webfeeds
3.7k Upvotes

312

u/CrimsonRam212 Aug 19 '22

Or maybe TikTok and other apps should stop invading people’s privacy

177

u/BestAtempt Aug 19 '22 Silver Burning Cash

But we live in the real world and in the real world we cannot trust companies to do the right thing

68

u/MattTheTable Aug 19 '22

Which is why TikTok and others that engage in this behavior should suffer the corporate death penalty. Dissolve the corporation and liquidate the assets.

-17

u/cujo195 Aug 19 '22

The company will dissolve naturally when the users stop using it. Nobody is forced to use it like it's a mandated app for school or work.

But if people are dumb enough to continue using it, they accept the risks.

64

u/bhoffman20 Aug 20 '22

Not understanding the risks is not the same as accepting them.

34

u/waiting4singularity Aug 20 '22

i keep telling people tiktok is a beachhead for chinese cyber warfare, they stare at me like i told them uranus is the secret cow level.

researchers managed to tear older version of the app apart and found several sections of code that are no less dangerous than governmental spyware, among them the ability to load and execute arbitrary code from company servers. the ability to listen in, activate camera and steal location data.

1

u/FuckThisPostTruthEra Aug 20 '22

Does removing the app negate this or is it just in your phone as a plant?

I’m actually in discussions with my boyfriend about us getting “social” phones - it would have everything social media and similar ilk on it and off our normal phones. The social phone would be a naked/blank phone with no other purpose. I dunno if that’s effective, though.

3

u/waiting4singularity Aug 20 '22

Does removing the app negate this or is it just in your phone as a plant

if malware has been triggered, according to some rumors a while ago, it is possible the phone has been secretly rooted and malicious apps been allowed to operate outside the normal user space with administrator access. additionaly it is possible for existing factory reset images to be tainted. it sounds like a bad spy movie, but technicaly its easy to accomplish.

I dunno if that’s effective, though.

its reasonably effective if youre afraid of this kind of misbehavior from bad actors. such phones should not be used for surfing or entertainment either. there is futher escalation possible, but that borders paranoia. when youre afraid of hacking, keep the social phone away from your wi-fis and remove the battery when device goes unused - the meme about phones listening in and showing conversation related ads was caused by middleware mostly installed with games that actualy did listen. i dont know if thats still a problem, i barely see ads and dont have too many games on device.

1

u/FuckThisPostTruthEra Aug 20 '22

First, thank you for this robust response!

Second, okay, I think I can accomplish that (tho the no-wifi thing is gonna require a new line). I’ll have to dig in a bit on the costs to see what works best in that regard.

Thank you again!

2

u/waiting4singularity Aug 20 '22 edited Aug 20 '22

generaly speaking, a separate sim is only needed if youre a journalist or a freedom activist against a repressive regime. ordinary people are only really at risk to have their bank data stolen, just dont use mobile banking on risky phones. i wrote above to show how far things can escalate, so throw a pinch of salt on it and just be aware if your networks misbehave. automated cracking can only go so far, and the average person rarely warants the personal touch of an attacker. you are reasonably safe outside of direct malware infestation with a strong password.

as an example someone tried to crack my steam account years ago before the 2factor went live but cut their teeth because of my impossible to remember password that even gave the universal log-in system for external partner sites trouble.

1

u/ijmacd Aug 20 '22

Unfortunately, it is in practice.

9

u/MattTheTable Aug 20 '22

The market cannot solve these problems.

1

u/syuvial Aug 20 '22

"it's okay to violate peoples privacy and security if you can find enough rubes to make it profitable"

14

u/CrimsonRam212 Aug 20 '22

Okay then people shouldn’t use the services they don’t trust. I’m just saying people can’t hold Apple accountable.

9

u/BestAtempt Aug 20 '22

oh absolutly on both accounts. However apple does preach a lot about privacy and security, This is a huge reason I use their products. It is not their responsibility to deal with this issue (its our governments) but I am in full support of them if they do decide to.

2

u/Endivi Aug 20 '22

How are people supposed to know if an app is trustworthy? It just doesn't work, apple is resposible for regulating apps' capabilities within their os

2

u/CrimsonRam212 Aug 20 '22

Terms and conditions. Read it instead of just signing them. If you agree to use a service then it’s up to you. There has to be some personally accountability. “I didn’t know I can’t eat detergent pods. It doesn’t say ‘do not eat’ on the box” - is not a good argument.

1

u/Endivi Aug 20 '22

That's not realistic, people shouldn't have to worry about this, they should be protected as they are the vulnerable party

7

u/NotYourSnowBunny Aug 20 '22

Big Tech be like: no, no anything but that one

17

u/curtcreative Aug 20 '22

Imagine knowingly installing a key logger on your phone lmao. “bUt IT LeTs mE pOst dAnCe vIdEoz”

10

u/BL4CK-S4BB4TH Aug 20 '22

I highly doubt that the vast majority of tiktokers even know what a keylogger is.

3

u/KeenK0ng Aug 20 '22

Maybe the gov't should put laws in place to protect consumers. No - okay.

2

u/CrimsonRam212 Aug 20 '22

When we keep electing and keeping stupid people who don’t even understand the internet, how can we expect them to understand complex technology? Let’s vote these guys out and elect people who would actually care about what the people want and need.

11

u/mdntfox Aug 20 '22

Not to get all political, but our nations biggest threat isn’t Russia any longer, it’s China. They own Tik Tok, and it’s worse than you think. Anyone with Tik Tok installed in the house on the same network makes every other device vulnerable. They vacuum all of this data, from every direction and then sort through it later and that’s how it is being used / will be used back at us. Modern day war isn’t fought on the ground. It’s happening right underneath our nose, but we are blind to it.

10

u/kennethtrr Aug 20 '22 edited Aug 20 '22

I hate TikTok too dude but saying “anyone with it installed in your house makes all other devices vulnerable” is so outright ridiculous and wrong I had to call it out. It’s goes against basic networking concepts, Apples App sandboxing, and a host of other technical issues. Just nope.

-7

u/n8xwashere Aug 20 '22

Ummm. They don't even have to be connected to the network, though. Being connected just allows them to collect more data. They could just be within range to pick-up your phone's Bluetooth signal and they can begin a building a file on you. Not to mention modern Apple devices have no way to turn off their Wi-Fi and Bluetooth signals.

It definitely makes everyone connected on the same network just as vulnerable to the data scrubbing the app was built for.

7

u/kennethtrr Aug 20 '22

I don’t see how that is relevant? Many, many apps collect nearby Bluetooth beacons (Macy’s does for in store coupons, YouTube does it for streaming, others do it for tracking yes) and it can always be disabled, iOS -> Privacy -> Disable Bluetooth API access to specific apps. I’ve developed apps for the AppStore, I understand the limitations in place.

TikTok IS spyware, I tell everyone to uninstall it. But it CANNOT spy on devices inside your personal Wi-Fi network. That is a claim with zero evidence hinting to that being true. Apple App sandboxes, WiFi encryption, and many other aspects of networking makes this extremely unlikely if not impossible.

-1

u/n8xwashere Aug 20 '22

He said "vulnerable" not "hackable". And he's right. Just because TikTok can't access information inside your phone doesn't mean they are not building a profile on you. That's my point. Bluetooth beacon scrubbing is bullsh*t no matter what app is doing it (even if only for Macy's coupons).

But you can definitely spy on people without having direct access to their phone. TikTok is capable of, and almost undoubtedly, doing exactly that for people who have not already downloaded their app.

1

u/kennethtrr Aug 20 '22

You are literally agreeing with me, maybe you should re read my comments. TikTok CANNOT HACK YOUR SHIT ON YOUR NETWORK which is what comment thread OP said and I was replying that that isn’t possible.

1

u/n8xwashere Aug 20 '22

Maybe you should reread the original comment.

"Anyone with Tik Tok installed in the house on the same network makes every other device vulnerable."

That's what was said. That statement is true. There's no mention of "hacking" anything on the network. You incorrectly assumed that's what they meant and tried to "call out" what they were saying as "outright ridiculous and wrong".

You were wrong to assume, and what they originally said was correct. Other devices are vulnerable to the tracking systems TikTok employs. I was merely providing an example of how devices are vulnerable even without downloading the app.

Thank you for coming to my Ted Talk.

1

u/kennethtrr Aug 20 '22

And I’m trying to explain to you how that is a dumb comment nonetheless. I already pointed out that many, many apps track Bluetooth beacons and that it is INCREDIBLY easy to disable said tracking. You and the comment OP are trying to setup gotchas with TikTok to make them seem super duper evil in this specific case when it’s in fact commonplace and not that nefarious. Sincerely, someone who actually works with app development everyday and understands this stuff really well.

3

u/lostboy005 Aug 20 '22

Yeap. Sure pvt corp social media is terrible bc they’re goal is to sell ur data to the highest bidder.

State sponsored social media is so scary bc selling user data isn’t the primary goal. It might be a peripheral goal but a state sponsored social media is gathering information for much more odious and ominous reasons

US should have banned ticktok years ago

0

u/quadrangle3136 Aug 20 '22

Bullshit man you're a racist

0

u/mifaceb921 Aug 20 '22

Use some common sense. Why do you think the Chinese government will interested in what brand of underwear I like to wear? The reality is that real threat to everyday American's privacy is the US government, and not the Chinese government.

Take something like fertility apps or period tracking apps. Who is the bigger threat? The Chinese government or the US government? The US state is interested in this data because of abortion laws. Why will the Chinese government care when someone's period is?

Chinese apps have a privacy threat when we are talking about military or government users. So it makes sense to say, ban Tiktok use by active military. But for everyday Americans, TikTok is probably safer than American companies like Facebook, Microsoft, and Google. An American company knowing about your lifestyle and friends can affect the cost of your health insurance, whether you get a loan, etc..

3

u/PoopyFruit Aug 19 '22

Is this a potential crime being set up by the app makers? Why else would they install that shit?

5

u/waiting4singularity Aug 20 '22

cyber warfare beachhead. when hacker movies speak of spoofing or jumping through a proxy, this is it.

pose as someone else by taking control of their device remotely while connected to company networks. i have seen companies provide free wi-fi for workers to pacify them, but said router only used a different subnet address, it was in the same physical copper net as the rest of the company data. and it was a chinese router.

3

u/MightBeOnReddit Aug 20 '22

Maybe people should stop downloading applications and agreeing to let their privacy be invaded. Accountability for both sides.

1

u/ayleidanthropologist Aug 20 '22

Chinese company, not gonna happen

1

u/CrimsonRam212 Aug 20 '22

I don’t think it’s a Chinese company thing. Today’s “gold” is data. Every technology company, every app or piece of software you use, wants as much data about you as possible. It’s just a standard practice. Some like TikTok/Facebook/insta do it far more ruthlessly than others.

1

u/ayleidanthropologist Aug 20 '22

Right. I may have replied to the wrong comment. Somebody said they should “die a corporate death” but the US can’t end a Chinese company.

1

u/Piz-dur Aug 20 '22

Why not both?

1

u/MusPsych Aug 20 '22

Sir, this is the internet

2

u/CrimsonRam212 Aug 20 '22

I agree my good man/madam! Hear hear!

1

u/NexiNext Aug 20 '22

They pay to much to lobbyists to even bother. But the following they have and the acceptance from their users.

They don’t care who are they. It’s one of one billion. Nobody cares about them.

44

u/Joecascio2000 Aug 20 '22

In-app browsers should be banned period. They are not better or faster.

2

u/sfgisz Aug 20 '22

I disabled the WebView on my Android after seeing these articles. The amount of apps that drop dead is surprising - even the Amazon app is nothing but a mobile site packed as an app.

51

u/PatioDor Aug 19 '22

Who the fuck uses these in app browsers?

44

u/y-c-c Aug 20 '22

Sometimes it’s hard to distinguish. If you think about the end user experience you click on a link and it pops up a web page. On mobile the app’s visual footprint tends to be small anyway to optimize showing of content. Sometimes when I’m using Apollo I forget whether I’m using the in-app WebKit view or Safari.

10

u/TheDamnChicken Aug 20 '22

A family member complained google (chrome) was acting up, but it was actually an AVG browser disguising itself as chrome! Took me 5 min. to realise we were being bamboozled!

9

u/Zagrebian Aug 20 '22

Um, everyone who uses TikTok, Instagram, Facebook, etc. on their phone, and taps on an external link.

2

u/HaikusfromBuddha Aug 20 '22

Apple and Google tried to make it seamless so that you wouldn’t use other browsers and always use their embedded browser.

1

u/EdSheeransGinger Aug 20 '22

People click on ads and make purchases. There are tons of ads disguised as normal videos on tiktok

1

u/sfgisz Aug 20 '22

A lot of the apps on the app stores are basically websites running as an app. They add some features to make them distinguished from the regular mobile website to be listed on the store, but overall it's just responsive web app running via the in app web view.

4

u/Angry_Saxon Aug 20 '22

stop using tik tok? its a CCP data collection tool

4

u/supercali45 Aug 20 '22

Keep using TikTok guys.. China mining that shit

46

u/Promotion_Fantastic Aug 19 '22

Why are you putting your passwords and credit card details in the TikTok search bar in the first place

36

u/CheeksMix Aug 20 '22

Nah, they mean clickthru in app pages. For example if you click this article it will open an in-app web page to that website, Reddit is responsible for the in-app tool that you’re now on, even though technically you’re using a web browser.

4

u/[deleted] Aug 20 '22

Still, who is using that browser for anything other than directly linked content?

17

u/CheeksMix Aug 20 '22

Probably accidentally, I don’t think anybody has ever thought “I’m gonna fire up TikTok for that sweet in-app browsing”

They’re just saying TikTok is recording your activity through it like a keylogger.

0

u/[deleted] Aug 20 '22

If course. But it's hard to accidentally end upin that browser. Just had a look and it's difficult to actually type your own url, so you're staying near the ad you followed to open the browser.

1

u/CheeksMix Aug 20 '22

Somewhat, yeah. But that’s sort of secondary to the fact that they’re just recording EVERYTHING you’re doing through it.

I think they’re just saying that as an example of some information that TikTok may now have to get your attention.

1

u/[deleted] Aug 20 '22

Of course. Thing is, seems most apps are recording as much of what we do within the platform as possible. They also want to keep us on platform, so in app browser. I don't get how this is so evil that the app must be banned, or is somehow different to FB/insta.

1

u/CheeksMix Aug 20 '22

I think that requires a bit more understanding of how things work in terms of the usable data. It’s kind of hard to explain just over Reddit since you’ll basically have to do a lot of figuring out how these tools are intended to work.

Basically you gotta do more reading and research and you’ll figure out why.

4

u/Gryjane Aug 20 '22

A lot of the directly linked content is products creators are selling, fundraisers, direct payment sites and other sites where one might enter credit card info or passwords.

2

u/tombuben Aug 20 '22

They directly link to stores through their ads though.

8

u/bigfootsocks Aug 19 '22

Because the media told me the kids are using it for search

6

u/UniqueAwareness691 Aug 20 '22

They are saying the app picks up keystrokes outside of the app, as well as in the app

3

u/rawling Aug 20 '22

No, you're still in the app, but you're on a third party website being shown in the app.

23

u/PandaDad22 Aug 19 '22

Just ban the app already.

8

u/NotYourSnowBunny Aug 20 '22

The outcry will be overwhelming.

-3

u/HaikusfromBuddha Aug 20 '22

Just sell it to a western company. Sell to Oracle the least big of the tech companies.

3

u/kennethtrr Aug 20 '22

Oracle CEO is a massive douchebag. Really, of all the companies you choose that one… I say they just ban the app and within a week Facebook and like 10 other companies will make TikTok clones.

1

u/HaikusfromBuddha Aug 20 '22

Oracles ceo? Safes Kats? What has she done lately that makes her an asshole?

1

u/kennethtrr Aug 20 '22

Sorry, he switched. I meant their Chairman & Founder Larry Elliott, he’s a piece of shit. A little bit of googling will reveal his bad deeds.

1

u/HaikusfromBuddha Aug 20 '22

You say that as if most tech ceos weren’t assholes.

1

u/kennethtrr Aug 20 '22

He really takes the cake, he’s that bad. Otherwise yeah, they’re all pretty much assholes.

66

u/[deleted] Aug 19 '22

You mean, the same as Instagram is doing? 🤔

45

u/Plus-Wolf-1893 Aug 20 '22 edited Aug 20 '22

Nope, not the same at all. Instagram does not monitor user keystrokes in its in-app browser, at least according to this researcher’s findings.

Source: website of the security researcher quoted in article, https://krausefx.com

14

u/Thebadmamajama Aug 20 '22

Err that link shows it's actually the same techniques..

Instagram iOS subscribes to every tap on any button, link, image or other component on external websites rendered inside the Instagram app. Instagram iOS subscribes to every time the user selects a UI element (like a text field) on third party websites rendered inside the Instagram app.

And they try to capture your card info for autofill

34

u/y-c-c Aug 20 '22

If you click on each service’s entry in the table it shows TikTok monitoring keyboard input and taps / etc but Instagram “only” monitors taps. Sounds like a small distinction but it’s the keyboard input part that actually allows the app to potentially steal your password etc. what Instagram is doing is pretty sketchy too but saying “they are all the same” is simply inaccurate especially when the above comment is talking about stealing password

Edit: this is TikTok’s (https://krausefx.com/assets/posts/inappbrowser/app_screenshots/tiktok.png) and Instagram’s (https://krausefx.com/assets/posts/inappbrowser/app_screenshots/instagram.png)

9

u/Thebadmamajama Aug 20 '22

Right but when you go to the GitHub link in that site you shared , you can see the other thing Instagram is detected doing... It includes things like hooking into autofill.

TikTok says they use theirs for debugging/performance. I'm sure Instagram says they only helpfully fill in passwords and credit cards they remember for you...

3

u/insan3guy Aug 20 '22

…Ok? Improve security for that too, then

-18

u/leadershipclone Aug 19 '22

Instagram doesnt track passwords for example... instagram wants to get data for target add, not to steal your bank account

2

u/wheres_my_weasel Aug 20 '22

Dunno why you're being down voted. Does someone have a link that instagram is stealing passwords and credit card numbers?

0

u/leadershipclone Aug 20 '22

maybe the chinese wumaos didnt like comment

11

u/karsa- Aug 19 '22

Anyone who logs into their bank account outside of a completely fresh private tab with all but security applications disabled is trolling.

5

u/PandaDad22 Aug 19 '22

Aren’t we all using our own bank’s mobile app?

14

u/Willinton06 Aug 19 '22

Too easy, I open my bank account in a webview inside CoD Mobile to make sure Mao gets my password in clear text

1

u/R_Meyer1 Aug 19 '22

If you’re still using your bank account through a web browser, you’ve got issues. You should all be using the mobile banking app..

1

u/karsa- Aug 22 '22

If you're shaming me for practicing basic tech literacy, you've got issues.

6

u/nicuramar Aug 19 '22

Similarly, there is no particular evidence that TikTok does it either.

12

u/deathcrisis24 Aug 19 '22

No matter how much you warn people about this only a few user will ever care about their private life

38

u/leadershipclone Aug 19 '22

TikTok: Chinese Communist Party Virus

-32

u/FyourCIRCLEJERK Aug 19 '22

jesus christ, i didn't know Brazilian fascists hated China so much

what exactly did they do to you?

2

u/1990ebayseller Aug 20 '22

https://youtu.be/6HToO84PGA8

Summary if you don't want to read that you are giving tiktok 100% access to everything

2

u/Crentski Aug 20 '22

This is why the federal government banned employees and military personnel from downloading it all the way in like 2017.

2

u/vanhalenbr Aug 20 '22

Why people use in app browsers?

2

u/G8kpr Aug 20 '22

People have been saying tik tok is an extremely intrusive app to the point of it being malware disguised as social media for a couple years now, and still people read these headlines and have shocked pikachu face.

8

u/monchota Aug 19 '22

Tiktok should be banned, end of story.

7

u/ProfessionalJelifish Aug 20 '22

Honestly, US should just ban tik tok. It’s literally spyware.

4

u/[deleted] Aug 20 '22

Hardly more so than any other social media app.

3

u/ProfessionalJelifish Aug 20 '22

Yeah, there are US social media apps that do shady shit but the difference is that they aren’t a foreign entity that is actively trying to bring us down.

2

u/[deleted] Aug 20 '22

Not American. But also, when it comes to individual data, a domestic government poses more threat than a foreign. For an American example, just see the teen who messaged someone about accessing abortion pills.

Obviously people with nationally sensitive data shouldn't use these apps.

-1

u/ProfessionalJelifish Aug 20 '22

I disagree. There is a big difference in the threat level to US national security between domestic and foreign. In domestic, they’ll gather data and try and profit off of US citizens. Tik tok on the other hand is basically owned by a government that is actively trying to interfere and spy on us as a nation. It currently has 80 million users in the US which is massive.

Say you’re just near someone with the app downloaded, they have access to basically EVERYTHING on your phone camera, mic, sensitive data. So, even if I don’t have the app downloaded if I’m having a private conversation with a friend that does, there is a great chance that the conversation is recorded and sent to china. Now, with the average person that may not a big deal but as it becomes more and more popular it’s a huge risk to our national security. Basically anyone near the app could be at risk, whether you have it or not.

In regards to teens asking for abortion pills, I don’t understand the comparison. Abortion is another topic on its own.

0

u/[deleted] Aug 20 '22

I think we are always going to disagree on this. The risk to an individual from their own government is higher than the risk from a foreign government.

Also, is there anything saying the app has permission at all times, or only "when app is in use?" Cause, that's the permission I gave it when asked - can access x when app in use.

The comparison - as an individual who uses an app, the risk of my own government finding out something I'm doing and using the various domestic enforcement powers is more realistic than China doing anything TO ME with that data. The issue isn't abortion, it's about the domestic government using these same capabilities to enforce domestic law against citizens. A more realistic threat than China possibly overhearing something sensitive.

0

u/lostboy005 Aug 20 '22

State sponsored social media isn’t the same as pvt corp social media. Fundamental motive are entirely different

8

u/Xx_FapMaster_xX Aug 20 '22

Tiktok is glorified spyware we all know this. Can’t wait to see what else our Chinese overlords have in store for us!

3

u/lostboy005 Aug 20 '22

Zoomers don’t. That is the primary user base

1

u/Xx_FapMaster_xX Aug 20 '22

The world is doomed

-1

u/dizzi800 Aug 20 '22

so is facebook, and instagram, and google?

3

u/Luxuriosa_Vayne Aug 19 '22

they can do fuck all they want, any decent bank with security won't even let you order a God damn battle pass without signing in

3

u/[deleted] Aug 19 '22

[deleted]

2

u/wubbwubbb Aug 20 '22

mainly ads, and all the “influencers” that have a link in their bio.

1

u/[deleted] Aug 20 '22

Just found it by clicking an ads "buy now" bit.

3

u/UniqueAwareness691 Aug 20 '22

I’m surprised tiktok hasn’t gone the way of Vine

1

u/HaikusfromBuddha Aug 20 '22

Vine only went away because it was going to be a money pit like YouTube was to Google.

3

u/NotYourSnowBunny Aug 20 '22

TikTok is spyware, but it’s ridiculously popular. No matter how much press comes out about it the TikTokers try to shut it down. It’s been linked to a ton of disinformation.

Also that weird auto-generated voice is very annoying. I don’t quite understand media where people get millions of views for saying a top 5 list they found on Google.

2

u/BurnThrough Aug 20 '22

It’s morons all the way down….

2

u/SillyMikey Aug 20 '22 edited Aug 20 '22

Deleted that shit years ago. Its never getting on my phone again.

0

u/PSX_ Aug 19 '22

TikTok is Chinese government spyware.. if you still use it, you deserve the consequences.

2

u/megamanxoxo Aug 19 '22

But if you have Android fuck you I guess?

3

u/azdood85 Aug 20 '22

Apparently so? Im still trying to figure out why its Apples responsibility, like Apple doesnt own TikTok.

-2

u/sostopher Aug 19 '22

Android can set its own default browser that isn't just reskinned Safari like all browsers on iOS are.

2

u/megamanxoxo Aug 19 '22

How is that relevant to third party apps tracking you through their in-browser experience?

2

u/wendigowilly Aug 19 '22 edited Aug 20 '22

Why don't people understand that any dealings with China are dealings with the CCP? You can't have one without the other. Their system is designed that way for a reason.

2

u/mlhender Aug 20 '22

Any third party keyboard can track keystrokes including credit card numbers. This is nothing new. Moving on.

0

u/Future_Club1613 Aug 20 '22

Tik Tok does essentially "save" any and all keystrokes you make on your phone. I HATE to say it, but Joe Rogan made a video about this after he read the Terms and Conditions. Quite terrifying. Facebook is about the same. I need to delete Facebook and Instagram asap🥲 REMEMBER FOLKS: If something is "free," you are the product.

1

u/2kids2adults Aug 20 '22

If anyone needed a reason to delete TicTok. There you go!

1

u/993targa Aug 20 '22

Apple and Google are complicit in Chinese espionage operations. Yet another example

1

u/peacefulflattulance Aug 20 '22

Apple should remove tik tok from its App Store completely.

0

u/nobody998271645 Aug 19 '22

Why is an app known to do this allowed to continue? Is there not a line? Cc numbers and personal PW’s??

1

u/[deleted] Aug 20 '22

Who is entering that stuff in tiktok browser though?

0

u/ImUrFrand Aug 20 '22

apple? the same company that refused to label taiwan as independent?

-7

u/dangil Aug 19 '22

But but but walled garden and monopoly and “open up the iPhone!” …

Make up your minds! You can’t have both

2

u/echosolstice Aug 19 '22

I’d wager most Apple users want the walled garden, most android fans that want to dabble in iOS do not

0

u/MikrySoft Aug 19 '22

As if Apples walled garden helped anything here. You can restrict what the app does with the system, without limiting where it came from.

2

u/dangil Aug 19 '22

People ask for apple to intervene, then complaint about the walled garden.

-1

u/Tons28 Aug 20 '22

so when joe Rogan broke this what two weeks ago and now dozens of articles are dropping two weeks later slapping “expert” or “researcher” on it.

Lol

-6

u/karsa- Aug 19 '22

Tfw feeling when a keyboard is a keylogger because it can see what you type.

0

u/MC68328 Aug 19 '22

Apple can't do that without crippling the functionality of other applications that use their already limited web view.

Better to just stop trusting sketchy apps/companies like TikTok.

1

u/son-of-the-king Aug 20 '22

Is Apple the only PC, mobile phone, iPad/tablet manufacturer?

1

u/IrateOverlordTheresa Aug 20 '22

Might be cuz it’s owned by C— & they really love surveillance 🫤

1

u/bigbossriz Aug 20 '22

Chinese apps like this are bound to track you, not sure why we arent doing anything to protect Americans from the CCP.

1

u/sushomeru Aug 20 '22

I read their terms of service, you essentially agree to key logging by using the app.

So I stay far away from that app. I’ll watch all the reposts of content on YouTube shorts if I care enough.

1

u/Sharp-Procedure5237 Aug 20 '22

Everyone knows it’s Chinese. Perhaps just NOT downloading the app? Or using routers, charging plugs, Huawei products, basically any tech that your critical info travels through.

1

u/alexxfloo Aug 20 '22

I Uninstalled tik tok, I'm smart

1

u/FoogYllis Aug 20 '22

The best plan is not to install tik tok or remove it if you have it. You get a similar experience on YouTube

1

u/mrrichardcranium Aug 20 '22

Or maybe there should be laws that require informed consent with human readable, detailed lists of exactly what data they would collect if you consent. Either that or just plain outlaw it.

While it would be cool if apple would shut that shit down with their software, I can almost guarantee that if you put it to a vote the vast majority of people would happily ban this creepy invasive tracking behavior.

1

u/Thorusss Aug 20 '22

Isn't that true for any browser?

1

u/RandomPassword90 Aug 20 '22

This is fucking sad. Good thing I didnt join the platform 🤣

1

u/UnreadThisStory Aug 20 '22

Tik tok is garbage and anyone who uses it is a fool anyway

1

u/quadrangle3136 Aug 20 '22

And you're telling me Facebook doesn't?

1

u/bewarethetreebadger Aug 20 '22

Or just, you know. Don't use TikTok.

1

u/Kajocfc Aug 20 '22

I’m ok with this as I’m not stupid enough to use app that is wildly known for tracking you everywhere.

1

u/Black_RL Aug 20 '22

When Apple are the good guys, you have the definitive proof we live in a crazy world.

1

u/sfgisz Aug 20 '22

If an app is tracking your passwords and financial information without your consent or knowledge, how is it any different than a malware?

1

u/theecreator_ Aug 20 '22

i feel there's no way you can protect yourself online, these companies are just so ahead of us

1

u/Paulupoliveira Aug 20 '22

Android, Gboard, Facebook, Instagram, Windows, Office, and virtually every other app installed in your smartphone/pc/tablet:

"updating your user experience..."

1

u/colinbr96 Aug 20 '22

On Android, there's no easy way to escape the in-app browser. They don't provide a button to open the link in your default browser. It literally just has a back button and a report button. Also, I wasn't able to copy the link on the previous page. The only way I could get the link was by taking a screenshot, then using Google lens to read the link from the image. TikTok realllllly doesn't want users not using their in-app browser...

1

u/xeen313 Aug 20 '22

I'm jacks complete lack of surprise...

1

u/Stenwoldbeetle Aug 20 '22

Remove the app from the app store. problem solved

1

u/b4ttlepoops Aug 20 '22

Here’s a thought…. Just don’t use TikTok. It’s not hard. I refuse to use FB over their crap too. If masses of people abandoned these platforms, maybe they would get the point, when their money is affected.

1

u/Chance_McM95 Aug 21 '22

I love how TikTok is constantly accused of spying on us, yet we never seriously consider banning the app. It’s making Americans dumber by the day. Whatever though, social media was the start of our species’ downfall.

1

u/Blackadder_ Aug 21 '22

Yank it from App Store for T&C violation. Easy fix

1

u/jzbot4000 Aug 28 '22

Anyone that uses TikTok deserves it tbh.

-2

u/SativaPancake Aug 20 '22

Apple: Hey TikTok, stop tracking people.

TikTok: We dont track peoples data. *wispers: but if we did, do you want a cut?

Apple: Yeah every one, we have investigated the issue. We ensure you iPhones are safe to use and TikTok adhears to all security and privacy regulations set by Apple.

a few months later...

..IOS 15 is now available for download. New improvements include "personalized" ads on your homescreen, enjoy!

0

u/Jetstreamsideburns Aug 19 '22

arnt the back doors already o nthe devices as there made in China already?

0

u/loiteraries Aug 20 '22

Apple is already releasing critical security updates 3x a week every couple months and they still find major security flaws. Now they found that iOS VPNs leaked traffic for years and Apple said meh deal with it on your own.

0

u/TheCh0rt Aug 20 '22

I thought they took a whopping 30% because they “curate the ecosystem” - but what happens when the curators no longer care about trimming the trees and bushes? No more guards at the gate? All you have is yet another shitty Home Owner’s Association and there’s literally nothing you can do about it, all by their design.

0

u/redddcrow Aug 20 '22

I don't trust apple anyways, it's all closed source...

0

u/ijustneedaccess Aug 20 '22

Doesn't that violate app store policies??

0

u/LeozMJilliumz Aug 20 '22

No shit. A Chinese company, that has known ties to the CCP and PLA, is hiding software to track user inputs, after widespread use in western markets in a soft power move. I tell everyone I know to get tf off tik tok. My dipshit sister sends me links for them all the time and I tell her she’s an idiot for using that

0

u/Teamnoq Aug 20 '22

Wow a tracker that records what we do, that’s a first!