avcılar korsan taksi

TikTok denies claim that it collects user’s personal data


TikTok denies claim that it collects user’s personal data

  • TikTok denies claim of scrapping user’s data.
  • The developer learned about past privacy and security issues.

TikTok, a well-known platform for short videos, refuted allegations that its in-app browser was used to “scrape” passwords, credentials, and other sensitive information from its users.

Developer Felix Krause claimed that a code in TikTok’s iOS app enabled the corporation to track “all keystrokes, including passwords, and all touches.”

The developer learned about past privacy and security issues after working with Twitter and Google in the past.

The developer said on Twitter and in a blog post that clicking a link within the TikTok iPhone app launches an in-app browser.

Due to some JavaScript code incorporated into the app, including those on third party websites in TikTok itself, he said that the application “injects tracking code” that is capable of monitoring all text inputs, including “passwords, and all taps.”

His research was disturbing because it was reported on by numerous media websites. Krause added that it’s challenging to determine how the video-making app uses the subscription, which limited his own findings.

From a technical standpoint, he added, “This is the equivalent of installing a keylogger on third party websites.”

Krause said that his analysis “doesn’t say TikTok is actually recording and utilising this data” in an online chat.

According to the engineer, he discussed how TikTok adds JavaScript using its in-app browser, which contains code configured to watch text inputs on unaffiliated websites.

During the session, he stressed that he was unable to discuss whether or how the system was actually being used.

However, TikTok has categorically denied the accusation. The representative for the video-sharing website described the report as “misleading and wrong.”

According to a spokeswoman for the application, “The researcher specifically states that the JavaScript code does not mean that our app is doing anything malicious, and admits they have no way of knowing what kind of data our in-app browser collects.” The spokeswoman also clarified that, in contrast to the claims of the report, the applications do not collect “keystroke or text inputs” via this code.

The code is only used for “debugging, troubleshooting, and performance monitoring,” according to TikTok.

The program does not log keystrokes and uses an in-app browser like other apps.

Zach Edwards, a freelance researcher in privacy and cybersecurity, has also examined the code used by the iOS version of the video-sharing service.

He cautioned against Krause’s conclusions, describing them as “not definite.” He did agree, though, that the JavaScript in the app “might scrape” the inputted information.

He claimed that the only method to determine whether an app genuinely scrapes forms, such as password form fields, is to watch the type of data the application transmits to its servers.

Edwards claimed that Felix was making TikTok appear worse than they actually were, which was terrible because they are not great.

Edwards, though, believes that users should be able to disable in-app browsers since he considers them to be “wildly dangerous” because they let apps scrape private information.

Also Read

Car Accident Lawyer – Antonio Auto Accident Lawyer

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
viagra satış cialis fiyatları cialis cialis 5 mg
manisa saatlik escort balıkesir saatlik kescort escort ankara escort kızlar gecelik escort şişli escort beşiktaş escort
sultangazi korsan taksi
mecidiyeköy korsan taksi