A guy on reddit reversed engineered #TikTok
Here’s what he found on the data it collects on you
It’s far worse than just stealing what’s on your clipboard:
Here’s what he found on the data it collects on you
It’s far worse than just stealing what’s on your clipboard:
Just going to link this here about India banning #tiktok
https://twitter.com/zeenewsenglish/status/1277623927569670144?s=21">https://twitter.com/zeenewsen... https://twitter.com/zeenewsenglish/status/1277623927569670144">https://twitter.com/zeenewsen...
https://twitter.com/zeenewsenglish/status/1277623927569670144?s=21">https://twitter.com/zeenewsen... https://twitter.com/zeenewsenglish/status/1277623927569670144">https://twitter.com/zeenewsen...
Link to original reddit post: https://reddit.com/r/videos/comments/fxgi06/_/fmuko1m/?context=1">https://reddit.com/r/videos/...
Here’s the Penetrum research link (should be the fifth link down):
https://penetrum.com/research ">https://penetrum.com/research&...
https://penetrum.com/research ">https://penetrum.com/research&...
Apple “suddenly realizes..” https://www.google.com/amp/s/www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/amp/">https://www.google.com/amp/s/www...
The Zimperium Application analysis of Tik Tok:
"iOS rates 98/100 for privacy and 64/100 for security [risk].
Android is 79/100 for privacy and 82/100 for security [risk]." https://blog.zimperium.com/zimperium-analyzes-tiktoks-security-and-privacy-risks/">https://blog.zimperium.com/zimperium...
"iOS rates 98/100 for privacy and 64/100 for security [risk].
Android is 79/100 for privacy and 82/100 for security [risk]." https://blog.zimperium.com/zimperium-analyzes-tiktoks-security-and-privacy-risks/">https://blog.zimperium.com/zimperium...
Here& #39;s a decent write up of what all of this "Security risk mumbo jumbo" could mean:
Adding this response to the thread from @wbm312 (Whitney Merrill), a privacy and Infosec lawyer, who’s well educated in the subject matter https://twitter.com/wbm312/status/1277781594174971904?s=21">https://twitter.com/wbm312/st...
Adding a video where the twitter user has iOS 14 beta
He’s recording how, as he types, every 1-3 characters later, #TikTok is “pastin” whatever is on his clipboard somewhere
Please read his analysis thread, this is also scary if truly nefarious:
https://twitter.com/jeremyburge/status/1275832600146391042?s=21">https://twitter.com/jeremybur... https://twitter.com/jeremyburge/status/1275832600146391042">https://twitter.com/jeremybur...
He’s recording how, as he types, every 1-3 characters later, #TikTok is “pastin” whatever is on his clipboard somewhere
Please read his analysis thread, this is also scary if truly nefarious:
https://twitter.com/jeremyburge/status/1275832600146391042?s=21">https://twitter.com/jeremybur... https://twitter.com/jeremyburge/status/1275832600146391042">https://twitter.com/jeremybur...
Someone tweeted at me a recording of the various IP connections that Tik Tok uses on his android device using a firewall app
I’m going to add it to the thread in case someone wants to do more research or test the findings for themselves:
https://twitter.com/yungdubs/status/1278358144163418113?s=21">https://twitter.com/yungdubs/... https://twitter.com/yungdubs/status/1278358144163418113">https://twitter.com/yungdubs/...
I’m going to add it to the thread in case someone wants to do more research or test the findings for themselves:
https://twitter.com/yungdubs/status/1278358144163418113?s=21">https://twitter.com/yungdubs/... https://twitter.com/yungdubs/status/1278358144163418113">https://twitter.com/yungdubs/...
Forbes magazine article regarding this situation
“Anonymous Targets TikTok: Delete this ‘Chinese spyware’ now” https://www.forbes.com/sites/zakdoffman/2020/07/01/anonymous-targets-tiktok-delete-this-chinese-spyware-now/">https://www.forbes.com/sites/zak...
“Anonymous Targets TikTok: Delete this ‘Chinese spyware’ now” https://www.forbes.com/sites/zakdoffman/2020/07/01/anonymous-targets-tiktok-delete-this-chinese-spyware-now/">https://www.forbes.com/sites/zak...
There’s been a lot of talk about the US military banning soldiers from using #TikTok
This was per the guidance of the pentagon
This is an old article, but I’m linking it for transparency https://www.military.com/daily-news/2019/12/30/army-follows-pentagon-guidance-bans-chinese-owned-tiktok-app.html">https://www.military.com/daily-new...
This was per the guidance of the pentagon
This is an old article, but I’m linking it for transparency https://www.military.com/daily-news/2019/12/30/army-follows-pentagon-guidance-bans-chinese-owned-tiktok-app.html">https://www.military.com/daily-new...
Adding an article from inCyberdefense discussing #tiktok, tweeted by @YourAnonCentral, for transperancy to this continued thread https://twitter.com/youranoncentral/status/1278411143266971648?s=21">https://twitter.com/youranonc...
this is not #tiktok but it’s linked in, performing the same clipboard copying behavior
This is part of the social media apps privacy concerns, so I’m adding it to spread awareness
See below
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇🏻" title="Rückhand Zeigefinger nach unten (heller Hautton)" aria-label="Emoji: Rückhand Zeigefinger nach unten (heller Hautton)">
https://twitter.com/doncubed/status/1278757106468806656?s=21">https://twitter.com/doncubed/... https://twitter.com/doncubed/status/1278757106468806656">https://twitter.com/doncubed/...
This is part of the social media apps privacy concerns, so I’m adding it to spread awareness
See below
https://twitter.com/doncubed/status/1278757106468806656?s=21">https://twitter.com/doncubed/... https://twitter.com/doncubed/status/1278757106468806656">https://twitter.com/doncubed/...
Adding the following tweet regarding the US looking into banning #TikTok per @SecPompeo
https://twitter.com/jmhansler/status/1280337007248629760?s=21">https://twitter.com/jmhansler... https://twitter.com/jmhansler/status/1280337007248629760">https://twitter.com/jmhansler...
https://twitter.com/jmhansler/status/1280337007248629760?s=21">https://twitter.com/jmhansler... https://twitter.com/jmhansler/status/1280337007248629760">https://twitter.com/jmhansler...
Also found this thread that links a number of articles, including Australia looking into banning #tiktok
https://twitter.com/sisu_sanity/status/1279917262682697729?s=21">https://twitter.com/sisu_sani... https://twitter.com/sisu_sanity/status/1279917262682697729">https://twitter.com/sisu_sani...
https://twitter.com/sisu_sanity/status/1279917262682697729?s=21">https://twitter.com/sisu_sani... https://twitter.com/sisu_sanity/status/1279917262682697729">https://twitter.com/sisu_sani...
Here’s the @CNN article regarding the US banning #TikTok and Chinese apps
“The United States is & #39;looking at& #39; banning TikTok and other Chinese social media apps, Pompeo says”
Adding to the thread https://cnn.it/2C8vctI ">https://cnn.it/2C8vctI&q...
“The United States is & #39;looking at& #39; banning TikTok and other Chinese social media apps, Pompeo says”
Adding to the thread https://cnn.it/2C8vctI ">https://cnn.it/2C8vctI&q...
Adding the updated Zimperium article to the thread
On their latest analysis, of the updated versions of #TikTok (since the analysis was 1st ran, the app has been updated many times), it shows:
Android security & privacy numbers dipped vs iOS which rose
https://twitter.com/zimperium/status/1281205038371819523?s=21">https://twitter.com/zimperium... https://twitter.com/ZIMPERIUM/status/1281205038371819523">https://twitter.com/ZIMPERIUM...
On their latest analysis, of the updated versions of #TikTok (since the analysis was 1st ran, the app has been updated many times), it shows:
Android security & privacy numbers dipped vs iOS which rose
https://twitter.com/zimperium/status/1281205038371819523?s=21">https://twitter.com/zimperium... https://twitter.com/ZIMPERIUM/status/1281205038371819523">https://twitter.com/ZIMPERIUM...
Linking an article which states that #Amazon is making their employees delete #TikTok from their phones
Citing: security risks
$AMZN employs 500,000 employees in the United States https://www.nytimes.com/2020/07/10/technology/tiktok-amazon-security-risk.html?smid=tw-share">https://www.nytimes.com/2020/07/1...
Citing: security risks
$AMZN employs 500,000 employees in the United States https://www.nytimes.com/2020/07/10/technology/tiktok-amazon-security-risk.html?smid=tw-share">https://www.nytimes.com/2020/07/1...
So @PenetrumSec did a follow up security analysis of #tiktok
Linking to the thread
It’s a 673 page analysis which can be found here, in PDF format:
https://penetrum.com/tiktok/follow_up_analysis.pdf">https://penetrum.com/tiktok/fo...
Linking to the thread
It’s a 673 page analysis which can be found here, in PDF format:
https://penetrum.com/tiktok/follow_up_analysis.pdf">https://penetrum.com/tiktok/fo...
Bloomberg is reporting that Wells Fargo has told all employees to remove #tiktok from their phones
Article below https://www.bloomberg.com/news/articles/2020-07-11/wells-fargo-tells-workers-to-remove-tiktok-app-from-work-phones">https://www.bloomberg.com/news/arti...
Article below https://www.bloomberg.com/news/articles/2020-07-11/wells-fargo-tells-workers-to-remove-tiktok-app-from-work-phones">https://www.bloomberg.com/news/arti...
The OP of the original reddit post has created an update (added the screenshot)
He is now enlisting members to assist and aid in the reverse engineering of #tiktok since his original post got so much attention
The reddit project is here: https://www.reddit.com/r/tiktok_reversing/">https://www.reddit.com/r/tiktok_...
He is now enlisting members to assist and aid in the reverse engineering of #tiktok since his original post got so much attention
The reddit project is here: https://www.reddit.com/r/tiktok_reversing/">https://www.reddit.com/r/tiktok_...
Adding another tweet from @PenetrumSec in regards to a lot of replies that I’ve seen as well:
“Why is this so bad if all other apps do it?”
https://twitter.com/penetrumsec/status/1283499159211958273?s=21">https://twitter.com/penetrums... https://twitter.com/PenetrumSec/status/1283499159211958273">https://twitter.com/PenetrumS...
“Why is this so bad if all other apps do it?”
https://twitter.com/penetrumsec/status/1283499159211958273?s=21">https://twitter.com/penetrums... https://twitter.com/PenetrumSec/status/1283499159211958273">https://twitter.com/PenetrumS...
Adding this article about Japan banning #tiktok for allegedly sharing data with the Chinese government https://dgs.com.np/scienceandtech/japan-to-ban-tiktok-for-allegedly-sharing-data-with-chinese-government/">https://dgs.com.np/sciencean...
Adding an article where @realDonaldTrump is quoted as saying: “As far as #TikTok is concerned, we& #39;re banning them from the United States”
He plans on using an executive order to do so https://amp.cnn.com/cnn/2020/07/31/tech/tiktok-trump-bytedance-sale/index.html?__twitter_impression=true">https://amp.cnn.com/cnn/2020/...
He plans on using an executive order to do so https://amp.cnn.com/cnn/2020/07/31/tech/tiktok-trump-bytedance-sale/index.html?__twitter_impression=true">https://amp.cnn.com/cnn/2020/...
“TikTok and the privacy perils of China’s first international social media platform”
Write up by Richie Koch of Proton Technologies ( @ProtonMail) https://protonmail.com/blog/tiktok-privacy/">https://protonmail.com/blog/tikt...
Write up by Richie Koch of Proton Technologies ( @ProtonMail) https://protonmail.com/blog/tiktok-privacy/">https://protonmail.com/blog/tikt...